Struct aws_sdk_cloudtrail::Client
source · pub struct Client { /* private fields */ }
Expand description
Client for AWS CloudTrail
Client for invoking operations on AWS CloudTrail. Each operation on AWS CloudTrail is a method on this
this struct. .send()
MUST be invoked on the generated operations to dispatch the request to the service.
§Constructing a Client
A Config
is required to construct a client. For most use cases, the aws-config
crate should be used to automatically resolve this config using
aws_config::load_from_env()
, since this will resolve an SdkConfig
which can be shared
across multiple different AWS SDK clients. This config resolution process can be customized
by calling aws_config::from_env()
instead, which returns a ConfigLoader
that uses
the builder pattern to customize the default config.
In the simplest case, creating a client looks as follows:
let config = aws_config::load_from_env().await;
let client = aws_sdk_cloudtrail::Client::new(&config);
Occasionally, SDKs may have additional service-specific values that can be set on the Config
that
is absent from SdkConfig
, or slightly different settings for a specific client may be desired.
The Config
struct implements From<&SdkConfig>
, so setting these specific settings can be
done as follows:
let sdk_config = ::aws_config::load_from_env().await;
let config = aws_sdk_cloudtrail::config::Builder::from(&sdk_config)
.some_service_specific_setting("value")
.build();
See the aws-config
docs and Config
for more information on customizing configuration.
Note: Client construction is expensive due to connection thread pool initialization, and should be done once at application start-up.
§Using the Client
A client has a function for every operation that can be performed by the service.
For example, the AddTags
operation has
a Client::add_tags
, function which returns a builder for that operation.
The fluent builder ultimately has a send()
function that returns an async future that
returns a result, as illustrated below:
let result = client.add_tags()
.resource_id("example")
.send()
.await;
The underlying HTTP requests that get made by this can be modified with the customize_operation
function on the fluent builder. See the customize
module for more
information.
Implementations§
source§impl Client
impl Client
Constructs a fluent builder for the AddTags
operation.
- The fluent builder is configurable:
resource_id(impl Into<String>)
/set_resource_id(Option<String>)
:
required: trueSpecifies the ARN of the trail, event data store, or channel to which one or more tags will be added.
The format of a trail ARN is:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
The format of an event data store ARN is:
arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE
The format of a channel ARN is:
arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890
tags_list(Tag)
/set_tags_list(Option<Vec::<Tag>>)
:
required: trueContains a list of tags, up to a limit of 50
- On success, responds with
AddTagsOutput
- On failure, responds with
SdkError<AddTagsError>
source§impl Client
impl Client
sourcepub fn cancel_query(&self) -> CancelQueryFluentBuilder
pub fn cancel_query(&self) -> CancelQueryFluentBuilder
Constructs a fluent builder for the CancelQuery
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: falseThe ARN (or the ID suffix of the ARN) of an event data store on which the specified query is running.
query_id(impl Into<String>)
/set_query_id(Option<String>)
:
required: trueThe ID of the query that you want to cancel. The
QueryId
comes from the response of aStartQuery
operation.
- On success, responds with
CancelQueryOutput
with field(s):query_id(String)
:The ID of the canceled query.
query_status(QueryStatus)
:Shows the status of a query after a
CancelQuery
request. Typically, the values shown are eitherRUNNING
orCANCELLED
.
- On failure, responds with
SdkError<CancelQueryError>
source§impl Client
impl Client
sourcepub fn create_channel(&self) -> CreateChannelFluentBuilder
pub fn create_channel(&self) -> CreateChannelFluentBuilder
Constructs a fluent builder for the CreateChannel
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueThe name of the channel.
source(impl Into<String>)
/set_source(Option<String>)
:
required: trueThe name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.
A source can be either
Custom
for all valid non-Amazon Web Services events, or the name of a partner event source. For information about the source names for available partners, see Additional information about integration partners in the CloudTrail User Guide.destinations(Destination)
/set_destinations(Option<Vec::<Destination>>)
:
required: trueOne or more event data stores to which events arriving through a channel will be logged.
tags(Tag)
/set_tags(Option<Vec::<Tag>>)
:
required: falseA list of tags.
- On success, responds with
CreateChannelOutput
with field(s):channel_arn(Option<String>)
:The Amazon Resource Name (ARN) of the new channel.
name(Option<String>)
:The name of the new channel.
source(Option<String>)
:The partner or external event source name.
destinations(Option<Vec::<Destination>>)
:The event data stores that log the events arriving through the channel.
tags(Option<Vec::<Tag>>)
:A list of tags.
- On failure, responds with
SdkError<CreateChannelError>
source§impl Client
impl Client
sourcepub fn create_event_data_store(&self) -> CreateEventDataStoreFluentBuilder
pub fn create_event_data_store(&self) -> CreateEventDataStoreFluentBuilder
Constructs a fluent builder for the CreateEventDataStore
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueThe name of the event data store.
advanced_event_selectors(AdvancedEventSelector)
/set_advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:
required: falseThe advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.
For more information about how to use advanced event selectors to log CloudTrail events, see Log events by using advanced event selectors in the CloudTrail User Guide.
For more information about how to use advanced event selectors to include Config configuration items in your event data store, see Create an event data store for Config configuration items in the CloudTrail User Guide.
For more information about how to use advanced event selectors to include non-Amazon Web Services events in your event data store, see Create an integration to log events from outside Amazon Web Services in the CloudTrail User Guide.
multi_region_enabled(bool)
/set_multi_region_enabled(Option<bool>)
:
required: falseSpecifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.
organization_enabled(bool)
/set_organization_enabled(Option<bool>)
:
required: falseSpecifies whether an event data store collects events logged for an organization in Organizations.
retention_period(i32)
/set_retention_period(Option<i32>)
:
required: falseThe retention period of the event data store, in days. If
BillingMode
is set toEXTENDABLE_RETENTION_PRICING
, you can set a retention period of up to 3653 days, the equivalent of 10 years. IfBillingMode
is set toFIXED_RETENTION_PRICING
, you can set a retention period of up to 2557 days, the equivalent of seven years.CloudTrail Lake determines whether to retain an event by checking if the
eventTime
of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when theeventTime
is older than 90 days.If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.
termination_protection_enabled(bool)
/set_termination_protection_enabled(Option<bool>)
:
required: falseSpecifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.
tags_list(Tag)
/set_tags_list(Option<Vec::<Tag>>)
:
required: falseA list of tags.
kms_key_id(impl Into<String>)
/set_kms_key_id(Option<String>)
:
required: falseSpecifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by
alias/
, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store.
CloudTrail also supports KMS multi-Region keys. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.
Examples:
-
alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
-
12345678-1234-1234-1234-123456789012
-
start_ingestion(bool)
/set_start_ingestion(Option<bool>)
:
required: falseSpecifies whether the event data store should start ingesting live events. The default is true.
billing_mode(BillingMode)
/set_billing_mode(Option<BillingMode>)
:
required: falseThe billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.
The following are the possible values:
-
EXTENDABLE_RETENTION_PRICING
- This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days. -
FIXED_RETENTION_PRICING
- This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.
The default value is
EXTENDABLE_RETENTION_PRICING
.For more information about CloudTrail pricing, see CloudTrail Pricing and Managing CloudTrail Lake costs.
-
- On success, responds with
CreateEventDataStoreOutput
with field(s):event_data_store_arn(Option<String>)
:The ARN of the event data store.
name(Option<String>)
:The name of the event data store.
status(Option<EventDataStoreStatus>)
:The status of event data store creation.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:The advanced event selectors that were used to select the events for the data store.
multi_region_enabled(Option<bool>)
:Indicates whether the event data store collects events from all Regions, or only from the Region in which it was created.
organization_enabled(Option<bool>)
:Indicates whether an event data store is collecting logged events for an organization in Organizations.
retention_period(Option<i32>)
:The retention period of an event data store, in days.
termination_protection_enabled(Option<bool>)
:Indicates whether termination protection is enabled for the event data store.
tags_list(Option<Vec::<Tag>>)
:A list of tags.
created_timestamp(Option<DateTime>)
:The timestamp that shows when the event data store was created.
updated_timestamp(Option<DateTime>)
:The timestamp that shows when an event data store was updated, if applicable.
UpdatedTimestamp
is always either the same or newer than the time shown inCreatedTimestamp
.kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
billing_mode(Option<BillingMode>)
:The billing mode for the event data store.
