aws-sdk-accessanalyzer 1.41.0 → 1.43.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -13,6 +13,10 @@ module Aws::AccessAnalyzer
13
13
 
14
14
  include Seahorse::Model
15
15
 
16
+ Access = Shapes::StructureShape.new(name: 'Access')
17
+ AccessActionsList = Shapes::ListShape.new(name: 'AccessActionsList')
18
+ AccessCheckPolicyDocument = Shapes::StringShape.new(name: 'AccessCheckPolicyDocument')
19
+ AccessCheckPolicyType = Shapes::StringShape.new(name: 'AccessCheckPolicyType')
16
20
  AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
17
21
  AccessPointArn = Shapes::StringShape.new(name: 'AccessPointArn')
18
22
  AccessPointPolicy = Shapes::StringShape.new(name: 'AccessPointPolicy')
@@ -30,11 +34,13 @@ module Aws::AccessAnalyzer
30
34
  AclGrantee = Shapes::UnionShape.new(name: 'AclGrantee')
31
35
  AclPermission = Shapes::StringShape.new(name: 'AclPermission')
32
36
  AclUri = Shapes::StringShape.new(name: 'AclUri')
37
+ Action = Shapes::StringShape.new(name: 'Action')
33
38
  ActionList = Shapes::ListShape.new(name: 'ActionList')
34
39
  AnalyzedResource = Shapes::StructureShape.new(name: 'AnalyzedResource')
35
40
  AnalyzedResourceSummary = Shapes::StructureShape.new(name: 'AnalyzedResourceSummary')
36
41
  AnalyzedResourcesList = Shapes::ListShape.new(name: 'AnalyzedResourcesList')
37
42
  AnalyzerArn = Shapes::StringShape.new(name: 'AnalyzerArn')
43
+ AnalyzerConfiguration = Shapes::UnionShape.new(name: 'AnalyzerConfiguration')
38
44
  AnalyzerStatus = Shapes::StringShape.new(name: 'AnalyzerStatus')
39
45
  AnalyzerSummary = Shapes::StructureShape.new(name: 'AnalyzerSummary')
40
46
  AnalyzersList = Shapes::ListShape.new(name: 'AnalyzersList')
@@ -44,6 +50,13 @@ module Aws::AccessAnalyzer
44
50
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
45
51
  CancelPolicyGenerationRequest = Shapes::StructureShape.new(name: 'CancelPolicyGenerationRequest')
46
52
  CancelPolicyGenerationResponse = Shapes::StructureShape.new(name: 'CancelPolicyGenerationResponse')
53
+ CheckAccessNotGrantedRequest = Shapes::StructureShape.new(name: 'CheckAccessNotGrantedRequest')
54
+ CheckAccessNotGrantedRequestAccessList = Shapes::ListShape.new(name: 'CheckAccessNotGrantedRequestAccessList')
55
+ CheckAccessNotGrantedResponse = Shapes::StructureShape.new(name: 'CheckAccessNotGrantedResponse')
56
+ CheckAccessNotGrantedResult = Shapes::StringShape.new(name: 'CheckAccessNotGrantedResult')
57
+ CheckNoNewAccessRequest = Shapes::StructureShape.new(name: 'CheckNoNewAccessRequest')
58
+ CheckNoNewAccessResponse = Shapes::StructureShape.new(name: 'CheckNoNewAccessResponse')
59
+ CheckNoNewAccessResult = Shapes::StringShape.new(name: 'CheckNoNewAccessResult')
47
60
  CloudTrailArn = Shapes::StringShape.new(name: 'CloudTrailArn')
48
61
  CloudTrailDetails = Shapes::StructureShape.new(name: 'CloudTrailDetails')
49
62
  CloudTrailProperties = Shapes::StructureShape.new(name: 'CloudTrailProperties')
@@ -70,9 +83,12 @@ module Aws::AccessAnalyzer
70
83
  EcrRepositoryPolicy = Shapes::StringShape.new(name: 'EcrRepositoryPolicy')
71
84
  EfsFileSystemConfiguration = Shapes::StructureShape.new(name: 'EfsFileSystemConfiguration')
72
85
  EfsFileSystemPolicy = Shapes::StringShape.new(name: 'EfsFileSystemPolicy')
86
+ ExternalAccessDetails = Shapes::StructureShape.new(name: 'ExternalAccessDetails')
73
87
  FilterCriteriaMap = Shapes::MapShape.new(name: 'FilterCriteriaMap')
74
88
  Finding = Shapes::StructureShape.new(name: 'Finding')
75
89
  FindingChangeType = Shapes::StringShape.new(name: 'FindingChangeType')
90
+ FindingDetails = Shapes::UnionShape.new(name: 'FindingDetails')
91
+ FindingDetailsList = Shapes::ListShape.new(name: 'FindingDetailsList')
76
92
  FindingId = Shapes::StringShape.new(name: 'FindingId')
77
93
  FindingIdList = Shapes::ListShape.new(name: 'FindingIdList')
78
94
  FindingSource = Shapes::StructureShape.new(name: 'FindingSource')
@@ -82,7 +98,10 @@ module Aws::AccessAnalyzer
82
98
  FindingStatus = Shapes::StringShape.new(name: 'FindingStatus')
83
99
  FindingStatusUpdate = Shapes::StringShape.new(name: 'FindingStatusUpdate')
84
100
  FindingSummary = Shapes::StructureShape.new(name: 'FindingSummary')
101
+ FindingSummaryV2 = Shapes::StructureShape.new(name: 'FindingSummaryV2')
102
+ FindingType = Shapes::StringShape.new(name: 'FindingType')
85
103
  FindingsList = Shapes::ListShape.new(name: 'FindingsList')
104
+ FindingsListV2 = Shapes::ListShape.new(name: 'FindingsListV2')
86
105
  GeneratedPolicy = Shapes::StructureShape.new(name: 'GeneratedPolicy')
87
106
