aws-sdk-accessanalyzer 1.44.0 → 1.46.0

Sign up to get free protection for your applications and to get access to all the features.
data/sig/types.rbs ADDED
@@ -0,0 +1,1043 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing guide for more information:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws::AccessAnalyzer
9
+ module Types
10
+
11
+ class Access
12
+ attr_accessor actions: ::Array[::String]
13
+ SENSITIVE: []
14
+ end
15
+
16
+ class AccessDeniedException
17
+ attr_accessor message: ::String
18
+ SENSITIVE: []
19
+ end
20
+
21
+ class AccessPreview
22
+ attr_accessor id: ::String
23
+ attr_accessor analyzer_arn: ::String
24
+ attr_accessor configurations: ::Hash[::String, Types::Configuration]
25
+ attr_accessor created_at: ::Time
26
+ attr_accessor status: ("COMPLETED" | "CREATING" | "FAILED")
27
+ attr_accessor status_reason: Types::AccessPreviewStatusReason
28
+ SENSITIVE: []
29
+ end
30
+
31
+ class AccessPreviewFinding
32
+ attr_accessor id: ::String
33
+ attr_accessor existing_finding_id: ::String
34
+ attr_accessor existing_finding_status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
35
+ attr_accessor principal: ::Hash[::String, ::String]
36
+ attr_accessor action: ::Array[::String]
37
+ attr_accessor condition: ::Hash[::String, ::String]
38
+ attr_accessor resource: ::String
39
+ attr_accessor is_public: bool
40
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
41
+ attr_accessor created_at: ::Time
42
+ attr_accessor change_type: ("CHANGED" | "NEW" | "UNCHANGED")
43
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
44
+ attr_accessor resource_owner_account: ::String
45
+ attr_accessor error: ::String
46
+ attr_accessor sources: ::Array[Types::FindingSource]
47
+ SENSITIVE: []
48
+ end
49
+
50
+ class AccessPreviewStatusReason
51
+ attr_accessor code: ("INTERNAL_ERROR" | "INVALID_CONFIGURATION")
52
+ SENSITIVE: []
53
+ end
54
+
55
+ class AccessPreviewSummary
56
+ attr_accessor id: ::String
57
+ attr_accessor analyzer_arn: ::String
58
+ attr_accessor created_at: ::Time
59
+ attr_accessor status: ("COMPLETED" | "CREATING" | "FAILED")
60
+ attr_accessor status_reason: Types::AccessPreviewStatusReason
61
+ SENSITIVE: []
62
+ end
63
+
64
+ class AclGrantee
65
+ attr_accessor id: ::String
66
+ attr_accessor uri: ::String
67
+ attr_accessor unknown: untyped
68
+ SENSITIVE: []
69
+
70
+ class Id < AclGrantee
71
+ end
72
+ class Uri < AclGrantee
73
+ end
74
+ class Unknown < AclGrantee
75
+ end
76
+ end
77
+
78
+ class AnalyzedResource
79
+ attr_accessor resource_arn: ::String
80
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
81
+ attr_accessor created_at: ::Time
82
+ attr_accessor analyzed_at: ::Time
83
+ attr_accessor updated_at: ::Time
84
+ attr_accessor is_public: bool
85
+ attr_accessor actions: ::Array[::String]
86
+ attr_accessor shared_via: ::Array[::String]
87
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
88
+ attr_accessor resource_owner_account: ::String
89
+ attr_accessor error: ::String
90
+ SENSITIVE: []
91
+ end
92
+
93
+ class AnalyzedResourceSummary
94
+ attr_accessor resource_arn: ::String
95
+ attr_accessor resource_owner_account: ::String
96
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
97
+ SENSITIVE: []
98
+ end
99
+
100
+ class AnalyzerConfiguration
101
+ attr_accessor unused_access: Types::UnusedAccessConfiguration
102
+ attr_accessor unknown: untyped
103
+ SENSITIVE: []
104
+
105
+ class UnusedAccess < AnalyzerConfiguration
106
+ end
107
+ class Unknown < AnalyzerConfiguration
108
+ end
109
+ end
110
+
111
+ class AnalyzerSummary
112
+ attr_accessor arn: ::String
113
+ attr_accessor name: ::String
114
+ attr_accessor type: ("ACCOUNT" | "ORGANIZATION" | "ACCOUNT_UNUSED_ACCESS" | "ORGANIZATION_UNUSED_ACCESS")
115
+ attr_accessor created_at: ::Time
116
+ attr_accessor last_resource_analyzed: ::String
117
+ attr_accessor last_resource_analyzed_at: ::Time
118
+ attr_accessor tags: ::Hash[::String, ::String]
119
+ attr_accessor status: ("ACTIVE" | "CREATING" | "DISABLED" | "FAILED")
120
+ attr_accessor status_reason: Types::StatusReason
121
+ attr_accessor configuration: Types::AnalyzerConfiguration
122
+ SENSITIVE: []
123
+ end
