feat(client-securitylake): This release updates request validation re…

…gex for resource ARNs.

clients/client-securitylake/README.md

@@ -26,11 +26,11 @@ information collected by CloudTrail you can determine the request that was made
 Security Lake, the IP address from which the request was made, who made the request, when it
 was made, and additional details. To learn more about Security Lake information in CloudTrail, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/securitylake-cloudtrail.html">Amazon Security Lake User Guide</a>.</p>
 <p>Security Lake automates the collection of security-related log and event data from
-integrated Amazon Web Services and third-party services. It also helps you manage
+integrated Amazon Web Services services and third-party services. It also helps you manage
 the lifecycle of data with customizable retention and replication settings. Security Lake
 converts ingested data into Apache Parquet format and a standard open-source schema called
 the Open Cybersecurity Schema Framework (OCSF).</p>
-<p>Other Amazon Web Services and third-party services can subscribe to the data that's stored in Security Lake for
+<p>Other Amazon Web Services services and third-party services can subscribe to the data that's stored in Security Lake for
 incident response and security data analytics.</p>
 
 ## Installing

clients/client-securitylake/src/SecurityLake.ts

@@ -711,11 +711,11 @@ export interface SecurityLake {
  *          Security Lake, the IP address from which the request was made, who made the request, when it
  *          was made, and additional details. To learn more about Security Lake information in CloudTrail, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/securitylake-cloudtrail.html">Amazon Security Lake User Guide</a>.</p>
  *          <p>Security Lake automates the collection of security-related log and event data from
- *          integrated Amazon Web Services and third-party services. It also helps you manage
+ *          integrated Amazon Web Services services and third-party services. It also helps you manage
  *          the lifecycle of data with customizable retention and replication settings. Security Lake
  *          converts ingested data into Apache Parquet format and a standard open-source schema called
  *          the Open Cybersecurity Schema Framework (OCSF).</p>
- *          <p>Other Amazon Web Services and third-party services can subscribe to the data that's stored in Security Lake for
+ *          <p>Other Amazon Web Services services and third-party services can subscribe to the data that's stored in Security Lake for
  *          incident response and security data analytics.</p>
  * @public
  */

clients/client-securitylake/src/SecurityLakeClient.ts

@@ -407,11 +407,11 @@ export interface SecurityLakeClientResolvedConfig extends SecurityLakeClientReso
  *          Security Lake, the IP address from which the request was made, who made the request, when it
  *          was made, and additional details. To learn more about Security Lake information in CloudTrail, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/securitylake-cloudtrail.html">Amazon Security Lake User Guide</a>.</p>
  *          <p>Security Lake automates the collection of security-related log and event data from
- *          integrated Amazon Web Services and third-party services. It also helps you manage
+ *          integrated Amazon Web Services services and third-party services. It also helps you manage
  *          the lifecycle of data with customizable retention and replication settings. Security Lake
  *          converts ingested data into Apache Parquet format and a standard open-source schema called
  *          the Open Cybersecurity Schema Framework (OCSF).</p>
- *          <p>Other Amazon Web Services and third-party services can subscribe to the data that's stored in Security Lake for
+ *          <p>Other Amazon Web Services services and third-party services can subscribe to the data that's stored in Security Lake for
  *          incident response and security data analytics.</p>
  * @public
  */

clients/client-securitylake/src/commands/CreateAwsLogSourceCommand.ts

@@ -28,11 +28,11 @@ export interface CreateAwsLogSourceCommandInput extends CreateAwsLogSourceReques
 export interface CreateAwsLogSourceCommandOutput extends CreateAwsLogSourceResponse, __MetadataBearer {}
 
