aws-sdk-accessanalyzer 1.2.1 → 1.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 5927aa469e006d4205a830113b955f7e5ff0d201
-  data.tar.gz: e2bb004a39efc312d007ebb56d5b67e8c12f3547
+SHA256:
+  metadata.gz: 6cf4c37809cf6741764448f843497b117b091c104322ae9d46354de63c433d56
+  data.tar.gz: 4d19d4d0080ed30088d36d5f3e00be0fefd900155af7df95919cd74838b06dfd
 SHA512:
-  metadata.gz: d1f736df4006d89f48c282bb1979d8b1c7f93332d190c3146c460a3bdce88ea3d85f05f4edf29555ec247ff6499dd17c29e5b37934c59f7dcac905e90e588861
-  data.tar.gz: a9ce5b71d1188c9d344507fba2839cbe3e27bf3a0a8ccfc4b310fce6db5ebab56e64f28e7d2cdb219e38ef885fcc19b3e3fc137b2d17ceeda8d813dff4c44306
+  metadata.gz: cac2f4472808d03c57c439f584ecbfc847e4a5684e27b692d28fcf4432969803e1e58a2a28dbdfc64741b165771c4e0d5b35fb7d5693c5849e421e87cb00c4ec
+  data.tar.gz: d10389babebabebecadc3647a38e86f827ab29d9f2459b27e35ff4c5504423b05d4dd0da5b4f9d6f71afa8354ee49d01806ff9e3c02d4713b8c42b8d74a2b465

data/lib/aws-sdk-accessanalyzer.rb

@@ -24,17 +24,20 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     access_analyzer = Aws::AccessAnalyzer::Client.new
+#     resp = access_analyzer.create_analyzer(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from Access Analyzer all
-# extend {Errors::ServiceError}.
+# Errors returned from Access Analyzer are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::AccessAnalyzer::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all Access Analyzer API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
 # @service
 module Aws::AccessAnalyzer
 
-  GEM_VERSION = '1.2.1'
+  GEM_VERSION = '1.7.0'
 
 end

data/lib/aws-sdk-accessanalyzer/client.rb

@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
 Aws::Plugins::GlobalConfiguration.add_identifier(:accessanalyzer)
 
