aws-sdk-accessanalyzer 1.49.0 → 1.51.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f4500e1023c1311a9e5123edcf102ae4e061b127eacedc944925c177c0ef039e
4
- data.tar.gz: 7bcd783841da00050f909e4372c470964332122f3ea531deb1a50fd3ba9b7093
3
+ metadata.gz: 85830f512378735be96e8cfa65b9131e5f36414d4b5ab2ba4a7e80cc1536766e
4
+ data.tar.gz: fd8255a12adec108aa9ff29b3cbe957ed8c7692450062ba521877becb6d33e08
5
5
  SHA512:
6
- metadata.gz: 2e42d9db051e0b993efba1619906b08b42cde47e4259ff3b126b5d1af4ff49ff00a3e62c4ad29bc3703ae107537d76edc6c2bd8868e34e600305e46d04a38276
7
- data.tar.gz: f6235a21e5c177d06011b4ef3d8a3fac4a62c2de3830bd4bfa9fd0e5f6561f87c700d747d4f4bae6442c4c1a19ec141e80f739e4ab052bbc6000fb4889474910
6
+ metadata.gz: 7c826239d70604d234b73328dc1a2f12b1d4e03cd5516b37cb0a82caf98d25782be56c5a512e7c3b7f576128ceda60867f7d8564069bc684ac3edca7b63a5df1
7
+ data.tar.gz: 942d85ee53690b607e54de4b656717d3171a8c7c0ef5c80687d9c95eb27857d86495b424a4a1f881ac5d2679f84d18266fd0ea1b07642127424fde95a5066809
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.51.0 (2024-06-11)
5
+ ------------------
6
+
7
+ * Feature - IAM Access Analyzer now provides policy recommendations to help resolve unused permissions for IAM roles and users. Additionally, IAM Access Analyzer now extends its custom policy checks to detect when IAM policies grant public access or access to critical resources ahead of deployments.
8
+
9
+ 1.50.0 (2024-06-05)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
4
14
  1.49.0 (2024-05-13)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.49.0
1
+ 1.51.0
@@ -479,7 +479,12 @@ module Aws::AccessAnalyzer
479
479
  #
480
480
  # @option params [required, Array<Types::Access>] :access
481
481
  # An access object containing the permissions that shouldn't be granted
482
- # by the specified policy.
482
+ # by the specified policy. If only actions are specified, IAM Access
483
+ # Analyzer checks for access of the actions on all resources in the
484
+ # policy. If only resources are specified, then IAM Access Analyzer
485
+ # checks which actions have access to the specified resources. If both
486
+ # actions and resources are specified, then IAM Access Analyzer checks
487
+ # which of the specified actions have access to the specified resources.
483
488
  #
484
489
  # @option params [required, String] :policy_type
485
490
  # The type of policy. Identity policies grant permissions to IAM
@@ -498,13 +503,82 @@ module Aws::AccessAnalyzer
498
503
  # * {Types::CheckAccessNotGrantedResponse#message #message} => String
499
504
  # * {Types::CheckAccessNotGrantedResponse#reasons #reasons} => Array&lt;Types::ReasonSummary&gt;
500
505
  #
506
+ #
507
+ # @example Example: Passing check. Restrictive identity policy.
508
+ #
509
+ # resp = client.check_access_not_granted({
510
+ # access: [
511
+ # {
512
+ # actions: [
513
+ # "s3:PutObject",
514
+ # ],
515
+ # },
516
+ # ],
517
+ # policy_document: "{\"Version\":\"2012-10-17\",\"Id\":\"123\",\"Statement\":[{\"Sid\":\"AllowJohnDoe\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/JohnDoe\"},\"Action\":\"s3:GetObject\",\"Resource\":\"*\"}]}",
518
+ # policy_type: "RESOURCE_POLICY",
519
+ # })
520
+ #
521
+ # resp.to_h outputs the following:
522
+ # {
523
+ # message: "The policy document does not grant access to perform the listed actions or resources.",
524
+ # result: "PASS",
525
+ # }
526
+ #
527
+ # @example Example: Passing check. Restrictive S3 Bucket resource policy.
528
+ #
529
+ # resp = client.check_access_not_granted({
530
+ # access: [
531
+ # {
532
+ # resources: [
533
+ # "arn:aws:s3:::sensitive-bucket/*",
534
+ # ],
535
+ # },
536
+ # ],
537
+ # policy_document: "{\"Version\":\"2012-10-17\",\"Id\":\"123\",\"Statement\":[{\"Sid\":\"AllowJohnDoe\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/JohnDoe\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::non-sensitive-bucket/*\"}]}",
538
+ # policy_type: "RESOURCE_POLICY",
539
+ # })
540
+ #
541
+ # resp.to_h outputs the following:
542
+ # {
543
+ # message: "The policy document does not grant access to perform the listed actions or resources.",
544
+ # result: "PASS",
545
+ # }
546
+ #
547
+ # @example Example: Failing check. Permissive S3 Bucket resource policy.
548
+ #
549
+ # resp = client.check_access_not_granted({
550
+ # access: [
551
+ # {
552
+ # resources: [
553
+ # "arn:aws:s3:::my-bucket/*",
554
+ # ],
555
+ # },
556
+ # ],
557
+ # policy_document: "{\"Version\":\"2012-10-17\",\"Id\":\"123\",\"Statement\":[{\"Sid\":\"AllowJohnDoe\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/JohnDoe\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::my-bucket/*\"}]}",
558
+ # policy_type: "RESOURCE_POLICY",
559
+ # })
560
+ #
561
+ # resp.to_h outputs the following:
562
+ # {
563
+ # message: "The policy document grants access to perform one or more of the listed actions or resources.",
564
+ # reasons: [
565
+ # {
566
+ # description: "One or more of the listed actions or resources in the statement with sid: AllowJohnDoe.",
567
+ # statement_id: "AllowJohnDoe",
568
+ # statement_index: 0,
569
+ # },
570
+ # ],
571
+ # result: "FAIL",
572
+ # }
573
+ #
501
574
  # @example Request syntax with placeholder values
502
575
  #
503
576
  # resp = client.check_access_not_granted({
504
577
  # policy_document: "AccessCheckPolicyDocument", # required
505
578
  # access: [ # required
506
579
  # {
507
- # actions: ["Action"], # required
580
+ # actions: ["Action"],
581
+ # resources: ["Resource"],
508
582
  # },
509
583
  # ],
510
584
  # policy_type: "IDENTITY_POLICY", # required, accepts IDENTITY_POLICY, RESOURCE_POLICY
@@ -591,6 +665,85 @@ module Aws::AccessAnalyzer
591
665
  req.send_request(options)
592
666
  end
593
667
 