  GeneratedPolicyList = Shapes::ListShape.new(name: 'GeneratedPolicyList')
88
107
  GeneratedPolicyProperties = Shapes::StructureShape.new(name: 'GeneratedPolicyProperties')
@@ -97,6 +116,8 @@ module Aws::AccessAnalyzer
97
116
  GetArchiveRuleResponse = Shapes::StructureShape.new(name: 'GetArchiveRuleResponse')
98
117
  GetFindingRequest = Shapes::StructureShape.new(name: 'GetFindingRequest')
99
118
  GetFindingResponse = Shapes::StructureShape.new(name: 'GetFindingResponse')
119
+ GetFindingV2Request = Shapes::StructureShape.new(name: 'GetFindingV2Request')
120
+ GetFindingV2Response = Shapes::StructureShape.new(name: 'GetFindingV2Response')
100
121
  GetGeneratedPolicyRequest = Shapes::StructureShape.new(name: 'GetGeneratedPolicyRequest')
101
122
  GetGeneratedPolicyResponse = Shapes::StructureShape.new(name: 'GetGeneratedPolicyResponse')
102
123
  GranteePrincipal = Shapes::StringShape.new(name: 'GranteePrincipal')
@@ -107,6 +128,7 @@ module Aws::AccessAnalyzer
107
128
  Integer = Shapes::IntegerShape.new(name: 'Integer')
108
129
  InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
109
130
  InternetConfiguration = Shapes::StructureShape.new(name: 'InternetConfiguration')
131
+ InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
110
132
  IssueCode = Shapes::StringShape.new(name: 'IssueCode')
111
133
  IssuingAccount = Shapes::StringShape.new(name: 'IssuingAccount')
112
134
  JobDetails = Shapes::StructureShape.new(name: 'JobDetails')
@@ -138,6 +160,8 @@ module Aws::AccessAnalyzer
138
160
  ListArchiveRulesResponse = Shapes::StructureShape.new(name: 'ListArchiveRulesResponse')
139
161
  ListFindingsRequest = Shapes::StructureShape.new(name: 'ListFindingsRequest')
140
162
  ListFindingsResponse = Shapes::StructureShape.new(name: 'ListFindingsResponse')
163
+ ListFindingsV2Request = Shapes::StructureShape.new(name: 'ListFindingsV2Request')
164
+ ListFindingsV2Response = Shapes::StructureShape.new(name: 'ListFindingsV2Response')
141
165
  ListPolicyGenerationsRequest = Shapes::StructureShape.new(name: 'ListPolicyGenerationsRequest')
142
166
  ListPolicyGenerationsRequestMaxResultsInteger = Shapes::IntegerShape.new(name: 'ListPolicyGenerationsRequestMaxResultsInteger')
143
167
  ListPolicyGenerationsResponse = Shapes::StructureShape.new(name: 'ListPolicyGenerationsResponse')
@@ -175,6 +199,8 @@ module Aws::AccessAnalyzer
175
199
  RdsDbSnapshotConfiguration = Shapes::StructureShape.new(name: 'RdsDbSnapshotConfiguration')
176
200
  RdsDbSnapshotKmsKeyId = Shapes::StringShape.new(name: 'RdsDbSnapshotKmsKeyId')
177
201
  ReasonCode = Shapes::StringShape.new(name: 'ReasonCode')
202
+ ReasonSummary = Shapes::StructureShape.new(name: 'ReasonSummary')
203
+ ReasonSummaryList = Shapes::ListShape.new(name: 'ReasonSummaryList')
178
204
  RegionList = Shapes::ListShape.new(name: 'RegionList')
179
205
  ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
180
206
  ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
@@ -217,8 +243,16 @@ module Aws::AccessAnalyzer
217
243
  TrailProperties = Shapes::StructureShape.new(name: 'TrailProperties')
218
244
  TrailPropertiesList = Shapes::ListShape.new(name: 'TrailPropertiesList')
219
245
  Type = Shapes::StringShape.new(name: 'Type')
246
+ UnprocessableEntityException = Shapes::StructureShape.new(name: 'UnprocessableEntityException')
220
247
  UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
221
248
  UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
249
+ UnusedAccessConfiguration = Shapes::StructureShape.new(name: 'UnusedAccessConfiguration')
250
+ UnusedAction = Shapes::StructureShape.new(name: 'UnusedAction')
251
+ UnusedActionList = Shapes::ListShape.new(name: 'UnusedActionList')
252
+ UnusedIamRoleDetails = Shapes::StructureShape.new(name: 'UnusedIamRoleDetails')
253
+ UnusedIamUserAccessKeyDetails = Shapes::StructureShape.new(name: 'UnusedIamUserAccessKeyDetails')
254
+ UnusedIamUserPasswordDetails = Shapes::StructureShape.new(name: 'UnusedIamUserPasswordDetails')
255
+ UnusedPermissionDetails = Shapes::StructureShape.new(name: 'UnusedPermissionDetails')
222
256
  UpdateArchiveRuleRequest = Shapes::StructureShape.new(name: 'UpdateArchiveRuleRequest')
223
257
  UpdateFindingsRequest = Shapes::StructureShape.new(name: 'UpdateFindingsRequest')
224
258
  ValidatePolicyFinding = Shapes::StructureShape.new(name: 'ValidatePolicyFinding')
@@ -235,6 +269,11 @@ module Aws::AccessAnalyzer
235
269
  VpcConfiguration = Shapes::StructureShape.new(name: 'VpcConfiguration')
236
270
  VpcId = Shapes::StringShape.new(name: 'VpcId')
237
271
 