 module Aws::AccessAnalyzer
+  # An API client for AccessAnalyzer.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::AccessAnalyzer::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -93,7 +105,7 @@ module Aws::AccessAnalyzer
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +120,12 @@ module Aws::AccessAnalyzer
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +150,10 @@ module Aws::AccessAnalyzer
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +161,7 @@ module Aws::AccessAnalyzer
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +176,7 @@ module Aws::AccessAnalyzer
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +188,29 @@ module Aws::AccessAnalyzer
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +218,30 @@ module Aws::AccessAnalyzer
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -209,16 +264,15 @@ module Aws::AccessAnalyzer
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -227,7 +281,7 @@ module Aws::AccessAnalyzer
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -302,7 +356,7 @@ module Aws::AccessAnalyzer
     #     tags: {
     #       "String" => "String",
     #     },
-    #     type: "ACCOUNT", # required, accepts ACCOUNT
+    #     type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION
     #   })
     #
     # @example Response structure
@@ -458,6 +512,7 @@ module Aws::AccessAnalyzer
     #   resp.resource.error #=> String
     #   resp.resource.is_public #=> Boolean
     #   resp.resource.resource_arn #=> String
+    #   resp.resource.resource_owner_account #=> String
     #   resp.resource.resource_type #=> String, one of "AWS::IAM::Role", "AWS::KMS::Key", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::S3::Bucket", "AWS::SQS::Queue"
     #   resp.resource.shared_via #=> Array
     #   resp.resource.shared_via[0] #=> String
@@ -495,9 +550,11 @@ module Aws::AccessAnalyzer
     #   resp.analyzer.last_resource_analyzed #=> String
     #   resp.analyzer.last_resource_analyzed_at #=> Time
     #   resp.analyzer.name #=> String
+    #   resp.analyzer.status #=> String, one of "ACTIVE", "CREATING", "DISABLED", "FAILED"
+    #   resp.analyzer.status_reason.code #=> String, one of "AWS_SERVICE_ACCESS_DISABLED", "DELEGATED_ADMINISTRATOR_DEREGISTERED", "ORGANIZATION_DELETED", "SERVICE_LINKED_ROLE_CREATION_FAILED"
     #   resp.analyzer.tags #=> Hash
     #   resp.analyzer.tags["String"] #=> String
-    #   resp.analyzer.type #=> String, one of "ACCOUNT"
+    #   resp.analyzer.type #=> String, one of "ACCOUNT", "ORGANIZATION"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzer AWS API Documentation
     #
@@ -583,7 +640,11 @@ module Aws::AccessAnalyzer
     #   resp.finding.principal #=> Hash
     #   resp.finding.principal["String"] #=> String
     #   resp.finding.resource #=> String
+    #   resp.finding.resource_owner_account #=> String
     #   resp.finding.resource_type #=> String, one of "AWS::IAM::Role", "AWS::KMS::Key", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::S3::Bucket", "AWS::SQS::Queue"
+    #   resp.finding.sources #=> Array
+    #   resp.finding.sources[0].detail.access_point_arn #=> String
+    #   resp.finding.sources[0].type #=> String, one of "BUCKET_ACL", "POLICY", "S3_ACCESS_POINT"
     #   resp.finding.status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
     #   resp.finding.updated_at #=> Time
     #
@@ -616,6 +677,8 @@ module Aws::AccessAnalyzer
     #   * {Types::ListAnalyzedResourcesResponse#analyzed_resources #analyzed_resources} => Array&lt;Types::AnalyzedResourceSummary&gt;
     #   * {Types::ListAnalyzedResourcesResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_analyzed_resources({
@@ -629,6 +692,7 @@ module Aws::AccessAnalyzer
     #
     #   resp.analyzed_resources #=> Array
     #   resp.analyzed_resources[0].resource_arn #=> String
+    #   resp.analyzed_resources[0].resource_owner_account #=> String
     #   resp.analyzed_resources[0].resource_type #=> String, one of "AWS::IAM::Role", "AWS::KMS::Key", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::S3::Bucket", "AWS::SQS::Queue"
     #   resp.next_token #=> String
     #
@@ -657,12 +721,14 @@ module Aws::AccessAnalyzer
     #   * {Types::ListAnalyzersResponse#analyzers #analyzers} => Array&lt;Types::AnalyzerSummary&gt;
     #   * {Types::ListAnalyzersResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_analyzers({
     #     max_results: 1,
     #     next_token: "Token",
-    #     type: "ACCOUNT", # accepts ACCOUNT
+    #     type: "ACCOUNT", # accepts ACCOUNT, ORGANIZATION
     #   })
     #
     # @example Response structure
@@ -673,9 +739,11 @@ module Aws::AccessAnalyzer
     #   resp.analyzers[0].last_resource_analyzed #=> String
     #   resp.analyzers[0].last_resource_analyzed_at #=> Time
     #   resp.analyzers[0].name #=> String
+    #   resp.analyzers[0].status #=> String, one of "ACTIVE", "CREATING", "DISABLED", "FAILED"
+    #   resp.analyzers[0].status_reason.code #=> String, one of "AWS_SERVICE_ACCESS_DISABLED", "DELEGATED_ADMINISTRATOR_DEREGISTERED", "ORGANIZATION_DELETED", "SERVICE_LINKED_ROLE_CREATION_FAILED"
     #   resp.analyzers[0].tags #=> Hash
     #   resp.analyzers[0].tags["String"] #=> String
-    #   resp.analyzers[0].type #=> String, one of "ACCOUNT"
+    #   resp.analyzers[0].type #=> String, one of "ACCOUNT", "ORGANIZATION"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzers AWS API Documentation
@@ -703,6 +771,8 @@ module Aws::AccessAnalyzer
     #   * {Types::ListArchiveRulesResponse#archive_rules #archive_rules} => Array&lt;Types::ArchiveRuleSummary&gt;
     #   * {Types::ListArchiveRulesResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_archive_rules({
@@ -758,6 +828,8 @@ module Aws::AccessAnalyzer
     #   * {Types::ListFindingsResponse#findings #findings} => Array&lt;Types::FindingSummary&gt;
     #   * {Types::ListFindingsResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_findings({
@@ -793,7 +865,11 @@ module Aws::AccessAnalyzer
     #   resp.findings[0].principal #=> Hash
     #   resp.findings[0].principal["String"] #=> String
     #   resp.findings[0].resource #=> String
+    #   resp.findings[0].resource_owner_account #=> String
     #   resp.findings[0].resource_type #=> String, one of "AWS::IAM::Role", "AWS::KMS::Key", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::S3::Bucket", "AWS::SQS::Queue"
+    #   resp.findings[0].sources #=> Array
+    #   resp.findings[0].sources[0].detail.access_point_arn #=> String
+    #   resp.findings[0].sources[0].type #=> String, one of "BUCKET_ACL", "POLICY", "S3_ACCESS_POINT"
     #   resp.findings[0].status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
     #   resp.findings[0].updated_at #=> Time
     #   resp.next_token #=> String
@@ -1019,7 +1095,7 @@ module Aws::AccessAnalyzer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-accessanalyzer'
-      context[:gem_version] = '1.2.1'
+      context[:gem_version] = '1.7.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-accessanalyzer/client_api.rb

