aws-sdk-accessanalyzer 1.31.0 → 1.33.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c975d66f577ce2ad5bebaf1b00380846b72066244108e80f33548c03ec58248a
4
- data.tar.gz: 8b6f85c2313f8c08ffa0782f440e5dd6f9f4a0f2fdd5dada1dba29c8b0703f32
3
+ metadata.gz: fd1f3f9521514014252024f70752ecce355e1686eca51cda613f284972bde774
4
+ data.tar.gz: f24fc573a9bebd1fc74e7e2b5051881b45eb73498c491b2578d5ceb54e596050
5
5
  SHA512:
6
- metadata.gz: 7c8e59bcfbdacf5b3cb94b2cb446a46e450b25734ef5bf1ada917f8708520cc4f41b2f31d0591b098d387b95a542413028d0ab421fad3adf37143eddad99a84e
7
- data.tar.gz: 1b447ef46dcde07395364e873d1caeb06fe1e34e802d4ae467031332e7cde99895311b1431882688bf8e44a363443546cdf9f0b2d29b97483cca2f38577a7cfb
6
+ metadata.gz: b0a478d564a9b591d4325b31f0b59d0f3d9af88108fbfdbb2279cb2384a7094b8f344c7bbd41bcd8c0a4b8120b1d23781085780862209e34586d461caefa2e68
7
+ data.tar.gz: 449c68e1a77c18650d7a580cfa437091d9f87701fd04853e3a07b024807c79dae5ead30068f6ee5398f182ae956a5fa16d43a9b0c6a74076e89b6b4114422962
data/CHANGELOG.md CHANGED
@@ -1,6 +1,18 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.33.0 (2023-01-18)
5
+ ------------------
6
+
7
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
8
+
9
+ * Issue - Replace runtime endpoint resolution approach with generated ruby code.
10
+
11
+ 1.32.0 (2022-11-30)
12
+ ------------------
13
+
14
+ * Feature - This release adds support for S3 cross account access points. IAM Access Analyzer will now produce public or cross account findings when it detects bucket delegation to external account access points.
15
+
4
16
  1.31.0 (2022-10-25)
5
17
  ------------------
6
18
 
@@ -171,4 +183,4 @@ Unreleased Changes
171
183
  1.0.0 (2019-12-02)
172
184
  ------------------
173
185
 
174
- * Feature - Initial release of `aws-sdk-accessanalyzer`.
186
+ * Feature - Initial release of `aws-sdk-accessanalyzer`.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.31.0
1
+ 1.33.0
@@ -1021,8 +1021,9 @@ module Aws::AccessAnalyzer
1021
1021
  # resp.finding.resource_owner_account #=> String
1022
1022
  # resp.finding.error #=> String
1023
1023
  # resp.finding.sources #=> Array
1024
- # resp.finding.sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
1024
+ # resp.finding.sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
1025
1025
  # resp.finding.sources[0].detail.access_point_arn #=> String
1026
+ # resp.finding.sources[0].detail.access_point_account #=> String
1026
1027
  #
1027
1028
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding AWS API Documentation
1028
1029
  #
@@ -1167,8 +1168,9 @@ module Aws::AccessAnalyzer
1167
1168
  # resp.findings[0].resource_owner_account #=> String
1168
1169
  # resp.findings[0].error #=> String
1169
1170
  # resp.findings[0].sources #=> Array
1170
- # resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
1171
+ # resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
1171
1172
  # resp.findings[0].sources[0].detail.access_point_arn #=> String
1173
+ # resp.findings[0].sources[0].detail.access_point_account #=> String
1172
1174
  # resp.next_token #=> String
1173
1175
  #
1174
1176
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings AWS API Documentation
@@ -1459,8 +1461,9 @@ module Aws::AccessAnalyzer
1459
1461
  # resp.findings[0].resource_owner_account #=> String
1460
1462
  # resp.findings[0].error #=> String
1461
1463
  # resp.findings[0].sources #=> Array
1462
- # resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
1464
+ # resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
1463
1465
  # resp.findings[0].sources[0].detail.access_point_arn #=> String
1466
+ # resp.findings[0].sources[0].detail.access_point_account #=> String
1464
1467
  # resp.next_token #=> String
1465
1468
  #
1466
1469
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings AWS API Documentation
@@ -1899,7 +1902,7 @@ module Aws::AccessAnalyzer
1899
1902
  params: params,
1900
1903
  config: config)
1901
1904
  context[:gem_name] = 'aws-sdk-accessanalyzer'
1902
- context[:gem_version] = '1.31.0'
1905
+ context[:gem_version] = '1.33.0'
1903
1906
  Seahorse::Client::Request.new(handlers, context)
1904
1907
  end
1905
1908
 
@@ -466,6 +466,7 @@ module Aws::AccessAnalyzer
466
466
  FindingSource.struct_class = Types::FindingSource
467
467
 
468
468
  FindingSourceDetail.add_member(:access_point_arn, Shapes::ShapeRef.new(shape: String, location_name: "accessPointArn"))
469
+ FindingSourceDetail.add_member(:access_point_account, Shapes::ShapeRef.new(shape: String, location_name: "accessPointAccount"))
469
470
  FindingSourceDetail.struct_class = Types::FindingSourceDetail
470
471
 
471
472
  FindingSourceList.member = Shapes::ShapeRef.new(shape: FindingSource)
@@ -684,7 +685,7 @@ module Aws::AccessAnalyzer
684
685
  NetworkOriginConfiguration.add_member_subclass(:unknown, Types::NetworkOriginConfiguration::Unknown)
685
686
  NetworkOriginConfiguration.struct_class = Types::NetworkOriginConfiguration
686
687
 
687
- PathElement.add_member(:index, Shapes::ShapeRef.new(shape: Integer, location_name: "index", metadata: {"box"=>true}))
688
+ PathElement.add_member(:index, Shapes::ShapeRef.new(shape: Integer, location_name: "index"))
688
689
  PathElement.add_member(:key, Shapes::ShapeRef.new(shape: String, location_name: "key"))
689
690
  PathElement.add_member(:substring, Shapes::ShapeRef.new(shape: Substring, location_name: "substring"))
690
691
  PathElement.add_member(:value, Shapes::ShapeRef.new(shape: String, location_name: "value"))
@@ -50,6 +50,9 @@ module Aws::AccessAnalyzer
50
50
 
