aws-sdk-accessanalyzer 1.65.0 → 1.68.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c3ff3f6bceaf3418b3e54c4ea0d99ede89cc928cd0893b394e36754282a2192b
-  data.tar.gz: 0b058cdb0c604cd3fbf886753fbb2e0f2b6baaab60841bfca3b8bb20876fdf88
+  metadata.gz: d6a758b54268310a3578756259981cef95006a73fb3bf67e8cc0c2fedb029951
+  data.tar.gz: 753ad3129338512ec94f43b5849176eea1b63b3b3c0f81a61bfaac5c01813e4c
 SHA512:
-  metadata.gz: 83e03b02eacead1f8189b7d20f6ba96cea831e6aeb8940e8bffb2054be060f2fa1e764623443793d320f013df2fd20f03580d421b65081759b5db9bdf9adb43d
-  data.tar.gz: 9ae70c95401884fae23af2cac48bf25e7bfc6a59daa12ee7250ed7c7ed880bb237cf09a483125682ee5abd478eb50f45bcdc0e6a945b4dfe8f86acdcb086296c
+  metadata.gz: d47d510d82a8bf11d76a90bd080488aa0bbc0429fc8860e9e8256fde946e8d24fb356cd1cd7ae379d9cb39a2d7fb97570bdd32e27a7b6b4d7223d26cb8c07dfa
+  data.tar.gz: 28c2767536244207a831fe0a4ab6dfb2621efae58b7b1668de3725019bc00cee9e267c7ac6ce6e31a07d22ec3fd574033a8a558a005c036e07d971a83c2d2581

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
 
+1.68.0 (2025-02-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.67.0 (2025-02-13)
+------------------
+
+* Feature - This release introduces the getFindingsStatistics API, enabling users to retrieve aggregated finding statistics for IAM Access Analyzer's external access and unused access analysis features. Updated service API and documentation.
+
+1.66.0 (2025-02-06)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.65.0 (2025-01-15)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.65.0
+1.68.0

data/lib/aws-sdk-accessanalyzer/client.rb

@@ -7,34 +7,34 @@
 #
 # WARNING ABOUT GENERATED CODE
 
-require 'seahorse/client/plugins/content_length.rb'
-require 'aws-sdk-core/plugins/credentials_configuration.rb'
-require 'aws-sdk-core/plugins/logging.rb'
-require 'aws-sdk-core/plugins/param_converter.rb'
-require 'aws-sdk-core/plugins/param_validator.rb'
-require 'aws-sdk-core/plugins/user_agent.rb'
-require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
-require 'aws-sdk-core/plugins/retry_errors.rb'
-require 'aws-sdk-core/plugins/global_configuration.rb'
-require 'aws-sdk-core/plugins/regional_endpoint.rb'
-require 'aws-sdk-core/plugins/endpoint_discovery.rb'
-require 'aws-sdk-core/plugins/endpoint_pattern.rb'
-require 'aws-sdk-core/plugins/response_paging.rb'
-require 'aws-sdk-core/plugins/stub_responses.rb'
-require 'aws-sdk-core/plugins/idempotency_token.rb'
-require 'aws-sdk-core/plugins/invocation_id.rb'
-require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
-require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
-require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
-require 'aws-sdk-core/plugins/transfer_encoding.rb'
-require 'aws-sdk-core/plugins/http_checksum.rb'
-require 'aws-sdk-core/plugins/checksum_algorithm.rb'
-require 'aws-sdk-core/plugins/request_compression.rb'
-require 'aws-sdk-core/plugins/defaults_mode.rb'
-require 'aws-sdk-core/plugins/recursion_detection.rb'
-require 'aws-sdk-core/plugins/telemetry.rb'
-require 'aws-sdk-core/plugins/sign.rb'
-require 'aws-sdk-core/plugins/protocols/rest_json.rb'
+require 'seahorse/client/plugins/content_length'
+require 'aws-sdk-core/plugins/credentials_configuration'
+require 'aws-sdk-core/plugins/logging'
+require 'aws-sdk-core/plugins/param_converter'
+require 'aws-sdk-core/plugins/param_validator'
+require 'aws-sdk-core/plugins/user_agent'
+require 'aws-sdk-core/plugins/helpful_socket_errors'
+require 'aws-sdk-core/plugins/retry_errors'
+require 'aws-sdk-core/plugins/global_configuration'
+require 'aws-sdk-core/plugins/regional_endpoint'
+require 'aws-sdk-core/plugins/endpoint_discovery'
+require 'aws-sdk-core/plugins/endpoint_pattern'
+require 'aws-sdk-core/plugins/response_paging'
+require 'aws-sdk-core/plugins/stub_responses'
+require 'aws-sdk-core/plugins/idempotency_token'
+require 'aws-sdk-core/plugins/invocation_id'
+require 'aws-sdk-core/plugins/jsonvalue_converter'
+require 'aws-sdk-core/plugins/client_metrics_plugin'
+require 'aws-sdk-core/plugins/client_metrics_send_plugin'
+require 'aws-sdk-core/plugins/transfer_encoding'
+require 'aws-sdk-core/plugins/http_checksum'
+require 'aws-sdk-core/plugins/checksum_algorithm'
+require 'aws-sdk-core/plugins/request_compression'
+require 'aws-sdk-core/plugins/defaults_mode'
+require 'aws-sdk-core/plugins/recursion_detection'
+require 'aws-sdk-core/plugins/telemetry'
+require 'aws-sdk-core/plugins/sign'
+require 'aws-sdk-core/plugins/protocols/rest_json'
 