272
+ Access.add_member(:actions, Shapes::ShapeRef.new(shape: AccessActionsList, required: true, location_name: "actions"))
273
+ Access.struct_class = Types::Access
274
+
275
+ AccessActionsList.member = Shapes::ShapeRef.new(shape: Action)
276
+
238
277
  AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
239
278
  AccessDeniedException.struct_class = Types::AccessDeniedException
240
279
 
@@ -307,6 +346,12 @@ module Aws::AccessAnalyzer
307
346
 
308
347
  AnalyzedResourcesList.member = Shapes::ShapeRef.new(shape: AnalyzedResourceSummary)
309
348
 
349
+ AnalyzerConfiguration.add_member(:unused_access, Shapes::ShapeRef.new(shape: UnusedAccessConfiguration, location_name: "unusedAccess"))
350
+ AnalyzerConfiguration.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
351
+ AnalyzerConfiguration.add_member_subclass(:unused_access, Types::AnalyzerConfiguration::UnusedAccess)
352
+ AnalyzerConfiguration.add_member_subclass(:unknown, Types::AnalyzerConfiguration::Unknown)
353
+ AnalyzerConfiguration.struct_class = Types::AnalyzerConfiguration
354
+
310
355
  AnalyzerSummary.add_member(:arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location_name: "arn"))
311
356
  AnalyzerSummary.add_member(:name, Shapes::ShapeRef.new(shape: Name, required: true, location_name: "name"))
312
357
  AnalyzerSummary.add_member(:type, Shapes::ShapeRef.new(shape: Type, required: true, location_name: "type"))
@@ -316,6 +361,7 @@ module Aws::AccessAnalyzer
316
361
  AnalyzerSummary.add_member(:tags, Shapes::ShapeRef.new(shape: TagsMap, location_name: "tags"))
317
362
  AnalyzerSummary.add_member(:status, Shapes::ShapeRef.new(shape: AnalyzerStatus, required: true, location_name: "status"))
318
363
  AnalyzerSummary.add_member(:status_reason, Shapes::ShapeRef.new(shape: StatusReason, location_name: "statusReason"))
364
+ AnalyzerSummary.add_member(:configuration, Shapes::ShapeRef.new(shape: AnalyzerConfiguration, location_name: "configuration"))
319
365
  AnalyzerSummary.struct_class = Types::AnalyzerSummary
320
366
 
321
367
  AnalyzersList.member = Shapes::ShapeRef.new(shape: AnalyzerSummary)
@@ -338,6 +384,28 @@ module Aws::AccessAnalyzer
338
384
 
339
385
  CancelPolicyGenerationResponse.struct_class = Types::CancelPolicyGenerationResponse
340
386
 
387
+ CheckAccessNotGrantedRequest.add_member(:policy_document, Shapes::ShapeRef.new(shape: AccessCheckPolicyDocument, required: true, location_name: "policyDocument"))
388
+ CheckAccessNotGrantedRequest.add_member(:access, Shapes::ShapeRef.new(shape: CheckAccessNotGrantedRequestAccessList, required: true, location_name: "access"))
389
+ CheckAccessNotGrantedRequest.add_member(:policy_type, Shapes::ShapeRef.new(shape: AccessCheckPolicyType, required: true, location_name: "policyType"))
390
+ CheckAccessNotGrantedRequest.struct_class = Types::CheckAccessNotGrantedRequest
391
+
392
+ CheckAccessNotGrantedRequestAccessList.member = Shapes::ShapeRef.new(shape: Access)
393
+
394
+ CheckAccessNotGrantedResponse.add_member(:result, Shapes::ShapeRef.new(shape: CheckAccessNotGrantedResult, location_name: "result"))
395
+ CheckAccessNotGrantedResponse.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
396
+ CheckAccessNotGrantedResponse.add_member(:reasons, Shapes::ShapeRef.new(shape: ReasonSummaryList, location_name: "reasons"))
397
+ CheckAccessNotGrantedResponse.struct_class = Types::CheckAccessNotGrantedResponse
398
+
399
+ CheckNoNewAccessRequest.add_member(:new_policy_document, Shapes::ShapeRef.new(shape: AccessCheckPolicyDocument, required: true, location_name: "newPolicyDocument"))
400
+ CheckNoNewAccessRequest.add_member(:existing_policy_document, Shapes::ShapeRef.new(shape: AccessCheckPolicyDocument, required: true, location_name: "existingPolicyDocument"))
401
+ CheckNoNewAccessRequest.add_member(:policy_type, Shapes::ShapeRef.new(shape: AccessCheckPolicyType, required: true, location_name: "policyType"))
402
+ CheckNoNewAccessRequest.struct_class = Types::CheckNoNewAccessRequest
403
+
404
+ CheckNoNewAccessResponse.add_member(:result, Shapes::ShapeRef.new(shape: CheckNoNewAccessResult, location_name: "result"))
405
+ CheckNoNewAccessResponse.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
406
+ CheckNoNewAccessResponse.add_member(:reasons, Shapes::ShapeRef.new(shape: ReasonSummaryList, location_name: "reasons"))
407
+ CheckNoNewAccessResponse.struct_class = Types::CheckNoNewAccessResponse
408
+
341
409
  CloudTrailDetails.add_member(:trails, Shapes::ShapeRef.new(shape: TrailList, required: true, location_name: "trails"))
342
410
  CloudTrailDetails.add_member(:access_role, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "accessRole"))
343
411
  CloudTrailDetails.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "startTime"))
@@ -399,6 +467,7 @@ module Aws::AccessAnalyzer
399
467
  CreateAnalyzerRequest.add_member(:archive_rules, Shapes::ShapeRef.new(shape: InlineArchiveRulesList, location_name: "archiveRules"))
400
468
  CreateAnalyzerRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagsMap, location_name: "tags"))
401
469
  CreateAnalyzerRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
470
+ CreateAnalyzerRequest.add_member(:configuration, Shapes::ShapeRef.new(shape: AnalyzerConfiguration, location_name: "configuration"))
402
471
  CreateAnalyzerRequest.struct_class = Types::CreateAnalyzerRequest
403
472
 
