From the command line, use create-subscription.
Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.
", - "DeleteTrail": "Deletes a trail.
", + "AddTags": "Adds one or more tags to a trail, up to a limit of 10. Tags must be unique per trail. Overwrites an existing tag's value when a new value is specified for an existing tag key. If you specify a key without a value, the tag will be created with the specified key and a value of null.
", + "CreateTrail": "Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket.
", + "DeleteTrail": "Deletes a trail. This operation must be called from the region in which the trail was created.
", "DescribeTrails": "Retrieves settings for the trail associated with the current region for your account.
", - "GetTrailStatus": "Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail.
", - "LookupEvents": "Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account. Events for a region can be looked up for the times in which you had CloudTrail turned on in that region during the last seven days. Lookup supports five different attributes: time range (defined by a start time and end time), user name, event name, resource type, and resource name. All attributes are optional. The maximum number of attributes that can be specified in any one lookup request are time range and one other attribute. The default number of results returned is 10, with a maximum of 50 possible. The response includes a token that you can use to get the next page of results. The rate of lookup requests is limited to one per second per account.
Starts the recording of AWS API calls and log file delivery for a trail.
", - "StopLogging": "Suspends the recording of AWS API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording.
", - "UpdateTrail": "From the command line, use update-subscription.
Updates the settings that specify delivery of log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket.
" + "GetTrailStatus": "Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail. This operation returns trail status from a single region. To return trail status from all regions, you must call the operation on each region.
", + "ListPublicKeys": "Returns all public keys whose private keys were used to sign the digest files within the specified time range. The public key is needed to validate digest files that were signed with its corresponding private key.
Lists the tags for the trail in the current region.
", + "LookupEvents": "Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account. Events for a region can be looked up for the times in which you had CloudTrail turned on in that region during the last seven days. Lookup supports five different attributes: time range (defined by a start time and end time), user name, event name, resource type, and resource name. All attributes are optional. The maximum number of attributes that can be specified in any one lookup request are time range and one other attribute. The default number of results returned is 10, with a maximum of 50 possible. The response includes a token that you can use to get the next page of results.
Removes the specified tags from a trail.
", + "StartLogging": "Starts the recording of AWS API calls and log file delivery for a trail.
", + "StopLogging": "Suspends the recording of AWS API calls and log file delivery for the specified trail. Under most circumstances, there is no need to use this action. You can update a trail without stopping it first. This action is the only way to stop recording.
", + "UpdateTrail": "Updates the settings that specify delivery of log files. Changes to a trail do not require stopping the CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has previously been a target for CloudTrail log files, an IAM policy exists for the bucket.
" }, "service": "This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common errors for CloudTrail.
CloudTrail is a web service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. The recorded information includes the identity of the user, the start time of the AWS API call, the source IP address, the request parameters, and the response elements returned by the service.
See the CloudTrail User Guide for information about the data that is included with each AWS API call listed in the log files.
", "shapes": { + "AddTagsRequest": { + "base": "Specifies the tags to add to a trail.
", + "refs": { + } + }, + "AddTagsResponse": { + "base": "Returns the objects or data listed below if successful. Otherwise, returns an error.
", + "refs": { + } + }, "Boolean": { "base": null, "refs": { "CreateTrailRequest$IncludeGlobalServiceEvents": "Specifies whether the trail is publishing events from global services such as IAM to the log files.
", + "CreateTrailRequest$EnableLogFileValidation": "Specifies whether log file integrity validation is enabled. The default is false.
Specifies whether the trail is publishing events from global services such as IAM to the log files.
", + "CreateTrailResponse$LogFileValidationEnabled": "Specifies whether log file integrity validation is enabled.
", "GetTrailStatusResponse$IsLogging": "Whether the CloudTrail is currently logging AWS API calls.
", "Trail$IncludeGlobalServiceEvents": "Set to True to include AWS API calls from AWS global services such as IAM. Otherwise, False.
", + "Trail$LogFileValidationEnabled": "Specifies whether log file validation is enabled.
", "UpdateTrailRequest$IncludeGlobalServiceEvents": "Specifies whether the trail is publishing events from global services such as IAM to the log files.
