{-# LANGUAGE OverloadedStrings #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Network.AWS.CloudTrail.Types -- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- module Network.AWS.CloudTrail.Types ( -- * Service Configuration cloudTrail -- * Errors , _InvalidTimeRangeException , _InsufficientS3BucketPolicyException , _MaximumNumberOfTrailsExceededException , _UnsupportedOperationException , _KMSKeyDisabledException , _InsufficientEncryptionPolicyException , _InsufficientSNSTopicPolicyException , _InvalidCloudWatchLogsRoleARNException , _TagsLimitExceededException , _CloudTrailARNInvalidException , _InvalidLookupAttributesException , _InvalidTrailNameException , _InvalidSNSTopicNameException , _ResourceTypeNotSupportedException , _CloudWatchLogsDeliveryUnavailableException , _KMSKeyNotFoundException , _TrailNotFoundException , _InvalidEventSelectorsException , _TrailNotProvidedException , _InvalidS3BucketNameException , _InvalidCloudWatchLogsLogGroupARNException , _KMSException , _S3BucketDoesNotExistException , _InvalidNextTokenException , _InvalidTagParameterException , _OperationNotPermittedException , _InvalidTokenException , _InvalidMaxResultsException , _TrailAlreadyExistsException , _InvalidS3PrefixException , _ResourceNotFoundException , _InvalidParameterCombinationException , _InvalidKMSKeyIdException , _InvalidHomeRegionException -- * LookupAttributeKey , LookupAttributeKey (..) -- * ReadWriteType , ReadWriteType (..) -- * DataResource , DataResource , dataResource , drValues , drType -- * Event , Event , event , eUsername , eResources , eEventTime , eCloudTrailEvent , eEventName , eEventSource , eEventId -- * EventSelector , EventSelector , eventSelector , esDataResources , esReadWriteType , esIncludeManagementEvents -- * LookupAttribute , LookupAttribute , lookupAttribute , laAttributeKey , laAttributeValue -- * PublicKey , PublicKey , publicKey , pkFingerprint , pkValidityEndTime , pkValue , pkValidityStartTime -- * Resource , Resource , resource , rResourceType , rResourceName -- * ResourceTag , ResourceTag , resourceTag , rResourceId , rTagsList -- * Tag , Tag , tag , tagValue , tagKey -- * Trail , Trail , trail , tLogFileValidationEnabled , tTrailARN , tS3KeyPrefix , tSNSTopicARN , tSNSTopicName , tCloudWatchLogsLogGroupARN , tKMSKeyId , tHomeRegion , tName , tIncludeGlobalServiceEvents , tHasCustomEventSelectors , tCloudWatchLogsRoleARN , tS3BucketName , tIsMultiRegionTrail ) where import Network.AWS.CloudTrail.Types.Product import Network.AWS.CloudTrail.Types.Sum import Network.AWS.Lens import Network.AWS.Prelude import Network.AWS.Sign.V4 -- | API version @2013-11-01@ of the Amazon CloudTrail SDK configuration. cloudTrail :: Service cloudTrail = Service { _svcAbbrev = "CloudTrail" , _svcSigner = v4 , _svcPrefix = "cloudtrail" , _svcVersion = "2013-11-01" , _svcEndpoint = defaultEndpoint cloudTrail , _svcTimeout = Just 70 , _svcCheck = statusSuccess , _svcError = parseJSONError "CloudTrail" , _svcRetry = retry } where retry = Exponential { _retryBase = 5.0e-2 , _retryGrowth = 2 , _retryAttempts = 5 , _retryCheck = check } check e | has (hasCode "ThrottledException" . hasStatus 400) e = Just "throttled_exception" | has (hasStatus 429) e = Just "too_many_requests" | has (hasCode "ThrottlingException" . hasStatus 400) e = Just "throttling_exception" | has (hasCode "Throttling" . hasStatus 400) e = Just "throttling" | has (hasStatus 504) e = Just "gateway_timeout" | has (hasCode "RequestThrottledException" . hasStatus 400) e = Just "request_throttled_exception" | has (hasStatus 502) e = Just "bad_gateway" | has (hasStatus 503) e = Just "service_unavailable" | has (hasStatus 500) e = Just "general_server_error" | has (hasStatus 509) e = Just "limit_exceeded" | otherwise = Nothing -- | Occurs if the timestamp values are invalid. Either the start time occurs after the end time or the time range is outside the range of possible values. -- -- _InvalidTimeRangeException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidTimeRangeException = _MatchServiceError cloudTrail "InvalidTimeRangeException" -- | This exception is thrown when the policy on the S3 bucket is not sufficient. -- -- _InsufficientS3BucketPolicyException :: AsError a => Getting (First ServiceError) a ServiceError _InsufficientS3BucketPolicyException = _MatchServiceError cloudTrail "InsufficientS3BucketPolicyException" -- | This exception is thrown when the maximum number of trails is reached. -- -- _MaximumNumberOfTrailsExceededException :: AsError a => Getting (First ServiceError) a ServiceError _MaximumNumberOfTrailsExceededException = _MatchServiceError cloudTrail "MaximumNumberOfTrailsExceededException" -- | This exception is thrown when the requested operation is not supported. -- -- _UnsupportedOperationException :: AsError a => Getting (First ServiceError) a ServiceError _UnsupportedOperationException = _MatchServiceError cloudTrail "UnsupportedOperationException" -- | This exception is deprecated. -- -- _KMSKeyDisabledException :: AsError a => Getting (First ServiceError) a ServiceError _KMSKeyDisabledException = _MatchServiceError cloudTrail "KmsKeyDisabledException" -- | This exception is thrown when the policy on the S3 bucket or KMS key is not sufficient. -- -- _InsufficientEncryptionPolicyException :: AsError a => Getting (First ServiceError) a ServiceError _InsufficientEncryptionPolicyException = _MatchServiceError cloudTrail "InsufficientEncryptionPolicyException" -- | This exception is thrown when the policy on the SNS topic is not sufficient. -- -- _InsufficientSNSTopicPolicyException :: AsError a => Getting (First ServiceError) a ServiceError _InsufficientSNSTopicPolicyException = _MatchServiceError cloudTrail "InsufficientSnsTopicPolicyException" -- | This exception is thrown when the provided role is not valid. -- -- _InvalidCloudWatchLogsRoleARNException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidCloudWatchLogsRoleARNException = _MatchServiceError cloudTrail "InvalidCloudWatchLogsRoleArnException" -- | The number of tags per trail has exceeded the permitted amount. Currently, the limit is 50. -- -- _TagsLimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError _TagsLimitExceededException = _MatchServiceError cloudTrail "TagsLimitExceededException" -- | This exception is thrown when an operation is called with an invalid trail ARN. The format of a trail ARN is: -- -- -- @arn:aws:cloudtrail:us-east-1:123456789012:trail/MyTrail@ -- _CloudTrailARNInvalidException :: AsError a => Getting (First ServiceError) a ServiceError _CloudTrailARNInvalidException = _MatchServiceError cloudTrail "CloudTrailARNInvalidException" -- | Occurs when an invalid lookup attribute is specified. -- -- _InvalidLookupAttributesException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidLookupAttributesException = _MatchServiceError cloudTrail "InvalidLookupAttributesException" -- | This exception is thrown when the provided trail name is not valid. Trail names must meet the following requirements: -- -- -- * Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-) -- -- * Start with a letter or number, and end with a letter or number -- -- * Be between 3 and 128 characters -- -- * Have no adjacent periods, underscores or dashes. Names like @my-_namespace@ and @my--namespace@ are invalid. -- -- * Not be in IP address format (for example, 192.168.5.4) -- -- -- _InvalidTrailNameException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidTrailNameException = _MatchServiceError cloudTrail "InvalidTrailNameException" -- | This exception is thrown when the provided SNS topic name is not valid. -- -- _InvalidSNSTopicNameException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidSNSTopicNameException = _MatchServiceError cloudTrail "InvalidSnsTopicNameException" -- | This exception is thrown when the specified resource type is not supported by CloudTrail. -- -- _ResourceTypeNotSupportedException :: AsError a => Getting (First ServiceError) a ServiceError _ResourceTypeNotSupportedException = _MatchServiceError cloudTrail "ResourceTypeNotSupportedException" -- | Cannot set a CloudWatch Logs delivery for this region. -- -- _CloudWatchLogsDeliveryUnavailableException :: AsError a => Getting (First ServiceError) a ServiceError _CloudWatchLogsDeliveryUnavailableException = _MatchServiceError cloudTrail "CloudWatchLogsDeliveryUnavailableException" -- | This exception is thrown when the KMS key does not exist, or when the S3 bucket and the KMS key are not in the same region. -- -- _KMSKeyNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError _KMSKeyNotFoundException = _MatchServiceError cloudTrail "KmsKeyNotFoundException" -- | This exception is thrown when the trail with the given name is not found. -- -- _TrailNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError _TrailNotFoundException = _MatchServiceError cloudTrail "TrailNotFoundException" -- | This exception is thrown when the @PutEventSelectors@ operation is called with an invalid number of event selectors, data resources, or an invalid value for a parameter: -- -- -- * Specify a valid number of event selectors (1 