@@ -17,6 +17,7 @@ module Aws::AccessAnalyzer
     AnalyzedResourceSummary = Shapes::StructureShape.new(name: 'AnalyzedResourceSummary')
     AnalyzedResourcesList = Shapes::ListShape.new(name: 'AnalyzedResourcesList')
     AnalyzerArn = Shapes::StringShape.new(name: 'AnalyzerArn')
+    AnalyzerStatus = Shapes::StringShape.new(name: 'AnalyzerStatus')
     AnalyzerSummary = Shapes::StructureShape.new(name: 'AnalyzerSummary')
     AnalyzersList = Shapes::ListShape.new(name: 'AnalyzersList')
     ArchiveRuleSummary = Shapes::StructureShape.new(name: 'ArchiveRuleSummary')
@@ -34,6 +35,10 @@ module Aws::AccessAnalyzer
     Finding = Shapes::StructureShape.new(name: 'Finding')
     FindingId = Shapes::StringShape.new(name: 'FindingId')
     FindingIdList = Shapes::ListShape.new(name: 'FindingIdList')
+    FindingSource = Shapes::StructureShape.new(name: 'FindingSource')
+    FindingSourceDetail = Shapes::StructureShape.new(name: 'FindingSourceDetail')
+    FindingSourceList = Shapes::ListShape.new(name: 'FindingSourceList')
+    FindingSourceType = Shapes::StringShape.new(name: 'FindingSourceType')
     FindingStatus = Shapes::StringShape.new(name: 'FindingStatus')
     FindingStatusUpdate = Shapes::StringShape.new(name: 'FindingStatusUpdate')
     FindingSummary = Shapes::StructureShape.new(name: 'FindingSummary')
@@ -63,6 +68,7 @@ module Aws::AccessAnalyzer
     Name = Shapes::StringShape.new(name: 'Name')
     OrderBy = Shapes::StringShape.new(name: 'OrderBy')
     PrincipalMap = Shapes::MapShape.new(name: 'PrincipalMap')
+    ReasonCode = Shapes::StringShape.new(name: 'ReasonCode')
     ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     ResourceType = Shapes::StringShape.new(name: 'ResourceType')
@@ -70,6 +76,7 @@ module Aws::AccessAnalyzer
     SharedViaList = Shapes::ListShape.new(name: 'SharedViaList')
     SortCriteria = Shapes::StructureShape.new(name: 'SortCriteria')
     StartResourceScanRequest = Shapes::StructureShape.new(name: 'StartResourceScanRequest')
+    StatusReason = Shapes::StructureShape.new(name: 'StatusReason')
     String = Shapes::StringShape.new(name: 'String')
     TagKeys = Shapes::ListShape.new(name: 'TagKeys')
     TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
@@ -100,6 +107,7 @@ module Aws::AccessAnalyzer
     AnalyzedResource.add_member(:error, Shapes::ShapeRef.new(shape: String, location_name: "error"))
     AnalyzedResource.add_member(:is_public, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "isPublic"))
     AnalyzedResource.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "resourceArn"))
+    AnalyzedResource.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
     AnalyzedResource.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
     AnalyzedResource.add_member(:shared_via, Shapes::ShapeRef.new(shape: SharedViaList, location_name: "sharedVia"))
     AnalyzedResource.add_member(:status, Shapes::ShapeRef.new(shape: FindingStatus, location_name: "status"))
@@ -107,6 +115,7 @@ module Aws::AccessAnalyzer
     AnalyzedResource.struct_class = Types::AnalyzedResource
 