404
473
  CreateAnalyzerResponse.add_member(:arn, Shapes::ShapeRef.new(shape: AnalyzerArn, location_name: "arn"))
@@ -440,6 +509,13 @@ module Aws::AccessAnalyzer
440
509
  EfsFileSystemConfiguration.add_member(:file_system_policy, Shapes::ShapeRef.new(shape: EfsFileSystemPolicy, location_name: "fileSystemPolicy"))
441
510
  EfsFileSystemConfiguration.struct_class = Types::EfsFileSystemConfiguration
442
511
 
512
+ ExternalAccessDetails.add_member(:action, Shapes::ShapeRef.new(shape: ActionList, location_name: "action"))
513
+ ExternalAccessDetails.add_member(:condition, Shapes::ShapeRef.new(shape: ConditionKeyMap, required: true, location_name: "condition"))
514
+ ExternalAccessDetails.add_member(:is_public, Shapes::ShapeRef.new(shape: Boolean, location_name: "isPublic"))
515
+ ExternalAccessDetails.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalMap, location_name: "principal"))
516
+ ExternalAccessDetails.add_member(:sources, Shapes::ShapeRef.new(shape: FindingSourceList, location_name: "sources"))
517
+ ExternalAccessDetails.struct_class = Types::ExternalAccessDetails
518
+
443
519
  FilterCriteriaMap.key = Shapes::ShapeRef.new(shape: String)
444
520
  FilterCriteriaMap.value = Shapes::ShapeRef.new(shape: Criterion)
445
521
 
@@ -459,6 +535,22 @@ module Aws::AccessAnalyzer
459
535
  Finding.add_member(:sources, Shapes::ShapeRef.new(shape: FindingSourceList, location_name: "sources"))
460
536
  Finding.struct_class = Types::Finding
461
537
 
538
+ FindingDetails.add_member(:external_access_details, Shapes::ShapeRef.new(shape: ExternalAccessDetails, location_name: "externalAccessDetails"))
539
+ FindingDetails.add_member(:unused_permission_details, Shapes::ShapeRef.new(shape: UnusedPermissionDetails, location_name: "unusedPermissionDetails"))
540
+ FindingDetails.add_member(:unused_iam_user_access_key_details, Shapes::ShapeRef.new(shape: UnusedIamUserAccessKeyDetails, location_name: "unusedIamUserAccessKeyDetails"))
541
+ FindingDetails.add_member(:unused_iam_role_details, Shapes::ShapeRef.new(shape: UnusedIamRoleDetails, location_name: "unusedIamRoleDetails"))
542
+ FindingDetails.add_member(:unused_iam_user_password_details, Shapes::ShapeRef.new(shape: UnusedIamUserPasswordDetails, location_name: "unusedIamUserPasswordDetails"))
543
+ FindingDetails.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
544
+ FindingDetails.add_member_subclass(:external_access_details, Types::FindingDetails::ExternalAccessDetails)
545
+ FindingDetails.add_member_subclass(:unused_permission_details, Types::FindingDetails::UnusedPermissionDetails)
546
+ FindingDetails.add_member_subclass(:unused_iam_user_access_key_details, Types::FindingDetails::UnusedIamUserAccessKeyDetails)
547
+ FindingDetails.add_member_subclass(:unused_iam_role_details, Types::FindingDetails::UnusedIamRoleDetails)
548
+ FindingDetails.add_member_subclass(:unused_iam_user_password_details, Types::FindingDetails::UnusedIamUserPasswordDetails)
549
+ FindingDetails.add_member_subclass(:unknown, Types::FindingDetails::Unknown)
550
+ FindingDetails.struct_class = Types::FindingDetails
551
+
552
+ FindingDetailsList.member = Shapes::ShapeRef.new(shape: FindingDetails)
553
+
462
554
  FindingIdList.member = Shapes::ShapeRef.new(shape: FindingId)
463
555
 
464
556
  FindingSource.add_member(:type, Shapes::ShapeRef.new(shape: FindingSourceType, required: true, location_name: "type"))
@@ -487,8 +579,22 @@ module Aws::AccessAnalyzer
487
579
  FindingSummary.add_member(:sources, Shapes::ShapeRef.new(shape: FindingSourceList, location_name: "sources"))
488
580
  FindingSummary.struct_class = Types::FindingSummary
489
581
 