", - "UpdateTrailResponse$IncludeGlobalServiceEvents": "Specifies whether the trail is publishing events from global services such as IAM to the log files.
" + "UpdateTrailRequest$EnableLogFileValidation": "Specifies whether log file validation is enabled. The default is false.
Specifies whether the trail is publishing events from global services such as IAM to the log files.
", + "UpdateTrailResponse$LogFileValidationEnabled": "Specifies whether log file integrity validation is enabled.
" + } + }, + "ByteBuffer": { + "base": null, + "refs": { + "PublicKey$Value": "The DER encoded public key value in PKCS#1 format.
" + } + }, + "CloudTrailARNInvalidException": { + "base": "This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Specifies the most recent date and time when CloudTrail started recording API calls for an AWS account.
", "GetTrailStatusResponse$StopLoggingTime": "Specifies the most recent date and time when CloudTrail stopped recording API calls for an AWS account.
", "GetTrailStatusResponse$LatestCloudWatchLogsDeliveryTime": "Displays the most recent date and time when CloudTrail delivered logs to CloudWatch Logs.
", + "GetTrailStatusResponse$LatestDigestDeliveryTime": "Specifies the date and time that CloudTrail last delivered a digest file to an account's Amazon S3 bucket.
", + "ListPublicKeysRequest$StartTime": "Optionally specifies, in UTC, the start of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used, and the current public key is returned.
", + "ListPublicKeysRequest$EndTime": "Optionally specifies, in UTC, the end of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used.
", "LookupEventsRequest$StartTime": "Specifies that only events that occur after or at the specified time are returned. If the specified start time is after the specified end time, an error is returned.
", - "LookupEventsRequest$EndTime": "Specifies that only events that occur before or at the specified time are returned. If the specified end time is before the specified start time, an error is returned.
" + "LookupEventsRequest$EndTime": "Specifies that only events that occur before or at the specified time are returned. If the specified end time is before the specified start time, an error is returned.
", + "PublicKey$ValidityStartTime": "The starting time of validity of the public key.
", + "PublicKey$ValidityEndTime": "The ending time of validity of the public key.
" } }, "DeleteTrailRequest": { @@ -93,6 +128,11 @@ "refs": { } }, + "InsufficientEncryptionPolicyException": { + "base": "This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.", + "refs": { + } + }, "InsufficientS3BucketPolicyException": { "base": "This exception is thrown when the policy on the S3 bucket is not sufficient.
", "refs": { @@ -113,6 +153,11 @@ "refs": { } }, + "InvalidKmsKeyIdException": { + "base": "This exception is thrown when the KMS key ARN is invalid.", + "refs": { + } + }, "InvalidLookupAttributesException": { "base": "Occurs when an invalid lookup attribute is specified.
", "refs": { @@ -139,7 +184,12 @@ } }, "InvalidSnsTopicNameException": { - "base": "This exception is thrown when the provided SNS topic name is not valid.
", + "base": "This exception is thrown when the provided SNS topic name is not valid.
", + "refs": { + } + }, + "InvalidTagParameterException": { + "base": "This exception is thrown when the key or value specified for the tag does not match the regular expression ^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$.
Reserved for future use.
", + "refs": { + } + }, "InvalidTrailNameException": { - "base": "This exception is thrown when the provided trail name is not valid.
", + "base": "This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements:
my-_namespace and my--namespace are invalid.This exception is thrown when the KMS key is disabled.
", + "refs": { + } + }, + "KmsKeyNotFoundException": { + "base": "This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not in the same region.", + "refs": { + } + }, + "ListPublicKeysRequest": { + "base": "Requests the public keys for a specified time range.
", + "refs": { + } + }, + "ListPublicKeysResponse": { + "base": "Returns the objects or data listed below if successful. Otherwise, returns an error.", + "refs": { + } + }, + "ListTagsRequest": { + "base": "Specifies a list of trail tags to return.
", + "refs": { + } + }, + "ListTagsResponse": { + "base": "Returns the objects or data listed below if successful. Otherwise, returns an error.