- On failure, responds with
SdkError<CreateEventDataStoreError>
source§impl Client
impl Client
sourcepub fn create_trail(&self) -> CreateTrailFluentBuilder
pub fn create_trail(&self) -> CreateTrailFluentBuilder
Constructs a fluent builder for the CreateTrail
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name of the trail. The name must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy–namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
-
s3_bucket_name(impl Into<String>)
/set_s3_bucket_name(Option<String>)
:
required: trueSpecifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements.
s3_key_prefix(impl Into<String>)
/set_s3_key_prefix(Option<String>)
:
required: falseSpecifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
sns_topic_name(impl Into<String>)
/set_sns_topic_name(Option<String>)
:
required: falseSpecifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
include_global_service_events(bool)
/set_include_global_service_events(Option<bool>)
:
required: falseSpecifies whether the trail is publishing events from global services such as IAM to the log files.
is_multi_region_trail(bool)
/set_is_multi_region_trail(Option<bool>)
:
required: falseSpecifies whether the trail is created in the current Region or in all Regions. The default is false, which creates a trail only in the Region where you are signed in. As a best practice, consider creating trails that log events in all Regions.
enable_log_file_validation(bool)
/set_enable_log_file_validation(Option<bool>)
:
required: falseSpecifies whether log file integrity validation is enabled. The default is false.
When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.
cloud_watch_logs_log_group_arn(impl Into<String>)
/set_cloud_watch_logs_log_group_arn(Option<String>)
:
required: falseSpecifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. You must use a log group that exists in your account.
Not required unless you specify
CloudWatchLogsRoleArn
.cloud_watch_logs_role_arn(impl Into<String>)
/set_cloud_watch_logs_role_arn(Option<String>)
:
required: falseSpecifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group. You must use a role that exists in your account.
kms_key_id(impl Into<String>)
/set_kms_key_id(Option<String>)
:
required: falseSpecifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by
alias/
, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.CloudTrail also supports KMS multi-Region keys. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.
Examples:
-
alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
-
12345678-1234-1234-1234-123456789012
-
is_organization_trail(bool)
/set_is_organization_trail(Option<bool>)
:
required: falseSpecifies whether the trail is created for all accounts in an organization in Organizations, or only for the current Amazon Web Services account. The default is false, and cannot be true unless the call is made on behalf of an Amazon Web Services account that is the management account or delegated administrator account for an organization in Organizations.
tags_list(Tag)
/set_tags_list(Option<Vec::<Tag>>)
:
required: falseA list of tags.
- On success, responds with
CreateTrailOutput
with field(s):name(Option<String>)
:Specifies the name of the trail.
s3_bucket_name(Option<String>)
:Specifies the name of the Amazon S3 bucket designated for publishing log files.
s3_key_prefix(Option<String>)
:Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files.
sns_topic_name(Option<String>)
:This field is no longer in use. Use
SnsTopicARN
.sns_topic_arn(Option<String>)
:Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The format of a topic ARN is:
arn:aws:sns:us-east-2:123456789012:MyTopic
include_global_service_events(Option<bool>)
:Specifies whether the trail is publishing events from global services such as IAM to the log files.
is_multi_region_trail(Option<bool>)
:Specifies whether the trail exists in one Region or in all Regions.
trail_arn(Option<String>)
:Specifies the ARN of the trail that was created. The format of a trail ARN is:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
log_file_validation_enabled(Option<bool>)
:Specifies whether log file integrity validation is enabled.
cloud_watch_logs_log_group_arn(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs will be delivered.
cloud_watch_logs_role_arn(Option<String>)
:Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
is_organization_trail(Option<bool>)
:Specifies whether the trail is an organization trail.
- On failure, responds with
SdkError<CreateTrailError>
source§impl Client
impl Client
sourcepub fn delete_channel(&self) -> DeleteChannelFluentBuilder
pub fn delete_channel(&self) -> DeleteChannelFluentBuilder
Constructs a fluent builder for the DeleteChannel
operation.
- The fluent builder is configurable:
channel(impl Into<String>)
/set_channel(Option<String>)
:
required: trueThe ARN or the
UUID
value of the channel that you want to delete.
- On success, responds with
DeleteChannelOutput
- On failure, responds with
SdkError<DeleteChannelError>
source§impl Client
impl Client
sourcepub fn delete_event_data_store(&self) -> DeleteEventDataStoreFluentBuilder
pub fn delete_event_data_store(&self) -> DeleteEventDataStoreFluentBuilder
Constructs a fluent builder for the DeleteEventDataStore
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or the ID suffix of the ARN) of the event data store to delete.
- On success, responds with
DeleteEventDataStoreOutput
- On failure, responds with
SdkError<DeleteEventDataStoreError>
source§impl Client
impl Client
sourcepub fn delete_resource_policy(&self) -> DeleteResourcePolicyFluentBuilder
pub fn delete_resource_policy(&self) -> DeleteResourcePolicyFluentBuilder
Constructs a fluent builder for the DeleteResourcePolicy
operation.
- The fluent builder is configurable:
resource_arn(impl Into<String>)
/set_resource_arn(Option<String>)
:
required: trueThe Amazon Resource Name (ARN) of the CloudTrail channel you’re deleting the resource-based policy from. The following is the format of a resource ARN:
arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel
.
- On success, responds with
DeleteResourcePolicyOutput
- On failure, responds with
SdkError<DeleteResourcePolicyError>
source§impl Client
impl Client
sourcepub fn delete_trail(&self) -> DeleteTrailFluentBuilder
pub fn delete_trail(&self) -> DeleteTrailFluentBuilder
Constructs a fluent builder for the DeleteTrail
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name or the CloudTrail ARN of the trail to be deleted. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- On success, responds with
DeleteTrailOutput
- On failure, responds with
SdkError<DeleteTrailError>
source§impl Client
impl Client
sourcepub fn deregister_organization_delegated_admin(
&self
) -> DeregisterOrganizationDelegatedAdminFluentBuilder
pub fn deregister_organization_delegated_admin( &self ) -> DeregisterOrganizationDelegatedAdminFluentBuilder
Constructs a fluent builder for the DeregisterOrganizationDelegatedAdmin
operation.
- The fluent builder is configurable:
delegated_admin_account_id(impl Into<String>)
/set_delegated_admin_account_id(Option<String>)
:
required: trueA delegated administrator account ID. This is a member account in an organization that is currently designated as a delegated administrator.
- On success, responds with
DeregisterOrganizationDelegatedAdminOutput
- On failure, responds with
SdkError<DeregisterOrganizationDelegatedAdminError>
source§impl Client
impl Client
sourcepub fn describe_query(&self) -> DescribeQueryFluentBuilder
pub fn describe_query(&self) -> DescribeQueryFluentBuilder
Constructs a fluent builder for the DescribeQuery
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: falseThe ARN (or the ID suffix of the ARN) of an event data store on which the specified query was run.
query_id(impl Into<String>)
/set_query_id(Option<String>)
:
required: falseThe query ID.
query_alias(impl Into<String>)
/set_query_alias(Option<String>)
:
required: falseThe alias that identifies a query template.
- On success, responds with
DescribeQueryOutput
with field(s):query_id(Option<String>)
:The ID of the query.
query_string(Option<String>)
:The SQL code of a query.
query_status(Option<QueryStatus>)
:The status of a query. Values for
QueryStatus
includeQUEUED
,RUNNING
,FINISHED
,FAILED
,TIMED_OUT
, orCANCELLED
query_statistics(Option<QueryStatisticsForDescribeQuery>)
:Metadata about a query, including the number of events that were matched, the total number of events scanned, the query run time in milliseconds, and the query’s creation time.
error_message(Option<String>)
:The error message returned if a query failed.
delivery_s3_uri(Option<String>)
:The URI for the S3 bucket where CloudTrail delivered query results, if applicable.
delivery_status(Option<DeliveryStatus>)
:The delivery status.
- On failure, responds with
SdkError<DescribeQueryError>
source§impl Client
impl Client
sourcepub fn describe_trails(&self) -> DescribeTrailsFluentBuilder
pub fn describe_trails(&self) -> DescribeTrailsFluentBuilder
Constructs a fluent builder for the DescribeTrails
operation.
- The fluent builder is configurable:
trail_name_list(impl Into<String>)
/set_trail_name_list(Option<Vec::<String>>)
:
required: falseSpecifies a list of trail names, trail ARNs, or both, of the trails to describe. The format of a trail ARN is:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
If an empty list is specified, information for the trail in the current Region is returned.
-
If an empty list is specified and
IncludeShadowTrails
is false, then information for all trails in the current Region is returned. -
If an empty list is specified and IncludeShadowTrails is null or true, then information for all trails in the current Region and any associated shadow trails in other Regions is returned.
If one or more trail names are specified, information is returned only if the names match the names of trails belonging only to the current Region and current account. To return information about a trail in another Region, you must specify its trail ARN.
-
include_shadow_trails(bool)
/set_include_shadow_trails(Option<bool>)
:
required: falseSpecifies whether to include shadow trails in the response. A shadow trail is the replication in a Region of a trail that was created in a different Region, or in the case of an organization trail, the replication of an organization trail in member accounts. If you do not include shadow trails, organization trails in a member account and Region replication trails will not be returned. The default is true.
