feat(client-cloudtrail): Add ConflictException to PutEventSelectors, …

…add (Channel/EDS)ARNInvalidException to Tag APIs. These exceptions provide customers with more specific error messages instead of internal errors.

clients/client-cloudtrail/src/commands/AddTagsCommand.ts

@@ -66,6 +66,10 @@ export interface AddTagsCommandOutput extends AddTagsResponse, __MetadataBearer
  * @see {@link AddTagsCommandOutput} for command's `response` shape.
  * @see {@link CloudTrailClientResolvedConfig | config} for CloudTrailClient's `config` shape.
  *
+ * @throws {@link ChannelARNInvalidException} (client fault)
+ *  <p>This exception is thrown when the specified value of <code>ChannelARN</code> is not
+ *          valid.</p>
+ *
  * @throws {@link ChannelNotFoundException} (client fault)
  *  <p>This exception is thrown when CloudTrail cannot find the specified channel.</p>
  *
@@ -89,6 +93,10 @@ export interface AddTagsCommandOutput extends AddTagsResponse, __MetadataBearer
  *          to fully load the resource, or because another operation is modifying the resource. If this exception occurs, wait a few minutes, and then try the
  *          operation again.</p>
  *
+ * @throws {@link EventDataStoreARNInvalidException} (client fault)
+ *  <p>The specified event data store ARN is not valid or does not map to an event data store
+ *          in your account.</p>
+ *
  * @throws {@link EventDataStoreNotFoundException} (client fault)
  *  <p>The specified event data store was not found.</p>
  *

clients/client-cloudtrail/src/commands/CreateEventDataStoreCommand.ts

@@ -150,7 +150,7 @@ export interface CreateEventDataStoreCommandOutput extends CreateEventDataStoreR
  *  <p>Your account has used the maximum number of event data stores.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/CreateTrailCommand.ts

@@ -103,7 +103,7 @@ export interface CreateTrailCommandOutput extends CreateTrailResponse, __Metadat
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/DeleteEventDataStoreCommand.ts

@@ -86,7 +86,7 @@ export interface DeleteEventDataStoreCommandOutput extends DeleteEventDataStoreR
  *  <p>The event data store is inactive.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/DeleteTrailCommand.ts

@@ -77,7 +77,7 @@ export interface DeleteTrailCommandOutput extends DeleteTrailResponse, __Metadat
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/DeregisterOrganizationDelegatedAdminCommand.ts

@@ -80,7 +80,7 @@ export interface DeregisterOrganizationDelegatedAdminCommandOutput
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/GetEventSelectorsCommand.ts

@@ -52,12 +52,12 @@ export interface GetEventSelectorsCommandOutput extends GetEventSelectorsRespons
  *          <ul>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html">Logging management events for trails </a>
+ *                   <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html">Logging management events</a>
  *                </p>
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging data events for trails </a>
+ *                   <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging data events</a>
  *                </p>
  *             </li>
  *          </ul>

clients/client-cloudtrail/src/commands/ListTagsCommand.ts

@@ -70,6 +70,10 @@ export interface ListTagsCommandOutput extends ListTagsResponse, __MetadataBeare
  * @see {@link ListTagsCommandOutput} for command's `response` shape.
  * @see {@link CloudTrailClientResolvedConfig | config} for CloudTrailClient's `config` shape.
  *
+ * @throws {@link ChannelARNInvalidException} (client fault)
+ *  <p>This exception is thrown when the specified value of <code>ChannelARN</code> is not
+ *          valid.</p>
+ *
  * @throws {@link CloudTrailARNInvalidException} (client fault)
  *  <p>This exception is thrown when an operation is called with a trail ARN that is not valid.
  *          The following is the format of a trail ARN.</p>
@@ -84,6 +88,10 @@ export interface ListTagsCommandOutput extends ListTagsResponse, __MetadataBeare
  *          <code>arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890</code>
  *          </p>
  *
+ * @throws {@link EventDataStoreARNInvalidException} (client fault)
+ *  <p>The specified event data store ARN is not valid or does not map to an event data store
+ *          in your account.</p>
+ *
  * @throws {@link EventDataStoreNotFoundException} (client fault)
  *  <p>The specified event data store was not found.</p>
  *