124
+
125
+ class ApplyArchiveRuleRequest
126
+ attr_accessor analyzer_arn: ::String
127
+ attr_accessor rule_name: ::String
128
+ attr_accessor client_token: ::String
129
+ SENSITIVE: []
130
+ end
131
+
132
+ class ArchiveRuleSummary
133
+ attr_accessor rule_name: ::String
134
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
135
+ attr_accessor created_at: ::Time
136
+ attr_accessor updated_at: ::Time
137
+ SENSITIVE: []
138
+ end
139
+
140
+ class CancelPolicyGenerationRequest
141
+ attr_accessor job_id: ::String
142
+ SENSITIVE: []
143
+ end
144
+
145
+ class CancelPolicyGenerationResponse < Aws::EmptyStructure
146
+ end
147
+
148
+ class CheckAccessNotGrantedRequest
149
+ attr_accessor policy_document: ::String
150
+ attr_accessor access: ::Array[Types::Access]
151
+ attr_accessor policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY")
152
+ SENSITIVE: [:policy_document]
153
+ end
154
+
155
+ class CheckAccessNotGrantedResponse
156
+ attr_accessor result: ("PASS" | "FAIL")
157
+ attr_accessor message: ::String
158
+ attr_accessor reasons: ::Array[Types::ReasonSummary]
159
+ SENSITIVE: []
160
+ end
161
+
162
+ class CheckNoNewAccessRequest
163
+ attr_accessor new_policy_document: ::String
164
+ attr_accessor existing_policy_document: ::String
165
+ attr_accessor policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY")
166
+ SENSITIVE: [:new_policy_document, :existing_policy_document]
167
+ end
168
+
169
+ class CheckNoNewAccessResponse
170
+ attr_accessor result: ("PASS" | "FAIL")
171
+ attr_accessor message: ::String
172
+ attr_accessor reasons: ::Array[Types::ReasonSummary]
173
+ SENSITIVE: []
174
+ end
175
+
176
+ class CloudTrailDetails
177
+ attr_accessor trails: ::Array[Types::Trail]
178
+ attr_accessor access_role: ::String
179
+ attr_accessor start_time: ::Time
180
+ attr_accessor end_time: ::Time
181
+ SENSITIVE: []
182
+ end
183
+
184
+ class CloudTrailProperties
185
+ attr_accessor trail_properties: ::Array[Types::TrailProperties]
186
+ attr_accessor start_time: ::Time
187
+ attr_accessor end_time: ::Time
188
+ SENSITIVE: []
189
+ end
190
+
191
+ class Configuration
192
+ attr_accessor ebs_snapshot: Types::EbsSnapshotConfiguration
193
+ attr_accessor ecr_repository: Types::EcrRepositoryConfiguration
194
+ attr_accessor iam_role: Types::IamRoleConfiguration
195
+ attr_accessor efs_file_system: Types::EfsFileSystemConfiguration
196
+ attr_accessor kms_key: Types::KmsKeyConfiguration
197
+ attr_accessor rds_db_cluster_snapshot: Types::RdsDbClusterSnapshotConfiguration
198
+ attr_accessor rds_db_snapshot: Types::RdsDbSnapshotConfiguration
199
+ attr_accessor secrets_manager_secret: Types::SecretsManagerSecretConfiguration
200
+ attr_accessor s3_bucket: Types::S3BucketConfiguration
201
+ attr_accessor sns_topic: Types::SnsTopicConfiguration
202
+ attr_accessor sqs_queue: Types::SqsQueueConfiguration
203
+ attr_accessor s3_express_directory_bucket: Types::S3ExpressDirectoryBucketConfiguration
204
+ attr_accessor unknown: untyped
205
+ SENSITIVE: []
206
+
207
+ class EbsSnapshot < Configuration
208
+ end
209
+ class EcrRepository < Configuration
210
+ end
211
+ class IamRole < Configuration
212
+ end
213
+ class EfsFileSystem < Configuration
214
+ end
215
+ class KmsKey < Configuration
216
+ end
217
+ class RdsDbClusterSnapshot < Configuration
218
+ end
219
+ class RdsDbSnapshot < Configuration
220
+ end
221
+ class SecretsManagerSecret < Configuration
222
+ end
223
+ class S3Bucket < Configuration
224
+ end
225
+ class SnsTopic < Configuration
226
+ end
227
+ class SqsQueue < Configuration
228
+ end
229
+ class S3ExpressDirectoryBucket < Configuration
230
+ end
231
+ class Unknown < Configuration
232
+ end
233
+ end
234
+
235
+ class ConflictException
236
+ attr_accessor message: ::String
237
+ attr_accessor resource_id: ::String
238
+ attr_accessor resource_type: ::String
239
+ SENSITIVE: []
240
+ end
241
+
242
+ class CreateAccessPreviewRequest
243
+ attr_accessor analyzer_arn: ::String
244
+ attr_accessor configurations: ::Hash[::String, Types::Configuration]
245
+ attr_accessor client_token: ::String
246
+ SENSITIVE: []
247
+ end
248
+
249
+ class CreateAccessPreviewResponse
250