51
51
  def initialize(options = {})
52
52
  self[:region] = options[:region]
53
+ if self[:region].nil?
54
+ raise ArgumentError, "Missing required EndpointParameter: :region"
55
+ end
53
56
  self[:use_dual_stack] = options[:use_dual_stack]
54
57
  self[:use_dual_stack] = false if self[:use_dual_stack].nil?
55
58
  if self[:use_dual_stack].nil?
@@ -9,104 +9,43 @@
9
9
 
10
10
  module Aws::AccessAnalyzer
11
11
  class EndpointProvider
12
- def initialize(rule_set = nil)
13
- @@rule_set ||= begin
14
- endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
15
- Aws::Endpoints::RuleSet.new(
16
- version: endpoint_rules['version'],
17
- service_id: endpoint_rules['serviceId'],
18
- parameters: endpoint_rules['parameters'],
19
- rules: endpoint_rules['rules']
20
- )
12
+ def resolve_endpoint(parameters)
13
+ region = parameters.region
14
+ use_dual_stack = parameters.use_dual_stack
15
+ use_fips = parameters.use_fips
16
+ endpoint = parameters.endpoint
17
+ if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
18
+ if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
19
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
20
+ raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
21
+ end
22
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
23
+ raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
24
+ end
25
+ return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
26
+ end
27
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
28
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
29
+ return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
30
+ end
31
+ raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
32
+ end
33
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
34
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
35
+ return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
36
+ end
37
+ raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
38
+ end
39
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
40
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
41
+ return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
42
+ end
43
+ raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
44
+ end
45
+ return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
21
46
  end
22
- @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
23
- end
47
+ raise ArgumentError, 'No endpoint could be resolved'
24
48
 
25
- def resolve_endpoint(parameters)
26
- @provider.resolve_endpoint(parameters)
27
49
  end
28
-
29
- # @api private
30
- RULES = <<-JSON
31
- eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
32
- bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
33
- dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
34
- cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
35
- dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
36
- ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
37
- ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
38
- ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
39
- aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
40
- OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
41
- UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
42
- dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
43
- UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
44
- dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
45
- ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
46
- IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
47
- aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
48
- bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
49
- ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
50
- Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
51
- cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
52
- InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
53
- aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
54
- cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
55
- InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
56
- W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
57
- UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
58
- SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
59
- eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
60
- InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
61
- LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
62
- ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
63
- b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
64
- fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
65
- RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
66
- ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
67
- ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
68
- ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
69
- dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
70
- dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
71
- Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
72
- In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
73
- YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
74
- YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
75
- cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
76
- dCI6eyJ1cmwiOiJodHRwczovL2FjY2Vzcy1hbmFseXplci1maXBzLntSZWdp
77
- b259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInBy
78
- b3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9
79
- XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJGSVBTIGFuZCBEdWFsU3Rh
80
- Y2sgYXJlIGVuYWJsZWQsIGJ1dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBz
81
- dXBwb3J0IG9uZSBvciBib3RoIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRp
82
- dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6
83
- IlVzZUZJUFMifSx0cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJj
84
- b25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1
85
- ZSx7ImZuIjoiZ2V0QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJl
86
- c3VsdCJ9LCJzdXBwb3J0c0ZJUFMiXX1dfV0sInR5cGUiOiJ0cmVlIiwicnVs
87
- ZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
88
- eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9h
89
- Y2Nlc3MtYW5hbHl6ZXItZmlwcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0
90
- I2Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0
91
- eXBlIjoiZW5kcG9pbnQifV19XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3Ii
92
- OiJGSVBTIGlzIGVuYWJsZWQgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90
93
- IHN1cHBvcnQgRklQUyIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25z
94
- IjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VE
95
- dWFsU3RhY2sifSx0cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJj
96
- b25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1
97
- ZSx7ImZuIjoiZ2V0QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJl
98
- c3VsdCJ9LCJzdXBwb3J0c0R1YWxTdGFjayJdfV19XSwidHlwZSI6InRyZWUi
99
- LCJydWxlcyI6W3siY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6
100
- Imh0dHBzOi8vYWNjZXNzLWFuYWx5emVyLntSZWdpb259LntQYXJ0aXRpb25S
101
- ZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJo
102
- ZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25z
103
- IjpbXSwiZXJyb3IiOiJEdWFsU3RhY2sgaXMgZW5hYmxlZCBidXQgdGhpcyBw
104
- YXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBEdWFsU3RhY2siLCJ0eXBlIjoi
105
- ZXJyb3IifV19LHsiY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6
106
- Imh0dHBzOi8vYWNjZXNzLWFuYWx5emVyLntSZWdpb259LntQYXJ0aXRpb25S
107
- ZXN1bHQjZG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7
108
- fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1dfQ==
109
-
110
- JSON
111
50
  end
112
51
  end
@@ -447,15 +447,6 @@ module Aws::AccessAnalyzer
447
447
 
448
448
  # Retroactively applies an archive rule.
449
449
  #
450
- # @note When making an API call, you may pass ApplyArchiveRuleRequest
451
- # data as a hash:
452
- #
453
- # {
454
- # analyzer_arn: "AnalyzerArn", # required
455
- # rule_name: "Name", # required
456
- # client_token: "String",
457
- # }
458
- #
459
450
  # @!attribute [rw] analyzer_arn
460
451
  # The Amazon resource name (ARN) of the analyzer.
461
452
  # @return [String]
@@ -510,13 +501,6 @@ module Aws::AccessAnalyzer
510
501
  include Aws::Structure
511
502
  end
512
503
 
513
- # @note When making an API call, you may pass CancelPolicyGenerationRequest
514
- # data as a hash:
515
- #
516
- # {
517
- # job_id: "JobId", # required
518
- # }
519
- #
520
504
  # @!attribute [rw] job_id
521
505
  # The `JobId` that is returned by the `StartPolicyGeneration`
522
506
  # operation. The `JobId` can be used with `GetGeneratedPolicy` to
@@ -538,22 +522,6 @@ module Aws::AccessAnalyzer
538
522
 
539
523
  # Contains information about CloudTrail access.
540
524
  #
541
- # @note When making an API call, you may pass CloudTrailDetails
542
- # data as a hash:
543
- #
544
- # {
545
- # trails: [ # required
546
- # {
547
- # cloud_trail_arn: "CloudTrailArn", # required
548
- # regions: ["String"],
549
- # all_regions: false,
550
- # },
551
- # ],
552
- # access_role: "RoleArn", # required
553
- # start_time: Time.now, # required
554
- # end_time: Time.now,
555
- # }
556
- #
557
525
  # @!attribute [rw] trails
558
526
  # A `Trail` object that contains settings for a trail.
559
527
  # @return [Array<Types::Trail>]
@@ -727,111 +695,6 @@ module Aws::AccessAnalyzer
727
695
  include Aws::Structure
728
696
  end
729
697
 