 module Aws::AccessAnalyzer
   # An API client for AccessAnalyzer.  To construct a client, you need to configure a `:region` and `:credentials`.
@@ -1747,6 +1747,58 @@ module Aws::AccessAnalyzer
       req.send_request(options)
     end
 
+    # Retrieves a list of aggregated finding statistics for an external
+    # access or unused access analyzer.
+    #
+    # @option params [required, String] :analyzer_arn
+    #   The [ARN of the analyzer][1] used to generate the statistics.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
+    #
+    # @return [Types::GetFindingsStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetFindingsStatisticsResponse#findings_statistics #findings_statistics} => Array<Types::FindingsStatistics>
+    #   * {Types::GetFindingsStatisticsResponse#last_updated_at #last_updated_at} => Time
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_findings_statistics({
+    #     analyzer_arn: "AnalyzerArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.findings_statistics #=> Array
+    #   resp.findings_statistics[0].external_access_findings_statistics.resource_type_statistics #=> Hash
+    #   resp.findings_statistics[0].external_access_findings_statistics.resource_type_statistics["ResourceType"].total_active_public #=> Integer
+    #   resp.findings_statistics[0].external_access_findings_statistics.resource_type_statistics["ResourceType"].total_active_cross_account #=> Integer
+    #   resp.findings_statistics[0].external_access_findings_statistics.total_active_findings #=> Integer
+    #   resp.findings_statistics[0].external_access_findings_statistics.total_archived_findings #=> Integer
+    #   resp.findings_statistics[0].external_access_findings_statistics.total_resolved_findings #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.unused_access_type_statistics #=> Array
+    #   resp.findings_statistics[0].unused_access_findings_statistics.unused_access_type_statistics[0].unused_access_type #=> String
+    #   resp.findings_statistics[0].unused_access_findings_statistics.unused_access_type_statistics[0].total #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.top_accounts #=> Array
+    #   resp.findings_statistics[0].unused_access_findings_statistics.top_accounts[0].account #=> String
+    #   resp.findings_statistics[0].unused_access_findings_statistics.top_accounts[0].number_of_active_findings #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.top_accounts[0].details #=> Hash
+    #   resp.findings_statistics[0].unused_access_findings_statistics.top_accounts[0].details["String"] #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.total_active_findings #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.total_archived_findings #=> Integer
+    #   resp.findings_statistics[0].unused_access_findings_statistics.total_resolved_findings #=> Integer
+    #   resp.last_updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingsStatistics AWS API Documentation
+    #
+    # @overload get_findings_statistics(params = {})
+    # @param [Hash] params ({})
+    def get_findings_statistics(params = {}, options = {})
+      req = build_request(:get_findings_statistics, params)
+      req.send_request(options)
+    end
+
     # Retrieves the policy that was generated using `StartPolicyGeneration`.
     #
     # @option params [required, String] :job_id
@@ -2774,7 +2826,7 @@ module Aws::AccessAnalyzer
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-accessanalyzer'
-      context[:gem_version] = '1.65.0'
+      context[:gem_version] = '1.68.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-accessanalyzer/client_api.rb