+ attr_accessor id: ::String
251
+ SENSITIVE: []
252
+ end
253
+
254
+ class CreateAnalyzerRequest
255
+ attr_accessor analyzer_name: ::String
256
+ attr_accessor type: ("ACCOUNT" | "ORGANIZATION" | "ACCOUNT_UNUSED_ACCESS" | "ORGANIZATION_UNUSED_ACCESS")
257
+ attr_accessor archive_rules: ::Array[Types::InlineArchiveRule]
258
+ attr_accessor tags: ::Hash[::String, ::String]
259
+ attr_accessor client_token: ::String
260
+ attr_accessor configuration: Types::AnalyzerConfiguration
261
+ SENSITIVE: []
262
+ end
263
+
264
+ class CreateAnalyzerResponse
265
+ attr_accessor arn: ::String
266
+ SENSITIVE: []
267
+ end
268
+
269
+ class CreateArchiveRuleRequest
270
+ attr_accessor analyzer_name: ::String
271
+ attr_accessor rule_name: ::String
272
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
273
+ attr_accessor client_token: ::String
274
+ SENSITIVE: []
275
+ end
276
+
277
+ class Criterion
278
+ attr_accessor eq: ::Array[::String]
279
+ attr_accessor neq: ::Array[::String]
280
+ attr_accessor contains: ::Array[::String]
281
+ attr_accessor exists: bool
282
+ SENSITIVE: []
283
+ end
284
+
285
+ class DeleteAnalyzerRequest
286
+ attr_accessor analyzer_name: ::String
287
+ attr_accessor client_token: ::String
288
+ SENSITIVE: []
289
+ end
290
+
291
+ class DeleteArchiveRuleRequest
292
+ attr_accessor analyzer_name: ::String
293
+ attr_accessor rule_name: ::String
294
+ attr_accessor client_token: ::String
295
+ SENSITIVE: []
296
+ end
297
+
298
+ class EbsSnapshotConfiguration
299
+ attr_accessor user_ids: ::Array[::String]
300
+ attr_accessor groups: ::Array[::String]
301
+ attr_accessor kms_key_id: ::String
302
+ SENSITIVE: []
303
+ end
304
+
305
+ class EcrRepositoryConfiguration
306
+ attr_accessor repository_policy: ::String
307
+ SENSITIVE: []
308
+ end
309
+
310
+ class EfsFileSystemConfiguration
311
+ attr_accessor file_system_policy: ::String
312
+ SENSITIVE: []
313
+ end
314
+
315
+ class ExternalAccessDetails
316
+ attr_accessor action: ::Array[::String]
317
+ attr_accessor condition: ::Hash[::String, ::String]
318
+ attr_accessor is_public: bool
319
+ attr_accessor principal: ::Hash[::String, ::String]
320
+ attr_accessor sources: ::Array[Types::FindingSource]
321
+ SENSITIVE: []
322
+ end
323
+
324
+ class Finding
325
+ attr_accessor id: ::String
326
+ attr_accessor principal: ::Hash[::String, ::String]
327
+ attr_accessor action: ::Array[::String]
328
+ attr_accessor resource: ::String
329
+ attr_accessor is_public: bool
330
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
331
+ attr_accessor condition: ::Hash[::String, ::String]
332
+ attr_accessor created_at: ::Time
333
+ attr_accessor analyzed_at: ::Time
334
+ attr_accessor updated_at: ::Time
335
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
336
+ attr_accessor resource_owner_account: ::String
337
+ attr_accessor error: ::String
338
+ attr_accessor sources: ::Array[Types::FindingSource]
339
+ SENSITIVE: []
340
+ end
341
+
342
+ class FindingDetails
343
+ attr_accessor external_access_details: Types::ExternalAccessDetails
344
+ attr_accessor unused_permission_details: Types::UnusedPermissionDetails
345
+ attr_accessor unused_iam_user_access_key_details: Types::UnusedIamUserAccessKeyDetails
346
+ attr_accessor unused_iam_role_details: Types::UnusedIamRoleDetails
347
+ attr_accessor unused_iam_user_password_details: Types::UnusedIamUserPasswordDetails
348
+ attr_accessor unknown: untyped
349
+ SENSITIVE: []
350
+
351
+ class ExternalAccessDetails < FindingDetails
352
+ end
353
+ class UnusedPermissionDetails < FindingDetails
354
+ end
355
+ class UnusedIamUserAccessKeyDetails < FindingDetails
356
+ end
357
+ class UnusedIamRoleDetails < FindingDetails
358
+ end
359
+ class UnusedIamUserPasswordDetails < FindingDetails
360
+ end
361
+ class Unknown < FindingDetails
362
+ end
363
+ end
364
+
365
+ class FindingSource
366
+ attr_accessor type: ("POLICY" | "BUCKET_ACL" | "S3_ACCESS_POINT" | "S3_ACCESS_POINT_ACCOUNT")
367
+ attr_accessor detail: Types::FindingSourceDetail
368
+ SENSITIVE: []
369
+ end
370
+
371
+ class FindingSourceDetail
372
+ attr_accessor access_point_arn: ::String
373
+ attr_accessor access_point_account: ::String