- On success, responds with
DescribeTrailsOutput
with field(s):trail_list(Option<Vec::<Trail>>)
:The list of trail objects. Trail objects with string values are only returned if values for the objects exist in a trail’s configuration. For example,
SNSTopicName
andSNSTopicARN
are only returned in results if a trail is configured to send SNS notifications. Similarly,KMSKeyId
only appears in results if a trail’s log files are encrypted with KMS customer managed keys.
- On failure, responds with
SdkError<DescribeTrailsError>
source§impl Client
impl Client
sourcepub fn disable_federation(&self) -> DisableFederationFluentBuilder
pub fn disable_federation(&self) -> DisableFederationFluentBuilder
Constructs a fluent builder for the DisableFederation
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or ID suffix of the ARN) of the event data store for which you want to disable Lake query federation.
- On success, responds with
DisableFederationOutput
with field(s):event_data_store_arn(Option<String>)
:The ARN of the event data store for which you disabled Lake query federation.
federation_status(Option<FederationStatus>)
:The federation status.
- On failure, responds with
SdkError<DisableFederationError>
source§impl Client
impl Client
sourcepub fn enable_federation(&self) -> EnableFederationFluentBuilder
pub fn enable_federation(&self) -> EnableFederationFluentBuilder
Constructs a fluent builder for the EnableFederation
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or ID suffix of the ARN) of the event data store for which you want to enable Lake query federation.
federation_role_arn(impl Into<String>)
/set_federation_role_arn(Option<String>)
:
required: trueThe ARN of the federation role to use for the event data store. Amazon Web Services services like Lake Formation use this federation role to access data for the federated event data store. The federation role must exist in your account and provide the required minimum permissions.
- On success, responds with
EnableFederationOutput
with field(s):event_data_store_arn(Option<String>)
:The ARN of the event data store for which you enabled Lake query federation.
federation_status(Option<FederationStatus>)
:The federation status.
federation_role_arn(Option<String>)
:The ARN of the federation role.
- On failure, responds with
SdkError<EnableFederationError>
source§impl Client
impl Client
sourcepub fn get_channel(&self) -> GetChannelFluentBuilder
pub fn get_channel(&self) -> GetChannelFluentBuilder
Constructs a fluent builder for the GetChannel
operation.
- The fluent builder is configurable:
channel(impl Into<String>)
/set_channel(Option<String>)
:
required: trueThe ARN or
UUID
of a channel.
- On success, responds with
GetChannelOutput
with field(s):channel_arn(Option<String>)
:The ARN of an channel returned by a
GetChannel
request.name(Option<String>)
:The name of the CloudTrail channel. For service-linked channels, the name is
aws-service-channel/service-name/custom-suffix
whereservice-name
represents the name of the Amazon Web Services service that created the channel andcustom-suffix
represents the suffix generated by the Amazon Web Services service.source(Option<String>)
:The source for the CloudTrail channel.
source_config(Option<SourceConfig>)
:Provides information about the advanced event selectors configured for the channel, and whether the channel applies to all Regions or a single Region.
destinations(Option<Vec::<Destination>>)
:The destinations for the channel. For channels created for integrations, the destinations are the event data stores that log events arriving through the channel. For service-linked channels, the destination is the Amazon Web Services service that created the service-linked channel to receive events.
ingestion_status(Option<IngestionStatus>)
:A table showing information about the most recent successful and failed attempts to ingest events.
- On failure, responds with
SdkError<GetChannelError>
source§impl Client
impl Client
sourcepub fn get_event_data_store(&self) -> GetEventDataStoreFluentBuilder
pub fn get_event_data_store(&self) -> GetEventDataStoreFluentBuilder
Constructs a fluent builder for the GetEventDataStore
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or ID suffix of the ARN) of the event data store about which you want information.
- On success, responds with
GetEventDataStoreOutput
with field(s):event_data_store_arn(Option<String>)
:The event data store Amazon Resource Number (ARN).
name(Option<String>)
:The name of the event data store.
status(Option<EventDataStoreStatus>)
:The status of an event data store.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:The advanced event selectors used to select events for the data store.
multi_region_enabled(Option<bool>)
:Indicates whether the event data store includes events from all Regions, or only from the Region in which it was created.
organization_enabled(Option<bool>)
:Indicates whether an event data store is collecting logged events for an organization in Organizations.
retention_period(Option<i32>)
:The retention period of the event data store, in days.
termination_protection_enabled(Option<bool>)
:Indicates that termination protection is enabled.
created_timestamp(Option<DateTime>)
:The timestamp of the event data store’s creation.
updated_timestamp(Option<DateTime>)
:Shows the time that an event data store was updated, if applicable.
UpdatedTimestamp
is always either the same or newer than the time shown inCreatedTimestamp
.kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
billing_mode(Option<BillingMode>)
:The billing mode for the event data store.
federation_status(Option<FederationStatus>)
:Indicates the Lake query federation status. The status is
ENABLED
if Lake query federation is enabled, orDISABLED
if Lake query federation is disabled. You cannot delete an event data store if theFederationStatus
isENABLED
.federation_role_arn(Option<String>)
:If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.
- On failure, responds with
SdkError<GetEventDataStoreError>
source§impl Client
impl Client
sourcepub fn get_event_selectors(&self) -> GetEventSelectorsFluentBuilder
pub fn get_event_selectors(&self) -> GetEventSelectorsFluentBuilder
Constructs a fluent builder for the GetEventSelectors
operation.
- The fluent builder is configurable:
trail_name(impl Into<String>)
/set_trail_name(Option<String>)
:
required: trueSpecifies the name of the trail or trail ARN. If you specify a trail name, the string must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy–namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
If you specify a trail ARN, it must be in the format:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
-
- On success, responds with
GetEventSelectorsOutput
with field(s):trail_arn(Option<String>)
:The specified trail ARN that has the event selectors.
event_selectors(Option<Vec::<EventSelector>>)
:The event selectors that are configured for the trail.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:The advanced event selectors that are configured for the trail.
- On failure, responds with
SdkError<GetEventSelectorsError>
source§impl Client
impl Client
sourcepub fn get_import(&self) -> GetImportFluentBuilder
pub fn get_import(&self) -> GetImportFluentBuilder
Constructs a fluent builder for the GetImport
operation.
- The fluent builder is configurable:
import_id(impl Into<String>)
/set_import_id(Option<String>)
:
required: trueThe ID for the import.
- On success, responds with
GetImportOutput
with field(s):import_id(Option<String>)
:The ID of the import.
destinations(Option<Vec::<String>>)
:The ARN of the destination event data store.
import_source(Option<ImportSource>)
:The source S3 bucket.
start_event_time(Option<DateTime>)
:Used with
EndEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.end_event_time(Option<DateTime>)
:Used with
StartEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.import_status(Option<ImportStatus>)
:The status of the import.
created_timestamp(Option<DateTime>)
:The timestamp of the import’s creation.
updated_timestamp(Option<DateTime>)
:The timestamp of when the import was updated.
import_statistics(Option<ImportStatistics>)
:Provides statistics for the import. CloudTrail does not update import statistics in real-time. Returned values for parameters such as
EventsCompleted
may be lower than the actual value, because CloudTrail updates statistics incrementally over the course of the import.
- On failure, responds with
SdkError<GetImportError>
source§impl Client
impl Client
sourcepub fn get_insight_selectors(&self) -> GetInsightSelectorsFluentBuilder
pub fn get_insight_selectors(&self) -> GetInsightSelectorsFluentBuilder
Constructs a fluent builder for the GetInsightSelectors
operation.
- The fluent builder is configurable:
trail_name(impl Into<String>)
/set_trail_name(Option<String>)
:
required: falseSpecifies the name of the trail or trail ARN. If you specify a trail name, the string must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy–namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
If you specify a trail ARN, it must be in the format:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
You cannot use this parameter with the
EventDataStore
parameter.-
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: falseSpecifies the ARN (or ID suffix of the ARN) of the event data store for which you want to get Insights selectors.
You cannot use this parameter with the
TrailName
parameter.
- On success, responds with
GetInsightSelectorsOutput
with field(s):trail_arn(Option<String>)
:The Amazon Resource Name (ARN) of a trail for which you want to get Insights selectors.
insight_selectors(Option<Vec::<InsightSelector>>)
:A JSON string that contains the Insight types you want to log on a trail or event data store.
ApiErrorRateInsight
andApiCallRateInsight
are supported as Insights types.event_data_store_arn(Option<String>)
:The ARN of the source event data store that enabled Insights events.
insights_destination(Option<String>)
:The ARN of the destination event data store that logs Insights events.
