aws-sdk-accessanalyzer 1.45.0 → 1.47.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 30d0b5758c70e8399097de843e90a31c4ac6e75e2c229978ea195dfad1538900
-  data.tar.gz: 5c6ef08352a8b4a6d900f309a7b206cdbda0cb1fc61030dfbd1565ebf74611a7
+  metadata.gz: 1363b0ba0d7d73dccaebdfc04876afb44af0a5ccb7acd99d7ce5d769a29bb2d1
+  data.tar.gz: 4d6b90090737f7a155e2fac6dba04ff7fc166c3a4d55a1c392c4819fc011127a
 SHA512:
-  metadata.gz: a432058a5fe3ac9bfc4c82fbc70cd95f8175b0064448172b302528af20fac9dcf31b233cf8f98d6f3c91e207e43ce7a04f782a4956a7a49e1f79be53952379f6
-  data.tar.gz: 4dcebb78315e71a4692601a9c03022856c7bf2dc9a5f860f174f7938121136ef8de51d56a778a8e04294c54458760dff744c86f985923bcbae39aacb26631939
+  metadata.gz: 1788586b538671dc7112774da7670a960e2207cd3b9cb8c8fa0fb28c05ff59990a67d7c8d517b53a6343239c568ffda00c5bac053c2312efc646085a0c796f44
+  data.tar.gz: def12bdd8e791b4ca777bd68c27c45d3e42148247b6a693fca28ec61fedc5a6fae16a826c7660632c40b15ef6e4e8c8d19ba3c8041c57024e1518add4693a964

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.47.0 (2024-03-20)
+------------------
+
+* Feature - This release adds support for policy validation and external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional and secure resource-based policies and identify cross-account access. Updated service API, documentation, and paginators.
+
+1.46.0 (2024-03-01)
+------------------
+
+* Feature - Fixed a typo in description field.
+
 1.45.0 (2024-01-26)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.45.0
+1.47.0

data/lib/aws-sdk-accessanalyzer/client.rb

@@ -698,6 +698,12 @@ module Aws::AccessAnalyzer
     #         s3_express_directory_bucket: {
     #           bucket_policy: "S3ExpressDirectoryBucketPolicy",
     #         },
+    #         dynamodb_stream: {
+    #           stream_policy: "DynamodbStreamPolicy",
+    #         },
+    #         dynamodb_table: {
+    #           table_policy: "DynamodbTablePolicy",
+    #         },
     #       },
     #     },
     #     client_token: "String",
@@ -723,7 +729,7 @@ module Aws::AccessAnalyzer
     #
     # @option params [required, String] :type
     #   The type of analyzer to create. Only `ACCOUNT`, `ORGANIZATION`,
-    #   `ACCOUNT_UNUSED_ACCESS`, and `ORGANIZTAION_UNUSED_ACCESS` analyzers
+    #   `ACCOUNT_UNUSED_ACCESS`, and `ORGANIZATION_UNUSED_ACCESS` analyzers
     #   are supported. You can create only one analyzer per account per
     #   Region. You can create up to 5 analyzers per organization per Region.
     #
@@ -986,6 +992,8 @@ module Aws::AccessAnalyzer
     #   resp.access_preview.configurations["ConfigurationsMapKey"].sns_topic.topic_policy #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].sqs_queue.queue_policy #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].s3_express_directory_bucket.bucket_policy #=> String
+    #   resp.access_preview.configurations["ConfigurationsMapKey"].dynamodb_stream.stream_policy #=> String
+    #   resp.access_preview.configurations["ConfigurationsMapKey"].dynamodb_table.table_policy #=> String
     #   resp.access_preview.created_at #=> Time
     #   resp.access_preview.status #=> String, one of "COMPLETED", "CREATING", "FAILED"
     #   resp.access_preview.status_reason.code #=> String, one of "INTERNAL_ERROR", "INVALID_CONFIGURATION"
@@ -1025,7 +1033,7 @@ module Aws::AccessAnalyzer
     # @example Response structure
     #
     #   resp.resource.resource_arn #=> String
-    #   resp.resource.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.resource.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.resource.created_at #=> Time
     #   resp.resource.analyzed_at #=> Time
     #   resp.resource.updated_at #=> Time
@@ -1134,7 +1142,10 @@ module Aws::AccessAnalyzer
       req.send_request(options)
     end
 