 /**
- * <p>Adds a natively supported Amazon Web Service as an Amazon Security Lake source. Enables
+ * <p>Adds a natively supported Amazon Web Services service as an Amazon Security Lake source. Enables
  *          source types for member accounts in required Amazon Web Services Regions, based on the
  *          parameters you specify. You can choose any source type in any Region for either accounts
- *          that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Service as a source, Security Lake starts collecting logs and events from it.</p>
- *          <p>You can use this API only to enable natively supported Amazon Web Services as a
+ *          that are part of a trusted organization or standalone accounts. Once you add an Amazon Web Services service as a source, Security Lake starts collecting logs and events from it.</p>
+ *          <p>You can use this API only to enable natively supported Amazon Web Services services as a
  *          source. Use <code>CreateCustomLogSource</code> to enable data collection from a custom
  *          source.</p>
  * @example

clients/client-securitylake/src/commands/CreateDataLakeCommand.ts

@@ -37,7 +37,7 @@ export interface CreateDataLakeCommandOutput extends CreateDataLakeResponse, __M
  *          call this API, it will set up the data lake in the Region with the specified
  *          configurations.</p>
  *          <p>When you enable Security Lake, it starts ingesting security data after the
- *             <code>CreateAwsLogSource</code> call. This includes ingesting security data from
+ *             <code>CreateAwsLogSource</code> call and after you create subscribers using the <code>CreateSubscriber</code> API. This includes ingesting security data from
  *          sources, storing data, and making data accessible to subscribers. Security Lake also enables
  *          all the existing settings and resources that it stores or maintains for your Amazon Web Services account in the current Region, including security log and event data. For
  *          more information, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html">Amazon Security Lake User

clients/client-securitylake/src/commands/CreateDataLakeExceptionSubscriptionCommand.ts

@@ -37,7 +37,7 @@ export interface CreateDataLakeExceptionSubscriptionCommandOutput
 
 /**
  * <p>Creates the specified notification subscription in Amazon Security Lake for the organization
- *          you specify.</p>
+ *          you specify. The notification subscription is created for exceptions that cannot be resolved by Security Lake automatically.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-securitylake/src/commands/CreateSubscriberCommand.ts

@@ -28,8 +28,8 @@ export interface CreateSubscriberCommandInput extends CreateSubscriberRequest {}
 export interface CreateSubscriberCommandOutput extends CreateSubscriberResponse, __MetadataBearer {}
 
 /**
- * <p>Creates a subscription permission for accounts that are already enabled in
- *          Amazon Security Lake. You can create a subscriber with access to data in the current Amazon Web Services Region.</p>
+ * <p>Creates a subscriber for accounts that are already enabled in Amazon Security Lake. You can
+ *          create a subscriber with access to data in the current Amazon Web Services Region.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-securitylake/src/commands/DeleteAwsLogSourceCommand.ts

@@ -28,7 +28,7 @@ export interface DeleteAwsLogSourceCommandInput extends DeleteAwsLogSourceReques
 export interface DeleteAwsLogSourceCommandOutput extends DeleteAwsLogSourceResponse, __MetadataBearer {}
 
 /**
- * <p>Removes a natively supported Amazon Web Service as an Amazon Security Lake source. You
+ * <p>Removes a natively supported Amazon Web Services service as an Amazon Security Lake source. You
  *          can remove a source for one or more Regions. When you remove the source, Security Lake stops
  *          collecting data from that source in the specified Regions and accounts, and subscribers can
  *          no longer consume new data from the source. However, subscribers can still consume data

clients/client-securitylake/src/commands/DeleteSubscriberNotificationCommand.ts

@@ -33,7 +33,7 @@ export interface DeleteSubscriberNotificationCommandOutput
     __MetadataBearer {}
 
 /**
- * <p>Deletes the specified notification subscription in Amazon Security Lake for the organization
+ * <p>Deletes the specified subscription notification in Amazon Security Lake for the organization
  *          you specify.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

clients/client-securitylake/src/commands/GetDataLakeExceptionSubscriptionCommand.ts

@@ -33,7 +33,7 @@ export interface GetDataLakeExceptionSubscriptionCommandOutput
     __MetadataBearer {}
 