- On failure, responds with
SdkError<GetInsightSelectorsError>
source§impl Client
impl Client
sourcepub fn get_query_results(&self) -> GetQueryResultsFluentBuilder
pub fn get_query_results(&self) -> GetQueryResultsFluentBuilder
Constructs a fluent builder for the GetQueryResults
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: falseThe ARN (or ID suffix of the ARN) of the event data store against which the query was run.
query_id(impl Into<String>)
/set_query_id(Option<String>)
:
required: trueThe ID of the query for which you want to get results.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseA token you can use to get the next page of query results.
max_query_results(i32)
/set_max_query_results(Option<i32>)
:
required: falseThe maximum number of query results to display on a single page.
- On success, responds with
GetQueryResultsOutput
with field(s):query_status(Option<QueryStatus>)
:The status of the query. Values include
QUEUED
,RUNNING
,FINISHED
,FAILED
,TIMED_OUT
, orCANCELLED
.query_statistics(Option<QueryStatistics>)
:Shows the count of query results.
query_result_rows(Option<Vec::<Vec::<HashMap::<String, String>>>>)
:Contains the individual event results of the query.
next_token(Option<String>)
:A token you can use to get the next page of query results.
error_message(Option<String>)
:The error message returned if a query failed.
- On failure, responds with
SdkError<GetQueryResultsError>
source§impl Client
impl Client
sourcepub fn get_resource_policy(&self) -> GetResourcePolicyFluentBuilder
pub fn get_resource_policy(&self) -> GetResourcePolicyFluentBuilder
Constructs a fluent builder for the GetResourcePolicy
operation.
- The fluent builder is configurable:
resource_arn(impl Into<String>)
/set_resource_arn(Option<String>)
:
required: trueThe Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN:
arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel
.
- On success, responds with
GetResourcePolicyOutput
with field(s):resource_arn(Option<String>)
:The Amazon Resource Name (ARN) of the CloudTrail channel attached to resource-based policy.
resource_policy(Option<String>)
:A JSON-formatted string that contains the resource-based policy attached to the CloudTrail channel.
- On failure, responds with
SdkError<GetResourcePolicyError>
source§impl Client
impl Client
sourcepub fn get_trail(&self) -> GetTrailFluentBuilder
pub fn get_trail(&self) -> GetTrailFluentBuilder
Constructs a fluent builder for the GetTrail
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueThe name or the Amazon Resource Name (ARN) of the trail for which you want to retrieve settings information.
- On success, responds with
GetTrailOutput
with field(s):trail(Option<Trail>)
:The settings for a trail.
- On failure, responds with
SdkError<GetTrailError>
source§impl Client
impl Client
sourcepub fn get_trail_status(&self) -> GetTrailStatusFluentBuilder
pub fn get_trail_status(&self) -> GetTrailStatusFluentBuilder
Constructs a fluent builder for the GetTrailStatus
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name or the CloudTrail ARN of the trail for which you are requesting status. To get the status of a shadow trail (a replication of the trail in another Region), you must specify its ARN. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- On success, responds with
GetTrailStatusOutput
with field(s):is_logging(Option<bool>)
:Whether the CloudTrail trail is currently logging Amazon Web Services API calls.
latest_delivery_error(Option<String>)
:Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver log files to the designated bucket. For more information, see Error Responses in the Amazon S3 API Reference.
This error occurs only when there is a problem with the destination S3 bucket, and does not occur for requests that time out. To resolve the issue, create a new bucket, and then call
UpdateTrail
to specify the new bucket; or fix the existing objects so that CloudTrail can again write to the bucket.latest_notification_error(Option<String>)
:Displays any Amazon SNS error that CloudTrail encountered when attempting to send a notification. For more information about Amazon SNS errors, see the Amazon SNS Developer Guide.
latest_delivery_time(Option<DateTime>)
:Specifies the date and time that CloudTrail last delivered log files to an account’s Amazon S3 bucket.
latest_notification_time(Option<DateTime>)
:Specifies the date and time of the most recent Amazon SNS notification that CloudTrail has written a new log file to an account’s Amazon S3 bucket.
start_logging_time(Option<DateTime>)
:Specifies the most recent date and time when CloudTrail started recording API calls for an Amazon Web Services account.
stop_logging_time(Option<DateTime>)
:Specifies the most recent date and time when CloudTrail stopped recording API calls for an Amazon Web Services account.
latest_cloud_watch_logs_delivery_error(Option<String>)
:Displays any CloudWatch Logs error that CloudTrail encountered when attempting to deliver logs to CloudWatch Logs.
latest_cloud_watch_logs_delivery_time(Option<DateTime>)
:Displays the most recent date and time when CloudTrail delivered logs to CloudWatch Logs.
latest_digest_delivery_time(Option<DateTime>)
:Specifies the date and time that CloudTrail last delivered a digest file to an account’s Amazon S3 bucket.
latest_digest_delivery_error(Option<String>)
:Displays any Amazon S3 error that CloudTrail encountered when attempting to deliver a digest file to the designated bucket. For more information, see Error Responses in the Amazon S3 API Reference.
This error occurs only when there is a problem with the destination S3 bucket, and does not occur for requests that time out. To resolve the issue, create a new bucket, and then call
UpdateTrail
to specify the new bucket; or fix the existing objects so that CloudTrail can again write to the bucket.latest_delivery_attempt_time(Option<String>)
:This field is no longer in use.
latest_notification_attempt_time(Option<String>)
:This field is no longer in use.
latest_notification_attempt_succeeded(Option<String>)
:This field is no longer in use.
latest_delivery_attempt_succeeded(Option<String>)
:This field is no longer in use.
time_logging_started(Option<String>)
:This field is no longer in use.
time_logging_stopped(Option<String>)
:This field is no longer in use.
- On failure, responds with
SdkError<GetTrailStatusError>
source§impl Client
impl Client
sourcepub fn list_channels(&self) -> ListChannelsFluentBuilder
pub fn list_channels(&self) -> ListChannelsFluentBuilder
Constructs a fluent builder for the ListChannels
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of CloudTrail channels to display on a single page.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseThe token to use to get the next page of results after a previous API call. This token must be passed in with the same parameters that were specified in the original call. For example, if the original call specified an AttributeKey of ‘Username’ with a value of ‘root’, the call with NextToken should include those same parameters.
- On success, responds with
ListChannelsOutput
with field(s):channels(Option<Vec::<Channel>>)
:The list of channels in the account.
next_token(Option<String>)
:The token to use to get the next page of results after a previous API call.
- On failure, responds with
SdkError<ListChannelsError>
source§impl Client
impl Client
sourcepub fn list_event_data_stores(&self) -> ListEventDataStoresFluentBuilder
pub fn list_event_data_stores(&self) -> ListEventDataStoresFluentBuilder
Constructs a fluent builder for the ListEventDataStores
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseA token you can use to get the next page of event data store results.
max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of event data stores to display on a single page.
- On success, responds with
ListEventDataStoresOutput
with field(s):event_data_stores(Option<Vec::<EventDataStore>>)
:Contains information about event data stores in the account, in the current Region.
next_token(Option<String>)
:A token you can use to get the next page of results.
- On failure, responds with
SdkError<ListEventDataStoresError>
source§impl Client
impl Client
sourcepub fn list_import_failures(&self) -> ListImportFailuresFluentBuilder
pub fn list_import_failures(&self) -> ListImportFailuresFluentBuilder
Constructs a fluent builder for the ListImportFailures
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
import_id(impl Into<String>)
/set_import_id(Option<String>)
:
required: trueThe ID of the import.
max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of failures to display on a single page.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseA token you can use to get the next page of import failures.
- On success, responds with
ListImportFailuresOutput
with field(s):failures(Option<Vec::<ImportFailureListItem>>)
:Contains information about the import failures.
next_token(Option<String>)
:A token you can use to get the next page of results.
- On failure, responds with
SdkError<ListImportFailuresError>
source§impl Client
impl Client
sourcepub fn list_imports(&self) -> ListImportsFluentBuilder
pub fn list_imports(&self) -> ListImportsFluentBuilder
Constructs a fluent builder for the ListImports
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of imports to display on a single page.
destination(impl Into<String>)
/set_destination(Option<String>)
:
required: falseThe ARN of the destination event data store.
import_status(ImportStatus)
/set_import_status(Option<ImportStatus>)
:
required: falseThe status of the import.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseA token you can use to get the next page of import results.
- On success, responds with
ListImportsOutput
with field(s):imports(Option<Vec::<ImportsListItem>>)
:The list of returned imports.
next_token(Option<String>)
:A token you can use to get the next page of import results.