-    # Retrieves information about the specified finding.
+    # Retrieves information about the specified finding. GetFinding and
+    # GetFindingV2 both use `access-analyzer:GetFinding` in the `Action`
+    # element of an IAM policy statement. You must have permission to
+    # perform the `access-analyzer:GetFinding` action.
     #
     # @option params [required, String] :analyzer_arn
     #   The [ARN of the analyzer][1] that generated the finding.
@@ -1166,7 +1177,7 @@ module Aws::AccessAnalyzer
     #   resp.finding.action[0] #=> String
     #   resp.finding.resource #=> String
     #   resp.finding.is_public #=> Boolean
-    #   resp.finding.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.finding.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.finding.condition #=> Hash
     #   resp.finding.condition["String"] #=> String
     #   resp.finding.created_at #=> Time
@@ -1189,7 +1200,10 @@ module Aws::AccessAnalyzer
       req.send_request(options)
     end
 
-    # Retrieves information about the specified finding.
+    # Retrieves information about the specified finding. GetFinding and
+    # GetFindingV2 both use `access-analyzer:GetFinding` in the `Action`
+    # element of an IAM policy statement. You must have permission to
+    # perform the `access-analyzer:GetFinding` action.
     #
     # @option params [required, String] :analyzer_arn
     #   The [ARN of the analyzer][1] that generated the finding.
@@ -1241,7 +1255,7 @@ module Aws::AccessAnalyzer
     #   resp.id #=> String
     #   resp.next_token #=> String
     #   resp.resource #=> String
-    #   resp.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.resource_owner_account #=> String
     #   resp.status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
     #   resp.updated_at #=> Time
@@ -1404,7 +1418,7 @@ module Aws::AccessAnalyzer
     #   resp.findings[0].condition["String"] #=> String
     #   resp.findings[0].resource #=> String
     #   resp.findings[0].is_public #=> Boolean
-    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.findings[0].created_at #=> Time
     #   resp.findings[0].change_type #=> String, one of "CHANGED", "NEW", "UNCHANGED"
     #   resp.findings[0].status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
@@ -1475,7 +1489,8 @@ module Aws::AccessAnalyzer
     end
 
     # Retrieves a list of resources of the specified type that have been
-    # analyzed by the specified analyzer..
+    # analyzed by the specified external access analyzer. This action is not
+    # supported for unused access analyzers.
     #
     # @option params [required, String] :analyzer_arn
     #   The [ARN of the analyzer][1] to retrieve a list of analyzed resources
@@ -1505,7 +1520,7 @@ module Aws::AccessAnalyzer
     #
     #   resp = client.list_analyzed_resources({
     #     analyzer_arn: "AnalyzerArn", # required
-    #     resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic, AWS::S3Express::DirectoryBucket
+    #     resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic, AWS::S3Express::DirectoryBucket, AWS::DynamoDB::Table, AWS::DynamoDB::Stream
     #     next_token: "Token",
     #     max_results: 1,
     #   })
@@ -1515,7 +1530,7 @@ module Aws::AccessAnalyzer
     #   resp.analyzed_resources #=> Array
     #   resp.analyzed_resources[0].resource_arn #=> String
     #   resp.analyzed_resources[0].resource_owner_account #=> String
-    #   resp.analyzed_resources[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.analyzed_resources[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources AWS API Documentation
@@ -1630,6 +1645,10 @@ module Aws::AccessAnalyzer
     end
 
     # Retrieves a list of findings generated by the specified analyzer.
+    # ListFindings and ListFindingsV2 both use
+    # `access-analyzer:ListFindings` in the `Action` element of an IAM
+    # policy statement. You must have permission to perform the
+    # `access-analyzer:ListFindings` action.
     #
     # To learn about filter keys that you can use to retrieve a list of
     # findings, see [IAM Access Analyzer filter keys][1] in the **IAM User
@@ -1695,7 +1714,7 @@ module Aws::AccessAnalyzer
     #   resp.findings[0].action[0] #=> String
     #   resp.findings[0].resource #=> String
     #   resp.findings[0].is_public #=> Boolean
-    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.findings[0].condition #=> Hash
     #   resp.findings[0].condition["String"] #=> String
     #   resp.findings[0].created_at #=> Time
@@ -1720,6 +1739,10 @@ module Aws::AccessAnalyzer
     end
 