@@ -33,6 +33,7 @@ module Aws::AccessAnalyzer
     AccessPreviewSummary = Shapes::StructureShape.new(name: 'AccessPreviewSummary')
     AccessPreviewsList = Shapes::ListShape.new(name: 'AccessPreviewsList')
     AccessResourcesList = Shapes::ListShape.new(name: 'AccessResourcesList')
+    AccountAggregations = Shapes::ListShape.new(name: 'AccountAggregations')
     AccountIdsList = Shapes::ListShape.new(name: 'AccountIdsList')
     AclCanonicalId = Shapes::StringShape.new(name: 'AclCanonicalId')
     AclGrantee = Shapes::UnionShape.new(name: 'AclGrantee')
@@ -98,8 +99,11 @@ module Aws::AccessAnalyzer
     EfsFileSystemConfiguration = Shapes::StructureShape.new(name: 'EfsFileSystemConfiguration')
     EfsFileSystemPolicy = Shapes::StringShape.new(name: 'EfsFileSystemPolicy')
     ExternalAccessDetails = Shapes::StructureShape.new(name: 'ExternalAccessDetails')
+    ExternalAccessFindingsStatistics = Shapes::StructureShape.new(name: 'ExternalAccessFindingsStatistics')
     FilterCriteriaMap = Shapes::MapShape.new(name: 'FilterCriteriaMap')
     Finding = Shapes::StructureShape.new(name: 'Finding')
+    FindingAggregationAccountDetails = Shapes::StructureShape.new(name: 'FindingAggregationAccountDetails')
+    FindingAggregationAccountDetailsMap = Shapes::MapShape.new(name: 'FindingAggregationAccountDetailsMap')
     FindingChangeType = Shapes::StringShape.new(name: 'FindingChangeType')
     FindingDetails = Shapes::UnionShape.new(name: 'FindingDetails')
     FindingDetailsList = Shapes::ListShape.new(name: 'FindingDetailsList')
@@ -116,6 +120,8 @@ module Aws::AccessAnalyzer
     FindingType = Shapes::StringShape.new(name: 'FindingType')
     FindingsList = Shapes::ListShape.new(name: 'FindingsList')
     FindingsListV2 = Shapes::ListShape.new(name: 'FindingsListV2')
+    FindingsStatistics = Shapes::UnionShape.new(name: 'FindingsStatistics')
+    FindingsStatisticsList = Shapes::ListShape.new(name: 'FindingsStatisticsList')
     GenerateFindingRecommendationRequest = Shapes::StructureShape.new(name: 'GenerateFindingRecommendationRequest')
     GenerateFindingRecommendationRequestIdString = Shapes::StringShape.new(name: 'GenerateFindingRecommendationRequestIdString')
     GeneratedPolicy = Shapes::StructureShape.new(name: 'GeneratedPolicy')
@@ -138,6 +144,8 @@ module Aws::AccessAnalyzer
     GetFindingResponse = Shapes::StructureShape.new(name: 'GetFindingResponse')
     GetFindingV2Request = Shapes::StructureShape.new(name: 'GetFindingV2Request')
     GetFindingV2Response = Shapes::StructureShape.new(name: 'GetFindingV2Response')
+    GetFindingsStatisticsRequest = Shapes::StructureShape.new(name: 'GetFindingsStatisticsRequest')
+    GetFindingsStatisticsResponse = Shapes::StructureShape.new(name: 'GetFindingsStatisticsResponse')
     GetGeneratedPolicyRequest = Shapes::StructureShape.new(name: 'GetGeneratedPolicyRequest')
     GetGeneratedPolicyResponse = Shapes::StructureShape.new(name: 'GetGeneratedPolicyResponse')
     GranteePrincipal = Shapes::StringShape.new(name: 'GranteePrincipal')
@@ -232,6 +240,8 @@ module Aws::AccessAnalyzer
     ResourceControlPolicyRestriction = Shapes::StringShape.new(name: 'ResourceControlPolicyRestriction')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     ResourceType = Shapes::StringShape.new(name: 'ResourceType')
+    ResourceTypeDetails = Shapes::StructureShape.new(name: 'ResourceTypeDetails')
+    ResourceTypeStatisticsMap = Shapes::MapShape.new(name: 'ResourceTypeStatisticsMap')
     RetiringPrincipal = Shapes::StringShape.new(name: 'RetiringPrincipal')
     RoleArn = Shapes::StringShape.new(name: 'RoleArn')
     S3AccessPointConfiguration = Shapes::StructureShape.new(name: 'S3AccessPointConfiguration')
@@ -278,6 +288,9 @@ module Aws::AccessAnalyzer
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
     UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
     UnusedAccessConfiguration = Shapes::StructureShape.new(name: 'UnusedAccessConfiguration')
+    UnusedAccessFindingsStatistics = Shapes::StructureShape.new(name: 'UnusedAccessFindingsStatistics')
+    UnusedAccessTypeStatistics = Shapes::StructureShape.new(name: 'UnusedAccessTypeStatistics')
+    UnusedAccessTypeStatisticsList = Shapes::ListShape.new(name: 'UnusedAccessTypeStatisticsList')
     UnusedAction = Shapes::StructureShape.new(name: 'UnusedAction')
     UnusedActionList = Shapes::ListShape.new(name: 'UnusedActionList')
     UnusedIamRoleDetails = Shapes::StructureShape.new(name: 'UnusedIamRoleDetails')
@@ -354,6 +367,8 @@ module Aws::AccessAnalyzer
 