- On failure, responds with
SdkError<ListImportsError>
source§impl Client
impl Client
sourcepub fn list_insights_metric_data(&self) -> ListInsightsMetricDataFluentBuilder
pub fn list_insights_metric_data(&self) -> ListInsightsMetricDataFluentBuilder
Constructs a fluent builder for the ListInsightsMetricData
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
event_source(impl Into<String>)
/set_event_source(Option<String>)
:
required: trueThe Amazon Web Services service to which the request was made, such as
iam.amazonaws.com
ors3.amazonaws.com
.event_name(impl Into<String>)
/set_event_name(Option<String>)
:
required: trueThe name of the event, typically the Amazon Web Services API on which unusual levels of activity were recorded.
insight_type(InsightType)
/set_insight_type(Option<InsightType>)
:
required: trueThe type of CloudTrail Insights event, which is either
ApiCallRateInsight
orApiErrorRateInsight
. TheApiCallRateInsight
Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume. TheApiErrorRateInsight
Insights type analyzes management API calls that result in error codes.error_code(impl Into<String>)
/set_error_code(Option<String>)
:
required: falseConditionally required if the
InsightType
parameter is set toApiErrorRateInsight
.If returning metrics for the
ApiErrorRateInsight
Insights type, this is the error to retrieve data for. For example,AccessDenied
.start_time(DateTime)
/set_start_time(Option<DateTime>)
:
required: falseSpecifies, in UTC, the start time for time-series data. The value specified is inclusive; results include data points with the specified time stamp.
The default is 90 days before the time of request.
end_time(DateTime)
/set_end_time(Option<DateTime>)
:
required: falseSpecifies, in UTC, the end time for time-series data. The value specified is exclusive; results include data points up to the specified time stamp.
The default is the time of request.
period(i32)
/set_period(Option<i32>)
:
required: falseGranularity of data to retrieve, in seconds. Valid values are
60
,300
, and3600
. If you specify any other value, you will get an error. The default is 3600 seconds.data_type(InsightsMetricDataType)
/set_data_type(Option<InsightsMetricDataType>)
:
required: falseType of datapoints to return. Valid values are
NonZeroData
andFillWithZeros
. The default isNonZeroData
.max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of datapoints to return. Valid values are integers from 1 to 21600. The default value is 21600.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseReturned if all datapoints can’t be returned in a single call. For example, due to reaching
MaxResults
.Add this parameter to the request to continue retrieving results starting from the last evaluated point.
- On success, responds with
ListInsightsMetricDataOutput
with field(s):event_source(Option<String>)
:The Amazon Web Services service to which the request was made, such as
iam.amazonaws.com
ors3.amazonaws.com
.event_name(Option<String>)
:The name of the event, typically the Amazon Web Services API on which unusual levels of activity were recorded.
insight_type(Option<InsightType>)
:The type of CloudTrail Insights event, which is either
ApiCallRateInsight
orApiErrorRateInsight
. TheApiCallRateInsight
Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume. TheApiErrorRateInsight
Insights type analyzes management API calls that result in error codes.error_code(Option<String>)
:Only returned if
InsightType
parameter was set toApiErrorRateInsight
.If returning metrics for the
ApiErrorRateInsight
Insights type, this is the error to retrieve data for. For example,AccessDenied
.timestamps(Option<Vec::<DateTime>>)
:List of timestamps at intervals corresponding to the specified time period.
values(Option<Vec::<f64>>)
:List of values representing the API call rate or error rate at each timestamp. The number of values is equal to the number of timestamps.
next_token(Option<String>)
:Only returned if the full results could not be returned in a single query. You can set the
NextToken
parameter in the next request to this value to continue retrieval.
- On failure, responds with
SdkError<ListInsightsMetricDataError>
source§impl Client
impl Client
sourcepub fn list_public_keys(&self) -> ListPublicKeysFluentBuilder
pub fn list_public_keys(&self) -> ListPublicKeysFluentBuilder
Constructs a fluent builder for the ListPublicKeys
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
start_time(DateTime)
/set_start_time(Option<DateTime>)
:
required: falseOptionally specifies, in UTC, the start of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used, and the current public key is returned.
end_time(DateTime)
/set_end_time(Option<DateTime>)
:
required: falseOptionally specifies, in UTC, the end of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseReserved for future use.
- On success, responds with
ListPublicKeysOutput
with field(s):public_key_list(Option<Vec::<PublicKey>>)
:Contains an array of PublicKey objects.
The returned public keys may have validity time ranges that overlap.
next_token(Option<String>)
:Reserved for future use.
- On failure, responds with
SdkError<ListPublicKeysError>
source§impl Client
impl Client
sourcepub fn list_queries(&self) -> ListQueriesFluentBuilder
pub fn list_queries(&self) -> ListQueriesFluentBuilder
Constructs a fluent builder for the ListQueries
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or the ID suffix of the ARN) of an event data store on which queries were run.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseA token you can use to get the next page of results.
max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe maximum number of queries to show on a page.
start_time(DateTime)
/set_start_time(Option<DateTime>)
:
required: falseUse with
EndTime
to bound aListQueries
request, and limit its results to only those queries run within a specified time period.end_time(DateTime)
/set_end_time(Option<DateTime>)
:
required: falseUse with
StartTime
to bound aListQueries
request, and limit its results to only those queries run within a specified time period.query_status(QueryStatus)
/set_query_status(Option<QueryStatus>)
:
required: falseThe status of queries that you want to return in results. Valid values for
QueryStatus
includeQUEUED
,RUNNING
,FINISHED
,FAILED
,TIMED_OUT
, orCANCELLED
.
- On success, responds with
ListQueriesOutput
with field(s):queries(Option<Vec::<Query>>)
:Lists matching query results, and shows query ID, status, and creation time of each query.
next_token(Option<String>)
:A token you can use to get the next page of results.
- On failure, responds with
SdkError<ListQueriesError>
source§impl Client
impl Client
Constructs a fluent builder for the ListTags
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
resource_id_list(impl Into<String>)
/set_resource_id_list(Option<Vec::<String>>)
:
required: trueSpecifies a list of trail, event data store, or channel ARNs whose tags will be listed. The list has a limit of 20 ARNs.
Example trail ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
Example event data store ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE
Example channel ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseReserved for future use.
- On success, responds with
ListTagsOutput
with field(s):resource_tag_list(Option<Vec::<ResourceTag>>)
:A list of resource tags.
next_token(Option<String>)
:Reserved for future use.
- On failure, responds with
SdkError<ListTagsError>
source§impl Client
impl Client
sourcepub fn list_trails(&self) -> ListTrailsFluentBuilder
pub fn list_trails(&self) -> ListTrailsFluentBuilder
Constructs a fluent builder for the ListTrails
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseThe token to use to get the next page of results after a previous API call. This token must be passed in with the same parameters that were specified in the original call. For example, if the original call specified an AttributeKey of ‘Username’ with a value of ‘root’, the call with NextToken should include those same parameters.
- On success, responds with
ListTrailsOutput
with field(s):trails(Option<Vec::<TrailInfo>>)
:Returns the name, ARN, and home Region of trails in the current account.
next_token(Option<String>)
:The token to use to get the next page of results after a previous API call. If the token does not appear, there are no more results to return. The token must be passed in with the same parameters as the previous call. For example, if the original call specified an AttributeKey of ‘Username’ with a value of ‘root’, the call with NextToken should include those same parameters.
- On failure, responds with
SdkError<ListTrailsError>
source§impl Client
impl Client
sourcepub fn lookup_events(&self) -> LookupEventsFluentBuilder
pub fn lookup_events(&self) -> LookupEventsFluentBuilder
Constructs a fluent builder for the LookupEvents
operation.
This operation supports pagination; See into_paginator()
.
- The fluent builder is configurable:
lookup_attributes(LookupAttribute)
/set_lookup_attributes(Option<Vec::<LookupAttribute>>)
:
required: falseContains a list of lookup attributes. Currently the list can contain only one item.
start_time(DateTime)
/set_start_time(Option<DateTime>)
:
required: falseSpecifies that only events that occur after or at the specified time are returned. If the specified start time is after the specified end time, an error is returned.
end_time(DateTime)
/set_end_time(Option<DateTime>)
:
required: falseSpecifies that only events that occur before or at the specified time are returned. If the specified end time is before the specified start time, an error is returned.
event_category(EventCategory)
/set_event_category(Option<EventCategory>)
:
required: falseSpecifies the event category. If you do not specify an event category, events of the category are not returned in the response. For example, if you do not specify
insight
as the value ofEventCategory
, no Insights events are returned.max_results(i32)
/set_max_results(Option<i32>)
:
required: falseThe number of events to return. Possible values are 1 through 50. The default is 50.
next_token(impl Into<String>)
/set_next_token(Option<String>)
:
required: falseThe token to use to get the next page of results after a previous API call. This token must be passed in with the same parameters that were specified in the original call. For example, if the original call specified an AttributeKey of ‘Username’ with a value of ‘root’, the call with NextToken should include those same parameters.
