com.amazonaws.services.cloudtrail.AWSCloudTrail Maven / Gradle / Ivy
Show all versions of aws-java-sdk-cloudtrail Show documentation
/*
* Copyright 2013-2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.cloudtrail;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.cloudtrail.model.*;
/**
* Interface for accessing CloudTrail.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.cloudtrail.AbstractAWSCloudTrail} instead.
*
*
* AWS CloudTrail
*
* This is the CloudTrail API Reference. It provides descriptions of actions, data types, common parameters, and common
* errors for CloudTrail.
*
*
* CloudTrail is a web service that records AWS API calls for your AWS account and delivers log files to an Amazon S3
* bucket. The recorded information includes the identity of the user, the start time of the AWS API call, the source IP
* address, the request parameters, and the response elements returned by the service.
*
*
*
* As an alternative to the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various
* programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to
* create programmatic access to AWSCloudTrail. For example, the SDKs take care of cryptographically signing requests,
* managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download
* and install them, see the Tools for Amazon Web Services page.
*
*
*
* See the AWS CloudTrail
* User Guide for information about the data that is included with each AWS API call listed in the log files.
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSCloudTrail {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "cloudtrail";
/**
* Overrides the default endpoint for this client ("cloudtrail.us-east-1.amazonaws.com"). Callers can use this
* method to control which AWS region they want to work with.
*
* Callers can pass in just the endpoint (ex: "cloudtrail.us-east-1.amazonaws.com") or a full URL, including the
* protocol (ex: "cloudtrail.us-east-1.amazonaws.com"). If the protocol is not specified here, the default protocol
* from this client's {@link ClientConfiguration} will be used, which by default is HTTPS.
*
* For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available
* endpoints for all AWS services, see:
* http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3912
*
* This method is not threadsafe. An endpoint should be configured when the client is created and before any
* service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in
* transit or retrying.
*
* @param endpoint
* The endpoint (ex: "cloudtrail.us-east-1.amazonaws.com") or a full URL, including the protocol (ex:
* "cloudtrail.us-east-1.amazonaws.com") of the region specific AWS endpoint this client will communicate
* with.
* @deprecated use {@link AwsClientBuilder#setEndpointConfiguration(AwsClientBuilder.EndpointConfiguration)} for
* example:
* {@code builder.setEndpointConfiguration(new EndpointConfiguration(endpoint, signingRegion));}
*/
@Deprecated
void setEndpoint(String endpoint);
/**
* An alternative to {@link AWSCloudTrail#setEndpoint(String)}, sets the regional endpoint for this client's service
* calls. Callers can use this method to control which AWS region they want to work with.
*
* By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the
* {@link ClientConfiguration} supplied at construction.
*
* This method is not threadsafe. A region should be configured when the client is created and before any service
* requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit
* or retrying.
*
* @param region
* The region this client will communicate with. See {@link Region#getRegion(com.amazonaws.regions.Regions)}
* for accessing a given region. Must not be null and must be a region where the service is available.
*
* @see Region#getRegion(com.amazonaws.regions.Regions)
* @see Region#createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration)
* @see Region#isServiceSupported(String)
* @deprecated use {@link AwsClientBuilder#setRegion(String)}
*/
@Deprecated
void setRegion(Region region);
/**
*
* Adds one or more tags to a trail, up to a limit of 50. Tags must be unique per trail. Overwrites an existing
* tag's value when a new value is specified for an existing tag key. If you specify a key without a value, the tag
* will be created with the specified key and a value of null. You can tag a trail that applies to all regions only
* from the region in which the trail was created (that is, from its home region).
*
*
* @param addTagsRequest
* Specifies the tags to add to a trail.
* @return Result of the AddTags operation returned by the service.
* @throws ResourceNotFoundException
* This exception is thrown when the specified resource is not found.
* @throws CloudTrailARNInvalidException
* This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN
* is:
*
* arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
* @throws ResourceTypeNotSupportedException
* This exception is thrown when the specified resource type is not supported by CloudTrail.