     AccessResourcesList.member = Shapes::ShapeRef.new(shape: Resource)
 
+    AccountAggregations.member = Shapes::ShapeRef.new(shape: FindingAggregationAccountDetails)
+
     AccountIdsList.member = Shapes::ShapeRef.new(shape: String)
 
     AclGrantee.add_member(:id, Shapes::ShapeRef.new(shape: AclCanonicalId, location_name: "id"))
@@ -587,6 +602,12 @@ module Aws::AccessAnalyzer
     ExternalAccessDetails.add_member(:resource_control_policy_restriction, Shapes::ShapeRef.new(shape: ResourceControlPolicyRestriction, location_name: "resourceControlPolicyRestriction"))
     ExternalAccessDetails.struct_class = Types::ExternalAccessDetails
 
+    ExternalAccessFindingsStatistics.add_member(:resource_type_statistics, Shapes::ShapeRef.new(shape: ResourceTypeStatisticsMap, location_name: "resourceTypeStatistics"))
+    ExternalAccessFindingsStatistics.add_member(:total_active_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalActiveFindings"))
+    ExternalAccessFindingsStatistics.add_member(:total_archived_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalArchivedFindings"))
+    ExternalAccessFindingsStatistics.add_member(:total_resolved_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalResolvedFindings"))
+    ExternalAccessFindingsStatistics.struct_class = Types::ExternalAccessFindingsStatistics
+
     FilterCriteriaMap.key = Shapes::ShapeRef.new(shape: String)
     FilterCriteriaMap.value = Shapes::ShapeRef.new(shape: Criterion)
 
@@ -607,6 +628,14 @@ module Aws::AccessAnalyzer
     Finding.add_member(:resource_control_policy_restriction, Shapes::ShapeRef.new(shape: ResourceControlPolicyRestriction, location_name: "resourceControlPolicyRestriction"))
     Finding.struct_class = Types::Finding
 
+    FindingAggregationAccountDetails.add_member(:account, Shapes::ShapeRef.new(shape: String, location_name: "account"))
+    FindingAggregationAccountDetails.add_member(:number_of_active_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "numberOfActiveFindings"))
+    FindingAggregationAccountDetails.add_member(:details, Shapes::ShapeRef.new(shape: FindingAggregationAccountDetailsMap, location_name: "details"))
+    FindingAggregationAccountDetails.struct_class = Types::FindingAggregationAccountDetails
+
+    FindingAggregationAccountDetailsMap.key = Shapes::ShapeRef.new(shape: String)
+    FindingAggregationAccountDetailsMap.value = Shapes::ShapeRef.new(shape: Integer)
+
     FindingDetails.add_member(:external_access_details, Shapes::ShapeRef.new(shape: ExternalAccessDetails, location_name: "externalAccessDetails"))
     FindingDetails.add_member(:unused_permission_details, Shapes::ShapeRef.new(shape: UnusedPermissionDetails, location_name: "unusedPermissionDetails"))
     FindingDetails.add_member(:unused_iam_user_access_key_details, Shapes::ShapeRef.new(shape: UnusedIamUserAccessKeyDetails, location_name: "unusedIamUserAccessKeyDetails"))
@@ -668,6 +697,16 @@ module Aws::AccessAnalyzer
 
     FindingsListV2.member = Shapes::ShapeRef.new(shape: FindingSummaryV2)
 
+    FindingsStatistics.add_member(:external_access_findings_statistics, Shapes::ShapeRef.new(shape: ExternalAccessFindingsStatistics, location_name: "externalAccessFindingsStatistics"))
+    FindingsStatistics.add_member(:unused_access_findings_statistics, Shapes::ShapeRef.new(shape: UnusedAccessFindingsStatistics, location_name: "unusedAccessFindingsStatistics"))
+    FindingsStatistics.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
+    FindingsStatistics.add_member_subclass(:external_access_findings_statistics, Types::FindingsStatistics::ExternalAccessFindingsStatistics)
+    FindingsStatistics.add_member_subclass(:unused_access_findings_statistics, Types::FindingsStatistics::UnusedAccessFindingsStatistics)
+    FindingsStatistics.add_member_subclass(:unknown, Types::FindingsStatistics::Unknown)
+    FindingsStatistics.struct_class = Types::FindingsStatistics
+
+    FindingsStatisticsList.member = Shapes::ShapeRef.new(shape: FindingsStatistics)
+
     GenerateFindingRecommendationRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location: "querystring", location_name: "analyzerArn"))
     GenerateFindingRecommendationRequest.add_member(:id, Shapes::ShapeRef.new(shape: GenerateFindingRecommendationRequestIdString, required: true, location: "uri", location_name: "id"))
     GenerateFindingRecommendationRequest.struct_class = Types::GenerateFindingRecommendationRequest
@@ -756,6 +795,13 @@ module Aws::AccessAnalyzer
     GetFindingV2Response.add_member(:finding_type, Shapes::ShapeRef.new(shape: FindingType, location_name: "findingType"))
     GetFindingV2Response.struct_class = Types::GetFindingV2Response
 