582
+ FindingSummaryV2.add_member(:analyzed_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "analyzedAt"))
583
+ FindingSummaryV2.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "createdAt"))
584
+ FindingSummaryV2.add_member(:error, Shapes::ShapeRef.new(shape: String, location_name: "error"))
585
+ FindingSummaryV2.add_member(:id, Shapes::ShapeRef.new(shape: FindingId, required: true, location_name: "id"))
586
+ FindingSummaryV2.add_member(:resource, Shapes::ShapeRef.new(shape: String, location_name: "resource"))
587
+ FindingSummaryV2.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
588
+ FindingSummaryV2.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
589
+ FindingSummaryV2.add_member(:status, Shapes::ShapeRef.new(shape: FindingStatus, required: true, location_name: "status"))
590
+ FindingSummaryV2.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "updatedAt"))
591
+ FindingSummaryV2.add_member(:finding_type, Shapes::ShapeRef.new(shape: FindingType, location_name: "findingType"))
592
+ FindingSummaryV2.struct_class = Types::FindingSummaryV2
593
+
490
594
  FindingsList.member = Shapes::ShapeRef.new(shape: FindingSummary)
491
595
 
596
+ FindingsListV2.member = Shapes::ShapeRef.new(shape: FindingSummaryV2)
597
+
492
598
  GeneratedPolicy.add_member(:policy, Shapes::ShapeRef.new(shape: String, required: true, location_name: "policy"))
493
599
  GeneratedPolicy.struct_class = Types::GeneratedPolicy
494
600
 
@@ -537,6 +643,26 @@ module Aws::AccessAnalyzer
537
643
  GetFindingResponse.add_member(:finding, Shapes::ShapeRef.new(shape: Finding, location_name: "finding"))
538
644
  GetFindingResponse.struct_class = Types::GetFindingResponse
539
645
 
646
+ GetFindingV2Request.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location: "querystring", location_name: "analyzerArn"))
647
+ GetFindingV2Request.add_member(:id, Shapes::ShapeRef.new(shape: FindingId, required: true, location: "uri", location_name: "id"))
648
+ GetFindingV2Request.add_member(:max_results, Shapes::ShapeRef.new(shape: Integer, location: "querystring", location_name: "maxResults"))
649
+ GetFindingV2Request.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location: "querystring", location_name: "nextToken"))
650
+ GetFindingV2Request.struct_class = Types::GetFindingV2Request
651
+
652
+ GetFindingV2Response.add_member(:analyzed_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "analyzedAt"))
653
+ GetFindingV2Response.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "createdAt"))
654
+ GetFindingV2Response.add_member(:error, Shapes::ShapeRef.new(shape: String, location_name: "error"))
655
+ GetFindingV2Response.add_member(:id, Shapes::ShapeRef.new(shape: FindingId, required: true, location_name: "id"))
656
+ GetFindingV2Response.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "nextToken"))
657
+ GetFindingV2Response.add_member(:resource, Shapes::ShapeRef.new(shape: String, location_name: "resource"))
658
+ GetFindingV2Response.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, required: true, location_name: "resourceType"))
659
+ GetFindingV2Response.add_member(:resource_owner_account, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceOwnerAccount"))
660
+ GetFindingV2Response.add_member(:status, Shapes::ShapeRef.new(shape: FindingStatus, required: true, location_name: "status"))
661
+ GetFindingV2Response.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "updatedAt"))
662
+ GetFindingV2Response.add_member(:finding_details, Shapes::ShapeRef.new(shape: FindingDetailsList, required: true, location_name: "findingDetails"))
663
+ GetFindingV2Response.add_member(:finding_type, Shapes::ShapeRef.new(shape: FindingType, location_name: "findingType"))
664
+ GetFindingV2Response.struct_class = Types::GetFindingV2Response
665
+
540
666
  GetGeneratedPolicyRequest.add_member(:job_id, Shapes::ShapeRef.new(shape: JobId, required: true, location: "uri", location_name: "jobId"))
541
667
  GetGeneratedPolicyRequest.add_member(:include_resource_placeholders, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "includeResourcePlaceholders"))
542
668
  GetGeneratedPolicyRequest.add_member(:include_service_level_template, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "includeServiceLevelTemplate"))
@@ -561,6 +687,9 @@ module Aws::AccessAnalyzer
561
687
 
562
688
  InternetConfiguration.struct_class = Types::InternetConfiguration
563
689
 
690
+ InvalidParameterException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
691
+ InvalidParameterException.struct_class = Types::InvalidParameterException
692
+
564
693
  JobDetails.add_member(:job_id, Shapes::ShapeRef.new(shape: JobId, required: true, location_name: "jobId"))
565
694
  JobDetails.add_member(:status, Shapes::ShapeRef.new(shape: JobStatus, required: true, location_name: "status"))
566
695
  JobDetails.add_member(:started_on, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "startedOn"))
@@ -656,6 +785,17 @@ module Aws::AccessAnalyzer
656
785
  ListFindingsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "nextToken"))
657
786
  ListFindingsResponse.struct_class = Types::ListFindingsResponse
658
787
 