374
+ SENSITIVE: []
375
+ end
376
+
377
+ class FindingSummary
378
+ attr_accessor id: ::String
379
+ attr_accessor principal: ::Hash[::String, ::String]
380
+ attr_accessor action: ::Array[::String]
381
+ attr_accessor resource: ::String
382
+ attr_accessor is_public: bool
383
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
384
+ attr_accessor condition: ::Hash[::String, ::String]
385
+ attr_accessor created_at: ::Time
386
+ attr_accessor analyzed_at: ::Time
387
+ attr_accessor updated_at: ::Time
388
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
389
+ attr_accessor resource_owner_account: ::String
390
+ attr_accessor error: ::String
391
+ attr_accessor sources: ::Array[Types::FindingSource]
392
+ SENSITIVE: []
393
+ end
394
+
395
+ class FindingSummaryV2
396
+ attr_accessor analyzed_at: ::Time
397
+ attr_accessor created_at: ::Time
398
+ attr_accessor error: ::String
399
+ attr_accessor id: ::String
400
+ attr_accessor resource: ::String
401
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
402
+ attr_accessor resource_owner_account: ::String
403
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
404
+ attr_accessor updated_at: ::Time
405
+ attr_accessor finding_type: ("ExternalAccess" | "UnusedIAMRole" | "UnusedIAMUserAccessKey" | "UnusedIAMUserPassword" | "UnusedPermission")
406
+ SENSITIVE: []
407
+ end
408
+
409
+ class GeneratedPolicy
410
+ attr_accessor policy: ::String
411
+ SENSITIVE: []
412
+ end
413
+
414
+ class GeneratedPolicyProperties
415
+ attr_accessor is_complete: bool
416
+ attr_accessor principal_arn: ::String
417
+ attr_accessor cloud_trail_properties: Types::CloudTrailProperties
418
+ SENSITIVE: []
419
+ end
420
+
421
+ class GeneratedPolicyResult
422
+ attr_accessor properties: Types::GeneratedPolicyProperties
423
+ attr_accessor generated_policies: ::Array[Types::GeneratedPolicy]
424
+ SENSITIVE: []
425
+ end
426
+
427
+ class GetAccessPreviewRequest
428
+ attr_accessor access_preview_id: ::String
429
+ attr_accessor analyzer_arn: ::String
430
+ SENSITIVE: []
431
+ end
432
+
433
+ class GetAccessPreviewResponse
434
+ attr_accessor access_preview: Types::AccessPreview
435
+ SENSITIVE: []
436
+ end
437
+
438
+ class GetAnalyzedResourceRequest
439
+ attr_accessor analyzer_arn: ::String
440
+ attr_accessor resource_arn: ::String
441
+ SENSITIVE: []
442
+ end
443
+
444
+ class GetAnalyzedResourceResponse
445
+ attr_accessor resource: Types::AnalyzedResource
446
+ SENSITIVE: []
447
+ end
448
+
449
+ class GetAnalyzerRequest
450
+ attr_accessor analyzer_name: ::String
451
+ SENSITIVE: []
452
+ end
453
+
454
+ class GetAnalyzerResponse
455
+ attr_accessor analyzer: Types::AnalyzerSummary
456
+ SENSITIVE: []
457
+ end
458
+
459
+ class GetArchiveRuleRequest
460
+ attr_accessor analyzer_name: ::String
461
+ attr_accessor rule_name: ::String
462
+ SENSITIVE: []
463
+ end
464
+
465
+ class GetArchiveRuleResponse
466
+ attr_accessor archive_rule: Types::ArchiveRuleSummary
467
+ SENSITIVE: []
468
+ end
469
+
470
+ class GetFindingRequest
471
+ attr_accessor analyzer_arn: ::String
472
+ attr_accessor id: ::String
473
+ SENSITIVE: []
474
+ end
475
+
476
+ class GetFindingResponse
477
+ attr_accessor finding: Types::Finding
478
+ SENSITIVE: []
479
+ end
480
+
481
+ class GetFindingV2Request
482
+ attr_accessor analyzer_arn: ::String
483
+ attr_accessor id: ::String
484
+ attr_accessor max_results: ::Integer
485
+ attr_accessor next_token: ::String
486
+ SENSITIVE: []
487
+ end
488
+
489
+ class GetFindingV2Response
490
+ attr_accessor analyzed_at: ::Time
491
+ attr_accessor created_at: ::Time
492
+ attr_accessor error: ::String
493
+ attr_accessor id: ::String
494
+ attr_accessor next_token: ::String
495
+ attr_accessor resource: ::String
496
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
497
+ attr_accessor resource_owner_account: ::String
498
+ attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
499
+ attr_accessor updated_at: ::Time
500
+ attr_accessor finding_details: ::Array[Types::FindingDetails]
501
+ attr_accessor finding_type: ("ExternalAccess" | "UnusedIAMRole" | "UnusedIAMUserAccessKey" | "UnusedIAMUserPassword" | "UnusedPermission")
502
+ SENSITIVE: []
503