clients/client-cloudtrail/src/commands/PutEventSelectorsCommand.ts

@@ -34,7 +34,9 @@ export interface PutEventSelectorsCommandOutput extends PutEventSelectorsRespons
  * @public
  * <p>Configures an event selector or advanced event selectors for your trail. Use event
  *          selectors or advanced event selectors to specify management and data event settings for
- *          your trail. By default, trails created without specific event selectors are configured to
+ *          your trail. If you want your trail to log Insights events, be sure the event selector
+ *          enables logging of the Insights event types you want configured for your trail. For more information about logging Insights events, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html">Logging Insights events for trails</a> in the <i>CloudTrail User Guide</i>.
+ *          By default, trails created without specific event selectors are configured to
  *          log all read and write management events, and no data events.</p>
  *          <p>When an event occurs in your account, CloudTrail evaluates the event selectors or
  *          advanced event selectors in all trails. For each trail, if the event matches any event
@@ -66,15 +68,15 @@ export interface PutEventSelectorsCommandOutput extends PutEventSelectorsRespons
  *          trail was created; otherwise, an <code>InvalidHomeRegionException</code> exception is
  *          thrown.</p>
  *          <p>You can configure up to five event selectors for each trail. For more information, see
- *             <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html">Logging management events for trails </a>, <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging
- *             data events for trails </a>, and <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html">Quotas in CloudTrail</a> in the <i>CloudTrail User
+ *             <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html">Logging management events</a>, <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging
+ *             data events</a>, and <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html">Quotas in CloudTrail</a> in the <i>CloudTrail User
  *          Guide</i>.</p>
  *          <p>You can add advanced event selectors, and conditions for your advanced event selectors,
  *          up to a maximum of 500 values for all conditions and selectors on a trail. You can use
  *          either <code>AdvancedEventSelectors</code> or <code>EventSelectors</code>, but not both. If
  *          you apply <code>AdvancedEventSelectors</code> to a trail, any existing
  *             <code>EventSelectors</code> are overwritten. For more information about advanced event
- *          selectors, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging data events for trails</a> in the <i>CloudTrail User Guide</i>.</p>
+ *          selectors, see <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html">Logging data events</a> in the <i>CloudTrail User Guide</i>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -198,8 +200,14 @@ export interface PutEventSelectorsCommandOutput extends PutEventSelectorsRespons
  *          <code>arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890</code>
  *          </p>
  *
+ * @throws {@link ConflictException} (client fault)
+ *  <p>This exception is thrown when the specified resource is not ready for an operation. This
+ *          can occur when you try to run an operation on a resource before CloudTrail has time
+ *          to fully load the resource, or because another operation is modifying the resource. If this exception occurs, wait a few minutes, and then try the
+ *          operation again.</p>
+ *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/PutInsightSelectorsCommand.ts

@@ -37,6 +37,11 @@ export interface PutInsightSelectorsCommandOutput extends PutInsightSelectorsRes
  *          off Insights event logging, by passing an empty list of insight types. The valid Insights
  *          event types in this release are <code>ApiErrorRateInsight</code> and
  *             <code>ApiCallRateInsight</code>.</p>
+ *          <p>To log CloudTrail Insights events on API call volume, the trail
+ *          must log <code>write</code> management events. To log CloudTrail
+ *          Insights events on API error rate, the trail must log <code>read</code> or
+ *             <code>write</code> management events. You can call <code>GetEventSelectors</code> on a trail
+ *          to check whether the trail logs management events.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-cloudtrail/src/commands/RegisterOrganizationDelegatedAdminCommand.ts

@@ -89,7 +89,7 @@ export interface RegisterOrganizationDelegatedAdminCommandOutput
  *          administrators is reached.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/RemoveTagsCommand.ts

@@ -60,6 +60,10 @@ export interface RemoveTagsCommandOutput extends RemoveTagsResponse, __MetadataB
  * @see {@link RemoveTagsCommandOutput} for command's `response` shape.
  * @see {@link CloudTrailClientResolvedConfig | config} for CloudTrailClient's `config` shape.
  *
+ * @throws {@link ChannelARNInvalidException} (client fault)
+ *  <p>This exception is thrown when the specified value of <code>ChannelARN</code> is not
+ *          valid.</p>
+ *
  * @throws {@link ChannelNotFoundException} (client fault)
  *  <p>This exception is thrown when CloudTrail cannot find the specified channel.</p>
  *
@@ -77,6 +81,10 @@ export interface RemoveTagsCommandOutput extends RemoveTagsResponse, __MetadataB
  *          <code>arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890</code>
  *          </p>
  *
+ * @throws {@link EventDataStoreARNInvalidException} (client fault)
+ *  <p>The specified event data store ARN is not valid or does not map to an event data store
+ *          in your account.</p>
+ *
  * @throws {@link EventDataStoreNotFoundException} (client fault)
  *  <p>The specified event data store was not found.</p>
  *

clients/client-cloudtrail/src/commands/RestoreEventDataStoreCommand.ts

@@ -108,7 +108,7 @@ export interface RestoreEventDataStoreCommandOutput extends RestoreEventDataStor
  *  <p>The specified event data store was not found.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/StartLoggingCommand.ts

@@ -78,7 +78,7 @@ export interface StartLoggingCommandOutput extends StartLoggingResponse, __Metad
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/StopLoggingCommand.ts

@@ -81,7 +81,7 @@ export interface StopLoggingCommandOutput extends StopLoggingResponse, __Metadat
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/UpdateEventDataStoreCommand.ts

@@ -41,8 +41,7 @@ export interface UpdateEventDataStoreCommandOutput extends UpdateEventDataStoreR
  *          includes or excludes management and data events in your event data store. For more
  *          information about <code>AdvancedEventSelectors</code>, see <a>PutEventSelectorsRequest$AdvancedEventSelectors</a>. </p>
  *          <p> For event data stores for Config configuration items, Audit Manager evidence, or non-Amazon Web Services events,
- *             <code>AdvancedEventSelectors</code> includes events of that type in your event data
- *          store.</p>
+ *             <code>AdvancedEventSelectors</code> includes events of that type in your event data store.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -151,7 +150,7 @@ export interface UpdateEventDataStoreCommandOutput extends UpdateEventDataStoreR
  *  <p>The event data store is inactive.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *

clients/client-cloudtrail/src/commands/UpdateTrailCommand.ts

@@ -115,7 +115,7 @@ export interface UpdateTrailCommandOutput extends UpdateTrailResponse, __Metadat
  *          operation again.</p>
  *
  * @throws {@link InsufficientDependencyServiceAccessPermissionException} (client fault)
- *  <p>This exception is thrown when the IAM user or role that is used to create
+ *  <p>This exception is thrown when the IAM identity that is used to create
  *          the organization resource lacks one or more required permissions for creating an
  *          organization resource in a required service.</p>
  *