+    GetFindingsStatisticsRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location_name: "analyzerArn"))
+    GetFindingsStatisticsRequest.struct_class = Types::GetFindingsStatisticsRequest
+
+    GetFindingsStatisticsResponse.add_member(:findings_statistics, Shapes::ShapeRef.new(shape: FindingsStatisticsList, location_name: "findingsStatistics"))
+    GetFindingsStatisticsResponse.add_member(:last_updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastUpdatedAt"))
+    GetFindingsStatisticsResponse.struct_class = Types::GetFindingsStatisticsResponse
+
     GetGeneratedPolicyRequest.add_member(:job_id, Shapes::ShapeRef.new(shape: JobId, required: true, location: "uri", location_name: "jobId"))
     GetGeneratedPolicyRequest.add_member(:include_resource_placeholders, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "includeResourcePlaceholders"))
     GetGeneratedPolicyRequest.add_member(:include_service_level_template, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "includeServiceLevelTemplate"))
@@ -1008,6 +1054,13 @@ module Aws::AccessAnalyzer
     ResourceNotFoundException.add_member(:resource_type, Shapes::ShapeRef.new(shape: String, required: true, location_name: "resourceType"))
     ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
 
+    ResourceTypeDetails.add_member(:total_active_public, Shapes::ShapeRef.new(shape: Integer, location_name: "totalActivePublic"))
+    ResourceTypeDetails.add_member(:total_active_cross_account, Shapes::ShapeRef.new(shape: Integer, location_name: "totalActiveCrossAccount"))
+    ResourceTypeDetails.struct_class = Types::ResourceTypeDetails
+
+    ResourceTypeStatisticsMap.key = Shapes::ShapeRef.new(shape: ResourceType)
+    ResourceTypeStatisticsMap.value = Shapes::ShapeRef.new(shape: ResourceTypeDetails)
+
     S3AccessPointConfiguration.add_member(:access_point_policy, Shapes::ShapeRef.new(shape: AccessPointPolicy, location_name: "accessPointPolicy"))
     S3AccessPointConfiguration.add_member(:public_access_block, Shapes::ShapeRef.new(shape: S3PublicAccessBlockConfiguration, location_name: "publicAccessBlock"))
     S3AccessPointConfiguration.add_member(:network_origin, Shapes::ShapeRef.new(shape: NetworkOriginConfiguration, location_name: "networkOrigin"))
@@ -1124,6 +1177,19 @@ module Aws::AccessAnalyzer
     UnusedAccessConfiguration.add_member(:analysis_rule, Shapes::ShapeRef.new(shape: AnalysisRule, location_name: "analysisRule"))
     UnusedAccessConfiguration.struct_class = Types::UnusedAccessConfiguration
 
+    UnusedAccessFindingsStatistics.add_member(:unused_access_type_statistics, Shapes::ShapeRef.new(shape: UnusedAccessTypeStatisticsList, location_name: "unusedAccessTypeStatistics"))
+    UnusedAccessFindingsStatistics.add_member(:top_accounts, Shapes::ShapeRef.new(shape: AccountAggregations, location_name: "topAccounts"))
+    UnusedAccessFindingsStatistics.add_member(:total_active_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalActiveFindings"))
+    UnusedAccessFindingsStatistics.add_member(:total_archived_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalArchivedFindings"))
+    UnusedAccessFindingsStatistics.add_member(:total_resolved_findings, Shapes::ShapeRef.new(shape: Integer, location_name: "totalResolvedFindings"))
+    UnusedAccessFindingsStatistics.struct_class = Types::UnusedAccessFindingsStatistics
+
+    UnusedAccessTypeStatistics.add_member(:unused_access_type, Shapes::ShapeRef.new(shape: String, location_name: "unusedAccessType"))
+    UnusedAccessTypeStatistics.add_member(:total, Shapes::ShapeRef.new(shape: Integer, location_name: "total"))
+    UnusedAccessTypeStatistics.struct_class = Types::UnusedAccessTypeStatistics
+
+    UnusedAccessTypeStatisticsList.member = Shapes::ShapeRef.new(shape: UnusedAccessTypeStatistics)
+
     UnusedAction.add_member(:action, Shapes::ShapeRef.new(shape: String, required: true, location_name: "action"))
     UnusedAction.add_member(:last_accessed, Shapes::ShapeRef.new(shape: Timestamp, location_name: "lastAccessed"))
     UnusedAction.struct_class = Types::UnusedAction
@@ -1479,6 +1545,19 @@ module Aws::AccessAnalyzer
         )
       end)
 