- On success, responds with
LookupEventsOutput
with field(s):events(Option<Vec::<Event>>)
:A list of events returned based on the lookup attributes specified and the CloudTrail event. The events list is sorted by time. The most recent event is listed first.
next_token(Option<String>)
:The token to use to get the next page of results after a previous API call. If the token does not appear, there are no more results to return. The token must be passed in with the same parameters as the previous call. For example, if the original call specified an AttributeKey of ‘Username’ with a value of ‘root’, the call with NextToken should include those same parameters.
- On failure, responds with
SdkError<LookupEventsError>
source§impl Client
impl Client
sourcepub fn put_event_selectors(&self) -> PutEventSelectorsFluentBuilder
pub fn put_event_selectors(&self) -> PutEventSelectorsFluentBuilder
Constructs a fluent builder for the PutEventSelectors
operation.
- The fluent builder is configurable:
trail_name(impl Into<String>)
/set_trail_name(Option<String>)
:
required: trueSpecifies the name of the trail or trail ARN. If you specify a trail name, the string must meet the following requirements:
-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy–namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
If you specify a trail ARN, it must be in the following format.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
-
event_selectors(EventSelector)
/set_event_selectors(Option<Vec::<EventSelector>>)
:
required: falseSpecifies the settings for your event selectors. You can configure up to five event selectors for a trail. You can use either
EventSelectors
orAdvancedEventSelectors
in aPutEventSelectors
request, but not both. If you applyEventSelectors
to a trail, any existingAdvancedEventSelectors
are overwritten.advanced_event_selectors(AdvancedEventSelector)
/set_advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:
required: falseSpecifies the settings for advanced event selectors. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either
AdvancedEventSelectors
orEventSelectors
, but not both. If you applyAdvancedEventSelectors
to a trail, any existingEventSelectors
are overwritten. For more information about advanced event selectors, see Logging data events in the CloudTrail User Guide.
- On success, responds with
PutEventSelectorsOutput
with field(s):trail_arn(Option<String>)
:Specifies the ARN of the trail that was updated with event selectors. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
event_selectors(Option<Vec::<EventSelector>>)
:Specifies the event selectors configured for your trail.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:Specifies the advanced event selectors configured for your trail.
- On failure, responds with
SdkError<PutEventSelectorsError>
source§impl Client
impl Client
sourcepub fn put_insight_selectors(&self) -> PutInsightSelectorsFluentBuilder
pub fn put_insight_selectors(&self) -> PutInsightSelectorsFluentBuilder
Constructs a fluent builder for the PutInsightSelectors
operation.
- The fluent builder is configurable:
trail_name(impl Into<String>)
/set_trail_name(Option<String>)
:
required: falseThe name of the CloudTrail trail for which you want to change or add Insights selectors.
You cannot use this parameter with the
EventDataStore
andInsightsDestination
parameters.insight_selectors(InsightSelector)
/set_insight_selectors(Option<Vec::<InsightSelector>>)
:
required: trueA JSON string that contains the Insights types you want to log on a trail or event data store.
ApiCallRateInsight
andApiErrorRateInsight
are valid Insight types.The
ApiCallRateInsight
Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.The
ApiErrorRateInsight
Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: falseThe ARN (or ID suffix of the ARN) of the source event data store for which you want to change or add Insights selectors. To enable Insights on an event data store, you must provide both the
EventDataStore
andInsightsDestination
parameters.You cannot use this parameter with the
TrailName
parameter.insights_destination(impl Into<String>)
/set_insights_destination(Option<String>)
:
required: falseThe ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. To enable Insights on an event data store, you must provide both the
EventDataStore
andInsightsDestination
parameters.You cannot use this parameter with the
TrailName
parameter.
- On success, responds with
PutInsightSelectorsOutput
with field(s):trail_arn(Option<String>)
:The Amazon Resource Name (ARN) of a trail for which you want to change or add Insights selectors.
insight_selectors(Option<Vec::<InsightSelector>>)
:A JSON string that contains the Insights event types that you want to log on a trail or event data store. The valid Insights types are
ApiErrorRateInsight
andApiCallRateInsight
.event_data_store_arn(Option<String>)
:The Amazon Resource Name (ARN) of the source event data store for which you want to change or add Insights selectors.
insights_destination(Option<String>)
:The ARN of the destination event data store that logs Insights events.
- On failure, responds with
SdkError<PutInsightSelectorsError>
source§impl Client
impl Client
sourcepub fn put_resource_policy(&self) -> PutResourcePolicyFluentBuilder
pub fn put_resource_policy(&self) -> PutResourcePolicyFluentBuilder
Constructs a fluent builder for the PutResourcePolicy
operation.
- The fluent builder is configurable:
resource_arn(impl Into<String>)
/set_resource_arn(Option<String>)
:
required: trueThe Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN:
arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel
.resource_policy(impl Into<String>)
/set_resource_policy(Option<String>)
:
required: trueA JSON-formatted string for an Amazon Web Services resource-based policy.
The following are requirements for the resource policy:
-
Contains only one action: cloudtrail-data:PutAuditEvents
-
Contains at least one statement. The policy can have a maximum of 20 statements.
-
Each statement contains at least one principal. A statement can have a maximum of 50 principals.
-
- On success, responds with
PutResourcePolicyOutput
with field(s):resource_arn(Option<String>)
:The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy.
resource_policy(Option<String>)
:The JSON-formatted string of the Amazon Web Services resource-based policy attached to the CloudTrail channel.
- On failure, responds with
SdkError<PutResourcePolicyError>
source§impl Client
impl Client
sourcepub fn register_organization_delegated_admin(
&self
) -> RegisterOrganizationDelegatedAdminFluentBuilder
pub fn register_organization_delegated_admin( &self ) -> RegisterOrganizationDelegatedAdminFluentBuilder
Constructs a fluent builder for the RegisterOrganizationDelegatedAdmin
operation.
- The fluent builder is configurable:
member_account_id(impl Into<String>)
/set_member_account_id(Option<String>)
:
required: trueAn organization member account ID that you want to designate as a delegated administrator.
- On success, responds with
RegisterOrganizationDelegatedAdminOutput
- On failure, responds with
SdkError<RegisterOrganizationDelegatedAdminError>
source§impl Client
impl Client
Constructs a fluent builder for the RemoveTags
operation.
- The fluent builder is configurable:
resource_id(impl Into<String>)
/set_resource_id(Option<String>)
:
required: trueSpecifies the ARN of the trail, event data store, or channel from which tags should be removed.
Example trail ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
Example event data store ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:eventdatastore/EXAMPLE-f852-4e8f-8bd1-bcf6cEXAMPLE
Example channel ARN format:
arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890
tags_list(Tag)
/set_tags_list(Option<Vec::<Tag>>)
:
required: trueSpecifies a list of tags to be removed.
- On success, responds with
RemoveTagsOutput
- On failure, responds with
SdkError<RemoveTagsError>
source§impl Client
impl Client
sourcepub fn restore_event_data_store(&self) -> RestoreEventDataStoreFluentBuilder
pub fn restore_event_data_store(&self) -> RestoreEventDataStoreFluentBuilder
Constructs a fluent builder for the RestoreEventDataStore
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or the ID suffix of the ARN) of the event data store that you want to restore.
- On success, responds with
RestoreEventDataStoreOutput
with field(s):event_data_store_arn(Option<String>)
:The event data store ARN.
name(Option<String>)
:The name of the event data store.
status(Option<EventDataStoreStatus>)
:The status of the event data store.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:The advanced event selectors that were used to select events.
multi_region_enabled(Option<bool>)
:Indicates whether the event data store is collecting events from all Regions, or only from the Region in which the event data store was created.
organization_enabled(Option<bool>)
:Indicates whether an event data store is collecting logged events for an organization in Organizations.
retention_period(Option<i32>)
:The retention period, in days.
termination_protection_enabled(Option<bool>)
:Indicates that termination protection is enabled and the event data store cannot be automatically deleted.
created_timestamp(Option<DateTime>)
:The timestamp of an event data store’s creation.
updated_timestamp(Option<DateTime>)
:The timestamp that shows when an event data store was updated, if applicable.
UpdatedTimestamp
is always either the same or newer than the time shown inCreatedTimestamp
.kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
billing_mode(Option<BillingMode>)
:The billing mode for the event data store.
- On failure, responds with
SdkError<RestoreEventDataStoreError>
source§impl Client
impl Client
sourcepub fn start_event_data_store_ingestion(
&self
) -> StartEventDataStoreIngestionFluentBuilder
pub fn start_event_data_store_ingestion( &self ) -> StartEventDataStoreIngestionFluentBuilder
Constructs a fluent builder for the StartEventDataStoreIngestion
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or ID suffix of the ARN) of the event data store for which you want to start ingestion.