+ end
504
+
505
+ class GetGeneratedPolicyRequest
506
+ attr_accessor job_id: ::String
507
+ attr_accessor include_resource_placeholders: bool
508
+ attr_accessor include_service_level_template: bool
509
+ SENSITIVE: []
510
+ end
511
+
512
+ class GetGeneratedPolicyResponse
513
+ attr_accessor job_details: Types::JobDetails
514
+ attr_accessor generated_policy_result: Types::GeneratedPolicyResult
515
+ SENSITIVE: []
516
+ end
517
+
518
+ class IamRoleConfiguration
519
+ attr_accessor trust_policy: ::String
520
+ SENSITIVE: []
521
+ end
522
+
523
+ class InlineArchiveRule
524
+ attr_accessor rule_name: ::String
525
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
526
+ SENSITIVE: []
527
+ end
528
+
529
+ class InternalServerException
530
+ attr_accessor message: ::String
531
+ attr_accessor retry_after_seconds: ::Integer
532
+ SENSITIVE: []
533
+ end
534
+
535
+ class InternetConfiguration < Aws::EmptyStructure
536
+ end
537
+
538
+ class InvalidParameterException
539
+ attr_accessor message: ::String
540
+ SENSITIVE: []
541
+ end
542
+
543
+ class JobDetails
544
+ attr_accessor job_id: ::String
545
+ attr_accessor status: ("IN_PROGRESS" | "SUCCEEDED" | "FAILED" | "CANCELED")
546
+ attr_accessor started_on: ::Time
547
+ attr_accessor completed_on: ::Time
548
+ attr_accessor job_error: Types::JobError
549
+ SENSITIVE: []
550
+ end
551
+
552
+ class JobError
553
+ attr_accessor code: ("AUTHORIZATION_ERROR" | "RESOURCE_NOT_FOUND_ERROR" | "SERVICE_QUOTA_EXCEEDED_ERROR" | "SERVICE_ERROR")
554
+ attr_accessor message: ::String
555
+ SENSITIVE: []
556
+ end
557
+
558
+ class KmsGrantConfiguration
559
+ attr_accessor operations: ::Array[("CreateGrant" | "Decrypt" | "DescribeKey" | "Encrypt" | "GenerateDataKey" | "GenerateDataKeyPair" | "GenerateDataKeyPairWithoutPlaintext" | "GenerateDataKeyWithoutPlaintext" | "GetPublicKey" | "ReEncryptFrom" | "ReEncryptTo" | "RetireGrant" | "Sign" | "Verify")]
560
+ attr_accessor grantee_principal: ::String
561
+ attr_accessor retiring_principal: ::String
562
+ attr_accessor constraints: Types::KmsGrantConstraints
563
+ attr_accessor issuing_account: ::String
564
+ SENSITIVE: []
565
+ end
566
+
567
+ class KmsGrantConstraints
568
+ attr_accessor encryption_context_equals: ::Hash[::String, ::String]
569
+ attr_accessor encryption_context_subset: ::Hash[::String, ::String]
570
+ SENSITIVE: []
571
+ end
572
+
573
+ class KmsKeyConfiguration
574
+ attr_accessor key_policies: ::Hash[::String, ::String]
575
+ attr_accessor grants: ::Array[Types::KmsGrantConfiguration]
576
+ SENSITIVE: []
577
+ end
578
+
579
+ class ListAccessPreviewFindingsRequest
580
+ attr_accessor access_preview_id: ::String
581
+ attr_accessor analyzer_arn: ::String
582
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
583
+ attr_accessor next_token: ::String
584
+ attr_accessor max_results: ::Integer
585
+ SENSITIVE: []
586
+ end
587
+
588
+ class ListAccessPreviewFindingsResponse
589
+ attr_accessor findings: ::Array[Types::AccessPreviewFinding]
590
+ attr_accessor next_token: ::String
591
+ SENSITIVE: []
592
+ end
593
+
594
+ class ListAccessPreviewsRequest
595
+ attr_accessor analyzer_arn: ::String
596
+ attr_accessor next_token: ::String
597
+ attr_accessor max_results: ::Integer
598
+ SENSITIVE: []
599
+ end
600
+
601
+ class ListAccessPreviewsResponse
602
+ attr_accessor access_previews: ::Array[Types::AccessPreviewSummary]
603
+ attr_accessor next_token: ::String
604
+ SENSITIVE: []
605
+ end
606
+
607
+ class ListAnalyzedResourcesRequest
608
+ attr_accessor analyzer_arn: ::String
609
+ attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
610
+ attr_accessor next_token: ::String
611
+ attr_accessor max_results: ::Integer
612
+ SENSITIVE: []
613
+ end
614
+
615
+ class ListAnalyzedResourcesResponse
616
+ attr_accessor analyzed_resources: ::Array[Types::AnalyzedResourceSummary]
617
+ attr_accessor next_token: ::String
618
+ SENSITIVE: []
619
+ end
620
+
621
+ class ListAnalyzersRequest
622
+ attr_accessor next_token: ::String
623
+ attr_accessor max_results: ::Integer
624
+ attr_accessor type: ("ACCOUNT" | "ORGANIZATION" | "ACCOUNT_UNUSED_ACCESS" | "ORGANIZATION_UNUSED_ACCESS")
625
+ SENSITIVE: []