     # Retrieves a list of findings generated by the specified analyzer.
+    # ListFindings and ListFindingsV2 both use
+    # `access-analyzer:ListFindings` in the `Action` element of an IAM
+    # policy statement. You must have permission to perform the
+    # `access-analyzer:ListFindings` action.
     #
     # To learn about filter keys that you can use to retrieve a list of
     # findings, see [IAM Access Analyzer filter keys][1] in the **IAM User
@@ -1783,7 +1806,7 @@ module Aws::AccessAnalyzer
     #   resp.findings[0].error #=> String
     #   resp.findings[0].id #=> String
     #   resp.findings[0].resource #=> String
-    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket"
+    #   resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret", "AWS::EFS::FileSystem", "AWS::EC2::Snapshot", "AWS::ECR::Repository", "AWS::RDS::DBSnapshot", "AWS::RDS::DBClusterSnapshot", "AWS::SNS::Topic", "AWS::S3Express::DirectoryBucket", "AWS::DynamoDB::Table", "AWS::DynamoDB::Stream"
     #   resp.findings[0].resource_owner_account #=> String
     #   resp.findings[0].status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
     #   resp.findings[0].updated_at #=> Time
@@ -2181,7 +2204,7 @@ module Aws::AccessAnalyzer
     #     next_token: "Token",
     #     policy_document: "PolicyDocument", # required
     #     policy_type: "IDENTITY_POLICY", # required, accepts IDENTITY_POLICY, RESOURCE_POLICY, SERVICE_CONTROL_POLICY
-    #     validate_policy_resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3::MultiRegionAccessPoint, AWS::S3ObjectLambda::AccessPoint, AWS::IAM::AssumeRolePolicyDocument
+    #     validate_policy_resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3::MultiRegionAccessPoint, AWS::S3ObjectLambda::AccessPoint, AWS::IAM::AssumeRolePolicyDocument, AWS::DynamoDB::Table
     #   })
     #
     # @example Response structure
@@ -2228,7 +2251,7 @@ module Aws::AccessAnalyzer
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-accessanalyzer'
-      context[:gem_version] = '1.45.0'
+      context[:gem_version] = '1.47.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-accessanalyzer/client_api.rb

@@ -73,6 +73,10 @@ module Aws::AccessAnalyzer
     Criterion = Shapes::StructureShape.new(name: 'Criterion')
     DeleteAnalyzerRequest = Shapes::StructureShape.new(name: 'DeleteAnalyzerRequest')
     DeleteArchiveRuleRequest = Shapes::StructureShape.new(name: 'DeleteArchiveRuleRequest')
+    DynamodbStreamConfiguration = Shapes::StructureShape.new(name: 'DynamodbStreamConfiguration')
+    DynamodbStreamPolicy = Shapes::StringShape.new(name: 'DynamodbStreamPolicy')
+    DynamodbTableConfiguration = Shapes::StructureShape.new(name: 'DynamodbTableConfiguration')
+    DynamodbTablePolicy = Shapes::StringShape.new(name: 'DynamodbTablePolicy')
     EbsGroup = Shapes::StringShape.new(name: 'EbsGroup')
     EbsGroupList = Shapes::ListShape.new(name: 'EbsGroupList')
     EbsSnapshotConfiguration = Shapes::StructureShape.new(name: 'EbsSnapshotConfiguration')
@@ -434,6 +438,8 @@ module Aws::AccessAnalyzer
     Configuration.add_member(:sns_topic, Shapes::ShapeRef.new(shape: SnsTopicConfiguration, location_name: "snsTopic"))
     Configuration.add_member(:sqs_queue, Shapes::ShapeRef.new(shape: SqsQueueConfiguration, location_name: "sqsQueue"))
     Configuration.add_member(:s3_express_directory_bucket, Shapes::ShapeRef.new(shape: S3ExpressDirectoryBucketConfiguration, location_name: "s3ExpressDirectoryBucket"))
+    Configuration.add_member(:dynamodb_stream, Shapes::ShapeRef.new(shape: DynamodbStreamConfiguration, location_name: "dynamodbStream"))
+    Configuration.add_member(:dynamodb_table, Shapes::ShapeRef.new(shape: DynamodbTableConfiguration, location_name: "dynamodbTable"))
     Configuration.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
     Configuration.add_member_subclass(:ebs_snapshot, Types::Configuration::EbsSnapshot)
     Configuration.add_member_subclass(:ecr_repository, Types::Configuration::EcrRepository)
@@ -447,6 +453,8 @@ module Aws::AccessAnalyzer
     Configuration.add_member_subclass(:sns_topic, Types::Configuration::SnsTopic)
     Configuration.add_member_subclass(:sqs_queue, Types::Configuration::SqsQueue)
     Configuration.add_member_subclass(:s3_express_directory_bucket, Types::Configuration::S3ExpressDirectoryBucket)
+    Configuration.add_member_subclass(:dynamodb_stream, Types::Configuration::DynamodbStream)
+    Configuration.add_member_subclass(:dynamodb_table, Types::Configuration::DynamodbTable)
     Configuration.add_member_subclass(:unknown, Types::Configuration::Unknown)
     Configuration.struct_class = Types::Configuration
 