788
+ ListFindingsV2Request.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location_name: "analyzerArn"))
789
+ ListFindingsV2Request.add_member(:filter, Shapes::ShapeRef.new(shape: FilterCriteriaMap, location_name: "filter"))
790
+ ListFindingsV2Request.add_member(:max_results, Shapes::ShapeRef.new(shape: Integer, location_name: "maxResults"))
791
+ ListFindingsV2Request.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "nextToken"))
792
+ ListFindingsV2Request.add_member(:sort, Shapes::ShapeRef.new(shape: SortCriteria, location_name: "sort"))
793
+ ListFindingsV2Request.struct_class = Types::ListFindingsV2Request
794
+
795
+ ListFindingsV2Response.add_member(:findings, Shapes::ShapeRef.new(shape: FindingsListV2, required: true, location_name: "findings"))
796
+ ListFindingsV2Response.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "nextToken"))
797
+ ListFindingsV2Response.struct_class = Types::ListFindingsV2Response
798
+
659
799
  ListPolicyGenerationsRequest.add_member(:principal_arn, Shapes::ShapeRef.new(shape: PrincipalArn, location: "querystring", location_name: "principalArn"))
660
800
  ListPolicyGenerationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: ListPolicyGenerationsRequestMaxResultsInteger, location: "querystring", location_name: "maxResults"))
661
801
  ListPolicyGenerationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location: "querystring", location_name: "nextToken"))
@@ -749,6 +889,13 @@ module Aws::AccessAnalyzer
749
889
  RdsDbSnapshotConfiguration.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: RdsDbSnapshotKmsKeyId, location_name: "kmsKeyId"))
750
890
  RdsDbSnapshotConfiguration.struct_class = Types::RdsDbSnapshotConfiguration
751
891
 
892
+ ReasonSummary.add_member(:description, Shapes::ShapeRef.new(shape: String, location_name: "description"))
893
+ ReasonSummary.add_member(:statement_index, Shapes::ShapeRef.new(shape: Integer, location_name: "statementIndex"))
894
+ ReasonSummary.add_member(:statement_id, Shapes::ShapeRef.new(shape: String, location_name: "statementId"))
895
+ ReasonSummary.struct_class = Types::ReasonSummary
896
+
897
+ ReasonSummaryList.member = Shapes::ShapeRef.new(shape: ReasonSummary)
898
+
752
899
  RegionList.member = Shapes::ShapeRef.new(shape: String)
753
900
 
754
901
  ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -854,12 +1001,39 @@ module Aws::AccessAnalyzer
854
1001
 
855
1002
  TrailPropertiesList.member = Shapes::ShapeRef.new(shape: TrailProperties)
856
1003
 
1004
+ UnprocessableEntityException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
1005
+ UnprocessableEntityException.struct_class = Types::UnprocessableEntityException
1006
+
857
1007
  UntagResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "resourceArn"))
858
1008
  UntagResourceRequest.add_member(:tag_keys, Shapes::ShapeRef.new(shape: TagKeys, required: true, location: "querystring", location_name: "tagKeys"))
859
1009
  UntagResourceRequest.struct_class = Types::UntagResourceRequest
860
1010
 
861
1011
  UntagResourceResponse.struct_class = Types::UntagResourceResponse
862
1012
 
1013
+ UnusedAccessConfiguration.add_member(:unused_access_age, Shapes::ShapeRef.new(shape: Integer, location_name: "unusedAccessAge"))
1014
+ UnusedAccessConfiguration.struct_class = Types::UnusedAccessConfiguration
1015
+
1016
+ UnusedAction.add_member(:action, Shapes::ShapeRef.new(shape: String, required: true, location_name: "action"))
1017
+ UnusedAction.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1018
+ UnusedAction.struct_class = Types::UnusedAction
1019
+
1020
+ UnusedActionList.member = Shapes::ShapeRef.new(shape: UnusedAction)
1021
+
1022
+ UnusedIamRoleDetails.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1023
+ UnusedIamRoleDetails.struct_class = Types::UnusedIamRoleDetails
1024
+
1025
+ UnusedIamUserAccessKeyDetails.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "accessKeyId"))
1026
+ UnusedIamUserAccessKeyDetails.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1027
+ UnusedIamUserAccessKeyDetails.struct_class = Types::UnusedIamUserAccessKeyDetails
1028
+
1029
+ UnusedIamUserPasswordDetails.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1030
+ UnusedIamUserPasswordDetails.struct_class = Types::UnusedIamUserPasswordDetails
1031
+
1032
+ UnusedPermissionDetails.add_member(:actions, Shapes::ShapeRef.new(shape: UnusedActionList, location_name: "actions"))
1033
+ UnusedPermissionDetails.add_member(:service_namespace, Shapes::ShapeRef.new(shape: String, required: true, location_name: "serviceNamespace"))
1034
+ UnusedPermissionDetails.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1035
+ UnusedPermissionDetails.struct_class = Types::UnusedPermissionDetails
1036
+
863
1037
  UpdateArchiveRuleRequest.add_member(:analyzer_name, Shapes::ShapeRef.new(shape: Name, required: true, location: "uri", location_name: "analyzerName"))
864
1038
  UpdateArchiveRuleRequest.add_member(:rule_name, Shapes::ShapeRef.new(shape: Name, required: true, location: "uri", location_name: "ruleName"))
865
1039
  UpdateArchiveRuleRequest.add_member(:filter, Shapes::ShapeRef.new(shape: FilterCriteriaMap, required: true, location_name: "filter"))
@@ -953,6 +1127,34 @@ module Aws::AccessAnalyzer
953
1127
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
954
1128
  end)
955
1129
 