730
- # @note When making an API call, you may pass CreateAccessPreviewRequest
731
- # data as a hash:
732
- #
733
- # {
734
- # analyzer_arn: "AnalyzerArn", # required
735
- # configurations: { # required
736
- # "ConfigurationsMapKey" => {
737
- # ebs_snapshot: {
738
- # user_ids: ["EbsUserId"],
739
- # groups: ["EbsGroup"],
740
- # kms_key_id: "EbsSnapshotDataEncryptionKeyId",
741
- # },
742
- # ecr_repository: {
743
- # repository_policy: "EcrRepositoryPolicy",
744
- # },
745
- # iam_role: {
746
- # trust_policy: "IamTrustPolicy",
747
- # },
748
- # efs_file_system: {
749
- # file_system_policy: "EfsFileSystemPolicy",
750
- # },
751
- # kms_key: {
752
- # key_policies: {
753
- # "PolicyName" => "KmsKeyPolicy",
754
- # },
755
- # grants: [
756
- # {
757
- # operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
758
- # grantee_principal: "GranteePrincipal", # required
759
- # retiring_principal: "RetiringPrincipal",
760
- # constraints: {
761
- # encryption_context_equals: {
762
- # "KmsConstraintsKey" => "KmsConstraintsValue",
763
- # },
764
- # encryption_context_subset: {
765
- # "KmsConstraintsKey" => "KmsConstraintsValue",
766
- # },
767
- # },
768
- # issuing_account: "IssuingAccount", # required
769
- # },
770
- # ],
771
- # },
772
- # rds_db_cluster_snapshot: {
773
- # attributes: {
774
- # "RdsDbClusterSnapshotAttributeName" => {
775
- # account_ids: ["RdsDbClusterSnapshotAccountId"],
776
- # },
777
- # },
778
- # kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
779
- # },
780
- # rds_db_snapshot: {
781
- # attributes: {
782
- # "RdsDbSnapshotAttributeName" => {
783
- # account_ids: ["RdsDbSnapshotAccountId"],
784
- # },
785
- # },
786
- # kms_key_id: "RdsDbSnapshotKmsKeyId",
787
- # },
788
- # secrets_manager_secret: {
789
- # kms_key_id: "SecretsManagerSecretKmsId",
790
- # secret_policy: "SecretsManagerSecretPolicy",
791
- # },
792
- # s3_bucket: {
793
- # bucket_policy: "S3BucketPolicy",
794
- # bucket_acl_grants: [
795
- # {
796
- # permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
797
- # grantee: { # required
798
- # id: "AclCanonicalId",
799
- # uri: "AclUri",
800
- # },
801
- # },
802
- # ],
803
- # bucket_public_access_block: {
804
- # ignore_public_acls: false, # required
805
- # restrict_public_buckets: false, # required
806
- # },
807
- # access_points: {
808
- # "AccessPointArn" => {
809
- # access_point_policy: "AccessPointPolicy",
810
- # public_access_block: {
811
- # ignore_public_acls: false, # required
812
- # restrict_public_buckets: false, # required
813
- # },
814
- # network_origin: {
815
- # vpc_configuration: {
816
- # vpc_id: "VpcId", # required
817
- # },
818
- # internet_configuration: {
819
- # },
820
- # },
821
- # },
822
- # },
823
- # },
824
- # sns_topic: {
825
- # topic_policy: "SnsTopicPolicy",
826
- # },
827
- # sqs_queue: {
828
- # queue_policy: "SqsQueuePolicy",
829
- # },
830
- # },
831
- # },
832
- # client_token: "String",
833
- # }
834
- #
835
698
  # @!attribute [rw] analyzer_arn
836
699
  # The [ARN of the account analyzer][1] used to generate the access
837
700
  # preview. You can only create an access preview for analyzers with an
@@ -881,31 +744,6 @@ module Aws::AccessAnalyzer
881
744
 
882
745
  # Creates an analyzer.
883
746
  #
884
- # @note When making an API call, you may pass CreateAnalyzerRequest
885
- # data as a hash:
886
- #
887
- # {
888
- # analyzer_name: "Name", # required
889
- # type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION
890
- # archive_rules: [
891
- # {
892
- # rule_name: "Name", # required
893
- # filter: { # required
894
- # "String" => {
895
- # eq: ["String"],
896
- # neq: ["String"],
897
- # contains: ["String"],
898
- # exists: false,
899
- # },
900
- # },
901
- # },
902
- # ],
903
- # tags: {
904
- # "String" => "String",
905
- # },
906
- # client_token: "String",
907
- # }
908
- #
909
747
  # @!attribute [rw] analyzer_name
910
748
  # The name of the analyzer to create.
911
749
  # @return [String]
@@ -962,23 +800,6 @@ module Aws::AccessAnalyzer
962
800
 
963
801
  # Creates an archive rule.
964
802
  #
965
- # @note When making an API call, you may pass CreateArchiveRuleRequest
966
- # data as a hash:
967
- #
968
- # {
969
- # analyzer_name: "Name", # required
970
- # rule_name: "Name", # required
971
- # filter: { # required
972
- # "String" => {
973
- # eq: ["String"],
974
- # neq: ["String"],
975
- # contains: ["String"],
976
- # exists: false,
977
- # },
978
- # },
979
- # client_token: "String",
980
- # }
981
- #
982
803
  # @!attribute [rw] analyzer_name
983
804
  # The name of the created analyzer.
984
805
  # @return [String]
@@ -1009,17 +830,13 @@ module Aws::AccessAnalyzer
1009
830
  include Aws::Structure
1010
831
  end
1011
832
 
1012
- # The criteria to use in the filter that defines the archive rule.
833
+ # The criteria to use in the filter that defines the archive rule. For
834
+ # more information on available filter keys, see [IAM Access Analyzer
835
+ # filter keys][1].
836
+ #
1013
837
  #
1014
- # @note When making an API call, you may pass Criterion
1015
- # data as a hash:
1016
838
  #
1017
- # {
1018
- # eq: ["String"],
1019
- # neq: ["String"],
1020
- # contains: ["String"],
1021
- # exists: false,
1022
- # }
839
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html
1023
840
  #
1024
841
  # @!attribute [rw] eq
1025
842
  # An "equals" operator to match for the filter used to create the
@@ -1054,14 +871,6 @@ module Aws::AccessAnalyzer
1054
871
 