626
+ end
627
+
628
+ class ListAnalyzersResponse
629
+ attr_accessor analyzers: ::Array[Types::AnalyzerSummary]
630
+ attr_accessor next_token: ::String
631
+ SENSITIVE: []
632
+ end
633
+
634
+ class ListArchiveRulesRequest
635
+ attr_accessor analyzer_name: ::String
636
+ attr_accessor next_token: ::String
637
+ attr_accessor max_results: ::Integer
638
+ SENSITIVE: []
639
+ end
640
+
641
+ class ListArchiveRulesResponse
642
+ attr_accessor archive_rules: ::Array[Types::ArchiveRuleSummary]
643
+ attr_accessor next_token: ::String
644
+ SENSITIVE: []
645
+ end
646
+
647
+ class ListFindingsRequest
648
+ attr_accessor analyzer_arn: ::String
649
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
650
+ attr_accessor sort: Types::SortCriteria
651
+ attr_accessor next_token: ::String
652
+ attr_accessor max_results: ::Integer
653
+ SENSITIVE: []
654
+ end
655
+
656
+ class ListFindingsResponse
657
+ attr_accessor findings: ::Array[Types::FindingSummary]
658
+ attr_accessor next_token: ::String
659
+ SENSITIVE: []
660
+ end
661
+
662
+ class ListFindingsV2Request
663
+ attr_accessor analyzer_arn: ::String
664
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
665
+ attr_accessor max_results: ::Integer
666
+ attr_accessor next_token: ::String
667
+ attr_accessor sort: Types::SortCriteria
668
+ SENSITIVE: []
669
+ end
670
+
671
+ class ListFindingsV2Response
672
+ attr_accessor findings: ::Array[Types::FindingSummaryV2]
673
+ attr_accessor next_token: ::String
674
+ SENSITIVE: []
675
+ end
676
+
677
+ class ListPolicyGenerationsRequest
678
+ attr_accessor principal_arn: ::String
679
+ attr_accessor max_results: ::Integer
680
+ attr_accessor next_token: ::String
681
+ SENSITIVE: []
682
+ end
683
+
684
+ class ListPolicyGenerationsResponse
685
+ attr_accessor policy_generations: ::Array[Types::PolicyGeneration]
686
+ attr_accessor next_token: ::String
687
+ SENSITIVE: []
688
+ end
689
+
690
+ class ListTagsForResourceRequest
691
+ attr_accessor resource_arn: ::String
692
+ SENSITIVE: []
693
+ end
694
+
695
+ class ListTagsForResourceResponse
696
+ attr_accessor tags: ::Hash[::String, ::String]
697
+ SENSITIVE: []
698
+ end
699
+
700
+ class Location
701
+ attr_accessor path: ::Array[Types::PathElement]
702
+ attr_accessor span: Types::Span
703
+ SENSITIVE: []
704
+ end
705
+
706
+ class NetworkOriginConfiguration
707
+ attr_accessor vpc_configuration: Types::VpcConfiguration
708
+ attr_accessor internet_configuration: Types::InternetConfiguration
709
+ attr_accessor unknown: untyped
710
+ SENSITIVE: []
711
+
712
+ class VpcConfiguration < NetworkOriginConfiguration
713
+ end
714
+ class InternetConfiguration < NetworkOriginConfiguration
715
+ end
716
+ class Unknown < NetworkOriginConfiguration
717
+ end
718
+ end
719
+
720
+ class PathElement
721
+ attr_accessor index: ::Integer
722
+ attr_accessor key: ::String
723
+ attr_accessor substring: Types::Substring
724
+ attr_accessor value: ::String
725
+ attr_accessor unknown: untyped
726
+ SENSITIVE: []
727
+
728
+ class Index < PathElement
729
+ end
730
+ class Key < PathElement
731
+ end
732
+ class Substring < PathElement
733
+ end
734
+ class Value < PathElement
735
+ end
736
+ class Unknown < PathElement
737
+ end
738
+ end
739
+
740
+ class PolicyGeneration
741
+ attr_accessor job_id: ::String
742
+ attr_accessor principal_arn: ::String
743
+ attr_accessor status: ("IN_PROGRESS" | "SUCCEEDED" | "FAILED" | "CANCELED")
744
+ attr_accessor started_on: ::Time
745
+ attr_accessor completed_on: ::Time
746
+ SENSITIVE: []
747
+ end
748
+
749
+ class PolicyGenerationDetails
750
+ attr_accessor principal_arn: ::String
751
+ SENSITIVE: []
752
+ end
753
+
754
+ class Position
755
+ attr_accessor line: ::Integer
756
+ attr_accessor column: ::Integer
757
+ attr_accessor offset: ::Integer
758
+ SENSITIVE: []
759
+ end
760
+
761
+ class RdsDbClusterSnapshotAttributeValue
762
+ attr_accessor account_ids: ::Array[::String]
763
+ attr_accessor unknown: untyped
764
+ SENSITIVE: []
765
+
766
+ class AccountIds < RdsDbClusterSnapshotAttributeValue
767
+ end
768
+ class Unknown < RdsDbClusterSnapshotAttributeValue
769
+ end
770
+ end
771
+
772
+ class RdsDbClusterSnapshotConfiguration