668
+ # Checks whether a resource policy can grant public access to the
669
+ # specified resource type.
670
+ #
671
+ # @option params [required, String] :policy_document
672
+ # The JSON policy document to evaluate for public access.
673
+ #
674
+ # @option params [required, String] :resource_type
675
+ # The type of resource to evaluate for public access. For example, to
676
+ # check for public access to Amazon S3 buckets, you can choose
677
+ # `AWS::S3::Bucket` for the resource type.
678
+ #
679
+ # For resource types not supported as valid values, IAM Access Analyzer
680
+ # will return an error.
681
+ #
682
+ # @return [Types::CheckNoPublicAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
683
+ #
684
+ # * {Types::CheckNoPublicAccessResponse#result #result} => String
685
+ # * {Types::CheckNoPublicAccessResponse#message #message} => String
686
+ # * {Types::CheckNoPublicAccessResponse#reasons #reasons} => Array&lt;Types::ReasonSummary&gt;
687
+ #
688
+ #
689
+ # @example Example: Passing check. S3 Bucket policy without public access.
690
+ #
691
+ # resp = client.check_no_public_access({
692
+ # policy_document: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Bob\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::111122223333:user/JohnDoe\"},\"Action\":[\"s3:GetObject\"]}]}",
693
+ # resource_type: "AWS::S3::Bucket",
694
+ # })
695
+ #
696
+ # resp.to_h outputs the following:
697
+ # {
698
+ # message: "The resource policy does not grant public access for the given resource type.",
699
+ # result: "PASS",
700
+ # }
701
+ #
702
+ # @example Example: Failing check. S3 Bucket policy with public access.
703
+ #
704
+ # resp = client.check_no_public_access({
705
+ # policy_document: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Bob\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":[\"s3:GetObject\"]}]}",
706
+ # resource_type: "AWS::S3::Bucket",
707
+ # })
708
+ #
709
+ # resp.to_h outputs the following:
710
+ # {
711
+ # message: "The resource policy grants public access for the given resource type.",
712
+ # reasons: [
713
+ # {
714
+ # description: "Public access granted in the following statement with sid: Bob.",
715
+ # statement_id: "Bob",
716
+ # statement_index: 0,
717
+ # },
718
+ # ],
719
+ # result: "FAIL",
720
+ # }
721
+ #
722
+ # @example Request syntax with placeholder values
723
+ #
724
+ # resp = client.check_no_public_access({
725
+ # policy_document: "AccessCheckPolicyDocument", # required
726
+ # resource_type: "AWS::DynamoDB::Table", # required, accepts AWS::DynamoDB::Table, AWS::DynamoDB::Stream, AWS::EFS::FileSystem, AWS::OpenSearchService::Domain, AWS::Kinesis::Stream, AWS::Kinesis::StreamConsumer, AWS::KMS::Key, AWS::Lambda::Function, AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3Express::DirectoryBucket, AWS::S3::Glacier, AWS::S3Outposts::Bucket, AWS::S3Outposts::AccessPoint, AWS::SecretsManager::Secret, AWS::SNS::Topic, AWS::SQS::Queue, AWS::IAM::AssumeRolePolicyDocument
727
+ # })
728
+ #
729
+ # @example Response structure
730
+ #
731
+ # resp.result #=> String, one of "PASS", "FAIL"
732
+ # resp.message #=> String
733
+ # resp.reasons #=> Array
734
+ # resp.reasons[0].description #=> String
735
+ # resp.reasons[0].statement_index #=> Integer
736
+ # resp.reasons[0].statement_id #=> String
737
+ #
738
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccess AWS API Documentation
739
+ #
740
+ # @overload check_no_public_access(params = {})
741
+ # @param [Hash] params ({})
742
+ def check_no_public_access(params = {}, options = {})
743
+ req = build_request(:check_no_public_access, params)
744
+ req.send_request(options)
745
+ end
746
+
594
747
  # Creates an access preview that allows you to preview IAM Access
595
748
  # Analyzer findings for your resource before deploying resource
596
749
  # permissions.
@@ -943,6 +1096,56 @@ module Aws::AccessAnalyzer
943
1096
  req.send_request(options)
944
1097
  end
945
1098
 
1099
+ # Creates a recommendation for an unused permissions finding.
1100
+ #
1101
+ # @option params [required, String] :analyzer_arn
1102
+ # The [ARN of the analyzer][1] used to generate the finding
1103
+ # recommendation.
1104
+ #
1105
+ #
1106
+ #
1107
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
1108
+ #
1109
+ # @option params [required, String] :id
1110
+ # The unique ID for the finding recommendation.
1111
+ #
1112
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1113
+ #
1114
+ #
1115
+ # @example Example: Successfully started generating finding recommendation
1116
+ #
1117
+ # resp = client.generate_finding_recommendation({
1118
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1119
+ # id: "finding-id",
1120
+ # })
1121
+ #
1122
+ # resp.to_h outputs the following:
1123
+ # {
1124
+ # }
1125
+ #
1126
+ # @example Example: Failed field validation for id value
1127
+ #
1128
+ # resp = client.generate_finding_recommendation({
1129
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1130
+ # id: "!",
1131
+ # })
1132
+ #
1133
+ # @example Request syntax with placeholder values
1134
+ #
1135
+ # resp = client.generate_finding_recommendation({
1136
+ # analyzer_arn: "AnalyzerArn", # required
1137
+ # id: "GenerateFindingRecommendationRequestIdString", # required
1138
+ # })
1139
+ #
1140
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GenerateFindingRecommendation AWS API Documentation
1141
+ #
1142
+ # @overload generate_finding_recommendation(params = {})
1143
+ # @param [Hash] params ({})
1144
+ def generate_finding_recommendation(params = {}, options = {})
1145
+ req = build_request(:generate_finding_recommendation, params)
1146
+ req.send_request(options)
1147
+ end
1148
+
946
1149
  # Retrieves information about an access preview for the specified
947
1150
  # analyzer.
948
1151
  #
@@ -1225,6 +1428,151 @@ module Aws::AccessAnalyzer
1225
1428
  req.send_request(options)
1226
1429
  end
1227
1430
 
1431
+ # Retrieves information about a finding recommendation for the specified
1432
+ # analyzer.
1433
+ #
1434
+ # @option params [required, String] :analyzer_arn
1435
+ # The [ARN of the analyzer][1] used to generate the finding
1436
+ # recommendation.
1437
+ #
1438
+ #
1439
+ #
1440
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
1441
+ #
1442
+ # @option params [required, String] :id
1443
+ # The unique ID for the finding recommendation.
1444
+ #
1445
+ # @option params [Integer] :max_results
1446
+ # The maximum number of results to return in the response.
1447
+ #
1448
+ # @option params [String] :next_token
1449
+ # A token used for pagination of results returned.
1450
+ #
1451
+ # @return [Types::GetFindingRecommendationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1452
+ #
1453
+ # * {Types::GetFindingRecommendationResponse#started_at #started_at} => Time
1454
+ # * {Types::GetFindingRecommendationResponse#completed_at #completed_at} => Time
1455
+ # * {Types::GetFindingRecommendationResponse#next_token #next_token} => String
1456
+ # * {Types::GetFindingRecommendationResponse#error #error} => Types::RecommendationError
1457
+ # * {Types::GetFindingRecommendationResponse#resource_arn #resource_arn} => String
1458
+ # * {Types::GetFindingRecommendationResponse#recommended_steps #recommended_steps} => Array&lt;Types::RecommendedStep&gt;
1459
+ # * {Types::GetFindingRecommendationResponse#recommendation_type #recommendation_type} => String
1460
+ # * {Types::GetFindingRecommendationResponse#status #status} => String
1461
+ #
1462
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1463
+ #
1464
+ #
1465
+ # @example Example: Successfully fetched finding recommendation
1466
+ #
1467
+ # resp = client.get_finding_recommendation({
1468
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1469
+ # id: "finding-id",
1470
+ # max_results: 3,
1471
+ # next_token: "token",
1472
+ # })
1473
+ #
1474
+ # resp.to_h outputs the following:
1475
+ # {
1476
+ # completed_at: Time.parse("2000-01-01T00:00:01Z"),
1477
+ # recommendation_type: "UnusedPermissionRecommendation",
1478
+ # recommended_steps: [
1479
+ # {
1480
+ # unused_permissions_recommended_step: {
1481
+ # existing_policy_id: "policy-id",
1482
+ # recommended_action: "DETACH_POLICY",
1483
+ # },
1484
+ # },
1485
+ # {
1486
+ # unused_permissions_recommended_step: {
1487
+ # existing_policy_id: "policy-id",
1488
+ # recommended_action: "CREATE_POLICY",
1489
+ # recommended_policy: "policy-content",
1490
+ # },
1491
+ # },
1492
+ # ],
1493
+ # resource_arn: "arn:aws:iam::111122223333:role/test",
1494
+ # started_at: Time.parse("2000-01-01T00:00:00Z"),
1495
+ # status: "SUCCEEDED",
1496
+ # }
1497
+ #
1498
+ # @example Example: In progress finding recommendation
1499
+ #
1500
+ # resp = client.get_finding_recommendation({
1501
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1502
+ # id: "finding-id",
1503
+ # max_results: 3,
1504
+ # })
1505
+ #
1506
+ # resp.to_h outputs the following:
1507
+ # {
1508
+ # recommendation_type: "UnusedPermissionRecommendation",
1509
+ # resource_arn: "arn:aws:iam::111122223333:role/test",
1510
+ # started_at: Time.parse("2000-01-01T00:00:00Z"),
1511
+ # status: "IN_PROGRESS",
1512
+ # }
1513
+ #
1514
+ # @example Example: Failed finding recommendation
1515
+ #
1516
+ # resp = client.get_finding_recommendation({
1517
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1518
+ # id: "finding-id",
1519
+ # max_results: 3,
1520
+ # })
1521
+ #
1522
+ # resp.to_h outputs the following:
1523
+ # {
1524
+ # completed_at: Time.parse("2000-01-01T00:00:01Z"),
1525
+ # error: {
1526
+ # code: "SERVICE_ERROR",
1527
+ # message: "Service error. Please try again.",
1528
+ # },
1529
+ # recommendation_type: "UnusedPermissionRecommendation",
1530
+ # resource_arn: "arn:aws:iam::111122223333:role/test",
1531
+ # started_at: Time.parse("2000-01-01T00:00:00Z"),
1532
+ # status: "FAILED",
1533
+ # }
1534
+ #
1535
+ # @example Example: Failed field validation for id value
1536
+ #
1537
+ # resp = client.get_finding_recommendation({
1538
+ # analyzer_arn: "arn:aws:access-analyzer:us-east-1:111122223333:analyzer/a",
1539
+ # id: "!",
1540
+ # })
1541
+ #
1542
+ # @example Request syntax with placeholder values
1543
+ #
1544
+ # resp = client.get_finding_recommendation({
1545
+ # analyzer_arn: "AnalyzerArn", # required
1546
+ # id: "GetFindingRecommendationRequestIdString", # required
1547
+ # max_results: 1,
1548
+ # next_token: "Token",
1549
+ # })
1550
+ #
1551
+ # @example Response structure
1552
+ #
1553
+ # resp.started_at #=> Time
1554
+ # resp.completed_at #=> Time
1555
+ # resp.next_token #=> String
1556
+ # resp.error.code #=> String
1557
+ # resp.error.message #=> String
1558
+ # resp.resource_arn #=> String
1559
+ # resp.recommended_steps #=> Array
1560
+ # resp.recommended_steps[0].unused_permissions_recommended_step.policy_updated_at #=> Time
1561
+ # resp.recommended_steps[0].unused_permissions_recommended_step.recommended_action #=> String, one of "CREATE_POLICY", "DETACH_POLICY"
1562
+ # resp.recommended_steps[0].unused_permissions_recommended_step.recommended_policy #=> String
1563
+ # resp.recommended_steps[0].unused_permissions_recommended_step.existing_policy_id #=> String
1564
+ # resp.recommendation_type #=> String, one of "UnusedPermissionRecommendation"
1565
+ # resp.status #=> String, one of "SUCCEEDED", "FAILED", "IN_PROGRESS"
1566
+ #
1567
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendation AWS API Documentation
1568
+ #
1569
+ # @overload get_finding_recommendation(params = {})
1570
+ # @param [Hash] params ({})
1571
+ def get_finding_recommendation(params = {}, options = {})
1572
+ req = build_request(:get_finding_recommendation, params)
1573
+ req.send_request(options)
1574
+ end
1575
+
1228
1576
  # Retrieves information about the specified finding. GetFinding and
1229
1577
  # GetFindingV2 both use `access-analyzer:GetFinding` in the `Action`
1230
1578
  # element of an IAM policy statement. You must have permission to
@@ -2276,7 +2624,7 @@ module Aws::AccessAnalyzer
2276
2624
  params: params,
2277
2625
  config: config)
2278
2626
  context[:gem_name] = 'aws-sdk-accessanalyzer'
2279
- context[:gem_version] = '1.49.0'
2627
+ context[:gem_version] = '1.51.0'
2280
2628
  Seahorse::Client::Request.new(handlers, context)
2281
2629
  end
2282
2630
 