- On success, responds with
StartEventDataStoreIngestionOutput
- On failure, responds with
SdkError<StartEventDataStoreIngestionError>
source§impl Client
impl Client
sourcepub fn start_import(&self) -> StartImportFluentBuilder
pub fn start_import(&self) -> StartImportFluentBuilder
Constructs a fluent builder for the StartImport
operation.
- The fluent builder is configurable:
destinations(impl Into<String>)
/set_destinations(Option<Vec::<String>>)
:
required: falseThe ARN of the destination event data store. Use this parameter for a new import.
import_source(ImportSource)
/set_import_source(Option<ImportSource>)
:
required: falseThe source S3 bucket for the import. Use this parameter for a new import.
start_event_time(DateTime)
/set_start_event_time(Option<DateTime>)
:
required: falseUse with
EndEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period. When you specify a time range, CloudTrail checks the prefix and log file names to verify the names contain a date between the specifiedStartEventTime
andEndEventTime
before attempting to import events.end_event_time(DateTime)
/set_end_event_time(Option<DateTime>)
:
required: falseUse with
StartEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period. When you specify a time range, CloudTrail checks the prefix and log file names to verify the names contain a date between the specifiedStartEventTime
andEndEventTime
before attempting to import events.import_id(impl Into<String>)
/set_import_id(Option<String>)
:
required: falseThe ID of the import. Use this parameter when you are retrying an import.
- On success, responds with
StartImportOutput
with field(s):import_id(Option<String>)
:The ID of the import.
destinations(Option<Vec::<String>>)
:The ARN of the destination event data store.
import_source(Option<ImportSource>)
:The source S3 bucket for the import.
start_event_time(Option<DateTime>)
:Used with
EndEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.end_event_time(Option<DateTime>)
:Used with
StartEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.import_status(Option<ImportStatus>)
:Shows the status of the import after a
StartImport
request. An import finishes with a status ofCOMPLETED
if there were no failures, orFAILED
if there were failures.created_timestamp(Option<DateTime>)
:The timestamp for the import’s creation.
updated_timestamp(Option<DateTime>)
:The timestamp of the import’s last update, if applicable.
- On failure, responds with
SdkError<StartImportError>
source§impl Client
impl Client
sourcepub fn start_logging(&self) -> StartLoggingFluentBuilder
pub fn start_logging(&self) -> StartLoggingFluentBuilder
Constructs a fluent builder for the StartLogging
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name or the CloudTrail ARN of the trail for which CloudTrail logs Amazon Web Services API calls. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- On success, responds with
StartLoggingOutput
- On failure, responds with
SdkError<StartLoggingError>
source§impl Client
impl Client
sourcepub fn start_query(&self) -> StartQueryFluentBuilder
pub fn start_query(&self) -> StartQueryFluentBuilder
Constructs a fluent builder for the StartQuery
operation.
- The fluent builder is configurable:
query_statement(impl Into<String>)
/set_query_statement(Option<String>)
:
required: falseThe SQL code of your query.
delivery_s3_uri(impl Into<String>)
/set_delivery_s3_uri(Option<String>)
:
required: falseThe URI for the S3 bucket where CloudTrail delivers the query results.
query_alias(impl Into<String>)
/set_query_alias(Option<String>)
:
required: falseThe alias that identifies a query template.
query_parameters(impl Into<String>)
/set_query_parameters(Option<Vec::<String>>)
:
required: falseThe query parameters for the specified
QueryAlias
.
- On success, responds with
StartQueryOutput
with field(s):query_id(Option<String>)
:The ID of the started query.
- On failure, responds with
SdkError<StartQueryError>
source§impl Client
impl Client
sourcepub fn stop_event_data_store_ingestion(
&self
) -> StopEventDataStoreIngestionFluentBuilder
pub fn stop_event_data_store_ingestion( &self ) -> StopEventDataStoreIngestionFluentBuilder
Constructs a fluent builder for the StopEventDataStoreIngestion
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or ID suffix of the ARN) of the event data store for which you want to stop ingestion.
- On success, responds with
StopEventDataStoreIngestionOutput
- On failure, responds with
SdkError<StopEventDataStoreIngestionError>
source§impl Client
impl Client
sourcepub fn stop_import(&self) -> StopImportFluentBuilder
pub fn stop_import(&self) -> StopImportFluentBuilder
Constructs a fluent builder for the StopImport
operation.
- The fluent builder is configurable:
import_id(impl Into<String>)
/set_import_id(Option<String>)
:
required: trueThe ID of the import.
- On success, responds with
StopImportOutput
with field(s):import_id(Option<String>)
:The ID for the import.
import_source(Option<ImportSource>)
:The source S3 bucket for the import.
destinations(Option<Vec::<String>>)
:The ARN of the destination event data store.
import_status(Option<ImportStatus>)
:The status of the import.
created_timestamp(Option<DateTime>)
:The timestamp of the import’s creation.
updated_timestamp(Option<DateTime>)
:The timestamp of the import’s last update.
start_event_time(Option<DateTime>)
:Used with
EndEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.end_event_time(Option<DateTime>)
:Used with
StartEventTime
to bound aStartImport
request, and limit imported trail events to only those events logged within a specified time period.import_statistics(Option<ImportStatistics>)
:Returns information on the stopped import.
- On failure, responds with
SdkError<StopImportError>
source§impl Client
impl Client
sourcepub fn stop_logging(&self) -> StopLoggingFluentBuilder
pub fn stop_logging(&self) -> StopLoggingFluentBuilder
Constructs a fluent builder for the StopLogging
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name or the CloudTrail ARN of the trail for which CloudTrail will stop logging Amazon Web Services API calls. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
- On success, responds with
StopLoggingOutput
- On failure, responds with
SdkError<StopLoggingError>
source§impl Client
impl Client
sourcepub fn update_channel(&self) -> UpdateChannelFluentBuilder
pub fn update_channel(&self) -> UpdateChannelFluentBuilder
Constructs a fluent builder for the UpdateChannel
operation.
- The fluent builder is configurable:
channel(impl Into<String>)
/set_channel(Option<String>)
:
required: trueThe ARN or ID (the ARN suffix) of the channel that you want to update.
destinations(Destination)
/set_destinations(Option<Vec::<Destination>>)
:
required: falseThe ARNs of event data stores that you want to log events arriving through the channel.
name(impl Into<String>)
/set_name(Option<String>)
:
required: falseChanges the name of the channel.
- On success, responds with
UpdateChannelOutput
with field(s):channel_arn(Option<String>)
:The ARN of the channel that was updated.
name(Option<String>)
:The name of the channel that was updated.
source(Option<String>)
:The event source of the channel that was updated.
destinations(Option<Vec::<Destination>>)
:The event data stores that log events arriving through the channel.
- On failure, responds with
SdkError<UpdateChannelError>
source§impl Client
impl Client
sourcepub fn update_event_data_store(&self) -> UpdateEventDataStoreFluentBuilder
pub fn update_event_data_store(&self) -> UpdateEventDataStoreFluentBuilder
Constructs a fluent builder for the UpdateEventDataStore
operation.
- The fluent builder is configurable:
event_data_store(impl Into<String>)
/set_event_data_store(Option<String>)
:
required: trueThe ARN (or the ID suffix of the ARN) of the event data store that you want to update.
name(impl Into<String>)
/set_name(Option<String>)
:
required: falseThe event data store name.
advanced_event_selectors(AdvancedEventSelector)
/set_advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:
required: falseThe advanced event selectors used to select events for the event data store. You can configure up to five advanced event selectors for each event data store.
multi_region_enabled(bool)
/set_multi_region_enabled(Option<bool>)
:
required: falseSpecifies whether an event data store collects events from all Regions, or only from the Region in which it was created.
organization_enabled(bool)
/set_organization_enabled(Option<bool>)
:
required: falseSpecifies whether an event data store collects events logged for an organization in Organizations.
Only the management account for the organization can convert an organization event data store to a non-organization event data store, or convert a non-organization event data store to an organization event data store.
retention_period(i32)
/set_retention_period(Option<i32>)
:
required: falseThe retention period of the event data store, in days. If
BillingMode
is set toEXTENDABLE_RETENTION_PRICING
, you can set a retention period of up to 3653 days, the equivalent of 10 years. IfBillingMode
is set toFIXED_RETENTION_PRICING
, you can set a retention period of up to 2557 days, the equivalent of seven years.CloudTrail Lake determines whether to retain an event by checking if the
eventTime
of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when theeventTime
is older than 90 days.If you decrease the retention period of an event data store, CloudTrail will remove any events with an
eventTime
older than the new retention period. For example, if the previous retention period was 365 days and you decrease it to 100 days, CloudTrail will remove events with aneventTime
older than 100 days.termination_protection_enabled(bool)
/set_termination_protection_enabled(Option<bool>)
:
required: falseIndicates that termination protection is enabled and the event data store cannot be automatically deleted.
kms_key_id(impl Into<String>)
/set_kms_key_id(Option<String>)
:
required: falseSpecifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by
alias/
, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store.