1055
872
  # Deletes an analyzer.
1056
873
  #
1057
- # @note When making an API call, you may pass DeleteAnalyzerRequest
1058
- # data as a hash:
1059
- #
1060
- # {
1061
- # analyzer_name: "Name", # required
1062
- # client_token: "String",
1063
- # }
1064
- #
1065
874
  # @!attribute [rw] analyzer_name
1066
875
  # The name of the analyzer to delete.
1067
876
  # @return [String]
@@ -1084,15 +893,6 @@ module Aws::AccessAnalyzer
1084
893
 
1085
894
  # Deletes an archive rule.
1086
895
  #
1087
- # @note When making an API call, you may pass DeleteArchiveRuleRequest
1088
- # data as a hash:
1089
- #
1090
- # {
1091
- # analyzer_name: "Name", # required
1092
- # rule_name: "Name", # required
1093
- # client_token: "String",
1094
- # }
1095
- #
1096
896
  # @!attribute [rw] analyzer_name
1097
897
  # The name of the analyzer that associated with the archive rule to
1098
898
  # delete.
@@ -1129,15 +929,6 @@ module Aws::AccessAnalyzer
1129
929
  #
1130
930
  # [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html
1131
931
  #
1132
- # @note When making an API call, you may pass EbsSnapshotConfiguration
1133
- # data as a hash:
1134
- #
1135
- # {
1136
- # user_ids: ["EbsUserId"],
1137
- # groups: ["EbsGroup"],
1138
- # kms_key_id: "EbsSnapshotDataEncryptionKeyId",
1139
- # }
1140
- #
1141
932
  # @!attribute [rw] user_ids
1142
933
  # The IDs of the Amazon Web Services accounts that have access to the
1143
934
  # Amazon EBS volume snapshot.
@@ -1217,13 +1008,6 @@ module Aws::AccessAnalyzer
1217
1008
  #
1218
1009
  # [1]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html
1219
1010
  #
1220
- # @note When making an API call, you may pass EcrRepositoryConfiguration
1221
- # data as a hash:
1222
- #
1223
- # {
1224
- # repository_policy: "EcrRepositoryPolicy",
1225
- # }
1226
- #
1227
1011
  # @!attribute [rw] repository_policy
1228
1012
  # The JSON repository policy text to apply to the Amazon ECR
1229
1013
  # repository. For more information, see [Private repository policy
@@ -1263,13 +1047,6 @@ module Aws::AccessAnalyzer
1263
1047
  #
1264
1048
  # [1]: https://docs.aws.amazon.com/efs/latest/ug/using-fs.html
1265
1049
  #
1266
- # @note When making an API call, you may pass EfsFileSystemConfiguration
1267
- # data as a hash:
1268
- #
1269
- # {
1270
- # file_system_policy: "EfsFileSystemPolicy",
1271
- # }
1272
- #
1273
1050
  # @!attribute [rw] file_system_policy
1274
1051
  # The JSON policy definition to apply to the Amazon EFS file system.
1275
1052
  # For more information on the elements that make up a file system
@@ -1404,10 +1181,16 @@ module Aws::AccessAnalyzer
1404
1181
  # multi-region access point.
1405
1182
  # @return [String]
1406
1183
  #
1184
+ # @!attribute [rw] access_point_account
1185
+ # The account of the cross-account access point that generated the
1186
+ # finding.
1187
+ # @return [String]
1188
+ #
1407
1189
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingSourceDetail AWS API Documentation
1408
1190
  #
1409
1191
  class FindingSourceDetail < Struct.new(
1410
- :access_point_arn)
1192
+ :access_point_arn,
1193
+ :access_point_account)
1411
1194
  SENSITIVE = []
1412
1195
  include Aws::Structure
1413
1196
  end
@@ -1569,14 +1352,6 @@ module Aws::AccessAnalyzer
1569
1352
  include Aws::Structure
1570
1353
  end
1571
1354
 
1572
- # @note When making an API call, you may pass GetAccessPreviewRequest
1573
- # data as a hash:
1574
- #
1575
- # {
1576
- # access_preview_id: "AccessPreviewId", # required
1577
- # analyzer_arn: "AnalyzerArn", # required
1578
- # }
1579
- #
1580
1355
  # @!attribute [rw] access_preview_id
1581
1356
  # The unique ID for the access preview.
1582
1357
  # @return [String]
@@ -1612,14 +1387,6 @@ module Aws::AccessAnalyzer
1612
1387
 
1613
1388
  # Retrieves an analyzed resource.
1614
1389
  #
1615
- # @note When making an API call, you may pass GetAnalyzedResourceRequest
1616
- # data as a hash:
1617
- #
1618
- # {
1619
- # analyzer_arn: "AnalyzerArn", # required
1620
- # resource_arn: "ResourceArn", # required
1621
- # }
1622
- #
1623
1390
  # @!attribute [rw] analyzer_arn
1624
1391
  # The [ARN of the analyzer][1] to retrieve information from.
1625
1392
  #
@@ -1658,13 +1425,6 @@ module Aws::AccessAnalyzer
1658
1425
 
1659
1426
  # Retrieves an analyzer.
1660
1427
  #
1661
- # @note When making an API call, you may pass GetAnalyzerRequest
1662
- # data as a hash:
1663
- #
1664
- # {
1665
- # analyzer_name: "Name", # required
1666
- # }
1667
- #
1668
1428
  # @!attribute [rw] analyzer_name
1669
1429
  # The name of the analyzer retrieved.
1670
1430
  # @return [String]
@@ -1694,14 +1454,6 @@ module Aws::AccessAnalyzer
1694
1454
 
1695
1455
  # Retrieves an archive rule.
1696
1456
  #
1697
- # @note When making an API call, you may pass GetArchiveRuleRequest
1698
- # data as a hash:
1699
- #
1700
- # {
1701
- # analyzer_name: "Name", # required
1702
- # rule_name: "Name", # required
1703
- # }
1704
- #
1705
1457
  # @!attribute [rw] analyzer_name
1706
1458
  # The name of the analyzer to retrieve rules from.
1707
1459
  # @return [String]
@@ -1735,14 +1487,6 @@ module Aws::AccessAnalyzer
1735
1487
 
1736
1488
  # Retrieves a finding.
1737
1489
  #
1738
- # @note When making an API call, you may pass GetFindingRequest
1739
- # data as a hash:
1740
- #
1741
- # {
1742
- # analyzer_arn: "AnalyzerArn", # required
1743
- # id: "FindingId", # required
1744
- # }
1745
- #
1746
1490
  # @!attribute [rw] analyzer_arn
1747
1491
  # The [ARN of the analyzer][1] that generated the finding.
1748
1492
  #
@@ -1778,15 +1522,6 @@ module Aws::AccessAnalyzer
1778
1522
  include Aws::Structure
1779
1523
  end
1780
1524
 