+      api.add_operation(:get_findings_statistics, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetFindingsStatistics"
+        o.http_method = "POST"
+        o.http_request_uri = "/analyzer/findings/statistics"
+        o.input = Shapes::ShapeRef.new(shape: GetFindingsStatisticsRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetFindingsStatisticsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
       api.add_operation(:get_generated_policy, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetGeneratedPolicy"
         o.http_method = "GET"

data/lib/aws-sdk-accessanalyzer/endpoint_provider.rb

@@ -10,43 +10,39 @@
 module Aws::AccessAnalyzer
   class EndpointProvider
     def resolve_endpoint(parameters)
-      region = parameters.region
-      use_dual_stack = parameters.use_dual_stack
-      use_fips = parameters.use_fips
-      endpoint = parameters.endpoint
-      if Aws::Endpoints::Matchers.set?(endpoint)
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+      if Aws::Endpoints::Matchers.set?(parameters.endpoint)
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true)
           raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
         end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
           raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
         end
-        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+        return Aws::Endpoints::Endpoint.new(url: parameters.endpoint, headers: {}, properties: {})
       end
-      if Aws::Endpoints::Matchers.set?(region)
-        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+      if Aws::Endpoints::Matchers.set?(parameters.region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(parameters.region))
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
             if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
           end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true)
             if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
               if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
-                return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.amazonaws.com", headers: {}, properties: {})
+                return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{parameters.region}.amazonaws.com", headers: {}, properties: {})
               end
-              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
           end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
             if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
           end
-          return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+          return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
         end
       end
       raise ArgumentError, "Invalid Configuration: Missing Region"