@@ -17,6 +17,7 @@ module Aws::AccessAnalyzer
17
17
  AccessActionsList = Shapes::ListShape.new(name: 'AccessActionsList')
18
18
  AccessCheckPolicyDocument = Shapes::StringShape.new(name: 'AccessCheckPolicyDocument')
19
19
  AccessCheckPolicyType = Shapes::StringShape.new(name: 'AccessCheckPolicyType')
20
+ AccessCheckResourceType = Shapes::StringShape.new(name: 'AccessCheckResourceType')
20
21
  AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
21
22
  AccessPointArn = Shapes::StringShape.new(name: 'AccessPointArn')
22
23
  AccessPointPolicy = Shapes::StringShape.new(name: 'AccessPointPolicy')
@@ -30,6 +31,7 @@ module Aws::AccessAnalyzer
30
31
  AccessPreviewStatusReasonCode = Shapes::StringShape.new(name: 'AccessPreviewStatusReasonCode')
31
32
  AccessPreviewSummary = Shapes::StructureShape.new(name: 'AccessPreviewSummary')
32
33
  AccessPreviewsList = Shapes::ListShape.new(name: 'AccessPreviewsList')
34
+ AccessResourcesList = Shapes::ListShape.new(name: 'AccessResourcesList')
33
35
  AclCanonicalId = Shapes::StringShape.new(name: 'AclCanonicalId')
34
36
  AclGrantee = Shapes::UnionShape.new(name: 'AclGrantee')
35
37
  AclPermission = Shapes::StringShape.new(name: 'AclPermission')
@@ -57,6 +59,9 @@ module Aws::AccessAnalyzer
57
59
  CheckNoNewAccessRequest = Shapes::StructureShape.new(name: 'CheckNoNewAccessRequest')
58
60
  CheckNoNewAccessResponse = Shapes::StructureShape.new(name: 'CheckNoNewAccessResponse')
59
61
  CheckNoNewAccessResult = Shapes::StringShape.new(name: 'CheckNoNewAccessResult')
62
+ CheckNoPublicAccessRequest = Shapes::StructureShape.new(name: 'CheckNoPublicAccessRequest')
63
+ CheckNoPublicAccessResponse = Shapes::StructureShape.new(name: 'CheckNoPublicAccessResponse')
64
+ CheckNoPublicAccessResult = Shapes::StringShape.new(name: 'CheckNoPublicAccessResult')
60
65
  CloudTrailArn = Shapes::StringShape.new(name: 'CloudTrailArn')
61
66
  CloudTrailDetails = Shapes::StructureShape.new(name: 'CloudTrailDetails')
62
67
  CloudTrailProperties = Shapes::StructureShape.new(name: 'CloudTrailProperties')
@@ -106,6 +111,8 @@ module Aws::AccessAnalyzer
106
111
  FindingType = Shapes::StringShape.new(name: 'FindingType')
107
112
  FindingsList = Shapes::ListShape.new(name: 'FindingsList')
108
113
  FindingsListV2 = Shapes::ListShape.new(name: 'FindingsListV2')
114
+ GenerateFindingRecommendationRequest = Shapes::StructureShape.new(name: 'GenerateFindingRecommendationRequest')
115
+ GenerateFindingRecommendationRequestIdString = Shapes::StringShape.new(name: 'GenerateFindingRecommendationRequestIdString')
109
116
  GeneratedPolicy = Shapes::StructureShape.new(name: 'GeneratedPolicy')
110
117
  GeneratedPolicyList = Shapes::ListShape.new(name: 'GeneratedPolicyList')
111
118
  GeneratedPolicyProperties = Shapes::StructureShape.new(name: 'GeneratedPolicyProperties')
@@ -118,6 +125,10 @@ module Aws::AccessAnalyzer
118
125
  GetAnalyzerResponse = Shapes::StructureShape.new(name: 'GetAnalyzerResponse')
119
126
  GetArchiveRuleRequest = Shapes::StructureShape.new(name: 'GetArchiveRuleRequest')
120
127
  GetArchiveRuleResponse = Shapes::StructureShape.new(name: 'GetArchiveRuleResponse')
128
+ GetFindingRecommendationRequest = Shapes::StructureShape.new(name: 'GetFindingRecommendationRequest')
129
+ GetFindingRecommendationRequestIdString = Shapes::StringShape.new(name: 'GetFindingRecommendationRequestIdString')
130
+ GetFindingRecommendationRequestMaxResultsInteger = Shapes::IntegerShape.new(name: 'GetFindingRecommendationRequestMaxResultsInteger')
131
+ GetFindingRecommendationResponse = Shapes::StructureShape.new(name: 'GetFindingRecommendationResponse')
121
132
  GetFindingRequest = Shapes::StructureShape.new(name: 'GetFindingRequest')
122
133
  GetFindingResponse = Shapes::StructureShape.new(name: 'GetFindingResponse')
123
134
  GetFindingV2Request = Shapes::StructureShape.new(name: 'GetFindingV2Request')
@@ -205,7 +216,13 @@ module Aws::AccessAnalyzer
205
216
  ReasonCode = Shapes::StringShape.new(name: 'ReasonCode')
206
217
  ReasonSummary = Shapes::StructureShape.new(name: 'ReasonSummary')
207
218
  ReasonSummaryList = Shapes::ListShape.new(name: 'ReasonSummaryList')
219
+ RecommendationError = Shapes::StructureShape.new(name: 'RecommendationError')
220
+ RecommendationType = Shapes::StringShape.new(name: 'RecommendationType')
221
+ RecommendedRemediationAction = Shapes::StringShape.new(name: 'RecommendedRemediationAction')
222
+ RecommendedStep = Shapes::UnionShape.new(name: 'RecommendedStep')
223
+ RecommendedStepList = Shapes::ListShape.new(name: 'RecommendedStepList')
208
224
  RegionList = Shapes::ListShape.new(name: 'RegionList')
225
+ Resource = Shapes::StringShape.new(name: 'Resource')
209
226
  ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
210
227
  ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
211
228
  ResourceType = Shapes::StringShape.new(name: 'ResourceType')
@@ -234,6 +251,7 @@ module Aws::AccessAnalyzer
234
251
  StartPolicyGenerationRequest = Shapes::StructureShape.new(name: 'StartPolicyGenerationRequest')
235
252
  StartPolicyGenerationResponse = Shapes::StructureShape.new(name: 'StartPolicyGenerationResponse')
236
253
  StartResourceScanRequest = Shapes::StructureShape.new(name: 'StartResourceScanRequest')
254
+ Status = Shapes::StringShape.new(name: 'Status')
237
255
  StatusReason = Shapes::StructureShape.new(name: 'StatusReason')
238
256
  String = Shapes::StringShape.new(name: 'String')
239
257
  Substring = Shapes::StructureShape.new(name: 'Substring')
@@ -259,6 +277,7 @@ module Aws::AccessAnalyzer
259
277
  UnusedIamUserAccessKeyDetails = Shapes::StructureShape.new(name: 'UnusedIamUserAccessKeyDetails')
260
278
  UnusedIamUserPasswordDetails = Shapes::StructureShape.new(name: 'UnusedIamUserPasswordDetails')
261
279
  UnusedPermissionDetails = Shapes::StructureShape.new(name: 'UnusedPermissionDetails')
280
+ UnusedPermissionsRecommendedStep = Shapes::StructureShape.new(name: 'UnusedPermissionsRecommendedStep')
262
281
  UpdateArchiveRuleRequest = Shapes::StructureShape.new(name: 'UpdateArchiveRuleRequest')
263
282
  UpdateFindingsRequest = Shapes::StructureShape.new(name: 'UpdateFindingsRequest')
264
283
  ValidatePolicyFinding = Shapes::StructureShape.new(name: 'ValidatePolicyFinding')
@@ -275,7 +294,8 @@ module Aws::AccessAnalyzer
275
294
  VpcConfiguration = Shapes::StructureShape.new(name: 'VpcConfiguration')
276
295
  VpcId = Shapes::StringShape.new(name: 'VpcId')
277
296
 