* @throws TagsLimitExceededException
* The number of tags per trail has exceeded the permitted amount. Currently, the limit is 50.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidTagParameterException
* This exception is thrown when the key or value specified for the tag does not match the regular
* expression ^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.AddTags
* @see AWS API
* Documentation
*/
AddTagsResult addTags(AddTagsRequest addTagsRequest);
/**
*
* Creates a trail that specifies the settings for delivery of log data to an Amazon S3 bucket. A maximum of five
* trails can exist in a region, irrespective of the region in which they were created.
*
*
* @param createTrailRequest
* Specifies the settings for each trail.
* @return Result of the CreateTrail operation returned by the service.
* @throws MaximumNumberOfTrailsExceededException
* This exception is thrown when the maximum number of trails is reached.
* @throws TrailAlreadyExistsException
* This exception is thrown when the specified trail already exists.
* @throws S3BucketDoesNotExistException
* This exception is thrown when the specified S3 bucket does not exist.
* @throws InsufficientS3BucketPolicyException
* This exception is thrown when the policy on the S3 bucket is not sufficient.
* @throws InsufficientSnsTopicPolicyException
* This exception is thrown when the policy on the SNS topic is not sufficient.
* @throws InsufficientEncryptionPolicyException
* This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.
* @throws InvalidS3BucketNameException
* This exception is thrown when the provided S3 bucket name is not valid.
* @throws InvalidS3PrefixException
* This exception is thrown when the provided S3 prefix is not valid.
* @throws InvalidSnsTopicNameException
* This exception is thrown when the provided SNS topic name is not valid.
* @throws InvalidKmsKeyIdException
* This exception is thrown when the KMS key ARN is invalid.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws TrailNotProvidedException
* This exception is deprecated.
* @throws InvalidParameterCombinationException
* This exception is thrown when the combination of parameters provided is not valid.
* @throws KmsKeyNotFoundException
* This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not
* in the same region.
* @throws KmsKeyDisabledException
* This exception is deprecated.
* @throws KmsException
* This exception is thrown when there is an issue with the specified KMS key and the trail can’t be
* updated.
* @throws InvalidCloudWatchLogsLogGroupArnException
* This exception is thrown when the provided CloudWatch log group is not valid.
* @throws InvalidCloudWatchLogsRoleArnException
* This exception is thrown when the provided role is not valid.
* @throws CloudWatchLogsDeliveryUnavailableException
* Cannot set a CloudWatch Logs delivery for this region.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.CreateTrail
* @see AWS API
* Documentation
*/
CreateTrailResult createTrail(CreateTrailRequest createTrailRequest);
/**
*
* Deletes a trail. This operation must be called from the region in which the trail was created.
* DeleteTrail cannot be called on the shadow trails (replicated trails in other regions) of a trail
* that is enabled in all regions.
*
*
* @param deleteTrailRequest
* The request that specifies the name of a trail to delete.
* @return Result of the DeleteTrail operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidHomeRegionException
* This exception is thrown when an operation is called on a trail from a region other than the region in
* which the trail was created.
* @sample AWSCloudTrail.DeleteTrail
* @see AWS API
* Documentation
*/
DeleteTrailResult deleteTrail(DeleteTrailRequest deleteTrailRequest);
/**
*
* Retrieves settings for the trail associated with the current region for your account.
*
*
* @param describeTrailsRequest
* Returns information about the trail.
* @return Result of the DescribeTrails operation returned by the service.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.DescribeTrails
* @see AWS API
* Documentation
*/
DescribeTrailsResult describeTrails(DescribeTrailsRequest describeTrailsRequest);
/**
* Simplified method form for invoking the DescribeTrails operation.
*
* @see #describeTrails(DescribeTrailsRequest)
*/
DescribeTrailsResult describeTrails();
/**
*
* Describes the settings for the event selectors that you configured for your trail. The information returned for
* your event selectors includes the following:
*
*
* -
*
* The S3 objects that you are logging for data events.
*
*
* -
*
* If your event selector includes management events.