773
+ attr_accessor attributes: ::Hash[::String, Types::RdsDbClusterSnapshotAttributeValue]
774
+ attr_accessor kms_key_id: ::String
775
+ SENSITIVE: []
776
+ end
777
+
778
+ class RdsDbSnapshotAttributeValue
779
+ attr_accessor account_ids: ::Array[::String]
780
+ attr_accessor unknown: untyped
781
+ SENSITIVE: []
782
+
783
+ class AccountIds < RdsDbSnapshotAttributeValue
784
+ end
785
+ class Unknown < RdsDbSnapshotAttributeValue
786
+ end
787
+ end
788
+
789
+ class RdsDbSnapshotConfiguration
790
+ attr_accessor attributes: ::Hash[::String, Types::RdsDbSnapshotAttributeValue]
791
+ attr_accessor kms_key_id: ::String
792
+ SENSITIVE: []
793
+ end
794
+
795
+ class ReasonSummary
796
+ attr_accessor description: ::String
797
+ attr_accessor statement_index: ::Integer
798
+ attr_accessor statement_id: ::String
799
+ SENSITIVE: []
800
+ end
801
+
802
+ class ResourceNotFoundException
803
+ attr_accessor message: ::String
804
+ attr_accessor resource_id: ::String
805
+ attr_accessor resource_type: ::String
806
+ SENSITIVE: []
807
+ end
808
+
809
+ class S3AccessPointConfiguration
810
+ attr_accessor access_point_policy: ::String
811
+ attr_accessor public_access_block: Types::S3PublicAccessBlockConfiguration
812
+ attr_accessor network_origin: Types::NetworkOriginConfiguration
813
+ SENSITIVE: []
814
+ end
815
+
816
+ class S3BucketAclGrantConfiguration
817
+ attr_accessor permission: ("READ" | "WRITE" | "READ_ACP" | "WRITE_ACP" | "FULL_CONTROL")
818
+ attr_accessor grantee: Types::AclGrantee
819
+ SENSITIVE: []
820
+ end
821
+
822
+ class S3BucketConfiguration
823
+ attr_accessor bucket_policy: ::String
824
+ attr_accessor bucket_acl_grants: ::Array[Types::S3BucketAclGrantConfiguration]
825
+ attr_accessor bucket_public_access_block: Types::S3PublicAccessBlockConfiguration
826
+ attr_accessor access_points: ::Hash[::String, Types::S3AccessPointConfiguration]
827
+ SENSITIVE: []
828
+ end
829
+
830
+ class S3ExpressDirectoryBucketConfiguration
831
+ attr_accessor bucket_policy: ::String
832
+ SENSITIVE: []
833
+ end
834
+
835
+ class S3PublicAccessBlockConfiguration
836
+ attr_accessor ignore_public_acls: bool
837
+ attr_accessor restrict_public_buckets: bool
838
+ SENSITIVE: []
839
+ end
840
+
841
+ class SecretsManagerSecretConfiguration
842
+ attr_accessor kms_key_id: ::String
843
+ attr_accessor secret_policy: ::String
844
+ SENSITIVE: []
845
+ end
846
+
847
+ class ServiceQuotaExceededException
848
+ attr_accessor message: ::String
849
+ attr_accessor resource_id: ::String
850
+ attr_accessor resource_type: ::String
851
+ SENSITIVE: []
852
+ end
853
+
854
+ class SnsTopicConfiguration
855
+ attr_accessor topic_policy: ::String
856
+ SENSITIVE: []
857
+ end
858
+
859
+ class SortCriteria
860
+ attr_accessor attribute_name: ::String
861
+ attr_accessor order_by: ("ASC" | "DESC")
862
+ SENSITIVE: []
863
+ end
864
+
865
+ class Span
866
+ attr_accessor start: Types::Position
867
+ attr_accessor end: Types::Position
868
+ SENSITIVE: []
869
+ end
870
+
871
+ class SqsQueueConfiguration
872
+ attr_accessor queue_policy: ::String
873
+ SENSITIVE: []
874
+ end
875
+
876
+ class StartPolicyGenerationRequest
877
+ attr_accessor policy_generation_details: Types::PolicyGenerationDetails
878
+ attr_accessor cloud_trail_details: Types::CloudTrailDetails
879
+ attr_accessor client_token: ::String
880
+ SENSITIVE: []
881
+ end
882
+
883
+ class StartPolicyGenerationResponse
884
+ attr_accessor job_id: ::String
885
+ SENSITIVE: []
886
+ end
887
+
888
+ class StartResourceScanRequest
889
+ attr_accessor analyzer_arn: ::String
890
+ attr_accessor resource_arn: ::String
891
+ attr_accessor resource_owner_account: ::String
892
+ SENSITIVE: []
893
+ end
894
+
895
+ class StatusReason
896
+ attr_accessor code: ("AWS_SERVICE_ACCESS_DISABLED" | "DELEGATED_ADMINISTRATOR_DEREGISTERED" | "ORGANIZATION_DELETED" | "SERVICE_LINKED_ROLE_CREATION_FAILED")
897
+ SENSITIVE: []
898
+ end
899
+
900
+ class Substring
901
+ attr_accessor start: ::Integer
902
+ attr_accessor length: ::Integer
903
+ SENSITIVE: []
904
+ end
905
+
906
+ class TagResourceRequest
907
+ attr_accessor resource_arn: ::String
908
+ attr_accessor tags: ::Hash[::String, ::String]