278
- Access.add_member(:actions, Shapes::ShapeRef.new(shape: AccessActionsList, required: true, location_name: "actions"))
297
+ Access.add_member(:actions, Shapes::ShapeRef.new(shape: AccessActionsList, location_name: "actions"))
298
+ Access.add_member(:resources, Shapes::ShapeRef.new(shape: AccessResourcesList, location_name: "resources"))
279
299
  Access.struct_class = Types::Access
280
300
 
281
301
  AccessActionsList.member = Shapes::ShapeRef.new(shape: Action)
@@ -322,6 +342,8 @@ module Aws::AccessAnalyzer
322
342
 
323
343
  AccessPreviewsList.member = Shapes::ShapeRef.new(shape: AccessPreviewSummary)
324
344
 
345
+ AccessResourcesList.member = Shapes::ShapeRef.new(shape: Resource)
346
+
325
347
  AclGrantee.add_member(:id, Shapes::ShapeRef.new(shape: AclCanonicalId, location_name: "id"))
326
348
  AclGrantee.add_member(:uri, Shapes::ShapeRef.new(shape: AclUri, location_name: "uri"))
327
349
  AclGrantee.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
@@ -412,6 +434,15 @@ module Aws::AccessAnalyzer
412
434
  CheckNoNewAccessResponse.add_member(:reasons, Shapes::ShapeRef.new(shape: ReasonSummaryList, location_name: "reasons"))
413
435
  CheckNoNewAccessResponse.struct_class = Types::CheckNoNewAccessResponse
414
436
 
437
+ CheckNoPublicAccessRequest.add_member(:policy_document, Shapes::ShapeRef.new(shape: AccessCheckPolicyDocument, required: true, location_name: "policyDocument"))
438
+ CheckNoPublicAccessRequest.add_member(:resource_type, Shapes::ShapeRef.new(shape: AccessCheckResourceType, required: true, location_name: "resourceType"))
439
+ CheckNoPublicAccessRequest.struct_class = Types::CheckNoPublicAccessRequest
440
+
441
+ CheckNoPublicAccessResponse.add_member(:result, Shapes::ShapeRef.new(shape: CheckNoPublicAccessResult, location_name: "result"))
442
+ CheckNoPublicAccessResponse.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
443
+ CheckNoPublicAccessResponse.add_member(:reasons, Shapes::ShapeRef.new(shape: ReasonSummaryList, location_name: "reasons"))
444
+ CheckNoPublicAccessResponse.struct_class = Types::CheckNoPublicAccessResponse
445
+
415
446
  CloudTrailDetails.add_member(:trails, Shapes::ShapeRef.new(shape: TrailList, required: true, location_name: "trails"))
416
447
  CloudTrailDetails.add_member(:access_role, Shapes::ShapeRef.new(shape: RoleArn, required: true, location_name: "accessRole"))
417
448
  CloudTrailDetails.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "startTime"))
@@ -613,6 +644,10 @@ module Aws::AccessAnalyzer
613
644
 
614
645
  FindingsListV2.member = Shapes::ShapeRef.new(shape: FindingSummaryV2)
615
646
 
647
+ GenerateFindingRecommendationRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location: "querystring", location_name: "analyzerArn"))
648
+ GenerateFindingRecommendationRequest.add_member(:id, Shapes::ShapeRef.new(shape: GenerateFindingRecommendationRequestIdString, required: true, location: "uri", location_name: "id"))
649
+ GenerateFindingRecommendationRequest.struct_class = Types::GenerateFindingRecommendationRequest
650
+
616
651
  GeneratedPolicy.add_member(:policy, Shapes::ShapeRef.new(shape: String, required: true, location_name: "policy"))
617
652
  GeneratedPolicy.struct_class = Types::GeneratedPolicy
618
653
 
@@ -654,6 +689,22 @@ module Aws::AccessAnalyzer
654
689
  GetArchiveRuleResponse.add_member(:archive_rule, Shapes::ShapeRef.new(shape: ArchiveRuleSummary, required: true, location_name: "archiveRule"))
655
690
  GetArchiveRuleResponse.struct_class = Types::GetArchiveRuleResponse
656
691
 