CloudTrail also supports KMS multi-Region keys. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.
Examples:
-
alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
-
12345678-1234-1234-1234-123456789012
-
billing_mode(BillingMode)
/set_billing_mode(Option<BillingMode>)
:
required: falseYou can’t change the billing mode from
EXTENDABLE_RETENTION_PRICING
toFIXED_RETENTION_PRICING
. IfBillingMode
is set toEXTENDABLE_RETENTION_PRICING
and you want to useFIXED_RETENTION_PRICING
instead, you’ll need to stop ingestion on the event data store and create a new event data store that usesFIXED_RETENTION_PRICING
.The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.
The following are the possible values:
-
EXTENDABLE_RETENTION_PRICING
- This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days. -
FIXED_RETENTION_PRICING
- This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.
For more information about CloudTrail pricing, see CloudTrail Pricing and Managing CloudTrail Lake costs.
-
- On success, responds with
UpdateEventDataStoreOutput
with field(s):event_data_store_arn(Option<String>)
:The ARN of the event data store.
name(Option<String>)
:The name of the event data store.
status(Option<EventDataStoreStatus>)
:The status of an event data store.
advanced_event_selectors(Option<Vec::<AdvancedEventSelector>>)
:The advanced event selectors that are applied to the event data store.
multi_region_enabled(Option<bool>)
:Indicates whether the event data store includes events from all Regions, or only from the Region in which it was created.
organization_enabled(Option<bool>)
:Indicates whether an event data store is collecting logged events for an organization in Organizations.
retention_period(Option<i32>)
:The retention period, in days.
termination_protection_enabled(Option<bool>)
:Indicates whether termination protection is enabled for the event data store.
created_timestamp(Option<DateTime>)
:The timestamp that shows when an event data store was first created.
updated_timestamp(Option<DateTime>)
:The timestamp that shows when the event data store was last updated.
UpdatedTimestamp
is always either the same or newer than the time shown inCreatedTimestamp
.kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the events delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
billing_mode(Option<BillingMode>)
:The billing mode for the event data store.
federation_status(Option<FederationStatus>)
:Indicates the Lake query federation status. The status is
ENABLED
if Lake query federation is enabled, orDISABLED
if Lake query federation is disabled. You cannot delete an event data store if theFederationStatus
isENABLED
.federation_role_arn(Option<String>)
:If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.
- On failure, responds with
SdkError<UpdateEventDataStoreError>
source§impl Client
impl Client
sourcepub fn update_trail(&self) -> UpdateTrailFluentBuilder
pub fn update_trail(&self) -> UpdateTrailFluentBuilder
Constructs a fluent builder for the UpdateTrail
operation.
- The fluent builder is configurable:
name(impl Into<String>)
/set_name(Option<String>)
:
required: trueSpecifies the name of the trail or trail ARN. If
Name
is a trail name, the string must meet the following requirements:-
Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
-
Start with a letter or number, and end with a letter or number
-
Be between 3 and 128 characters
-
Have no adjacent periods, underscores or dashes. Names like
my-_namespace
andmy–namespace
are not valid. -
Not be in IP address format (for example, 192.168.5.4)
If
Name
is a trail ARN, it must be in the following format.arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
-
s3_bucket_name(impl Into<String>)
/set_s3_bucket_name(Option<String>)
:
required: falseSpecifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements.
s3_key_prefix(impl Into<String>)
/set_s3_key_prefix(Option<String>)
:
required: falseSpecifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
sns_topic_name(impl Into<String>)
/set_sns_topic_name(Option<String>)
:
required: falseSpecifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
include_global_service_events(bool)
/set_include_global_service_events(Option<bool>)
:
required: falseSpecifies whether the trail is publishing events from global services such as IAM to the log files.
is_multi_region_trail(bool)
/set_is_multi_region_trail(Option<bool>)
:
required: falseSpecifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.
enable_log_file_validation(bool)
/set_enable_log_file_validation(Option<bool>)
:
required: falseSpecifies whether log file validation is enabled. The default is false.
When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.
cloud_watch_logs_log_group_arn(impl Into<String>)
/set_cloud_watch_logs_log_group_arn(Option<String>)
:
required: falseSpecifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.
Not required unless you specify
CloudWatchLogsRoleArn
.cloud_watch_logs_role_arn(impl Into<String>)
/set_cloud_watch_logs_role_arn(Option<String>)
:
required: falseSpecifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group. You must use a role that exists in your account.
kms_key_id(impl Into<String>)
/set_kms_key_id(Option<String>)
:
required: falseSpecifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by “alias/”, a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
CloudTrail also supports KMS multi-Region keys. For more information about multi-Region keys, see Using multi-Region keys in the Key Management Service Developer Guide.
Examples:
-
alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:alias/MyAliasName
-
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
-
12345678-1234-1234-1234-123456789012
-
is_organization_trail(bool)
/set_is_organization_trail(Option<bool>)
:
required: falseSpecifies whether the trail is applied to all accounts in an organization in Organizations, or only for the current Amazon Web Services account. The default is false, and cannot be true unless the call is made on behalf of an Amazon Web Services account that is the management account for an organization in Organizations. If the trail is not an organization trail and this is set to
true
, the trail will be created in all Amazon Web Services accounts that belong to the organization. If the trail is an organization trail and this is set tofalse
, the trail will remain in the current Amazon Web Services account but be deleted from all member accounts in the organization.Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.
- On success, responds with
UpdateTrailOutput
with field(s):name(Option<String>)
:Specifies the name of the trail.
s3_bucket_name(Option<String>)
:Specifies the name of the Amazon S3 bucket designated for publishing log files.
s3_key_prefix(Option<String>)
:Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your IAM Log Files.
sns_topic_name(Option<String>)
:This field is no longer in use. Use
SnsTopicARN
.sns_topic_arn(Option<String>)
:Specifies the ARN of the Amazon SNS topic that CloudTrail uses to send notifications when log files are delivered. The following is the format of a topic ARN.
arn:aws:sns:us-east-2:123456789012:MyTopic
include_global_service_events(Option<bool>)
:Specifies whether the trail is publishing events from global services such as IAM to the log files.
is_multi_region_trail(Option<bool>)
:Specifies whether the trail exists in one Region or in all Regions.
trail_arn(Option<String>)
:Specifies the ARN of the trail that was updated. The following is the format of a trail ARN.
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail
log_file_validation_enabled(Option<bool>)
:Specifies whether log file integrity validation is enabled.
cloud_watch_logs_log_group_arn(Option<String>)
:Specifies the Amazon Resource Name (ARN) of the log group to which CloudTrail logs are delivered.
cloud_watch_logs_role_arn(Option<String>)
:Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group.
kms_key_id(Option<String>)
:Specifies the KMS key ID that encrypts the logs delivered by CloudTrail. The value is a fully specified ARN to a KMS key in the following format.
arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012
is_organization_trail(Option<bool>)
:Specifies whether the trail is an organization trail.
- On failure, responds with
SdkError<UpdateTrailError>
source§impl Client
impl Client
sourcepub fn from_conf(conf: Config) -> Self
pub fn from_conf(conf: Config) -> Self
Creates a new client from the service Config
.
§Panics
This method will panic in the following cases:
- Retries or timeouts are enabled without a
sleep_impl
configured. - Identity caching is enabled without a
sleep_impl
andtime_source
configured. - No
behavior_version
is provided.
The panic message for each of these will have instructions on how to resolve them.
source§impl Client
impl Client
sourcepub fn new(sdk_config: &SdkConfig) -> Self
pub fn new(sdk_config: &SdkConfig) -> Self
Creates a new client from an SDK Config.
§Panics
- This method will panic if the
sdk_config
is missing an async sleep implementation. If you experience this panic, set thesleep_impl
on the Config passed into this function to fix it. - This method will panic if the
sdk_config
is missing an HTTP connector. If you experience this panic, set thehttp_connector
on the Config passed into this function to fix it. - This method will panic if no
BehaviorVersion
is provided. If you experience this panic, setbehavior_version
on the Config or enable thebehavior-version-latest
Cargo feature.
Trait Implementations§
Auto Trait Implementations§
impl Freeze for Client
impl !RefUnwindSafe for Client
impl Send for Client
impl Sync for Client
impl Unpin for Client
impl !UnwindSafe for Client
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more