*
*
* -
*
* If your event selector includes read-only events, write-only events, or all.
*
*
*
*
* For more information, see Logging Data and Management Events for Trails in the AWS CloudTrail User Guide.
*
*
* @param getEventSelectorsRequest
* @return Result of the GetEventSelectors operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.GetEventSelectors
* @see AWS
* API Documentation
*/
GetEventSelectorsResult getEventSelectors(GetEventSelectorsRequest getEventSelectorsRequest);
/**
*
* Returns a JSON-formatted list of information about the specified trail. Fields include information on delivery
* errors, Amazon SNS and Amazon S3 errors, and start and stop logging times for each trail. This operation returns
* trail status from a single region. To return trail status from all regions, you must call the operation on each
* region.
*
*
* @param getTrailStatusRequest
* The name of a trail about which you want the current status.
* @return Result of the GetTrailStatus operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @sample AWSCloudTrail.GetTrailStatus
* @see AWS API
* Documentation
*/
GetTrailStatusResult getTrailStatus(GetTrailStatusRequest getTrailStatusRequest);
/**
*
* Returns all public keys whose private keys were used to sign the digest files within the specified time range.
* The public key is needed to validate digest files that were signed with its corresponding private key.
*
*
*
* CloudTrail uses different private/public key pairs per region. Each digest file is signed with a private key
* unique to its region. Therefore, when you validate a digest file from a particular region, you must look in the
* same region for its corresponding public key.
*
*
*
* @param listPublicKeysRequest
* Requests the public keys for a specified time range.
* @return Result of the ListPublicKeys operation returned by the service.
* @throws InvalidTimeRangeException
* Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time
* range is outside the range of possible values.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @throws InvalidTokenException
* Reserved for future use.
* @sample AWSCloudTrail.ListPublicKeys
* @see AWS API
* Documentation
*/
ListPublicKeysResult listPublicKeys(ListPublicKeysRequest listPublicKeysRequest);
/**
* Simplified method form for invoking the ListPublicKeys operation.
*
* @see #listPublicKeys(ListPublicKeysRequest)
*/
ListPublicKeysResult listPublicKeys();
/**
*
* Lists the tags for the trail in the current region.
*
*
* @param listTagsRequest
* Specifies a list of trail tags to return.
* @return Result of the ListTags operation returned by the service.
* @throws ResourceNotFoundException
* This exception is thrown when the specified resource is not found.
* @throws CloudTrailARNInvalidException
* This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN
* is:
*
* arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
* @throws ResourceTypeNotSupportedException
* This exception is thrown when the specified resource type is not supported by CloudTrail.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @throws InvalidTokenException
* Reserved for future use.
* @sample AWSCloudTrail.ListTags
* @see AWS API
* Documentation
*/
ListTagsResult listTags(ListTagsRequest listTagsRequest);
/**
*
* Looks up API activity events captured by CloudTrail that create, update, or delete resources in your account.
* Events for a region can be looked up for the times in which you had CloudTrail turned on in that region during
* the last seven days. Lookup supports the following attributes:
*
*
* -
*
* Event ID
*
*
* -
*
* Event name
*
*
* -
*
* Event source
*
*
* -
*
* Resource name
*
*
* -
*
* Resource type
*
*
* -
*
* User name
*
*
*
*
* All attributes are optional. The default number of results returned is 10, with a maximum of 50 possible. The
* response includes a token that you can use to get the next page of results.
*
*
*
* The rate of lookup requests is limited to one per second per account. If this limit is exceeded, a throttling
* error occurs.
*
*
*
* Events that occurred during the selected time range will not be available for lookup if CloudTrail logging was
* not enabled when the events occurred.
*
*
*
* @param lookupEventsRequest
* Contains a request for LookupEvents.
* @return Result of the LookupEvents operation returned by the service.
* @throws InvalidLookupAttributesException
* Occurs when an invalid lookup attribute is specified.
* @throws InvalidTimeRangeException
* Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time
* range is outside the range of possible values.
* @throws InvalidMaxResultsException
* This exception is thrown if the limit specified is invalid.