1781
- # @note When making an API call, you may pass GetGeneratedPolicyRequest
1782
- # data as a hash:
1783
- #
1784
- # {
1785
- # job_id: "JobId", # required
1786
- # include_resource_placeholders: false,
1787
- # include_service_level_template: false,
1788
- # }
1789
- #
1790
1525
  # @!attribute [rw] job_id
1791
1526
  # The `JobId` that is returned by the `StartPolicyGeneration`
1792
1527
  # operation. The `JobId` can be used with `GetGeneratedPolicy` to
@@ -1856,13 +1591,6 @@ module Aws::AccessAnalyzer
1856
1591
  #
1857
1592
  # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html
1858
1593
  #
1859
- # @note When making an API call, you may pass IamRoleConfiguration
1860
- # data as a hash:
1861
- #
1862
- # {
1863
- # trust_policy: "IamTrustPolicy",
1864
- # }
1865
- #
1866
1594
  # @!attribute [rw] trust_policy
1867
1595
  # The proposed trust policy for the IAM role.
1868
1596
  # @return [String]
@@ -1878,21 +1606,6 @@ module Aws::AccessAnalyzer
1878
1606
  # An criterion statement in an archive rule. Each archive rule may have
1879
1607
  # multiple criteria.
1880
1608
  #
1881
- # @note When making an API call, you may pass InlineArchiveRule
1882
- # data as a hash:
1883
- #
1884
- # {
1885
- # rule_name: "Name", # required
1886
- # filter: { # required
1887
- # "String" => {
1888
- # eq: ["String"],
1889
- # neq: ["String"],
1890
- # contains: ["String"],
1891
- # exists: false,
1892
- # },
1893
- # },
1894
- # }
1895
- #
1896
1609
  # @!attribute [rw] rule_name
1897
1610
  # The name of the rule.
1898
1611
  # @return [String]
@@ -2001,24 +1714,6 @@ module Aws::AccessAnalyzer
2001
1714
  #
2002
1715
  # [1]: https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html
2003
1716
  #
2004
- # @note When making an API call, you may pass KmsGrantConfiguration
2005
- # data as a hash:
2006
- #
2007
- # {
2008
- # operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
2009
- # grantee_principal: "GranteePrincipal", # required
2010
- # retiring_principal: "RetiringPrincipal",
2011
- # constraints: {
2012
- # encryption_context_equals: {
2013
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2014
- # },
2015
- # encryption_context_subset: {
2016
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2017
- # },
2018
- # },
2019
- # issuing_account: "IssuingAccount", # required
2020
- # }
2021
- #
2022
1717
  # @!attribute [rw] operations
2023
1718
  # A list of operations that the grant permits.
2024
1719
  # @return [Array<String>]
@@ -2078,18 +1773,6 @@ module Aws::AccessAnalyzer
2078
1773
  # [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
2079
1774
  # [3]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html
2080
1775
  #
2081
- # @note When making an API call, you may pass KmsGrantConstraints
2082
- # data as a hash:
2083
- #
2084
- # {
2085
- # encryption_context_equals: {
2086
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2087
- # },
2088
- # encryption_context_subset: {
2089
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2090
- # },
2091
- # }
2092
- #
2093
1776
  # @!attribute [rw] encryption_context_equals
2094
1777
  # A list of key-value pairs that must match the encryption context in
2095
1778
  # the [cryptographic operation][1] request. The grant allows the
@@ -2140,31 +1823,6 @@ module Aws::AccessAnalyzer
2140
1823
  # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
2141
1824
  # [2]: https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html
2142
1825
  #
2143
- # @note When making an API call, you may pass KmsKeyConfiguration
2144
- # data as a hash:
2145
- #
2146
- # {
2147
- # key_policies: {
2148
- # "PolicyName" => "KmsKeyPolicy",
2149
- # },
2150
- # grants: [
2151
- # {
2152
- # operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
2153
- # grantee_principal: "GranteePrincipal", # required
2154
- # retiring_principal: "RetiringPrincipal",
2155
- # constraints: {
2156
- # encryption_context_equals: {
2157
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2158
- # },
2159
- # encryption_context_subset: {
2160
- # "KmsConstraintsKey" => "KmsConstraintsValue",
2161
- # },
2162
- # },
2163
- # issuing_account: "IssuingAccount", # required
2164
- # },
2165
- # ],
2166
- # }
2167
- #
2168
1826
  # @!attribute [rw] key_policies
2169
1827
  # Resource policy configuration for the KMS key. The only valid value
2170
1828
  # for the name of the key policy is `default`. For more information,
@@ -2192,24 +1850,6 @@ module Aws::AccessAnalyzer
2192
1850
  include Aws::Structure
2193
1851
  end
2194
1852
 
2195
- # @note When making an API call, you may pass ListAccessPreviewFindingsRequest
2196
- # data as a hash:
2197
- #
2198
- # {
2199
- # access_preview_id: "AccessPreviewId", # required
2200
- # analyzer_arn: "AnalyzerArn", # required
2201
- # filter: {
2202
- # "String" => {
2203
- # eq: ["String"],
2204
- # neq: ["String"],
2205
- # contains: ["String"],
2206
- # exists: false,
2207
- # },
2208
- # },
2209
- # next_token: "Token",
2210
- # max_results: 1,
2211
- # }
2212
- #
2213
1853
  # @!attribute [rw] access_preview_id
2214
1854
  # The unique ID for the access preview.
2215
1855
  # @return [String]
@@ -2264,15 +1904,6 @@ module Aws::AccessAnalyzer
2264
1904
  include Aws::Structure
2265
1905
  end
2266
1906
 
2267
- # @note When making an API call, you may pass ListAccessPreviewsRequest
2268
- # data as a hash:
2269
- #
2270
- # {
2271
- # analyzer_arn: "AnalyzerArn", # required
2272
- # next_token: "Token",
2273
- # max_results: 1,
2274
- # }
2275
- #
2276
1907
  # @!attribute [rw] analyzer_arn
2277
1908
  # The [ARN of the analyzer][1] used to generate the access preview.
2278
1909
  #
@@ -2318,16 +1949,6 @@ module Aws::AccessAnalyzer
2318
1949
 