692
+ GetFindingRecommendationRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location: "querystring", location_name: "analyzerArn"))
693
+ GetFindingRecommendationRequest.add_member(:id, Shapes::ShapeRef.new(shape: GetFindingRecommendationRequestIdString, required: true, location: "uri", location_name: "id"))
694
+ GetFindingRecommendationRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: GetFindingRecommendationRequestMaxResultsInteger, location: "querystring", location_name: "maxResults"))
695
+ GetFindingRecommendationRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location: "querystring", location_name: "nextToken"))
696
+ GetFindingRecommendationRequest.struct_class = Types::GetFindingRecommendationRequest
697
+
698
+ GetFindingRecommendationResponse.add_member(:started_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "startedAt"))
699
+ GetFindingRecommendationResponse.add_member(:completed_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "completedAt"))
700
+ GetFindingRecommendationResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: Token, location_name: "nextToken"))
701
+ GetFindingRecommendationResponse.add_member(:error, Shapes::ShapeRef.new(shape: RecommendationError, location_name: "error"))
702
+ GetFindingRecommendationResponse.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "resourceArn"))
703
+ GetFindingRecommendationResponse.add_member(:recommended_steps, Shapes::ShapeRef.new(shape: RecommendedStepList, location_name: "recommendedSteps"))
704
+ GetFindingRecommendationResponse.add_member(:recommendation_type, Shapes::ShapeRef.new(shape: RecommendationType, required: true, location_name: "recommendationType"))
705
+ GetFindingRecommendationResponse.add_member(:status, Shapes::ShapeRef.new(shape: Status, required: true, location_name: "status"))
706
+ GetFindingRecommendationResponse.struct_class = Types::GetFindingRecommendationResponse
707
+
657
708
  GetFindingRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location: "querystring", location_name: "analyzerArn"))
658
709
  GetFindingRequest.add_member(:id, Shapes::ShapeRef.new(shape: FindingId, required: true, location: "uri", location_name: "id"))
659
710
  GetFindingRequest.struct_class = Types::GetFindingRequest
@@ -914,6 +965,18 @@ module Aws::AccessAnalyzer
914
965
 
915
966
  ReasonSummaryList.member = Shapes::ShapeRef.new(shape: ReasonSummary)
916
967
 
968
+ RecommendationError.add_member(:code, Shapes::ShapeRef.new(shape: String, required: true, location_name: "code"))
969
+ RecommendationError.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
970
+ RecommendationError.struct_class = Types::RecommendationError
971
+
972
+ RecommendedStep.add_member(:unused_permissions_recommended_step, Shapes::ShapeRef.new(shape: UnusedPermissionsRecommendedStep, location_name: "unusedPermissionsRecommendedStep"))
973
+ RecommendedStep.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
974
+ RecommendedStep.add_member_subclass(:unused_permissions_recommended_step, Types::RecommendedStep::UnusedPermissionsRecommendedStep)
975
+ RecommendedStep.add_member_subclass(:unknown, Types::RecommendedStep::Unknown)
976
+ RecommendedStep.struct_class = Types::RecommendedStep
977
+
978
+ RecommendedStepList.member = Shapes::ShapeRef.new(shape: RecommendedStep)
979
+
917
980
  RegionList.member = Shapes::ShapeRef.new(shape: String)
918
981
 
919
982
  ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -1055,6 +1118,12 @@ module Aws::AccessAnalyzer
1055
1118
  UnusedPermissionDetails.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
1056
1119
  UnusedPermissionDetails.struct_class = Types::UnusedPermissionDetails
1057
1120
 
1121
+ UnusedPermissionsRecommendedStep.add_member(:policy_updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "policyUpdatedAt"))
1122
+ UnusedPermissionsRecommendedStep.add_member(:recommended_action, Shapes::ShapeRef.new(shape: RecommendedRemediationAction, required: true, location_name: "recommendedAction"))
1123
+ UnusedPermissionsRecommendedStep.add_member(:recommended_policy, Shapes::ShapeRef.new(shape: String, location_name: "recommendedPolicy"))
1124
+ UnusedPermissionsRecommendedStep.add_member(:existing_policy_id, Shapes::ShapeRef.new(shape: String, location_name: "existingPolicyId"))
1125
+ UnusedPermissionsRecommendedStep.struct_class = Types::UnusedPermissionsRecommendedStep
1126
+
1058
1127
  UpdateArchiveRuleRequest.add_member(:analyzer_name, Shapes::ShapeRef.new(shape: Name, required: true, location: "uri", location_name: "analyzerName"))
1059
1128
  UpdateArchiveRuleRequest.add_member(:rule_name, Shapes::ShapeRef.new(shape: Name, required: true, location: "uri", location_name: "ruleName"))
1060
1129
  UpdateArchiveRuleRequest.add_member(:filter, Shapes::ShapeRef.new(shape: FilterCriteriaMap, required: true, location_name: "filter"))
@@ -1114,8 +1183,8 @@ module Aws::AccessAnalyzer
1114
1183
  api.metadata = {
1115
1184
  "apiVersion" => "2019-11-01",
1116
1185
  "endpointPrefix" => "access-analyzer",
1117
- "jsonVersion" => "1.1",
1118
1186
  "protocol" => "rest-json",
1187
+ "protocols" => ["rest-json"],
1119
1188
  "serviceFullName" => "Access Analyzer",
1120
1189
  "serviceId" => "AccessAnalyzer",
1121
1190
  "signatureVersion" => "v4",
@@ -1176,6 +1245,20 @@ module Aws::AccessAnalyzer
1176
1245
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1177
1246
  end)
1178
1247
 
1248
+ api.add_operation(:check_no_public_access, Seahorse::Model::Operation.new.tap do |o|
1249
+ o.name = "CheckNoPublicAccess"
1250
+ o.http_method = "POST"
1251
+ o.http_request_uri = "/policy/check-no-public-access"
1252
+ o.input = Shapes::ShapeRef.new(shape: CheckNoPublicAccessRequest)
1253
+ o.output = Shapes::ShapeRef.new(shape: CheckNoPublicAccessResponse)
1254
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1255
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1256
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
1257
+ o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
1258
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1259
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1260
+ end)
1261
+
1179
1262
  api.add_operation(:create_access_preview, Seahorse::Model::Operation.new.tap do |o|
1180
1263
  o.name = "CreateAccessPreview"
1181
1264
  o.http_method = "PUT"
@@ -1246,6 +1329,18 @@ module Aws::AccessAnalyzer
1246
1329
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1247
1330
  end)
1248
1331
 
1332
+ api.add_operation(:generate_finding_recommendation, Seahorse::Model::Operation.new.tap do |o|
1333
+ o.name = "GenerateFindingRecommendation"
1334
+ o.http_method = "POST"
1335
+ o.http_request_uri = "/recommendation/{id}"
1336
+ o.input = Shapes::ShapeRef.new(shape: GenerateFindingRecommendationRequest)
1337
+ o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
1338
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1339
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1340
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1341
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1342
+ end)
1343
+
1249
1344
  api.add_operation(:get_access_preview, Seahorse::Model::Operation.new.tap do |o|
1250
1345
  o.name = "GetAccessPreview"
1251
1346
  o.http_method = "GET"
@@ -1311,6 +1406,25 @@ module Aws::AccessAnalyzer
1311
1406
  o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1312
1407
  end)
1313
1408
 
1409
+ api.add_operation(:get_finding_recommendation, Seahorse::Model::Operation.new.tap do |o|
1410
+ o.name = "GetFindingRecommendation"
1411
+ o.http_method = "GET"
1412
+ o.http_request_uri = "/recommendation/{id}"
1413
+ o.input = Shapes::ShapeRef.new(shape: GetFindingRecommendationRequest)
1414
+ o.output = Shapes::ShapeRef.new(shape: GetFindingRecommendationResponse)
1415
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
1416
+ o.errors << Shapes::ShapeRef.new(shape: ValidationException)
1417
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
1418
+ o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
1419
+ o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
1420
+ o[:pager] = Aws::Pager.new(
1421
+ limit_key: "max_results",
1422
+ tokens: {
1423
+ "next_token" => "next_token"
1424
+ }
1425
+ )
1426
+ end)
1427
+
1314
1428
  api.add_operation(:get_finding_v2, Seahorse::Model::Operation.new.tap do |o|
1315
1429
  o.name = "GetFindingV2"
1316
1430
  o.http_method = "GET"
@@ -68,6 +68,20 @@ module Aws::AccessAnalyzer
68
68
  end
69
69
  end
70
70
 
71
+ class CheckNoPublicAccess
72
+ def self.build(context)
73
+ unless context.config.regional_endpoint
74
+ endpoint = context.config.endpoint.to_s
75
+ end
76
+ Aws::AccessAnalyzer::EndpointParameters.new(
77
+ region: context.config.region,
78
+ use_dual_stack: context.config.use_dualstack_endpoint,
79
+ use_fips: context.config.use_fips_endpoint,
80
+ endpoint: endpoint,
81
+ )
82
+ end
83
+ end
84
+
71
85
  class CreateAccessPreview
72
86
  def self.build(context)
73
87
  unless context.config.regional_endpoint
@@ -138,6 +152,20 @@ module Aws::AccessAnalyzer
138
152
  end
139
153
  end
140
154
 