1130
+ api.add_operation(:check_access_not_granted, Seahorse::Model::Operation.new.tap do |o|
1131
+ o.name = "CheckAccessNotGranted"
1132
+ o.http_method = "POST"
1133
+ o.http_request_uri = "/policy/check-access-not-granted"
1134
+ o.input = Shapes::ShapeRef.new(shape: CheckAccessNotGrantedRequest)
1135
+ o.output = Shapes::ShapeRef.new(shape: CheckAccessNotGrantedResponse)
1136
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1137
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1138
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
1139
+ o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
1140
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1141
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1142
+ end)
1143
+
1144
+ api.add_operation(:check_no_new_access, Seahorse::Model::Operation.new.tap do |o|
1145
+ o.name = "CheckNoNewAccess"
1146
+ o.http_method = "POST"
1147
+ o.http_request_uri = "/policy/check-no-new-access"
1148
+ o.input = Shapes::ShapeRef.new(shape: CheckNoNewAccessRequest)
1149
+ o.output = Shapes::ShapeRef.new(shape: CheckNoNewAccessResponse)
1150
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1151
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1152
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
1153
+ o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
1154
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1155
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1156
+ end)
1157
+
956
1158
  api.add_operation(:create_access_preview, Seahorse::Model::Operation.new.tap do |o|
957
1159
  o.name = "CreateAccessPreview"
958
1160
  o.http_method = "PUT"
@@ -1088,6 +1290,25 @@ module Aws::AccessAnalyzer
1088
1290
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1089
1291
  end)
1090
1292
 
1293
+ api.add_operation(:get_finding_v2, Seahorse::Model::Operation.new.tap do |o|
1294
+ o.name = "GetFindingV2"
1295
+ o.http_method = "GET"
1296
+ o.http_request_uri = "/findingv2/{id}"
1297
+ o.input = Shapes::ShapeRef.new(shape: GetFindingV2Request)
1298
+ o.output = Shapes::ShapeRef.new(shape: GetFindingV2Response)
1299
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
1300
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1301
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1302
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1303
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1304
+ o[:pager] = Aws::Pager.new(
1305
+ limit_key: "max_results",
1306
+ tokens: {
1307
+ "next_token" => "next_token"
1308
+ }
1309
+ )
1310
+ end)
1311
+
1091
1312
  api.add_operation(:get_generated_policy, Seahorse::Model::Operation.new.tap do |o|
1092
1313
  o.name = "GetGeneratedPolicy"
1093
1314
  o.http_method = "GET"
@@ -1213,6 +1434,25 @@ module Aws::AccessAnalyzer
1213
1434
  )
1214
1435
  end)
1215
1436
 
1437
+ api.add_operation(:list_findings_v2, Seahorse::Model::Operation.new.tap do |o|
1438
+ o.name = "ListFindingsV2"
1439
+ o.http_method = "POST"
1440
+ o.http_request_uri = "/findingv2"
1441
+ o.input = Shapes::ShapeRef.new(shape: ListFindingsV2Request)
1442
+ o.output = Shapes::ShapeRef.new(shape: ListFindingsV2Response)
1443
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
1444
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1445
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1446
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1447
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1448
+ o[:pager] = Aws::Pager.new(
1449
+ limit_key: "max_results",
1450
+ tokens: {
1451
+ "next_token" => "next_token"
1452
+ }
1453
+ )
1454
+ end)
1455
+
1216
1456
  api.add_operation(:list_policy_generations, Seahorse::Model::Operation.new.tap do |o|
1217
1457
  o.name = "ListPolicyGenerations"
1218
1458
  o.http_method = "GET"
@@ -32,8 +32,8 @@ module Aws::AccessAnalyzer
32
32
  raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
33
33
  end
34
34
  if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
35
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
36
- if Aws::Endpoints::Matchers.string_equals?("aws-us-gov", Aws::Endpoints::Matchers.attr(partition_result, "name"))
35
+ if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
36
+ if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
37
37
  return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.amazonaws.com", headers: {}, properties: {})
38
38
  end
39
39
  return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
@@ -40,6 +40,34 @@ module Aws::AccessAnalyzer
40
40
  end
41
41
  end
42
42
 
43
+ class CheckAccessNotGranted
44
+ def self.build(context)
45
+ unless context.config.regional_endpoint
46
+ endpoint = context.config.endpoint.to_s
47
+ end
48
+ Aws::AccessAnalyzer::EndpointParameters.new(
49
+ region: context.config.region,
50
+ use_dual_stack: context.config.use_dualstack_endpoint,
51
+ use_fips: context.config.use_fips_endpoint,
52
+ endpoint: endpoint,
53
+ )
54
+ end
55
+ end
56
+
57
+ class CheckNoNewAccess
58
+ def self.build(context)
59
+ unless context.config.regional_endpoint
60
+ endpoint = context.config.endpoint.to_s
61
+ end
62
+ Aws::AccessAnalyzer::EndpointParameters.new(
63
+ region: context.config.region,
64
+ use_dual_stack: context.config.use_dualstack_endpoint,
65
+ use_fips: context.config.use_fips_endpoint,
66
+ endpoint: endpoint,
67
+ )
68
+ end
69
+ end
70
+
43
71
  class CreateAccessPreview
44
72
  def self.build(context)
45
73
  unless context.config.regional_endpoint
@@ -180,6 +208,20 @@ module Aws::AccessAnalyzer
180
208
  end
181
209
  end
182
210
 