2319
1950
  # Retrieves a list of resources that have been analyzed.
2320
1951
  #
2321
- # @note When making an API call, you may pass ListAnalyzedResourcesRequest
2322
- # data as a hash:
2323
- #
2324
- # {
2325
- # analyzer_arn: "AnalyzerArn", # required
2326
- # resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic
2327
- # next_token: "Token",
2328
- # max_results: 1,
2329
- # }
2330
- #
2331
1952
  # @!attribute [rw] analyzer_arn
2332
1953
  # The [ARN of the analyzer][1] to retrieve a list of analyzed
2333
1954
  # resources from.
@@ -2381,15 +2002,6 @@ module Aws::AccessAnalyzer
2381
2002
 
2382
2003
  # Retrieves a list of analyzers.
2383
2004
  #
2384
- # @note When making an API call, you may pass ListAnalyzersRequest
2385
- # data as a hash:
2386
- #
2387
- # {
2388
- # next_token: "Token",
2389
- # max_results: 1,
2390
- # type: "ACCOUNT", # accepts ACCOUNT, ORGANIZATION
2391
- # }
2392
- #
2393
2005
  # @!attribute [rw] next_token
2394
2006
  # A token used for pagination of results returned.
2395
2007
  # @return [String]
@@ -2433,15 +2045,6 @@ module Aws::AccessAnalyzer
2433
2045
 
2434
2046
  # Retrieves a list of archive rules created for the specified analyzer.
2435
2047
  #
2436
- # @note When making an API call, you may pass ListArchiveRulesRequest
2437
- # data as a hash:
2438
- #
2439
- # {
2440
- # analyzer_name: "Name", # required
2441
- # next_token: "Token",
2442
- # max_results: 1,
2443
- # }
2444
- #
2445
2048
  # @!attribute [rw] analyzer_name
2446
2049
  # The name of the analyzer to retrieve rules from.
2447
2050
  # @return [String]
@@ -2485,27 +2088,6 @@ module Aws::AccessAnalyzer
2485
2088
 
2486
2089
  # Retrieves a list of findings generated by the specified analyzer.
2487
2090
  #
2488
- # @note When making an API call, you may pass ListFindingsRequest
2489
- # data as a hash:
2490
- #
2491
- # {
2492
- # analyzer_arn: "AnalyzerArn", # required
2493
- # filter: {
2494
- # "String" => {
2495
- # eq: ["String"],
2496
- # neq: ["String"],
2497
- # contains: ["String"],
2498
- # exists: false,
2499
- # },
2500
- # },
2501
- # sort: {
2502
- # attribute_name: "String",
2503
- # order_by: "ASC", # accepts ASC, DESC
2504
- # },
2505
- # next_token: "Token",
2506
- # max_results: 1,
2507
- # }
2508
- #
2509
2091
  # @!attribute [rw] analyzer_arn
2510
2092
  # The [ARN of the analyzer][1] to retrieve findings from.
2511
2093
  #
@@ -2562,15 +2144,6 @@ module Aws::AccessAnalyzer
2562
2144
  include Aws::Structure
2563
2145
  end
2564
2146
 
2565
- # @note When making an API call, you may pass ListPolicyGenerationsRequest
2566
- # data as a hash:
2567
- #
2568
- # {
2569
- # principal_arn: "PrincipalArn",
2570
- # max_results: 1,
2571
- # next_token: "Token",
2572
- # }
2573
- #
2574
2147
  # @!attribute [rw] principal_arn
2575
2148
  # The ARN of the IAM entity (user or role) for which you are
2576
2149
  # generating a policy. Use this with `ListGeneratedPolicies` to filter
@@ -2615,13 +2188,6 @@ module Aws::AccessAnalyzer
2615
2188
 