", "refs": { } }, @@ -199,18 +284,73 @@ "LookupEventsResponse$NextToken": "The token to use to get the next page of results after a previous API call. If the token does not appear, there are no more results to return. The token must be passed in with the same parameters as the previous call. For example, if the original call specified an AttributeKey of 'Username' with a value of 'root', the call with NextToken should include those same parameters.
" } }, + "OperationNotPermittedException": { + "base": "This exception is thrown when the requested operation is not permitted.
", + "refs": { + } + }, + "PublicKey": { + "base": "Contains information about a returned public key.
", + "refs": { + "PublicKeyList$member": null + } + }, + "PublicKeyList": { + "base": null, + "refs": { + "ListPublicKeysResponse$PublicKeyList": "Contains an array of PublicKey objects.
Specifies the tags to remove from a trail.
", + "refs": { + } + }, + "RemoveTagsResponse": { + "base": "Returns the objects or data listed below if successful. Otherwise, returns an error.
", + "refs": { + } + }, "Resource": { "base": "Specifies the type and name of a resource referenced by an event.
", "refs": { "ResourceList$member": null } }, + "ResourceIdList": { + "base": null, + "refs": { + "ListTagsRequest$ResourceIdList": "Specifies a list of trail ARNs whose tags will be listed. The list has a limit of 20 ARNs. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
A list of resources referenced by the event returned.
", "refs": { "Event$Resources": "A list of resources referenced by the event returned.
" } }, + "ResourceNotFoundException": { + "base": "This exception is thrown when the specified resource is not found.
", + "refs": { + } + }, + "ResourceTag": { + "base": "A resource tag.
", + "refs": { + "ResourceTagList$member": null + } + }, + "ResourceTagList": { + "base": "A list of resource tags.
", + "refs": { + "ListTagsResponse$ResourceTagList": null + } + }, + "ResourceTypeNotSupportedException": { + "base": "This exception is thrown when the specified resource type is not supported by CloudTrail.
", + "refs": { + } + }, "S3BucketDoesNotExistException": { "base": "This exception is thrown when the specified S3 bucket does not exist.
", "refs": { @@ -239,51 +379,96 @@ "String": { "base": null, "refs": { - "CreateTrailRequest$Name": "Specifies the name of the trail.
", - "CreateTrailRequest$S3BucketName": "Specifies the name of the Amazon S3 bucket designated for publishing log files.
", - "CreateTrailRequest$S3KeyPrefix": "Specifies the Amazon S3 key prefix that precedes the name of the bucket you have designated for log file delivery.
", - "CreateTrailRequest$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery.
", + "AddTagsRequest$ResourceId": "Specifies the ARN of the trail to which one or more tags will be added. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Specifies the name of the trail. The name must meet the following requirements:
my-_namespace and my--namespace are invalid.Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements.
", + "CreateTrailRequest$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
", + "CreateTrailRequest$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
", "CreateTrailRequest$CloudWatchLogsLogGroupArn": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn.
", - "CreateTrailRequest$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
", + "CreateTrailRequest$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
", + "CreateTrailRequest$KmsKeyId": "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be a an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
Examples:
Specifies the name of the trail.
", "CreateTrailResponse$S3BucketName": "Specifies the name of the Amazon S3 bucket designated for publishing log files.
", - "CreateTrailResponse$S3KeyPrefix": "Specifies the Amazon S3 key prefix that precedes the name of the bucket you have designated for log file delivery.
", + "CreateTrailResponse$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files.
", "CreateTrailResponse$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery.
", + "CreateTrailResponse$TrailARN": "Specifies the ARN of the trail that was created.
", "CreateTrailResponse$CloudWatchLogsLogGroupArn": "Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs will be delivered.
", - "CreateTrailResponse$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
", - "DeleteTrailRequest$Name": "The name of a trail to be deleted.
", + "CreateTrailResponse$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
", + "CreateTrailResponse$KmsKeyId": "Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the format:
arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012",
+ "DeleteTrailRequest$Name": "Specifies the name or the CloudTrail ARN of the trail to be deleted. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
The CloudTrail ID of the event returned.
", "Event$EventName": "The name of the event returned.
", "Event$Username": "A user name or role name of the requester that called the API in the event returned.
", "Event$CloudTrailEvent": "A JSON string that contains a representation of the event returned.