* @throws InvalidNextTokenException
* Invalid token or token that was previously used in a request with different parameters. This exception is
* thrown if the token is invalid.
* @sample AWSCloudTrail.LookupEvents
* @see AWS API
* Documentation
*/
LookupEventsResult lookupEvents(LookupEventsRequest lookupEventsRequest);
/**
* Simplified method form for invoking the LookupEvents operation.
*
* @see #lookupEvents(LookupEventsRequest)
*/
LookupEventsResult lookupEvents();
/**
*
* Configures an event selector for your trail. Use event selectors to specify whether you want your trail to log
* management and/or data events. When an event occurs in your account, CloudTrail evaluates the event selectors in
* all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If
* the event doesn't match any event selector, the trail doesn't log the event.
*
*
* Example
*
*
* -
*
* You create an event selector for a trail and specify that you want write-only events.
*
*
* -
*
* The EC2 GetConsoleOutput and RunInstances API operations occur in your account.
*
*
* -
*
* CloudTrail evaluates whether the events match your event selectors.
*
*
* -
*
* The RunInstances is a write-only event and it matches your event selector. The trail logs the event.
*
*
* -
*
* The GetConsoleOutput is a read-only event but it doesn't match your event selector. The trail
* doesn't log the event.
*
*
*
*
* The PutEventSelectors operation must be called from the region in which the trail was created;
* otherwise, an InvalidHomeRegionException is thrown.
*
*
* You can configure up to five event selectors for each trail. For more information, see Logging Data and Management Events for Trails in the AWS CloudTrail User Guide.
*
*
* @param putEventSelectorsRequest
* @return Result of the PutEventSelectors operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidHomeRegionException
* This exception is thrown when an operation is called on a trail from a region other than the region in
* which the trail was created.
* @throws InvalidEventSelectorsException
* This exception is thrown when the PutEventSelectors operation is called with an invalid
* number of event selectors, data resources, or an invalid value for a parameter:
*
* -
*
* Specify a valid number of event selectors (1 to 5) for a trail.
*
*
* -
*
* Specify a valid number of data resources (1 to 250) for an event selector.
*
*
* -
*
* Specify a valid value for a parameter. For example, specifying the ReadWriteType parameter
* with a value of read-only is invalid.
*
*
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.PutEventSelectors
* @see AWS
* API Documentation
*/
PutEventSelectorsResult putEventSelectors(PutEventSelectorsRequest putEventSelectorsRequest);
/**
*
* Removes the specified tags from a trail.
*
*
* @param removeTagsRequest
* Specifies the tags to remove from a trail.
* @return Result of the RemoveTags operation returned by the service.
* @throws ResourceNotFoundException
* This exception is thrown when the specified resource is not found.
* @throws CloudTrailARNInvalidException
* This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN
* is:
*
* arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail
* @throws ResourceTypeNotSupportedException
* This exception is thrown when the specified resource type is not supported by CloudTrail.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidTagParameterException
* This exception is thrown when the key or value specified for the tag does not match the regular
* expression ^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.RemoveTags
* @see AWS API
* Documentation
*/
RemoveTagsResult removeTags(RemoveTagsRequest removeTagsRequest);
/**
*
* Starts the recording of AWS API calls and log file delivery for a trail. For a trail that is enabled in all
* regions, this operation must be called from the region in which the trail was created. This operation cannot be
* called on the shadow trails (replicated trails in other regions) of a trail that is enabled in all regions.
*
*
* @param startLoggingRequest
* The request to CloudTrail to start logging AWS API calls for an account.
* @return Result of the StartLogging operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidHomeRegionException
* This exception is thrown when an operation is called on a trail from a region other than the region in
* which the trail was created.