155
+ class GenerateFindingRecommendation
156
+ def self.build(context)
157
+ unless context.config.regional_endpoint
158
+ endpoint = context.config.endpoint.to_s
159
+ end
160
+ Aws::AccessAnalyzer::EndpointParameters.new(
161
+ region: context.config.region,
162
+ use_dual_stack: context.config.use_dualstack_endpoint,
163
+ use_fips: context.config.use_fips_endpoint,
164
+ endpoint: endpoint,
165
+ )
166
+ end
167
+ end
168
+
141
169
  class GetAccessPreview
142
170
  def self.build(context)
143
171
  unless context.config.regional_endpoint
@@ -208,6 +236,20 @@ module Aws::AccessAnalyzer
208
236
  end
209
237
  end
210
238
 
239
+ class GetFindingRecommendation
240
+ def self.build(context)
241
+ unless context.config.regional_endpoint
242
+ endpoint = context.config.endpoint.to_s
243
+ end
244
+ Aws::AccessAnalyzer::EndpointParameters.new(
245
+ region: context.config.region,
246
+ use_dual_stack: context.config.use_dualstack_endpoint,
247
+ use_fips: context.config.use_fips_endpoint,
248
+ endpoint: endpoint,
249
+ )
250
+ end
251
+ end
252
+
211
253
  class GetFindingV2
212
254
  def self.build(context)
213
255
  unless context.config.regional_endpoint
@@ -66,6 +66,8 @@ module Aws::AccessAnalyzer
66
66
  Aws::AccessAnalyzer::Endpoints::CheckAccessNotGranted.build(context)
67
67
  when :check_no_new_access
68
68
  Aws::AccessAnalyzer::Endpoints::CheckNoNewAccess.build(context)
69
+ when :check_no_public_access
70
+ Aws::AccessAnalyzer::Endpoints::CheckNoPublicAccess.build(context)
69
71
  when :create_access_preview
70
72
  Aws::AccessAnalyzer::Endpoints::CreateAccessPreview.build(context)
71
73
  when :create_analyzer
@@ -76,6 +78,8 @@ module Aws::AccessAnalyzer
76
78
  Aws::AccessAnalyzer::Endpoints::DeleteAnalyzer.build(context)
77
79
  when :delete_archive_rule
78
80
  Aws::AccessAnalyzer::Endpoints::DeleteArchiveRule.build(context)
81
+ when :generate_finding_recommendation
82
+ Aws::AccessAnalyzer::Endpoints::GenerateFindingRecommendation.build(context)
79
83
  when :get_access_preview
80
84
  Aws::AccessAnalyzer::Endpoints::GetAccessPreview.build(context)
81
85
  when :get_analyzed_resource
@@ -86,6 +90,8 @@ module Aws::AccessAnalyzer
86
90
  Aws::AccessAnalyzer::Endpoints::GetArchiveRule.build(context)
87
91
  when :get_finding
88
92
  Aws::AccessAnalyzer::Endpoints::GetFinding.build(context)
93
+ when :get_finding_recommendation
94
+ Aws::AccessAnalyzer::Endpoints::GetFindingRecommendation.build(context)
89
95
  when :get_finding_v2
90
96
  Aws::AccessAnalyzer::Endpoints::GetFindingV2.build(context)
91
97
  when :get_generated_policy
@@ -10,8 +10,8 @@
10
10
  module Aws::AccessAnalyzer
11
11
  module Types
12
12
 
13
- # Contains information about actions that define permissions to check
14
- # against a policy.
13
+ # Contains information about actions and resources that define
14
+ # permissions to check against a policy.
15
15
  #
16
16
  # @!attribute [rw] actions
17
17
  # A list of actions for the access permissions. Any strings that can
@@ -19,10 +19,17 @@ module Aws::AccessAnalyzer
19
19
  # actions to check.
20
20
  # @return [Array<String>]
21
21
  #
22
+ # @!attribute [rw] resources
23
+ # A list of resources for the access permissions. Any strings that can
24
+ # be used as a resource in an IAM policy can be used in the list of
25
+ # resources to check.
26
+ # @return [Array<String>]
27
+ #
22
28
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/Access AWS API Documentation
23
29
  #
24
30
  class Access < Struct.new(
25
- :actions)
31
+ :actions,
32
+ :resources)
26
33
  SENSITIVE = []
27
34
  include Aws::Structure
28
35
  end
@@ -575,7 +582,13 @@ module Aws::AccessAnalyzer
575
582
  #
576
583
  # @!attribute [rw] access
577
584
  # An access object containing the permissions that shouldn't be
578
- # granted by the specified policy.
585
+ # granted by the specified policy. If only actions are specified, IAM
586
+ # Access Analyzer checks for access of the actions on all resources in
587
+ # the policy. If only resources are specified, then IAM Access
588
+ # Analyzer checks which actions have access to the specified
589
+ # resources. If both actions and resources are specified, then IAM
590
+ # Access Analyzer checks which of the specified actions have access to
591
+ # the specified resources.
579
592
  # @return [Array<Types::Access>]
580
593
  #
581
594
  # @!attribute [rw] policy_type
@@ -682,6 +695,55 @@ module Aws::AccessAnalyzer
682
695
  include Aws::Structure
683
696
  end
684
697
 
698
+ # @!attribute [rw] policy_document
699
+ # The JSON policy document to evaluate for public access.
700
+ # @return [String]
701
+ #
702
+ # @!attribute [rw] resource_type
703
+ # The type of resource to evaluate for public access. For example, to
704
+ # check for public access to Amazon S3 buckets, you can choose
705
+ # `AWS::S3::Bucket` for the resource type.
706
+ #
707
+ # For resource types not supported as valid values, IAM Access
708
+ # Analyzer will return an error.
709
+ # @return [String]
710
+ #
711
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccessRequest AWS API Documentation
712
+ #
713
+ class CheckNoPublicAccessRequest < Struct.new(
714
+ :policy_document,
715
+ :resource_type)
716
+ SENSITIVE = [:policy_document]
717
+ include Aws::Structure
718
+ end
719
+
720
+ # @!attribute [rw] result
721
+ # The result of the check for public access to the specified resource
722
+ # type. If the result is `PASS`, the policy doesn't allow public
723
+ # access to the specified resource type. If the result is `FAIL`, the
724
+ # policy might allow public access to the specified resource type.
725
+ # @return [String]
726
+ #
727
+ # @!attribute [rw] message
728
+ # The message indicating whether the specified policy allows public
729
+ # access to resources.
730
+ # @return [String]
731
+ #
732
+ # @!attribute [rw] reasons
733
+ # A list of reasons why the specified resource policy grants public
734
+ # access for the resource type.
735
+ # @return [Array<Types::ReasonSummary>]
736
+ #
737
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccessResponse AWS API Documentation
738
+ #
739
+ class CheckNoPublicAccessResponse < Struct.new(
740
+ :result,
741
+ :message,
742
+ :reasons)
743
+ SENSITIVE = []
744
+ include Aws::Structure
745
+ end
746
+
685
747
  # Contains information about CloudTrail access.
686
748
  #
687
749
  # @!attribute [rw] trails
@@ -1687,6 +1749,28 @@ module Aws::AccessAnalyzer
1687
1749
  include Aws::Structure
1688
1750
  end
1689
1751
 
1752
+ # @!attribute [rw] analyzer_arn
1753
+ # The [ARN of the analyzer][1] used to generate the finding
1754
+ # recommendation.
1755
+ #
1756
+ #
1757
+ #
1758
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
1759
+ # @return [String]
1760
+ #
1761
+ # @!attribute [rw] id
1762
+ # The unique ID for the finding recommendation.
1763
+ # @return [String]
1764
+ #
1765
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GenerateFindingRecommendationRequest AWS API Documentation
1766
+ #
1767
+ class GenerateFindingRecommendationRequest < Struct.new(
1768
+ :analyzer_arn,
1769
+ :id)
1770
+ SENSITIVE = []
1771
+ include Aws::Structure
1772
+ end
1773
+
1690
1774
  # Contains the text for the generated policy.
1691
1775
  #
1692
1776
  # @!attribute [rw] policy
@@ -1891,6 +1975,88 @@ module Aws::AccessAnalyzer
1891
1975
  include Aws::Structure
1892
1976
  end
1893
1977
 