     AnalyzedResourceSummary.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "resourceArn"))
+    AnalyzedResourceSummary.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
     AnalyzedResourceSummary.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
     AnalyzedResourceSummary.struct_class = Types::AnalyzedResourceSummary
 
@@ -117,6 +126,8 @@ module Aws::AccessAnalyzer
     AnalyzerSummary.add_member(:last_resource_analyzed, Shapes::ShapeRef.new(shape: String, location_name: "lastResourceAnalyzed"))
     AnalyzerSummary.add_member(:last_resource_analyzed_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastResourceAnalyzedAt"))
     AnalyzerSummary.add_member(:name, Shapes::ShapeRef.new(shape: Name, required: true, location_name: "name"))
+    AnalyzerSummary.add_member(:status, Shapes::ShapeRef.new(shape: AnalyzerStatus, required: true, location_name: "status"))
+    AnalyzerSummary.add_member(:status_reason, Shapes::ShapeRef.new(shape: StatusReason, location_name: "statusReason"))
     AnalyzerSummary.add_member(:tags, Shapes::ShapeRef.new(shape: TagsMap, location_name: "tags"))
     AnalyzerSummary.add_member(:type, Shapes::ShapeRef.new(shape: Type, required: true, location_name: "type"))
     AnalyzerSummary.struct_class = Types::AnalyzerSummary
@@ -182,13 +193,24 @@ module Aws::AccessAnalyzer
     Finding.add_member(:is_public, Shapes::ShapeRef.new(shape: Boolean, location_name: "isPublic"))
     Finding.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalMap, location_name: "principal"))
     Finding.add_member(:resource, Shapes::ShapeRef.new(shape: String, location_name: "resource"))
+    Finding.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
     Finding.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
+    Finding.add_member(:sources, Shapes::ShapeRef.new(shape: FindingSourceList, location_name: "sources"))
     Finding.add_member(:status, Shapes::ShapeRef.new(shape: FindingStatus, required: true, location_name: "status"))
     Finding.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "updatedAt"))
     Finding.struct_class = Types::Finding
 
     FindingIdList.member = Shapes::ShapeRef.new(shape: FindingId)
 