@@ -498,6 +506,12 @@ module Aws::AccessAnalyzer
     DeleteArchiveRuleRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location: "querystring", location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
     DeleteArchiveRuleRequest.struct_class = Types::DeleteArchiveRuleRequest
 
+    DynamodbStreamConfiguration.add_member(:stream_policy, Shapes::ShapeRef.new(shape: DynamodbStreamPolicy, location_name: "streamPolicy"))
+    DynamodbStreamConfiguration.struct_class = Types::DynamodbStreamConfiguration
+
+    DynamodbTableConfiguration.add_member(:table_policy, Shapes::ShapeRef.new(shape: DynamodbTablePolicy, location_name: "tablePolicy"))
+    DynamodbTableConfiguration.struct_class = Types::DynamodbTableConfiguration
+
     EbsGroupList.member = Shapes::ShapeRef.new(shape: EbsGroup)
 
     EbsSnapshotConfiguration.add_member(:user_ids, Shapes::ShapeRef.new(shape: EbsUserIdList, location_name: "userIds"))

data/lib/aws-sdk-accessanalyzer/types.rb

@@ -14,7 +14,9 @@ module Aws::AccessAnalyzer
     # against a policy.
     #
     # @!attribute [rw] actions
-    #   A list of actions for the access permissions.
+    #   A list of actions for the access permissions. Any strings that can
+    #   be used as an action in an IAM policy can be used in the list of
+    #   actions to check.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/Access AWS API Documentation
@@ -804,6 +806,14 @@ module Aws::AccessAnalyzer
     #   bucket.
     #   @return [Types::S3ExpressDirectoryBucketConfiguration]
     #
+    # @!attribute [rw] dynamodb_stream
+    #   The access control configuration is for a DynamoDB stream.
+    #   @return [Types::DynamodbStreamConfiguration]
+    #
+    # @!attribute [rw] dynamodb_table
+    #   The access control configuration is for a DynamoDB table or index.
+    #   @return [Types::DynamodbTableConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/Configuration AWS API Documentation
     #
     class Configuration < Struct.new(
@@ -819,6 +829,8 @@ module Aws::AccessAnalyzer
       :sns_topic,
       :sqs_queue,
       :s3_express_directory_bucket,
+      :dynamodb_stream,
+      :dynamodb_table,
       :unknown)
       SENSITIVE = []
       include Aws::Structure
@@ -836,6 +848,8 @@ module Aws::AccessAnalyzer
       class SnsTopic < Configuration; end
       class SqsQueue < Configuration; end
       class S3ExpressDirectoryBucket < Configuration; end
+      class DynamodbStream < Configuration; end
+      class DynamodbTable < Configuration; end
       class Unknown < Configuration; end
     end
 