2616
2189
  # Retrieves a list of tags applied to the specified resource.
2617
2190
  #
2618
- # @note When making an API call, you may pass ListTagsForResourceRequest
2619
- # data as a hash:
2620
- #
2621
- # {
2622
- # resource_arn: "String", # required
2623
- # }
2624
- #
2625
2191
  # @!attribute [rw] resource_arn
2626
2192
  # The ARN of the resource to retrieve tags from.
2627
2193
  # @return [String]
@@ -2796,13 +2362,6 @@ module Aws::AccessAnalyzer
2796
2362
  # Contains the ARN details about the IAM entity for which the policy is
2797
2363
  # generated.
2798
2364
  #
2799
- # @note When making an API call, you may pass PolicyGenerationDetails
2800
- # data as a hash:
2801
- #
2802
- # {
2803
- # principal_arn: "PrincipalArn", # required
2804
- # }
2805
- #
2806
2365
  # @!attribute [rw] principal_arn
2807
2366
  # The ARN of the IAM entity (user or role) for which you are
2808
2367
  # generating a policy.
@@ -2892,18 +2451,6 @@ module Aws::AccessAnalyzer
2892
2451
  #
2893
2452
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html
2894
2453
  #
2895
- # @note When making an API call, you may pass RdsDbClusterSnapshotConfiguration
2896
- # data as a hash:
2897
- #
2898
- # {
2899
- # attributes: {
2900
- # "RdsDbClusterSnapshotAttributeName" => {
2901
- # account_ids: ["RdsDbClusterSnapshotAccountId"],
2902
- # },
2903
- # },
2904
- # kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
2905
- # }
2906
- #
2907
2454
  # @!attribute [rw] attributes
2908
2455
  # The names and values of manual DB cluster snapshot attributes.
2909
2456
  # Manual DB cluster snapshot attributes are used to authorize other
@@ -2988,18 +2535,6 @@ module Aws::AccessAnalyzer
2988
2535
  #
2989
2536
  # [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html
2990
2537
  #
2991
- # @note When making an API call, you may pass RdsDbSnapshotConfiguration
2992
- # data as a hash:
2993
- #
2994
- # {
2995
- # attributes: {
2996
- # "RdsDbSnapshotAttributeName" => {
2997
- # account_ids: ["RdsDbSnapshotAccountId"],
2998
- # },
2999
- # },
3000
- # kms_key_id: "RdsDbSnapshotKmsKeyId",
3001
- # }
3002
- #
3003
2538
  # @!attribute [rw] attributes
3004
2539
  # The names and values of manual DB snapshot attributes. Manual DB
3005
2540
  # snapshot attributes are used to authorize other Amazon Web Services
@@ -3070,24 +2605,6 @@ module Aws::AccessAnalyzer
3070
2605
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html
3071
2606
  # [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html
3072
2607
  #
3073
- # @note When making an API call, you may pass S3AccessPointConfiguration
3074
- # data as a hash:
3075
- #
3076
- # {
3077
- # access_point_policy: "AccessPointPolicy",
3078
- # public_access_block: {
3079
- # ignore_public_acls: false, # required
3080
- # restrict_public_buckets: false, # required
3081
- # },
3082
- # network_origin: {
3083
- # vpc_configuration: {
3084
- # vpc_id: "VpcId", # required
3085
- # },
3086
- # internet_configuration: {
3087
- # },
3088
- # },
3089
- # }
3090
- #
3091
2608
  # @!attribute [rw] access_point_policy
3092
2609
  # The access point or multi-region access point policy.
3093
2610
  # @return [String]
@@ -3124,17 +2641,6 @@ module Aws::AccessAnalyzer
3124
2641
  #
3125
2642
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#setting-acls
3126
2643
  #
3127
- # @note When making an API call, you may pass S3BucketAclGrantConfiguration
3128
- # data as a hash:
3129
- #
3130
- # {
3131
- # permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
3132
- # grantee: { # required
3133
- # id: "AclCanonicalId",
3134
- # uri: "AclUri",
3135
- # },
3136
- # }
3137
- #
3138
2644
  # @!attribute [rw] permission
3139
2645
  # The permissions being granted.
3140
2646
  # @return [String]
@@ -3170,42 +2676,6 @@ module Aws::AccessAnalyzer
3170
2676
  #
3171
2677
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html
3172
2678
  #
3173
- # @note When making an API call, you may pass S3BucketConfiguration
3174
- # data as a hash:
3175
- #
3176
- # {
3177
- # bucket_policy: "S3BucketPolicy",
3178
- # bucket_acl_grants: [
3179
- # {
3180
- # permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
3181
- # grantee: { # required
3182
- # id: "AclCanonicalId",
3183
- # uri: "AclUri",
3184
- # },
3185
- # },
3186
- # ],
3187
- # bucket_public_access_block: {
3188
- # ignore_public_acls: false, # required
3189
- # restrict_public_buckets: false, # required
3190
- # },
3191
- # access_points: {
3192
- # "AccessPointArn" => {
3193
- # access_point_policy: "AccessPointPolicy",
3194
- # public_access_block: {
3195
- # ignore_public_acls: false, # required
3196
- # restrict_public_buckets: false, # required
3197
- # },
3198
- # network_origin: {
3199
- # vpc_configuration: {
3200
- # vpc_id: "VpcId", # required
3201
- # },
3202
- # internet_configuration: {
3203
- # },
3204
- # },
3205
- # },
3206
- # },
3207
- # }
3208
- #
3209
2679
  # @!attribute [rw] bucket_policy
3210
2680
  # The proposed bucket policy for the Amazon S3 bucket.
3211
2681
  # @return [String]
@@ -3255,14 +2725,6 @@ module Aws::AccessAnalyzer
3255
2725
  #
3256
2726
  # [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html
3257
2727
  #
3258
- # @note When making an API call, you may pass S3PublicAccessBlockConfiguration
3259
- # data as a hash:
3260
- #
3261
- # {
3262
- # ignore_public_acls: false, # required
3263
- # restrict_public_buckets: false, # required
3264
- # }
3265
- #
3266
2728
  # @!attribute [rw] ignore_public_acls
3267
2729
  # Specifies whether Amazon S3 should ignore public ACLs for this
3268
2730
  # bucket and objects in this bucket.
@@ -3305,14 +2767,6 @@ module Aws::AccessAnalyzer
3305
2767
  # [1]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html
3306
2768
  # [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html
3307
2769
  #
3308
- # @note When making an API call, you may pass SecretsManagerSecretConfiguration
3309
- # data as a hash:
3310
- #
3311
- # {
3312
- # kms_key_id: "SecretsManagerSecretKmsId",
3313
- # secret_policy: "SecretsManagerSecretPolicy",
3314
- # }
3315
- #
3316
2770
  # @!attribute [rw] kms_key_id
3317
2771
  # The proposed ARN, key ID, or alias of the KMS key.
3318
2772
  # @return [String]
@@ -3370,13 +2824,6 @@ module Aws::AccessAnalyzer
3370
2824
  #
3371
2825
  # [1]: https://docs.aws.amazon.com/sns/latest/api/API_Topic.html
3372
2826
  #
3373
- # @note When making an API call, you may pass SnsTopicConfiguration
3374
- # data as a hash:
3375
- #
3376
- # {
3377
- # topic_policy: "SnsTopicPolicy",
3378
- # }
3379
- #
3380
2827
  # @!attribute [rw] topic_policy
3381
2828
  # The JSON policy text that defines who can access an Amazon SNS
3382
2829
  # topic. For more information, see [Example cases for Amazon SNS
@@ -3397,14 +2844,6 @@ module Aws::AccessAnalyzer
3397
2844
 
3398
2845
  # The criteria used to sort.
3399
2846
  #
3400
- # @note When making an API call, you may pass SortCriteria
3401
- # data as a hash:
3402
- #
3403
- # {
3404
- # attribute_name: "String",
3405
- # order_by: "ASC", # accepts ASC, DESC
3406
- # }
3407
- #
3408
2847
  # @!attribute [rw] attribute_name
3409
2848
  # The name of the attribute to sort on.
3410
2849
  # @return [String]
@@ -3458,13 +2897,6 @@ module Aws::AccessAnalyzer
3458
2897
  #
3459
2898
  # [1]: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html
3460
2899
  #
3461
- # @note When making an API call, you may pass SqsQueueConfiguration
3462
- # data as a hash:
3463
- #
3464
- # {
3465
- # queue_policy: "SqsQueuePolicy",
3466
- # }
3467
- #
3468
2900
  # @!attribute [rw] queue_policy
3469
2901
  # The proposed resource policy for the Amazon SQS queue.
3470
2902
  # @return [String]
@@ -3477,28 +2909,6 @@ module Aws::AccessAnalyzer
3477
2909
  include Aws::Structure
3478
2910
  end
3479
2911
 
3480
- # @note When making an API call, you may pass StartPolicyGenerationRequest
3481
- # data as a hash:
3482
- #
3483
- # {
3484
- # policy_generation_details: { # required
3485
- # principal_arn: "PrincipalArn", # required
3486
- # },
3487
- # cloud_trail_details: {
3488
- # trails: [ # required
3489
- # {
3490
- # cloud_trail_arn: "CloudTrailArn", # required
3491
- # regions: ["String"],
3492
- # all_regions: false,
3493
- # },
3494
- # ],
3495
- # access_role: "RoleArn", # required
3496
- # start_time: Time.now, # required
3497
- # end_time: Time.now,
3498
- # },
3499
- # client_token: "String",
3500
- # }
3501
- #
3502
2912
  # @!attribute [rw] policy_generation_details
3503
2913
  # Contains the ARN of the IAM entity (user or role) for which you are
3504
2914
  # generating a policy.
@@ -3551,15 +2961,6 @@ module Aws::AccessAnalyzer
3551
2961
 