+    FindingSource.add_member(:detail, Shapes::ShapeRef.new(shape: FindingSourceDetail, location_name: "detail"))
+    FindingSource.add_member(:type, Shapes::ShapeRef.new(shape: FindingSourceType, required: true, location_name: "type"))
+    FindingSource.struct_class = Types::FindingSource
+
+    FindingSourceDetail.add_member(:access_point_arn, Shapes::ShapeRef.new(shape: String, location_name: "accessPointArn"))
+    FindingSourceDetail.struct_class = Types::FindingSourceDetail
+
+    FindingSourceList.member = Shapes::ShapeRef.new(shape: FindingSource)
+
     FindingSummary.add_member(:action, Shapes::ShapeRef.new(shape: ActionList, location_name: "action"))
     FindingSummary.add_member(:analyzed_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "analyzedAt"))
     FindingSummary.add_member(:condition, Shapes::ShapeRef.new(shape: ConditionKeyMap, required: true, location_name: "condition"))
@@ -198,7 +220,9 @@ module Aws::AccessAnalyzer
     FindingSummary.add_member(:is_public, Shapes::ShapeRef.new(shape: Boolean, location_name: "isPublic"))
     FindingSummary.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalMap, location_name: "principal"))
     FindingSummary.add_member(:resource, Shapes::ShapeRef.new(shape: String, location_name: "resource"))
+    FindingSummary.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
     FindingSummary.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
+    FindingSummary.add_member(:sources, Shapes::ShapeRef.new(shape: FindingSourceList, location_name: "sources"))
     FindingSummary.add_member(:status, Shapes::ShapeRef.new(shape: FindingStatus, required: true, location_name: "status"))
     FindingSummary.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "updatedAt"))
     FindingSummary.struct_class = Types::FindingSummary
@@ -310,6 +334,9 @@ module Aws::AccessAnalyzer
     StartResourceScanRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "resourceArn"))
     StartResourceScanRequest.struct_class = Types::StartResourceScanRequest
 
+    StatusReason.add_member(:code, Shapes::ShapeRef.new(shape: ReasonCode, required: true, location_name: "code"))
+    StatusReason.struct_class = Types::StatusReason
+
     TagKeys.member = Shapes::ShapeRef.new(shape: String)
 
     TagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "resourceArn"))

data/lib/aws-sdk-accessanalyzer/errors.rb

@@ -6,6 +6,35 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::AccessAnalyzer
+
+  # When AccessAnalyzer returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::AccessAnalyzer::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all AccessAnalyzer errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::AccessAnalyzer::Errors::ServiceError
+  #       # rescues all AccessAnalyzer API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {AccessDeniedException}
+  # * {ConflictException}
+  # * {InternalServerException}
+  # * {ResourceNotFoundException}
+  # * {ServiceQuotaExceededException}
+  # * {ThrottlingException}
+  # * {ValidationException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
   module Errors
 
     extend Aws::Errors::DynamicErrors
@@ -23,7 +52,6 @@ module Aws::AccessAnalyzer
       def message
         @message || @data[:message]
       end
-
     end
 
     class ConflictException < ServiceError
@@ -49,7 +77,6 @@ module Aws::AccessAnalyzer
       def resource_type
         @data[:resource_type]
       end
-
     end
 
     class InternalServerException < ServiceError
@@ -70,7 +97,6 @@ module Aws::AccessAnalyzer
       def retry_after_seconds
         @data[:retry_after_seconds]
       end
-
     end
 
     class ResourceNotFoundException < ServiceError
@@ -96,7 +122,6 @@ module Aws::AccessAnalyzer
       def resource_type
         @data[:resource_type]
       end
-
     end
 
     class ServiceQuotaExceededException < ServiceError
@@ -122,7 +147,6 @@ module Aws::AccessAnalyzer
       def resource_type
         @data[:resource_type]
       end
-
     end
 
     class ThrottlingException < ServiceError
@@ -143,7 +167,6 @@ module Aws::AccessAnalyzer
       def retry_after_seconds
         @data[:retry_after_seconds]
       end
-
     end
 
     class ValidationException < ServiceError
@@ -169,7 +192,6 @@ module Aws::AccessAnalyzer
       def reason
         @data[:reason]
       end
-
     end
 
   end

data/lib/aws-sdk-accessanalyzer/resource.rb

@@ -6,6 +6,7 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::AccessAnalyzer
+
   class Resource
 