data/lib/aws-sdk-accessanalyzer/types.rb

@@ -1494,6 +1494,40 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Provides aggregate statistics about the findings for the specified
+    # external access analyzer.
+    #
+    # @!attribute [rw] resource_type_statistics
+    #   The total number of active cross-account and public findings for
+    #   each resource type of the specified external access analyzer.
+    #   @return [Hash<String,Types::ResourceTypeDetails>]
+    #
+    # @!attribute [rw] total_active_findings
+    #   The number of active findings for the specified external access
+    #   analyzer.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_archived_findings
+    #   The number of archived findings for the specified external access
+    #   analyzer.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_resolved_findings
+    #   The number of resolved findings for the specified external access
+    #   analyzer.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ExternalAccessFindingsStatistics AWS API Documentation
+    #
+    class ExternalAccessFindingsStatistics < Struct.new(
+      :resource_type_statistics,
+      :total_active_findings,
+      :total_archived_findings,
+      :total_resolved_findings)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about a finding.
     #
     # @!attribute [rw] id
@@ -1585,6 +1619,34 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Contains information about the findings for an Amazon Web Services
+    # account in an organization unused access analyzer.
+    #
+    # @!attribute [rw] account
+    #   The ID of the Amazon Web Services account for which unused access
+    #   finding details are provided.
+    #   @return [String]
+    #
+    # @!attribute [rw] number_of_active_findings
+    #   The number of active unused access findings for the specified Amazon
+    #   Web Services account.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] details
+    #   Provides the number of active findings for each type of unused
+    #   access for the specified Amazon Web Services account.
+    #   @return [Hash<String,Integer>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingAggregationAccountDetails AWS API Documentation
+    #
+    class FindingAggregationAccountDetails < Struct.new(
+      :account,
+      :number_of_active_findings,
+      :details)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about an external access or unused access
     # finding. Only one parameter can be used in a `FindingDetails` object.
     #
@@ -1832,6 +1894,35 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Contains information about the aggregate statistics for an external or
+    # unused access analyzer. Only one parameter can be used in a
+    # `FindingsStatistics` object.
+    #
+    # @note FindingsStatistics is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of FindingsStatistics corresponding to the set member.
+    #
+    # @!attribute [rw] external_access_findings_statistics
+    #   The aggregate statistics for an external access analyzer.
+    #   @return [Types::ExternalAccessFindingsStatistics]
+    #
+    # @!attribute [rw] unused_access_findings_statistics
+    #   The aggregate statistics for an unused access analyzer.
+    #   @return [Types::UnusedAccessFindingsStatistics]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingsStatistics AWS API Documentation
+    #
+    class FindingsStatistics < Struct.new(
+      :external_access_findings_statistics,
+      :unused_access_findings_statistics,
+      :unknown)
+      SENSITIVE = []
+      include Aws::Structure
+      include Aws::Structure::Union
+
+      class ExternalAccessFindingsStatistics < FindingsStatistics; end
+      class UnusedAccessFindingsStatistics < FindingsStatistics; end
+      class Unknown < FindingsStatistics; end
+    end
+
     # @!attribute [rw] analyzer_arn
     #   The [ARN of the analyzer][1] used to generate the finding
     #   recommendation.
@@ -2282,6 +2373,42 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # @!attribute [rw] analyzer_arn
+    #   The [ARN of the analyzer][1] used to generate the statistics.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingsStatisticsRequest AWS API Documentation
+    #
+    class GetFindingsStatisticsRequest < Struct.new(
+      :analyzer_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] findings_statistics
+    #   A group of external access or unused access findings statistics.
+    #   @return [Array<Types::FindingsStatistics>]
+    #
+    # @!attribute [rw] last_updated_at
+    #   The time at which the retrieval of the findings statistics was last
+    #   updated. If the findings statistics have not been previously
+    #   retrieved for the specified analyzer, this field will not be
+    #   populated.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingsStatisticsResponse AWS API Documentation
+    #
+    class GetFindingsStatisticsResponse < Struct.new(
+      :findings_statistics,
+      :last_updated_at)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] job_id
     #   The `JobId` that is returned by the `StartPolicyGeneration`
     #   operation. The `JobId` can be used with `GetGeneratedPolicy` to
@@ -3485,6 +3612,28 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Contains information about the total number of active cross-account
+    # and public findings for a resource type of an external access
+    # analyzer.
+    #
+    # @!attribute [rw] total_active_public
+    #   The total number of active public findings for the resource type.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_active_cross_account
+    #   The total number of active cross-account findings for the resource
+    #   type.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ResourceTypeDetails AWS API Documentation
+    #
+    class ResourceTypeDetails < Struct.new(
+      :total_active_public,
+      :total_active_cross_account)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The configuration for an Amazon S3 access point or multi-region access
     # point for the bucket. You can propose up to 10 access points or
     # multi-region access points per bucket. If the proposed Amazon S3
@@ -4117,6 +4266,65 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Provides aggregate statistics about the findings for the specified
+    # unused access analyzer.
+    #
+    # @!attribute [rw] unused_access_type_statistics
+    #   A list of details about the total number of findings for each type
+    #   of unused access for the analyzer.
+    #   @return [Array<Types::UnusedAccessTypeStatistics>]
+    #
+    # @!attribute [rw] top_accounts
+    #   A list of one to ten Amazon Web Services accounts that have the most
+    #   active findings for the unused access analyzer.
+    #   @return [Array<Types::FindingAggregationAccountDetails>]
+    #
+    # @!attribute [rw] total_active_findings
+    #   The total number of active findings for the unused access analyzer.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_archived_findings
+    #   The total number of archived findings for the unused access
+    #   analyzer.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_resolved_findings
+    #   The total number of resolved findings for the unused access
+    #   analyzer.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UnusedAccessFindingsStatistics AWS API Documentation
+    #
+    class UnusedAccessFindingsStatistics < Struct.new(
+      :unused_access_type_statistics,
+      :top_accounts,
+      :total_active_findings,
+      :total_archived_findings,
+      :total_resolved_findings)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information about the total number of findings for a type of
+    # unused access.
+    #
+    # @!attribute [rw] unused_access_type
+    #   The type of unused access.
+    #   @return [String]
+    #
+    # @!attribute [rw] total
+    #   The total number of findings for the specified unused access type.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UnusedAccessTypeStatistics AWS API Documentation
+    #
+    class UnusedAccessTypeStatistics < Struct.new(
+      :unused_access_type,
+      :total)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about an unused access finding for an action. IAM
     # Access Analyzer charges for unused access analysis based on the number
     # of IAM roles and users analyzed per month. For more details on

data/lib/aws-sdk-accessanalyzer.rb

@@ -54,7 +54,7 @@ module Aws::AccessAnalyzer
   autoload :EndpointProvider, 'aws-sdk-accessanalyzer/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-accessanalyzer/endpoints'
 
-  GEM_VERSION = '1.65.0'
+  GEM_VERSION = '1.68.0'
 
 end
 

data/sig/client.rbs

@@ -414,6 +414,17 @@ module Aws
                           ) -> _GetFindingV2ResponseSuccess
                         | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetFindingV2ResponseSuccess
 