909
+ SENSITIVE: []
910
+ end
911
+
912
+ class TagResourceResponse < Aws::EmptyStructure
913
+ end
914
+
915
+ class ThrottlingException
916
+ attr_accessor message: ::String
917
+ attr_accessor retry_after_seconds: ::Integer
918
+ SENSITIVE: []
919
+ end
920
+
921
+ class Trail
922
+ attr_accessor cloud_trail_arn: ::String
923
+ attr_accessor regions: ::Array[::String]
924
+ attr_accessor all_regions: bool
925
+ SENSITIVE: []
926
+ end
927
+
928
+ class TrailProperties
929
+ attr_accessor cloud_trail_arn: ::String
930
+ attr_accessor regions: ::Array[::String]
931
+ attr_accessor all_regions: bool
932
+ SENSITIVE: []
933
+ end
934
+
935
+ class UnprocessableEntityException
936
+ attr_accessor message: ::String
937
+ SENSITIVE: []
938
+ end
939
+
940
+ class UntagResourceRequest
941
+ attr_accessor resource_arn: ::String
942
+ attr_accessor tag_keys: ::Array[::String]
943
+ SENSITIVE: []
944
+ end
945
+
946
+ class UntagResourceResponse < Aws::EmptyStructure
947
+ end
948
+
949
+ class UnusedAccessConfiguration
950
+ attr_accessor unused_access_age: ::Integer
951
+ SENSITIVE: []
952
+ end
953
+
954
+ class UnusedAction
955
+ attr_accessor action: ::String
956
+ attr_accessor last_accessed: ::Time
957
+ SENSITIVE: []
958
+ end
959
+
960
+ class UnusedIamRoleDetails
961
+ attr_accessor last_accessed: ::Time
962
+ SENSITIVE: []
963
+ end
964
+
965
+ class UnusedIamUserAccessKeyDetails
966
+ attr_accessor access_key_id: ::String
967
+ attr_accessor last_accessed: ::Time
968
+ SENSITIVE: []
969
+ end
970
+
971
+ class UnusedIamUserPasswordDetails
972
+ attr_accessor last_accessed: ::Time
973
+ SENSITIVE: []
974
+ end
975
+
976
+ class UnusedPermissionDetails
977
+ attr_accessor actions: ::Array[Types::UnusedAction]
978
+ attr_accessor service_namespace: ::String
979
+ attr_accessor last_accessed: ::Time
980
+ SENSITIVE: []
981
+ end
982
+
983
+ class UpdateArchiveRuleRequest
984
+ attr_accessor analyzer_name: ::String
985
+ attr_accessor rule_name: ::String
986
+ attr_accessor filter: ::Hash[::String, Types::Criterion]
987
+ attr_accessor client_token: ::String
988
+ SENSITIVE: []
989
+ end
990
+
991
+ class UpdateFindingsRequest
992
+ attr_accessor analyzer_arn: ::String
993
+ attr_accessor status: ("ACTIVE" | "ARCHIVED")
994
+ attr_accessor ids: ::Array[::String]
995
+ attr_accessor resource_arn: ::String
996
+ attr_accessor client_token: ::String
997
+ SENSITIVE: []
998
+ end
999
+
1000
+ class ValidatePolicyFinding
1001
+ attr_accessor finding_details: ::String
1002
+ attr_accessor finding_type: ("ERROR" | "SECURITY_WARNING" | "SUGGESTION" | "WARNING")
1003
+ attr_accessor issue_code: ::String
1004
+ attr_accessor learn_more_link: ::String
1005
+ attr_accessor locations: ::Array[Types::Location]
1006
+ SENSITIVE: []
1007
+ end
1008
+
1009
+ class ValidatePolicyRequest
1010
+ attr_accessor locale: ("DE" | "EN" | "ES" | "FR" | "IT" | "JA" | "KO" | "PT_BR" | "ZH_CN" | "ZH_TW")
1011
+ attr_accessor max_results: ::Integer
1012
+ attr_accessor next_token: ::String
1013
+ attr_accessor policy_document: ::String
1014
+ attr_accessor policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY" | "SERVICE_CONTROL_POLICY")
1015
+ attr_accessor validate_policy_resource_type: ("AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3::MultiRegionAccessPoint" | "AWS::S3ObjectLambda::AccessPoint" | "AWS::IAM::AssumeRolePolicyDocument")
1016
+ SENSITIVE: []
1017
+ end
1018
+
1019
+ class ValidatePolicyResponse
1020
+ attr_accessor findings: ::Array[Types::ValidatePolicyFinding]
1021
+ attr_accessor next_token: ::String
1022
+ SENSITIVE: []
1023
+ end
1024
+
1025
+ class ValidationException
1026
+ attr_accessor message: ::String
1027
+ attr_accessor reason: ("unknownOperation" | "cannotParse" | "fieldValidationFailed" | "other")
1028
+ attr_accessor field_list: ::Array[Types::ValidationExceptionField]
1029
+ SENSITIVE: []
1030
+ end
1031
+
1032
+ class ValidationExceptionField
1033
+ attr_accessor name: ::String
1034
+ attr_accessor message: ::String
1035
+ SENSITIVE: []
1036
+ end
1037
+
1038
+ class VpcConfiguration
1039
+ attr_accessor vpc_id: ::String
1040
+ SENSITIVE: []
1041
+ end
1042
+ end
1043
+ end