@@ -917,7 +931,7 @@ module Aws::AccessAnalyzer
     #
     # @!attribute [rw] type
     #   The type of analyzer to create. Only `ACCOUNT`, `ORGANIZATION`,
-    #   `ACCOUNT_UNUSED_ACCESS`, and `ORGANIZTAION_UNUSED_ACCESS` analyzers
+    #   `ACCOUNT_UNUSED_ACCESS`, and `ORGANIZATION_UNUSED_ACCESS` analyzers
     #   are supported. You can create only one analyzer per account per
     #   Region. You can create up to 5 analyzers per organization per
     #   Region.
@@ -1095,6 +1109,73 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # The proposed access control configuration for a DynamoDB stream. You
+    # can propose a configuration for a new DynamoDB stream or an existing
+    # DynamoDB stream that you own by specifying the policy for the DynamoDB
+    # stream. For more information, see [PutResourcePolicy][1].
+    #
+    # * If the configuration is for an existing DynamoDB stream and you do
+    #   not specify the DynamoDB policy, then the access preview uses the
+    #   existing DynamoDB policy for the stream.
+    #
+    # * If the access preview is for a new resource and you do not specify
+    #   the policy, then the access preview assumes a DynamoDB stream
+    #   without a policy.
+    #
+    # * To propose deletion of an existing DynamoDB stream policy, you can
+    #   specify an empty string for the DynamoDB policy.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutResourcePolicy.html
+    #
+    # @!attribute [rw] stream_policy
+    #   The proposed resource policy defining who can access or manage the
+    #   DynamoDB stream.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DynamodbStreamConfiguration AWS API Documentation
+    #
+    class DynamodbStreamConfiguration < Struct.new(
+      :stream_policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The proposed access control configuration for a DynamoDB table or
+    # index. You can propose a configuration for a new DynamoDB table or
+    # index or an existing DynamoDB table or index that you own by
+    # specifying the policy for the DynamoDB table or index. For more
+    # information, see [PutResourcePolicy][1].
+    #
+    # * If the configuration is for an existing DynamoDB table or index and
+    #   you do not specify the DynamoDB policy, then the access preview uses
+    #   the existing DynamoDB policy for the table or index.
+    #
+    # * If the access preview is for a new resource and you do not specify
+    #   the policy, then the access preview assumes a DynamoDB table without
+    #   a policy.
+    #
+    # * To propose deletion of an existing DynamoDB table or index policy,
+    #   you can specify an empty string for the DynamoDB policy.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutResourcePolicy.html
+    #
+    # @!attribute [rw] table_policy
+    #   The proposed resource policy defining who can access or manage the
+    #   DynamoDB table.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DynamodbTableConfiguration AWS API Documentation
+    #
+    class DynamodbTableConfiguration < Struct.new(
+      :table_policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The proposed access control configuration for an Amazon EBS volume
     # snapshot. You can propose a configuration for a new Amazon EBS volume
     # snapshot or an Amazon EBS volume snapshot that you own by specifying
@@ -3241,8 +3322,8 @@ module Aws::AccessAnalyzer
     # and you do not specify the Amazon S3 bucket policy, the access preview
     # assumes an directory bucket without a policy. To propose deletion of
     # an existing bucket policy, you can specify an empty string. For more
-    # information about bucket policy limits, see [Example bucket
-    # policies][1].
+    # information about Amazon S3 directory bucket policies, see [Example
+    # directory bucket policies for S3 Express One Zone][1].
     #
     #
     #

data/lib/aws-sdk-accessanalyzer.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
 # @!group service
 module Aws::AccessAnalyzer
 
-  GEM_VERSION = '1.45.0'
+  GEM_VERSION = '1.47.0'
 
 end

data/sig/client.rbs

@@ -212,6 +212,12 @@ module Aws
                                        }?,
                                        s3_express_directory_bucket: {
                                          bucket_policy: ::String?
+                                       }?,
+                                       dynamodb_stream: {
+                                         stream_policy: ::String?
+                                       }?,
+                                       dynamodb_table: {
+                                         table_policy: ::String?
                                        }?
                                      }],
                                    ?client_token: ::String
@@ -337,7 +343,7 @@ module Aws
         def id: () -> ::String
         def next_token: () -> ::String
         def resource: () -> ::String
-        def resource_type: () -> ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+        def resource_type: () -> ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
         def resource_owner_account: () -> ::String
         def status: () -> ("ACTIVE" | "ARCHIVED" | "RESOLVED")
         def updated_at: () -> ::Time
@@ -407,7 +413,7 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#list_analyzed_resources-instance_method
       def list_analyzed_resources: (
                                      analyzer_arn: ::String,
-                                     ?resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket"),
+                                     ?resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream"),
                                      ?next_token: ::String,
                                      ?max_results: ::Integer
                                    ) -> _ListAnalyzedResourcesResponseSuccess
@@ -597,7 +603,7 @@ module Aws
                              ?next_token: ::String,
                              policy_document: ::String,
                              policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY" | "SERVICE_CONTROL_POLICY"),
-                             ?validate_policy_resource_type: ("AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3::MultiRegionAccessPoint" | "AWS::S3ObjectLambda::AccessPoint" | "AWS::IAM::AssumeRolePolicyDocument")
+                             ?validate_policy_resource_type: ("AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3::MultiRegionAccessPoint" | "AWS::S3ObjectLambda::AccessPoint" | "AWS::IAM::AssumeRolePolicyDocument" | "AWS::DynamoDB::Table")
                            ) -> _ValidatePolicyResponseSuccess
                          | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ValidatePolicyResponseSuccess
     end

data/sig/types.rbs

@@ -37,7 +37,7 @@ module Aws::AccessAnalyzer
       attr_accessor condition: ::Hash[::String, ::String]
       attr_accessor resource: ::String
       attr_accessor is_public: bool
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor created_at: ::Time
       attr_accessor change_type: ("CHANGED" | "NEW" | "UNCHANGED")
       attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
@@ -77,7 +77,7 @@ module Aws::AccessAnalyzer
 
     class AnalyzedResource
       attr_accessor resource_arn: ::String
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor created_at: ::Time
       attr_accessor analyzed_at: ::Time
       attr_accessor updated_at: ::Time
@@ -93,7 +93,7 @@ module Aws::AccessAnalyzer
     class AnalyzedResourceSummary
       attr_accessor resource_arn: ::String
       attr_accessor resource_owner_account: ::String
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       SENSITIVE: []
     end
 