1978
+ # @!attribute [rw] analyzer_arn
1979
+ # The [ARN of the analyzer][1] used to generate the finding
1980
+ # recommendation.
1981
+ #
1982
+ #
1983
+ #
1984
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
1985
+ # @return [String]
1986
+ #
1987
+ # @!attribute [rw] id
1988
+ # The unique ID for the finding recommendation.
1989
+ # @return [String]
1990
+ #
1991
+ # @!attribute [rw] max_results
1992
+ # The maximum number of results to return in the response.
1993
+ # @return [Integer]
1994
+ #
1995
+ # @!attribute [rw] next_token
1996
+ # A token used for pagination of results returned.
1997
+ # @return [String]
1998
+ #
1999
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendationRequest AWS API Documentation
2000
+ #
2001
+ class GetFindingRecommendationRequest < Struct.new(
2002
+ :analyzer_arn,
2003
+ :id,
2004
+ :max_results,
2005
+ :next_token)
2006
+ SENSITIVE = []
2007
+ include Aws::Structure
2008
+ end
2009
+
2010
+ # @!attribute [rw] started_at
2011
+ # The time at which the retrieval of the finding recommendation was
2012
+ # started.
2013
+ # @return [Time]
2014
+ #
2015
+ # @!attribute [rw] completed_at
2016
+ # The time at which the retrieval of the finding recommendation was
2017
+ # completed.
2018
+ # @return [Time]
2019
+ #
2020
+ # @!attribute [rw] next_token
2021
+ # A token used for pagination of results returned.
2022
+ # @return [String]
2023
+ #
2024
+ # @!attribute [rw] error
2025
+ # Detailed information about the reason that the retrieval of a
2026
+ # recommendation for the finding failed.
2027
+ # @return [Types::RecommendationError]
2028
+ #
2029
+ # @!attribute [rw] resource_arn
2030
+ # The ARN of the resource of the finding.
2031
+ # @return [String]
2032
+ #
2033
+ # @!attribute [rw] recommended_steps
2034
+ # A group of recommended steps for the finding.
2035
+ # @return [Array<Types::RecommendedStep>]
2036
+ #
2037
+ # @!attribute [rw] recommendation_type
2038
+ # The type of recommendation for the finding.
2039
+ # @return [String]
2040
+ #
2041
+ # @!attribute [rw] status
2042
+ # The status of the retrieval of the finding recommendation.
2043
+ # @return [String]
2044
+ #
2045
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendationResponse AWS API Documentation
2046
+ #
2047
+ class GetFindingRecommendationResponse < Struct.new(
2048
+ :started_at,
2049
+ :completed_at,
2050
+ :next_token,
2051
+ :error,
2052
+ :resource_arn,
2053
+ :recommended_steps,
2054
+ :recommendation_type,
2055
+ :status)
2056
+ SENSITIVE = []
2057
+ include Aws::Structure
2058
+ end
2059
+
1894
2060
  # Retrieves a finding.
1895
2061
  #
1896
2062
  # @!attribute [rw] analyzer_arn
@@ -3167,6 +3333,50 @@ module Aws::AccessAnalyzer
3167
3333
  include Aws::Structure
3168
3334
  end
3169
3335
 
3336
+ # Contains information about the reason that the retrieval of a
3337
+ # recommendation for a finding failed.
3338
+ #
3339
+ # @!attribute [rw] code
3340
+ # The error code for a failed retrieval of a recommendation for a
3341
+ # finding.
3342
+ # @return [String]
3343
+ #
3344
+ # @!attribute [rw] message
3345
+ # The error message for a failed retrieval of a recommendation for a
3346
+ # finding.
3347
+ # @return [String]
3348
+ #
3349
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RecommendationError AWS API Documentation
3350
+ #
3351
+ class RecommendationError < Struct.new(
3352
+ :code,
3353
+ :message)
3354
+ SENSITIVE = []
3355
+ include Aws::Structure
3356
+ end
3357
+
3358
+ # Contains information about a recommended step for an unused access
3359
+ # analyzer finding.
3360
+ #
3361
+ # @note RecommendedStep is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of RecommendedStep corresponding to the set member.
3362
+ #
3363
+ # @!attribute [rw] unused_permissions_recommended_step
3364
+ # A recommended step for an unused permissions finding.
3365
+ # @return [Types::UnusedPermissionsRecommendedStep]
3366
+ #
3367
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RecommendedStep AWS API Documentation
3368
+ #
3369
+ class RecommendedStep < Struct.new(
3370
+ :unused_permissions_recommended_step,
3371
+ :unknown)
3372
+ SENSITIVE = []
3373
+ include Aws::Structure
3374
+ include Aws::Structure::Union
3375
+
3376
+ class UnusedPermissionsRecommendedStep < RecommendedStep; end
3377
+ class Unknown < RecommendedStep; end
3378
+ end
3379
+
3170
3380
  # The specified resource could not be found.
3171
3381
  #
3172
3382
  # @!attribute [rw] message
@@ -3930,7 +4140,7 @@ module Aws::AccessAnalyzer
3930
4140
  # @return [String]
3931
4141
  #
3932
4142
  # @!attribute [rw] last_accessed
3933
- # The time at which the permission last accessed.
4143
+ # The time at which the permission was last accessed.
3934
4144
  # @return [Time]
3935
4145
  #
3936
4146
  # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UnusedPermissionDetails AWS API Documentation
@@ -3943,6 +4153,41 @@ module Aws::AccessAnalyzer
3943
4153
  include Aws::Structure
3944
4154
  end
3945
4155
 
4156
+ # Contains information about the action to take for a policy in an
4157
+ # unused permissions finding.
4158
+ #
4159
+ # @!attribute [rw] policy_updated_at
4160
+ # The time at which the existing policy for the unused permissions
4161
+ # finding was last updated.
4162
+ # @return [Time]
4163
+ #
4164
+ # @!attribute [rw] recommended_action
4165
+ # A recommendation of whether to create or detach a policy for an
4166
+ # unused permissions finding.
4167
+ # @return [String]
4168
+ #
4169
+ # @!attribute [rw] recommended_policy
4170
+ # If the recommended action for the unused permissions finding is to
4171
+ # replace the existing policy, the contents of the recommended policy
4172
+ # to replace the policy specified in the `existingPolicyId` field.
4173
+ # @return [String]
4174
+ #
4175
+ # @!attribute [rw] existing_policy_id
4176
+ # If the recommended action for the unused permissions finding is to
4177
+ # detach a policy, the ID of an existing policy to be detached.
4178
+ # @return [String]
4179
+ #
4180
+ # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UnusedPermissionsRecommendedStep AWS API Documentation
4181
+ #
4182
+ class UnusedPermissionsRecommendedStep < Struct.new(
4183
+ :policy_updated_at,
4184
+ :recommended_action,
4185
+ :recommended_policy,
4186
+ :existing_policy_id)
4187
+ SENSITIVE = []
4188
+ include Aws::Structure
4189
+ end
4190
+
3946
4191
  # Updates the specified archive rule.
3947
4192
  #
3948
4193
  # @!attribute [rw] analyzer_name
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
52
52
  # @!group service
53
53
  module Aws::AccessAnalyzer
54
54
 
55
- GEM_VERSION = '1.49.0'
55
+ GEM_VERSION = '1.51.0'
56
56
 
57
57
  end
data/sig/client.rbs CHANGED
@@ -100,7 +100,8 @@ module Aws
100
100
  policy_document: ::String,
101
101
  access: Array[
102
102
  {
103
- actions: Array[::String]
103
+ actions: Array[::String]?,
104
+ resources: Array[::String]?
104
105
  },
105
106
  ],
106
107
  policy_type: ("IDENTITY_POLICY" | "RESOURCE_POLICY")
@@ -121,6 +122,19 @@ module Aws
121
122
  ) -> _CheckNoNewAccessResponseSuccess
122
123
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CheckNoNewAccessResponseSuccess
123
124
 