", - "GetTrailStatusRequest$Name": "The name of the trail for which you are requesting the current status.
", - "GetTrailStatusResponse$LatestDeliveryError": "Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver log files to the designated bucket. For more information see the topic Error Responses in the Amazon S3 API Reference.
", + "GetTrailStatusRequest$Name": "Specifies the name or the CloudTrail ARN of the trail for which you are requesting status. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver log files to the designated bucket. For more information see the topic Error Responses in the Amazon S3 API Reference.
UpdateTrail to specify the new bucket, or fix the existing objects so that CloudTrail can again write to the bucket. Displays any Amazon SNS error that CloudTrail encountered when attempting to send a notification. For more information about Amazon SNS errors, see the Amazon SNS Developer Guide.
", "GetTrailStatusResponse$LatestCloudWatchLogsDeliveryError": "Displays any CloudWatch Logs error that CloudTrail encountered when attempting to deliver logs to CloudWatch Logs.
", + "GetTrailStatusResponse$LatestDigestDeliveryError": "Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver a digest file to the designated bucket. For more information see the topic Error Responses in the Amazon S3 API Reference.
UpdateTrail to specify the new bucket, or fix the existing objects so that CloudTrail can again write to the bucket. This field is deprecated.
", + "GetTrailStatusResponse$LatestNotificationAttemptTime": "This field is deprecated.
", + "GetTrailStatusResponse$LatestNotificationAttemptSucceeded": "This field is deprecated.
", + "GetTrailStatusResponse$LatestDeliveryAttemptSucceeded": "This field is deprecated.
", + "GetTrailStatusResponse$TimeLoggingStarted": "This field is deprecated.
", + "GetTrailStatusResponse$TimeLoggingStopped": "This field is deprecated.
", + "ListPublicKeysRequest$NextToken": "Reserved for future use.
", + "ListPublicKeysResponse$NextToken": "Reserved for future use.
", + "ListTagsRequest$NextToken": "Reserved for future use.
", + "ListTagsResponse$NextToken": "Reserved for future use.
", "LookupAttribute$AttributeValue": "Specifies a value for the specified AttributeKey.
", + "PublicKey$Fingerprint": "The fingerprint of the public key.
", + "RemoveTagsRequest$ResourceId": "Specifies the ARN of the trail from which tags should be removed. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
The type of a resource referenced by the event returned. When the resource type cannot be determined, null is returned. Some examples of resource types are: Instance for EC2, Trail for CloudTrail, DBInstance for RDS, and AccessKey for IAM. For a list of resource types supported for event lookup, see Resource Types Supported for Event Lookup.
", "Resource$ResourceName": "The name of the resource referenced by the event returned. These are user-created names whose values will depend on the environment. For example, the resource name might be \"auto-scaling-test-group\" for an Auto Scaling Group or \"i-1234567\" for an EC2 Instance.
", - "StartLoggingRequest$Name": "The name of the trail for which CloudTrail logs AWS API calls.
", - "StopLoggingRequest$Name": "Communicates to CloudTrail the name of the trail for which to stop logging AWS API calls.
", - "Trail$Name": "Name of the trail set by calling CreateTrail.
", - "Trail$S3BucketName": "Name of the Amazon S3 bucket into which CloudTrail delivers your trail files.
", - "Trail$S3KeyPrefix": "Value of the Amazon S3 prefix.
", - "Trail$SnsTopicName": "Name of the existing Amazon SNS topic that CloudTrail uses to notify the account owner when new CloudTrail log files have been delivered.
", + "ResourceIdList$member": null, + "ResourceTag$ResourceId": "Specifies the ARN of the resource.
", + "StartLoggingRequest$Name": "Specifies the name or the CloudTrail ARN of the trail for which CloudTrail logs AWS API calls. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Specifies the name or the CloudTrail ARN of the trail for which CloudTrail will stop logging AWS API calls. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
The key in a key-value pair. The key must be must be no longer than 128 Unicode characters. The key must be unique for the resource to which it applies.
", + "Tag$Value": "The value in a key-value pair of a tag. The value must be no longer than 256 Unicode characters.
", + "Trail$Name": "Name of the trail set by calling CreateTrail. The maximum length is 128 characters.