to 5) for a trail. -- -- * Specify a valid number of data resources (1 to 250) for an event selector. -- -- * Specify a valid value for a parameter. For example, specifying the @ReadWriteType@ parameter with a value of @read-only@ is invalid. -- -- -- _InvalidEventSelectorsException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidEventSelectorsException = _MatchServiceError cloudTrail "InvalidEventSelectorsException" -- | This exception is deprecated. -- -- _TrailNotProvidedException :: AsError a => Getting (First ServiceError) a ServiceError _TrailNotProvidedException = _MatchServiceError cloudTrail "TrailNotProvidedException" -- | This exception is thrown when the provided S3 bucket name is not valid. -- -- _InvalidS3BucketNameException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidS3BucketNameException = _MatchServiceError cloudTrail "InvalidS3BucketNameException" -- | This exception is thrown when the provided CloudWatch log group is not valid. -- -- _InvalidCloudWatchLogsLogGroupARNException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidCloudWatchLogsLogGroupARNException = _MatchServiceError cloudTrail "InvalidCloudWatchLogsLogGroupArnException" -- | This exception is thrown when there is an issue with the specified KMS key and the trail can’t be updated. -- -- _KMSException :: AsError a => Getting (First ServiceError) a ServiceError _KMSException = _MatchServiceError cloudTrail "KmsException" -- | This exception is thrown when the specified S3 bucket does not exist. -- -- _S3BucketDoesNotExistException :: AsError a => Getting (First ServiceError) a ServiceError _S3BucketDoesNotExistException = _MatchServiceError cloudTrail "S3BucketDoesNotExistException" -- | Invalid token or token that was previously used in a request with different parameters. This exception is thrown if the token is invalid. -- -- _InvalidNextTokenException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidNextTokenException = _MatchServiceError cloudTrail "InvalidNextTokenException" -- | This exception is thrown when the key or value specified for the tag does not match the regular expression @^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$@ . -- -- _InvalidTagParameterException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidTagParameterException = _MatchServiceError cloudTrail "InvalidTagParameterException" -- | This exception is thrown when the requested operation is not permitted. -- -- _OperationNotPermittedException :: AsError a => Getting (First ServiceError) a ServiceError _OperationNotPermittedException = _MatchServiceError cloudTrail "OperationNotPermittedException" -- | Reserved for future use. -- -- _InvalidTokenException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidTokenException = _MatchServiceError cloudTrail "InvalidTokenException" -- | This exception is thrown if the limit specified is invalid. -- -- _InvalidMaxResultsException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidMaxResultsException = _MatchServiceError cloudTrail "InvalidMaxResultsException" -- | This exception is thrown when the specified trail already exists. -- -- _TrailAlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError _TrailAlreadyExistsException = _MatchServiceError cloudTrail "TrailAlreadyExistsException" -- | This exception is thrown when the provided S3 prefix is not valid. -- -- _InvalidS3PrefixException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidS3PrefixException = _MatchServiceError cloudTrail "InvalidS3PrefixException" -- | This exception is thrown when the specified resource is not found. -- -- _ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError _ResourceNotFoundException = _MatchServiceError cloudTrail "ResourceNotFoundException" -- | This exception is thrown when the combination of parameters provided is not valid. -- -- _InvalidParameterCombinationException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidParameterCombinationException = _MatchServiceError cloudTrail "InvalidParameterCombinationException" -- | This exception is thrown when the KMS key ARN is invalid. -- -- _InvalidKMSKeyIdException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidKMSKeyIdException = _MatchServiceError cloudTrail "InvalidKmsKeyIdException" -- | This exception is thrown when an operation is called on a trail from a region other than the region in which the trail was created. -- -- _InvalidHomeRegionException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidHomeRegionException = _MatchServiceError cloudTrail "InvalidHomeRegionException"