125
+ interface _CheckNoPublicAccessResponseSuccess
126
+ include ::Seahorse::Client::_ResponseSuccess[Types::CheckNoPublicAccessResponse]
127
+ def result: () -> ("PASS" | "FAIL")
128
+ def message: () -> ::String
129
+ def reasons: () -> ::Array[Types::ReasonSummary]
130
+ end
131
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#check_no_public_access-instance_method
132
+ def check_no_public_access: (
133
+ policy_document: ::String,
134
+ resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument")
135
+ ) -> _CheckNoPublicAccessResponseSuccess
136
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CheckNoPublicAccessResponseSuccess
137
+
124
138
  interface _CreateAccessPreviewResponseSuccess
125
139
  include ::Seahorse::Client::_ResponseSuccess[Types::CreateAccessPreviewResponse]
126
140
  def id: () -> ::String
@@ -282,6 +296,13 @@ module Aws
282
296
  ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
283
297
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
284
298
 
299
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#generate_finding_recommendation-instance_method
300
+ def generate_finding_recommendation: (
301
+ analyzer_arn: ::String,
302
+ id: ::String
303
+ ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
304
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
305
+
285
306
  interface _GetAccessPreviewResponseSuccess
286
307
  include ::Seahorse::Client::_ResponseSuccess[Types::GetAccessPreviewResponse]
287
308
  def access_preview: () -> Types::AccessPreview
@@ -336,6 +357,25 @@ module Aws
336
357
  ) -> _GetFindingResponseSuccess
337
358
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetFindingResponseSuccess
338
359
 
360
+ interface _GetFindingRecommendationResponseSuccess
361
+ include ::Seahorse::Client::_ResponseSuccess[Types::GetFindingRecommendationResponse]
362
+ def started_at: () -> ::Time
363
+ def completed_at: () -> ::Time
364
+ def next_token: () -> ::String
365
+ def resource_arn: () -> ::String
366
+ def recommended_steps: () -> ::Array[Types::RecommendedStep]
367
+ def recommendation_type: () -> ("UnusedPermissionRecommendation")
368
+ def status: () -> ("SUCCEEDED" | "FAILED" | "IN_PROGRESS")
369
+ end
370
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#get_finding_recommendation-instance_method
371
+ def get_finding_recommendation: (
372
+ analyzer_arn: ::String,
373
+ id: ::String,
374
+ ?max_results: ::Integer,
375
+ ?next_token: ::String
376
+ ) -> _GetFindingRecommendationResponseSuccess
377
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetFindingRecommendationResponseSuccess
378
+
339
379
  interface _GetFindingV2ResponseSuccess
340
380
  include ::Seahorse::Client::_ResponseSuccess[Types::GetFindingV2Response]
341
381
  def analyzed_at: () -> ::Time
data/sig/types.rbs CHANGED
@@ -10,6 +10,7 @@ module Aws::AccessAnalyzer
10
10
 
11
11
  class Access
12
12
  attr_accessor actions: ::Array[::String]
13
+ attr_accessor resources: ::Array[::String]
13
14
  SENSITIVE: []
14
15
  end
15
16
 
@@ -173,6 +174,19 @@ module Aws::AccessAnalyzer
173
174
  SENSITIVE: []
174
175
  end
175
176
 
177
+ class CheckNoPublicAccessRequest
178
+ attr_accessor policy_document: ::String
179
+ attr_accessor resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument")
180
+ SENSITIVE: [:policy_document]
181
+ end
182
+
183
+ class CheckNoPublicAccessResponse
184
+ attr_accessor result: ("PASS" | "FAIL")
185
+ attr_accessor message: ::String
186
+ attr_accessor reasons: ::Array[Types::ReasonSummary]
187
+ SENSITIVE: []
188
+ end
189
+
176
190
  class CloudTrailDetails
177
191
  attr_accessor trails: ::Array[Types::Trail]
178
192
  attr_accessor access_role: ::String
@@ -422,6 +436,12 @@ module Aws::AccessAnalyzer
422
436
  SENSITIVE: []
423
437
  end
424
438
 
439
+ class GenerateFindingRecommendationRequest
440
+ attr_accessor analyzer_arn: ::String
441
+ attr_accessor id: ::String
442
+ SENSITIVE: []
443
+ end
444
+
425
445
  class GeneratedPolicy
426
446
  attr_accessor policy: ::String
427
447
  SENSITIVE: []
@@ -483,6 +503,26 @@ module Aws::AccessAnalyzer
483
503
  SENSITIVE: []
484
504
  end
485
505
 
506
+ class GetFindingRecommendationRequest
507
+ attr_accessor analyzer_arn: ::String
508
+ attr_accessor id: ::String
509
+ attr_accessor max_results: ::Integer
510
+ attr_accessor next_token: ::String
511
+ SENSITIVE: []
512
+ end
513
+
514
+ class GetFindingRecommendationResponse
515
+ attr_accessor started_at: ::Time
516
+ attr_accessor completed_at: ::Time
517
+ attr_accessor next_token: ::String
518
+ attr_accessor error: Types::RecommendationError
519
+ attr_accessor resource_arn: ::String
520
+ attr_accessor recommended_steps: ::Array[Types::RecommendedStep]
521
+ attr_accessor recommendation_type: ("UnusedPermissionRecommendation")
522
+ attr_accessor status: ("SUCCEEDED" | "FAILED" | "IN_PROGRESS")
523
+ SENSITIVE: []
524
+ end
525
+
486
526
  class GetFindingRequest
487
527
  attr_accessor analyzer_arn: ::String
488
528
  attr_accessor id: ::String
@@ -815,6 +855,23 @@ module Aws::AccessAnalyzer
815
855
  SENSITIVE: []
816
856
  end
817
857
 
858
+ class RecommendationError
859
+ attr_accessor code: ::String
860
+ attr_accessor message: ::String
861
+ SENSITIVE: []
862
+ end
863
+
864
+ class RecommendedStep
865
+ attr_accessor unused_permissions_recommended_step: Types::UnusedPermissionsRecommendedStep
866
+ attr_accessor unknown: untyped
867
+ SENSITIVE: []
868
+
869
+ class UnusedPermissionsRecommendedStep < RecommendedStep
870
+ end
871
+ class Unknown < RecommendedStep
872
+ end
873
+ end
874
+
818
875
  class ResourceNotFoundException
819
876
  attr_accessor message: ::String
820
877
  attr_accessor resource_id: ::String
@@ -996,6 +1053,14 @@ module Aws::AccessAnalyzer
996
1053
  SENSITIVE: []
997
1054
  end
998
1055
 
1056
+ class UnusedPermissionsRecommendedStep
1057
+ attr_accessor policy_updated_at: ::Time
1058
+ attr_accessor recommended_action: ("CREATE_POLICY" | "DETACH_POLICY")
1059
+ attr_accessor recommended_policy: ::String
1060
+ attr_accessor existing_policy_id: ::String
1061
+ SENSITIVE: []
1062
+ end
1063
+
999
1064
  class UpdateArchiveRuleRequest
1000
1065
  attr_accessor analyzer_name: ::String
1001
1066
  attr_accessor rule_name: ::String
@@ -1040,7 +1105,7 @@ module Aws::AccessAnalyzer
1040
1105
 
1041
1106
  class ValidationException
1042
1107
  attr_accessor message: ::String
1043
- attr_accessor reason: ("unknownOperation" | "cannotParse" | "fieldValidationFailed" | "other")
1108
+ attr_accessor reason: ("unknownOperation" | "cannotParse" | "fieldValidationFailed" | "other" | "notSupported")
1044
1109
  attr_accessor field_list: ::Array[Types::ValidationExceptionField]
1045
1110
  SENSITIVE: []
1046
1111
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-accessanalyzer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.49.0
4
+ version: 1.51.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-05-13 00:00:00.000000000 Z
11
+ date: 2024-06-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - ">="
21
21
  - !ruby/object:Gem::Version
22
- version: 3.193.0
22
+ version: 3.197.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.193.0
32
+ version: 3.197.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: aws-sigv4
35
35
  requirement: !ruby/object:Gem::Requirement