+      interface _GetFindingsStatisticsResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetFindingsStatisticsResponse]
+        def findings_statistics: () -> ::Array[Types::FindingsStatistics]
+        def last_updated_at: () -> ::Time
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#get_findings_statistics-instance_method
+      def get_findings_statistics: (
+                                     analyzer_arn: ::String
+                                   ) -> _GetFindingsStatisticsResponseSuccess
+                                 | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetFindingsStatisticsResponseSuccess
+
       interface _GetGeneratedPolicyResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetGeneratedPolicyResponse]
         def job_details: () -> Types::JobDetails

data/sig/types.rbs

@@ -364,6 +364,14 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class ExternalAccessFindingsStatistics
+      attr_accessor resource_type_statistics: ::Hash[("AWS::S3::Bucket" | "AWS::IAM::Role" | "AWS::SQS::Queue" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::KMS::Key" | "AWS::SecretsManager::Secret" | "AWS::EFS::FileSystem" | "AWS::EC2::Snapshot" | "AWS::ECR::Repository" | "AWS::RDS::DBSnapshot" | "AWS::RDS::DBClusterSnapshot" | "AWS::SNS::Topic" | "AWS::S3Express::DirectoryBucket" | "AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::IAM::User"), Types::ResourceTypeDetails]
+      attr_accessor total_active_findings: ::Integer
+      attr_accessor total_archived_findings: ::Integer
+      attr_accessor total_resolved_findings: ::Integer
+      SENSITIVE: []
+    end
+
     class Finding
       attr_accessor id: ::String
       attr_accessor principal: ::Hash[::String, ::String]
@@ -383,6 +391,13 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class FindingAggregationAccountDetails
+      attr_accessor account: ::String
+      attr_accessor number_of_active_findings: ::Integer
+      attr_accessor details: ::Hash[::String, ::Integer]
+      SENSITIVE: []
+    end
+
     class FindingDetails
       attr_accessor external_access_details: Types::ExternalAccessDetails
       attr_accessor unused_permission_details: Types::UnusedPermissionDetails
@@ -451,6 +466,20 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class FindingsStatistics
+      attr_accessor external_access_findings_statistics: Types::ExternalAccessFindingsStatistics
+      attr_accessor unused_access_findings_statistics: Types::UnusedAccessFindingsStatistics
+      attr_accessor unknown: untyped
+      SENSITIVE: []
+
+      class ExternalAccessFindingsStatistics < FindingsStatistics
+      end
+      class UnusedAccessFindingsStatistics < FindingsStatistics
+      end
+      class Unknown < FindingsStatistics
+      end
+    end
+
     class GenerateFindingRecommendationRequest
       attr_accessor analyzer_arn: ::String
       attr_accessor id: ::String
@@ -573,6 +602,17 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class GetFindingsStatisticsRequest
+      attr_accessor analyzer_arn: ::String
+      SENSITIVE: []
+    end
+
+    class GetFindingsStatisticsResponse
+      attr_accessor findings_statistics: ::Array[Types::FindingsStatistics]
+      attr_accessor last_updated_at: ::Time
+      SENSITIVE: []
+    end
+
     class GetGeneratedPolicyRequest
       attr_accessor job_id: ::String
       attr_accessor include_resource_placeholders: bool
@@ -894,6 +934,12 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class ResourceTypeDetails
+      attr_accessor total_active_public: ::Integer
+      attr_accessor total_active_cross_account: ::Integer
+      SENSITIVE: []
+    end
+
     class S3AccessPointConfiguration
       attr_accessor access_point_policy: ::String
       attr_accessor public_access_block: Types::S3PublicAccessBlockConfiguration
@@ -1040,6 +1086,21 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class UnusedAccessFindingsStatistics
+      attr_accessor unused_access_type_statistics: ::Array[Types::UnusedAccessTypeStatistics]
+      attr_accessor top_accounts: ::Array[Types::FindingAggregationAccountDetails]
+      attr_accessor total_active_findings: ::Integer
+      attr_accessor total_archived_findings: ::Integer
+      attr_accessor total_resolved_findings: ::Integer
+      SENSITIVE: []
+    end
+
+    class UnusedAccessTypeStatistics
+      attr_accessor unused_access_type: ::String
+      attr_accessor total: ::Integer
+      SENSITIVE: []
+    end
+
     class UnusedAction
       attr_accessor action: ::String
       attr_accessor last_accessed: ::Time

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-accessanalyzer
 version: !ruby/object:Gem::Version
-  version: 1.65.0
+  version: 1.68.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-15 00:00:00.000000000 Z
+date: 2025-02-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core