* @sample AWSCloudTrail.StartLogging
* @see AWS API
* Documentation
*/
StartLoggingResult startLogging(StartLoggingRequest startLoggingRequest);
/**
*
* Suspends the recording of AWS API calls and log file delivery for the specified trail. Under most circumstances,
* there is no need to use this action. You can update a trail without stopping it first. This action is the only
* way to stop recording. For a trail enabled in all regions, this operation must be called from the region in which
* the trail was created, or an InvalidHomeRegionException will occur. This operation cannot be called
* on the shadow trails (replicated trails in other regions) of a trail enabled in all regions.
*
*
* @param stopLoggingRequest
* Passes the request to CloudTrail to stop logging AWS API calls for the specified account.
* @return Result of the StopLogging operation returned by the service.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws InvalidHomeRegionException
* This exception is thrown when an operation is called on a trail from a region other than the region in
* which the trail was created.
* @sample AWSCloudTrail.StopLogging
* @see AWS API
* Documentation
*/
StopLoggingResult stopLogging(StopLoggingRequest stopLoggingRequest);
/**
*
* Updates the settings that specify delivery of log files. Changes to a trail do not require stopping the
* CloudTrail service. Use this action to designate an existing bucket for log delivery. If the existing bucket has
* previously been a target for CloudTrail log files, an IAM policy exists for the bucket. UpdateTrail
* must be called from the region in which the trail was created; otherwise, an
* InvalidHomeRegionException is thrown.
*
*
* @param updateTrailRequest
* Specifies settings to update for the trail.
* @return Result of the UpdateTrail operation returned by the service.
* @throws S3BucketDoesNotExistException
* This exception is thrown when the specified S3 bucket does not exist.
* @throws InsufficientS3BucketPolicyException
* This exception is thrown when the policy on the S3 bucket is not sufficient.
* @throws InsufficientSnsTopicPolicyException
* This exception is thrown when the policy on the SNS topic is not sufficient.
* @throws InsufficientEncryptionPolicyException
* This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient.
* @throws TrailNotFoundException
* This exception is thrown when the trail with the given name is not found.
* @throws InvalidS3BucketNameException
* This exception is thrown when the provided S3 bucket name is not valid.
* @throws InvalidS3PrefixException
* This exception is thrown when the provided S3 prefix is not valid.
* @throws InvalidSnsTopicNameException
* This exception is thrown when the provided SNS topic name is not valid.
* @throws InvalidKmsKeyIdException
* This exception is thrown when the KMS key ARN is invalid.
* @throws InvalidTrailNameException
* This exception is thrown when the provided trail name is not valid. Trail names must meet the following
* requirements:
*
* -
*
* Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)
*
*
* -
*
* Start with a letter or number, and end with a letter or number
*
*
* -
*
* Be between 3 and 128 characters
*
*
* -
*
* Have no adjacent periods, underscores or dashes. Names like my-_namespace and
* my--namespace are invalid.
*
*
* -
*
* Not be in IP address format (for example, 192.168.5.4)
*
*
* @throws TrailNotProvidedException
* This exception is deprecated.
* @throws InvalidParameterCombinationException
* This exception is thrown when the combination of parameters provided is not valid.
* @throws InvalidHomeRegionException
* This exception is thrown when an operation is called on a trail from a region other than the region in
* which the trail was created.
* @throws KmsKeyNotFoundException
* This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not
* in the same region.
* @throws KmsKeyDisabledException
* This exception is deprecated.
* @throws KmsException
* This exception is thrown when there is an issue with the specified KMS key and the trail can’t be
* updated.
* @throws InvalidCloudWatchLogsLogGroupArnException
* This exception is thrown when the provided CloudWatch log group is not valid.
* @throws InvalidCloudWatchLogsRoleArnException
* This exception is thrown when the provided role is not valid.
* @throws CloudWatchLogsDeliveryUnavailableException
* Cannot set a CloudWatch Logs delivery for this region.
* @throws UnsupportedOperationException
* This exception is thrown when the requested operation is not supported.
* @throws OperationNotPermittedException
* This exception is thrown when the requested operation is not permitted.
* @sample AWSCloudTrail.UpdateTrail
* @see AWS API
* Documentation
*/
UpdateTrailResult updateTrail(UpdateTrailRequest updateTrailRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}