 /**
- * <p>Retrieves the details of exception notifications for the account in Amazon Security Lake.</p>
+ * <p>Retrieves the protocol and endpoint that were provided when subscribing to Amazon SNS topics for exception notifications.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-securitylake/src/commands/ListLogSourcesCommand.ts

@@ -28,7 +28,7 @@ export interface ListLogSourcesCommandInput extends ListLogSourcesRequest {}
 export interface ListLogSourcesCommandOutput extends ListLogSourcesResponse, __MetadataBearer {}
 
 /**
- * <p>Retrieves the log sources in the current Amazon Web Services Region.</p>
+ * <p>Retrieves the log sources.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-securitylake/src/commands/ListSubscribersCommand.ts

@@ -28,7 +28,7 @@ export interface ListSubscribersCommandInput extends ListSubscribersRequest {}
 export interface ListSubscribersCommandOutput extends ListSubscribersResponse, __MetadataBearer {}
 
 /**
- * <p>List all subscribers for the specific Amazon Security Lake account ID. You can retrieve a list
+ * <p>Lists all subscribers for the specific Amazon Security Lake account ID. You can retrieve a list
  *          of subscriptions associated with a specific organization or Amazon Web Services account.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

clients/client-securitylake/src/commands/UpdateDataLakeCommand.ts

@@ -28,8 +28,17 @@ export interface UpdateDataLakeCommandInput extends UpdateDataLakeRequest {}
 export interface UpdateDataLakeCommandOutput extends UpdateDataLakeResponse, __MetadataBearer {}
 
 /**
- * <p>Specifies where to store your security data and for how long. You can add a rollup
- *          Region to consolidate data from multiple Amazon Web Services Regions.</p>
+ * <p>You can use <code>UpdateDataLake</code> to specify where to store your security data, how it should
+ *          be encrypted at rest and for how long. You can add a <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/manage-regions.html#add-rollup-region">Rollup
+ *             Region</a> to consolidate data from multiple Amazon Web Services Regions, replace
+ *          default encryption (SSE-S3) with <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">Customer Manged Key</a>,
+ *          or specify transition and expiration actions through storage <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/lifecycle-management.html">Lifecycle management</a>. The <code>UpdateDataLake</code> API works as an "upsert" operation that performs an insert if the specified item or record does not exist, or an update if it
+ *          already exists. Security Lake securely stores your data at rest using Amazon Web Services encryption solutions. For more details, see <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/data-protection.html">Data protection in Amazon Security Lake</a>.</p>
+ *          <p>For example, omitting the key <code>encryptionConfiguration</code> from a Region that is
+ *          included in an update call that currently uses KMS will leave that Region's KMS key in
+ *          place, but specifying <code>encryptionConfiguration: \{kmsKeyId: 'S3_MANAGED_KEY'\}</code>
+ *          for that same Region will reset the key to <code>S3-managed</code>.</p>
+ *          <p>For more details about lifecycle management and how to update retention settings for one or more Regions after enabling Security Lake, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/lifecycle-management.html">Amazon Security Lake User Guide</a>. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-securitylake/src/index.ts

@@ -21,11 +21,11 @@
  *          Security Lake, the IP address from which the request was made, who made the request, when it
  *          was made, and additional details. To learn more about Security Lake information in CloudTrail, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/securitylake-cloudtrail.html">Amazon Security Lake User Guide</a>.</p>
  *          <p>Security Lake automates the collection of security-related log and event data from
- *          integrated Amazon Web Services and third-party services. It also helps you manage
+ *          integrated Amazon Web Services services and third-party services. It also helps you manage
  *          the lifecycle of data with customizable retention and replication settings. Security Lake
  *          converts ingested data into Apache Parquet format and a standard open-source schema called
  *          the Open Cybersecurity Schema Framework (OCSF).</p>
- *          <p>Other Amazon Web Services and third-party services can subscribe to the data that's stored in Security Lake for
+ *          <p>Other Amazon Web Services services and third-party services can subscribe to the data that's stored in Security Lake for
  *          incident response and security data analytics.</p>
  *
  * @packageDocumentation