     # @param options ({})

data/lib/aws-sdk-accessanalyzer/types.rb

@@ -48,12 +48,17 @@ module Aws::AccessAnalyzer
     #   The ARN of the resource that was analyzed.
     #   @return [String]
     #
+    # @!attribute [rw] resource_owner_account
+    #   The AWS account ID that owns the resource.
+    #   @return [String]
+    #
     # @!attribute [rw] resource_type
     #   The type of the resource that was analyzed.
     #   @return [String]
     #
     # @!attribute [rw] shared_via
-    #   Indicates how the access that generated the finding is granted.
+    #   Indicates how the access that generated the finding is granted. This
+    #   is populated for Amazon S3 bucket findings.
     #   @return [Array<String>]
     #
     # @!attribute [rw] status
@@ -74,6 +79,7 @@ module Aws::AccessAnalyzer
       :error,
       :is_public,
       :resource_arn,
+      :resource_owner_account,
       :resource_type,
       :shared_via,
       :status,
@@ -87,6 +93,10 @@ module Aws::AccessAnalyzer
     #   The ARN of the analyzed resource.
     #   @return [String]
     #
+    # @!attribute [rw] resource_owner_account
+    #   The AWS account ID that owns the resource.
+    #   @return [String]
+    #
     # @!attribute [rw] resource_type
     #   The type of resource that was analyzed.
     #   @return [String]
@@ -95,6 +105,7 @@ module Aws::AccessAnalyzer
     #
     class AnalyzedResourceSummary < Struct.new(
       :resource_arn,
+      :resource_owner_account,
       :resource_type)
       include Aws::Structure
     end
@@ -121,6 +132,25 @@ module Aws::AccessAnalyzer
     #   The name of the analyzer.
     #   @return [String]
     #
+    # @!attribute [rw] status
+    #   The status of the analyzer. An `Active` analyzer successfully
+    #   monitors supported resources and generates new findings. The
+    #   analyzer is `Disabled` when a user action, such as removing trusted
+    #   access for IAM Access Analyzer from AWS Organizations, causes the
+    #   analyzer to stop generating new findings. The status is `Creating`
+    #   when the analyzer creation is in progress and `Failed` when the
+    #   analyzer creation has failed.
+    #   @return [String]
+    #
+    # @!attribute [rw] status_reason
+    #   The `statusReason` provides more details about the current status of
+    #   the analyzer. For example, if the creation for the analyzer fails, a
+    #   `Failed` status is displayed. For an analyzer with organization as
+    #   the type, this failure can be due to an issue with creating the
+    #   service-linked roles required in the member accounts of the AWS
+    #   organization.
+    #   @return [Types::StatusReason]
+    #
     # @!attribute [rw] tags
     #   The tags added to the analyzer.
     #   @return [Hash<String,String>]
@@ -138,6 +168,8 @@ module Aws::AccessAnalyzer
       :last_resource_analyzed,
       :last_resource_analyzed_at,
       :name,
+      :status,
+      :status_reason,
       :tags,
       :type)
       include Aws::Structure
@@ -217,7 +249,7 @@ module Aws::AccessAnalyzer
     #         tags: {
     #           "String" => "String",
     #         },
-    #         type: "ACCOUNT", # required, accepts ACCOUNT
+    #         type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION
     #       }
     #
     # @!attribute [rw] analyzer_name
@@ -467,10 +499,20 @@ module Aws::AccessAnalyzer
     #   The resource that an external principal has access to.
     #   @return [String]
     #
+    # @!attribute [rw] resource_owner_account
+    #   The AWS account ID that owns the resource.
+    #   @return [String]
+    #
     # @!attribute [rw] resource_type
     #   The type of the resource reported in the finding.
     #   @return [String]
     #
+    # @!attribute [rw] sources
+    #   The sources of the finding. This indicates how the access that
+    #   generated the finding is granted. It is populated for Amazon S3
+    #   bucket findings.
+    #   @return [Array<Types::FindingSource>]
+    #
     # @!attribute [rw] status
     #   The current status of the finding.
     #   @return [String]
@@ -491,12 +533,49 @@ module Aws::AccessAnalyzer
       :is_public,
       :principal,
       :resource,
+      :resource_owner_account,
       :resource_type,
+      :sources,
       :status,
       :updated_at)
       include Aws::Structure
     end
 