@@ -201,6 +201,8 @@ module Aws::AccessAnalyzer
       attr_accessor sns_topic: Types::SnsTopicConfiguration
       attr_accessor sqs_queue: Types::SqsQueueConfiguration
       attr_accessor s3_express_directory_bucket: Types::S3ExpressDirectoryBucketConfiguration
+      attr_accessor dynamodb_stream: Types::DynamodbStreamConfiguration
+      attr_accessor dynamodb_table: Types::DynamodbTableConfiguration
       attr_accessor unknown: untyped
       SENSITIVE: []
 
@@ -228,6 +230,10 @@ module Aws::AccessAnalyzer
       end
       class S3ExpressDirectoryBucket < Configuration
       end
+      class DynamodbStream < Configuration
+      end
+      class DynamodbTable < Configuration
+      end
       class Unknown < Configuration
       end
     end
@@ -295,6 +301,16 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class DynamodbStreamConfiguration
+      attr_accessor stream_policy: ::String
+      SENSITIVE: []
+    end
+
+    class DynamodbTableConfiguration
+      attr_accessor table_policy: ::String
+      SENSITIVE: []
+    end
+
     class EbsSnapshotConfiguration
       attr_accessor user_ids: ::Array[::String]
       attr_accessor groups: ::Array[::String]
@@ -327,7 +343,7 @@ module Aws::AccessAnalyzer
       attr_accessor action: ::Array[::String]
       attr_accessor resource: ::String
       attr_accessor is_public: bool
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor condition: ::Hash[::String, ::String]
       attr_accessor created_at: ::Time
       attr_accessor analyzed_at: ::Time
@@ -380,7 +396,7 @@ module Aws::AccessAnalyzer
       attr_accessor action: ::Array[::String]
       attr_accessor resource: ::String
       attr_accessor is_public: bool
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor condition: ::Hash[::String, ::String]
       attr_accessor created_at: ::Time
       attr_accessor analyzed_at: ::Time
@@ -398,7 +414,7 @@ module Aws::AccessAnalyzer
       attr_accessor error: ::String
       attr_accessor id: ::String
       attr_accessor resource: ::String
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor resource_owner_account: ::String
       attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
       attr_accessor updated_at: ::Time
@@ -493,7 +509,7 @@ module Aws::AccessAnalyzer
       attr_accessor id: ::String
       attr_accessor next_token: ::String
       attr_accessor resource: ::String
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor resource_owner_account: ::String
       attr_accessor status: ("ACTIVE" | "ARCHIVED" | "RESOLVED")
       attr_accessor updated_at: ::Time
@@ -606,7 +622,7 @@ module Aws::AccessAnalyzer
 
     class ListAnalyzedResourcesRequest
       attr_accessor analyzer_arn: ::String
-      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket")
+      attr_accessor resource_type: ("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream")
       attr_accessor next_token: ::String
       attr_accessor max_results: ::Integer
       SENSITIVE: []
@@ -1012,7 +1028,7 @@ module Aws::AccessAnalyzer
       attr_accessor next_token: ::String
       attr_accessor policy_document: ::String
       attr_accessor policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY" | "SERVICE_CONTROL_POLICY")
-      attr_accessor validate_policy_resource_type: ("AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3::MultiRegionAccessPoint" | "AWS::S3ObjectLambda::AccessPoint" | "AWS::IAM::AssumeRolePolicyDocument")
+      attr_accessor validate_policy_resource_type: ("AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3::MultiRegionAccessPoint" | "AWS::S3ObjectLambda::AccessPoint" | "AWS::IAM::AssumeRolePolicyDocument" | "AWS::DynamoDB::Table")
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-accessanalyzer
 version: !ruby/object:Gem::Version
-  version: 1.45.0
+  version: 1.47.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-26 00:00:00.000000000 Z
+date: 2024-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core