3552
2962
  # Starts a scan of the policies applied to the specified resource.
3553
2963
  #
3554
- # @note When making an API call, you may pass StartResourceScanRequest
3555
- # data as a hash:
3556
- #
3557
- # {
3558
- # analyzer_arn: "AnalyzerArn", # required
3559
- # resource_arn: "ResourceArn", # required
3560
- # resource_owner_account: "String",
3561
- # }
3562
- #
3563
2964
  # @!attribute [rw] analyzer_arn
3564
2965
  # The [ARN of the analyzer][1] to use to scan the policies applied to
3565
2966
  # the specified resource.
@@ -3628,16 +3029,6 @@ module Aws::AccessAnalyzer
3628
3029
 
3629
3030
  # Adds a tag to the specified resource.
3630
3031
  #
3631
- # @note When making an API call, you may pass TagResourceRequest
3632
- # data as a hash:
3633
- #
3634
- # {
3635
- # resource_arn: "String", # required
3636
- # tags: { # required
3637
- # "String" => "String",
3638
- # },
3639
- # }
3640
- #
3641
3032
  # @!attribute [rw] resource_arn
3642
3033
  # The ARN of the resource to add the tag to.
3643
3034
  # @return [String]
@@ -3682,15 +3073,6 @@ module Aws::AccessAnalyzer
3682
3073
  # Contains details about the CloudTrail trail being analyzed to generate
3683
3074
  # a policy.
3684
3075
  #
3685
- # @note When making an API call, you may pass Trail
3686
- # data as a hash:
3687
- #
3688
- # {
3689
- # cloud_trail_arn: "CloudTrailArn", # required
3690
- # regions: ["String"],
3691
- # all_regions: false,
3692
- # }
3693
- #
3694
3076
  # @!attribute [rw] cloud_trail_arn
3695
3077
  # Specifies the ARN of the trail. The format of a trail ARN is
3696
3078
  # `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`.
@@ -3748,14 +3130,6 @@ module Aws::AccessAnalyzer
3748
3130
 
3749
3131
  # Removes a tag from the specified resource.
3750
3132
  #
3751
- # @note When making an API call, you may pass UntagResourceRequest
3752
- # data as a hash:
3753
- #
3754
- # {
3755
- # resource_arn: "String", # required
3756
- # tag_keys: ["String"], # required
3757
- # }
3758
- #
3759
3133
  # @!attribute [rw] resource_arn
3760
3134
  # The ARN of the resource to remove the tag from.
3761
3135
  # @return [String]
@@ -3781,23 +3155,6 @@ module Aws::AccessAnalyzer
3781
3155
 
3782
3156
  # Updates the specified archive rule.
3783
3157
  #
3784
- # @note When making an API call, you may pass UpdateArchiveRuleRequest
3785
- # data as a hash:
3786
- #
3787
- # {
3788
- # analyzer_name: "Name", # required
3789
- # rule_name: "Name", # required
3790
- # filter: { # required
3791
- # "String" => {
3792
- # eq: ["String"],
3793
- # neq: ["String"],
3794
- # contains: ["String"],
3795
- # exists: false,
3796
- # },
3797
- # },
3798
- # client_token: "String",
3799
- # }
3800
- #
3801
3158
  # @!attribute [rw] analyzer_name
3802
3159
  # The name of the analyzer to update the archive rules for.
3803
3160
  # @return [String]
@@ -3831,17 +3188,6 @@ module Aws::AccessAnalyzer
3831
3188
 
3832
3189
  # Updates findings with the new values provided in the request.
3833
3190
  #
3834
- # @note When making an API call, you may pass UpdateFindingsRequest
3835
- # data as a hash:
3836
- #
3837
- # {
3838
- # analyzer_arn: "AnalyzerArn", # required
3839
- # status: "ACTIVE", # required, accepts ACTIVE, ARCHIVED
3840
- # ids: ["FindingId"],
3841
- # resource_arn: "ResourceArn",
3842
- # client_token: "String",
3843
- # }
3844
- #
3845
3191
  # @!attribute [rw] analyzer_arn
3846
3192
  # The [ARN of the analyzer][1] that generated the findings to update.
3847
3193
  #
@@ -3934,18 +3280,6 @@ module Aws::AccessAnalyzer
3934
3280
  include Aws::Structure
3935
3281
  end
3936
3282
 
3937
- # @note When making an API call, you may pass ValidatePolicyRequest
3938
- # data as a hash:
3939
- #
3940
- # {
3941
- # locale: "DE", # accepts DE, EN, ES, FR, IT, JA, KO, PT_BR, ZH_CN, ZH_TW
3942
- # max_results: 1,
3943
- # next_token: "Token",
3944
- # policy_document: "PolicyDocument", # required
3945
- # policy_type: "IDENTITY_POLICY", # required, accepts IDENTITY_POLICY, RESOURCE_POLICY, SERVICE_CONTROL_POLICY
3946
- # validate_policy_resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3::MultiRegionAccessPoint, AWS::S3ObjectLambda::AccessPoint, AWS::IAM::AssumeRolePolicyDocument
3947
- # }
3948
- #
3949
3283
  # @!attribute [rw] locale
3950
3284
  # The locale to use for localizing the findings.
3951
3285
  # @return [String]
@@ -4072,13 +3406,6 @@ module Aws::AccessAnalyzer
4072
3406
  #
4073
3407
  # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html
4074
3408
  #
4075
- # @note When making an API call, you may pass VpcConfiguration
4076
- # data as a hash:
4077
- #
4078
- # {
4079
- # vpc_id: "VpcId", # required
4080
- # }
4081
- #
4082
3409
  # @!attribute [rw] vpc_id
4083
3410
  # If this field is specified, this access point will only allow
4084
3411
  # connections from the specified VPC ID.
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
52
52
  # @!group service
53
53
  module Aws::AccessAnalyzer
54
54
 
55
- GEM_VERSION = '1.31.0'
55
+ GEM_VERSION = '1.33.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-accessanalyzer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.31.0
4
+ version: 1.33.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-25 00:00:00.000000000 Z
11
+ date: 2023-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core