", + "Trail$S3BucketName": "Name of the Amazon S3 bucket into which CloudTrail delivers your trail files. See Amazon S3 Bucket Naming Requirements.
", + "Trail$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files.The maximum length is 200 characters.
", + "Trail$SnsTopicName": "Name of the existing Amazon SNS topic that CloudTrail uses to notify the account owner when new CloudTrail log files have been delivered. The maximum length is 256 characters.
", + "Trail$TrailARN": "The Amazon Resource Name of the trail. The TrailARN format is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Specifies an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered.
", - "Trail$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
", + "Trail$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
", + "Trail$KmsKeyId": "Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the format:
arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012",
"TrailNameList$member": null,
- "UpdateTrailRequest$Name": "Specifies the name of the trail.
", - "UpdateTrailRequest$S3BucketName": "Specifies the name of the Amazon S3 bucket designated for publishing log files.
", - "UpdateTrailRequest$S3KeyPrefix": "Specifies the Amazon S3 key prefix that precedes the name of the bucket you have designated for log file delivery.
", - "UpdateTrailRequest$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery.
", + "UpdateTrailRequest$Name": "Specifies the name of the trail or trail ARN. If Name is a trail name, the string must meet the following requirements:
my-_namespace and my--namespace are invalid.If Name is a trail ARN, it must be in the format arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail.
Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements.
", + "UpdateTrailRequest$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
", + "UpdateTrailRequest$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
", "UpdateTrailRequest$CloudWatchLogsLogGroupArn": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn.
", - "UpdateTrailRequest$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
", + "UpdateTrailRequest$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
", + "UpdateTrailRequest$KmsKeyId": "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be a an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
Examples:
Specifies the name of the trail.
", "UpdateTrailResponse$S3BucketName": "Specifies the name of the Amazon S3 bucket designated for publishing log files.
", - "UpdateTrailResponse$S3KeyPrefix": "Specifies the Amazon S3 key prefix that precedes the name of the bucket you have designated for log file delivery.
", + "UpdateTrailResponse$S3KeyPrefix": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files.
", "UpdateTrailResponse$SnsTopicName": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery.
", + "UpdateTrailResponse$TrailARN": "Specifies the ARN of the trail that was updated.
", "UpdateTrailResponse$CloudWatchLogsLogGroupArn": "Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs will be delivered.
", - "UpdateTrailResponse$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
" + "UpdateTrailResponse$CloudWatchLogsRoleArn": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
", + "UpdateTrailResponse$KmsKeyId": "Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the format:
arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012"
+ }
+ },
+ "Tag": {
+ "base": "A custom key-value pair associated with a resource such as a CloudTrail trail.
", + "refs": { + "TagsList$member": null + } + }, + "TagsLimitExceededException": { + "base": "The number of tags per trail has exceeded the permitted amount. Currently, the limit is 10.
", + "refs": { + } + }, + "TagsList": { + "base": "A list of tags.
", + "refs": { + "AddTagsRequest$TagsList": "Contains a list of CloudTrail tags, up to a limit of 10.
", + "RemoveTagsRequest$TagsList": "Specifies a list of tags to be removed.
", + "ResourceTag$TagsList": null } }, "Trail": { @@ -300,13 +485,13 @@ "TrailList": { "base": null, "refs": { - "DescribeTrailsResponse$trailList": "The list of trails.
" + "DescribeTrailsResponse$trailList": "The list of trail objects.
" } }, "TrailNameList": { "base": null, "refs": { - "DescribeTrailsRequest$trailNameList": "The trail returned.
" + "DescribeTrailsRequest$trailNameList": "Specifies a list of trail names, trail ARNs, or both, of the trails to describe. The format of a trail ARN is arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail. If an empty list is specified, information for the trail in the current region is returned.
This exception is deprecated.
", + "refs": { + } + }, + "UnsupportedOperationException": { + "base": "This exception is thrown when the requested operation is not supported. For example, this exception will occur if an attempt is made to tag a trail and tagging is not supported in the current region.
", + "refs": { + } + }, "UpdateTrailRequest": { "base": "Specifies settings to update for the trail.
", "refs": {