+    # The source of the finding. This indicates how the access that
+    # generated the finding is granted. It is populated for Amazon S3 bucket
+    # findings.
+    #
+    # @!attribute [rw] detail
+    #   Includes details about how the access that generated the finding is
+    #   granted. This is populated for Amazon S3 bucket findings.
+    #   @return [Types::FindingSourceDetail]
+    #
+    # @!attribute [rw] type
+    #   Indicates the type of access that generated the finding.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingSource AWS API Documentation
+    #
+    class FindingSource < Struct.new(
+      :detail,
+      :type)
+      include Aws::Structure
+    end
+
+    # Includes details about how the access that generated the finding is
+    # granted. This is populated for Amazon S3 bucket findings.
+    #
+    # @!attribute [rw] access_point_arn
+    #   The ARN of the access point that generated the finding.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingSourceDetail AWS API Documentation
+    #
+    class FindingSourceDetail < Struct.new(
+      :access_point_arn)
+      include Aws::Structure
+    end
+
     # Contains information about a finding.
     #
     # @!attribute [rw] action
@@ -540,10 +619,20 @@ module Aws::AccessAnalyzer
     #   The resource that the external principal has access to.
     #   @return [String]
     #
+    # @!attribute [rw] resource_owner_account
+    #   The AWS account ID that owns the resource.
+    #   @return [String]
+    #
     # @!attribute [rw] resource_type
     #   The type of the resource that the external principal has access to.
     #   @return [String]
     #
+    # @!attribute [rw] sources
+    #   The sources of the finding. This indicates how the access that
+    #   generated the finding is granted. It is populated for Amazon S3
+    #   bucket findings.
+    #   @return [Array<Types::FindingSource>]
+    #
     # @!attribute [rw] status
     #   The status of the finding.
     #   @return [String]
@@ -564,7 +653,9 @@ module Aws::AccessAnalyzer
       :is_public,
       :principal,
       :resource,
+      :resource_owner_account,
       :resource_type,
+      :sources,
       :status,
       :updated_at)
       include Aws::Structure
@@ -838,7 +929,7 @@ module Aws::AccessAnalyzer
     #       {
     #         max_results: 1,
     #         next_token: "Token",
-    #         type: "ACCOUNT", # accepts ACCOUNT
+    #         type: "ACCOUNT", # accepts ACCOUNT, ORGANIZATION
     #       }
     #
     # @!attribute [rw] max_results
@@ -1133,6 +1224,23 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Provides more details about the current status of the analyzer. For
+    # example, if the creation for the analyzer fails, a `Failed` status is
+    # displayed. For an analyzer with organization as the type, this failure
+    # can be due to an issue with creating the service-linked roles required
+    # in the member accounts of the AWS organization.
+    #
+    # @!attribute [rw] code
+    #   The reason code for the current status of the analyzer.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StatusReason AWS API Documentation
+    #
+    class StatusReason < Struct.new(
+      :code)
+      include Aws::Structure
+    end
+
     # Adds a tag to the specified resource.
     #
     # @note When making an API call, you may pass TagResourceRequest

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-accessanalyzer
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 1.7.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-02 00:00:00.000000000 Z
+date: 2020-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -81,7 +81,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: AWS SDK for Ruby - Access Analyzer