211
+ class GetFindingV2
212
+ def self.build(context)
213
+ unless context.config.regional_endpoint
214
+ endpoint = context.config.endpoint.to_s
215
+ end
216
+ Aws::AccessAnalyzer::EndpointParameters.new(
217
+ region: context.config.region,
218
+ use_dual_stack: context.config.use_dualstack_endpoint,
219
+ use_fips: context.config.use_fips_endpoint,
220
+ endpoint: endpoint,
221
+ )
222
+ end
223
+ end
224
+
183
225
  class GetGeneratedPolicy
184
226
  def self.build(context)
185
227
  unless context.config.regional_endpoint
@@ -278,6 +320,20 @@ module Aws::AccessAnalyzer
278
320
  end
279
321
  end
280
322
 
323
+ class ListFindingsV2
324
+ def self.build(context)
325
+ unless context.config.regional_endpoint
326
+ endpoint = context.config.endpoint.to_s
327
+ end
328
+ Aws::AccessAnalyzer::EndpointParameters.new(
329
+ region: context.config.region,
330
+ use_dual_stack: context.config.use_dualstack_endpoint,
331
+ use_fips: context.config.use_fips_endpoint,
332
+ endpoint: endpoint,
333
+ )
334
+ end
335
+ end
336
+
281
337
  class ListPolicyGenerations
282
338
  def self.build(context)
283
339
  unless context.config.regional_endpoint
@@ -30,9 +30,11 @@ module Aws::AccessAnalyzer
30
30
  # * {AccessDeniedException}
31
31
  # * {ConflictException}
32
32
  # * {InternalServerException}
33
+ # * {InvalidParameterException}
33
34
  # * {ResourceNotFoundException}
34
35
  # * {ServiceQuotaExceededException}
35
36
  # * {ThrottlingException}
37
+ # * {UnprocessableEntityException}
36
38
  # * {ValidationException}
37
39
  #
38
40
  # Additionally, error classes are dynamically generated for service errors based on the error code
@@ -105,6 +107,21 @@ module Aws::AccessAnalyzer
105
107
  end
106
108
  end
107
109
 
110
+ class InvalidParameterException < ServiceError
111
+
112
+ # @param [Seahorse::Client::RequestContext] context
113
+ # @param [String] message
114
+ # @param [Aws::AccessAnalyzer::Types::InvalidParameterException] data
115
+ def initialize(context, message, data = Aws::EmptyStructure.new)
116
+ super(context, message, data)
117
+ end
118
+
119
+ # @return [String]
120
+ def message
121
+ @message || @data[:message]
122
+ end
123
+ end
124
+
108
125
  class ResourceNotFoundException < ServiceError
109
126
 
110
127
  # @param [Seahorse::Client::RequestContext] context
@@ -183,6 +200,25 @@ module Aws::AccessAnalyzer
183
200
  end
184
201
  end
185
202
 
203
+ class UnprocessableEntityException < ServiceError
204
+
205
+ # @param [Seahorse::Client::RequestContext] context
206
+ # @param [String] message
207
+ # @param [Aws::AccessAnalyzer::Types::UnprocessableEntityException] data
208
+ def initialize(context, message, data = Aws::EmptyStructure.new)
209
+ super(context, message, data)
210
+ end
211
+
212
+ # @return [String]
213
+ def message
214
+ @message || @data[:message]
215
+ end
216
+
217
+ def retryable?
218
+ true
219
+ end
220
+ end
221
+
186
222
  class ValidationException < ServiceError
187
223
 
188
224
  # @param [Seahorse::Client::RequestContext] context
@@ -60,6 +60,10 @@ module Aws::AccessAnalyzer
60
60
  Aws::AccessAnalyzer::Endpoints::ApplyArchiveRule.build(context)
61
61
  when :cancel_policy_generation
62
62
  Aws::AccessAnalyzer::Endpoints::CancelPolicyGeneration.build(context)
63
+ when :check_access_not_granted
64
+ Aws::AccessAnalyzer::Endpoints::CheckAccessNotGranted.build(context)
65
+ when :check_no_new_access
66
+ Aws::AccessAnalyzer::Endpoints::CheckNoNewAccess.build(context)
63
67
  when :create_access_preview
64
68
  Aws::AccessAnalyzer::Endpoints::CreateAccessPreview.build(context)
65
69
  when :create_analyzer
@@ -80,6 +84,8 @@ module Aws::AccessAnalyzer
80
84
  Aws::AccessAnalyzer::Endpoints::GetArchiveRule.build(context)
81
85
  when :get_finding
82
86
  Aws::AccessAnalyzer::Endpoints::GetFinding.build(context)
87
+ when :get_finding_v2
88
+ Aws::AccessAnalyzer::Endpoints::GetFindingV2.build(context)
83
89
  when :get_generated_policy
84
90
  Aws::AccessAnalyzer::Endpoints::GetGeneratedPolicy.build(context)
85
91
  when :list_access_preview_findings
@@ -94,6 +100,8 @@ module Aws::AccessAnalyzer
94
100
  Aws::AccessAnalyzer::Endpoints::ListArchiveRules.build(context)
95
101
  when :list_findings
96
102
  Aws::AccessAnalyzer::Endpoints::ListFindings.build(context)
103
+ when :list_findings_v2
104
+ Aws::AccessAnalyzer::Endpoints::ListFindingsV2.build(context)
97
105
  when :list_policy_generations
98
106
  Aws::AccessAnalyzer::Endpoints::ListPolicyGenerations.build(context)
99
107
  when :list_tags_for_resource