aws-sdk-accessanalyzer 1.67.0 → 1.69.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 287cd222a200e87c59b5aae2d6f1e97921f0549b314ea327c9a9d74bc0c87116
-  data.tar.gz: 1b76d71d63257681f2ab5bb5d8711ecc1657d877a9d70c198061368503d77943
+  metadata.gz: '08edbc9cd3aa791467bef0dcb9670d19256366f2fb3f7777b374beda153932b3'
+  data.tar.gz: 694a5261533e88a39693da004d233df9f2095284313e46d86b3c983624d4be65
 SHA512:
-  metadata.gz: b95c704a848c2538f83a2a8eaa858b31f8147af352fecd3bb57f60559dc96383cf2c87dc341fc17abd91848ae687e3661fd9d76e2194d4ccc25f1377c0361b50
-  data.tar.gz: b9fe7060212a94dd553092694ba6f9ea933fc0464a5469b9868b6c4bf9bc45bd84888c4b2354294309aee5d40a2b16b66ef8fcb35dd65a6fc144e42447f43da9
+  metadata.gz: b7678d504b2d99fe260a2a5c00721909e6af1fa9b54f7cb0ebaab4130b9ba0bb911cea45c18e2f04ec12ba60dc8d43702d81b2c4d828e4a91fcbd590c0a322dc
+  data.tar.gz: 27546535916e8a4c8b7181b4dc7a60c29f2839bce534b78613ce7195ae62f330b7886686fa9ea095d2b1514922476775944130033f04aa3e8868154527f0a1e5

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.69.0 (2025-04-17)
+------------------
+
+* Feature - Added new resource types to evaluate for public access in resource policies and added support for S3 directory bucket access points.
+
+1.68.0 (2025-02-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.67.0 (2025-02-13)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.67.0
+1.69.0

data/lib/aws-sdk-accessanalyzer/client.rb

@@ -7,34 +7,34 @@
 #
 # WARNING ABOUT GENERATED CODE
 
-require 'seahorse/client/plugins/content_length.rb'
-require 'aws-sdk-core/plugins/credentials_configuration.rb'
-require 'aws-sdk-core/plugins/logging.rb'
-require 'aws-sdk-core/plugins/param_converter.rb'
-require 'aws-sdk-core/plugins/param_validator.rb'
-require 'aws-sdk-core/plugins/user_agent.rb'
-require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
-require 'aws-sdk-core/plugins/retry_errors.rb'
-require 'aws-sdk-core/plugins/global_configuration.rb'
-require 'aws-sdk-core/plugins/regional_endpoint.rb'
-require 'aws-sdk-core/plugins/endpoint_discovery.rb'
-require 'aws-sdk-core/plugins/endpoint_pattern.rb'
-require 'aws-sdk-core/plugins/response_paging.rb'
-require 'aws-sdk-core/plugins/stub_responses.rb'
-require 'aws-sdk-core/plugins/idempotency_token.rb'
-require 'aws-sdk-core/plugins/invocation_id.rb'
-require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
-require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
-require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
-require 'aws-sdk-core/plugins/transfer_encoding.rb'
-require 'aws-sdk-core/plugins/http_checksum.rb'
-require 'aws-sdk-core/plugins/checksum_algorithm.rb'
-require 'aws-sdk-core/plugins/request_compression.rb'
-require 'aws-sdk-core/plugins/defaults_mode.rb'
-require 'aws-sdk-core/plugins/recursion_detection.rb'
-require 'aws-sdk-core/plugins/telemetry.rb'
-require 'aws-sdk-core/plugins/sign.rb'
-require 'aws-sdk-core/plugins/protocols/rest_json.rb'
+require 'seahorse/client/plugins/content_length'
+require 'aws-sdk-core/plugins/credentials_configuration'
+require 'aws-sdk-core/plugins/logging'
+require 'aws-sdk-core/plugins/param_converter'
+require 'aws-sdk-core/plugins/param_validator'
+require 'aws-sdk-core/plugins/user_agent'
+require 'aws-sdk-core/plugins/helpful_socket_errors'
+require 'aws-sdk-core/plugins/retry_errors'
+require 'aws-sdk-core/plugins/global_configuration'
+require 'aws-sdk-core/plugins/regional_endpoint'
+require 'aws-sdk-core/plugins/endpoint_discovery'
+require 'aws-sdk-core/plugins/endpoint_pattern'
+require 'aws-sdk-core/plugins/response_paging'
+require 'aws-sdk-core/plugins/stub_responses'
+require 'aws-sdk-core/plugins/idempotency_token'
+require 'aws-sdk-core/plugins/invocation_id'
+require 'aws-sdk-core/plugins/jsonvalue_converter'
+require 'aws-sdk-core/plugins/client_metrics_plugin'
+require 'aws-sdk-core/plugins/client_metrics_send_plugin'
+require 'aws-sdk-core/plugins/transfer_encoding'
+require 'aws-sdk-core/plugins/http_checksum'
+require 'aws-sdk-core/plugins/checksum_algorithm'
+require 'aws-sdk-core/plugins/request_compression'
+require 'aws-sdk-core/plugins/defaults_mode'
+require 'aws-sdk-core/plugins/recursion_detection'
+require 'aws-sdk-core/plugins/telemetry'
+require 'aws-sdk-core/plugins/sign'
+require 'aws-sdk-core/plugins/protocols/rest_json'
 
 module Aws::AccessAnalyzer
   # An API client for AccessAnalyzer.  To construct a client, you need to configure a `:region` and `:credentials`.
@@ -779,7 +779,7 @@ module Aws::AccessAnalyzer
     #
     #   resp = client.check_no_public_access({
     #     policy_document: "AccessCheckPolicyDocument", # required
-    #     resource_type: "AWS::DynamoDB::Table", # required, accepts AWS::DynamoDB::Table, AWS::DynamoDB::Stream, AWS::EFS::FileSystem, AWS::OpenSearchService::Domain, AWS::Kinesis::Stream, AWS::Kinesis::StreamConsumer, AWS::KMS::Key, AWS::Lambda::Function, AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3Express::DirectoryBucket, AWS::S3::Glacier, AWS::S3Outposts::Bucket, AWS::S3Outposts::AccessPoint, AWS::SecretsManager::Secret, AWS::SNS::Topic, AWS::SQS::Queue, AWS::IAM::AssumeRolePolicyDocument
+    #     resource_type: "AWS::DynamoDB::Table", # required, accepts AWS::DynamoDB::Table, AWS::DynamoDB::Stream, AWS::EFS::FileSystem, AWS::OpenSearchService::Domain, AWS::Kinesis::Stream, AWS::Kinesis::StreamConsumer, AWS::KMS::Key, AWS::Lambda::Function, AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3Express::DirectoryBucket, AWS::S3::Glacier, AWS::S3Outposts::Bucket, AWS::S3Outposts::AccessPoint, AWS::SecretsManager::Secret, AWS::SNS::Topic, AWS::SQS::Queue, AWS::IAM::AssumeRolePolicyDocument, AWS::S3Tables::TableBucket, AWS::ApiGateway::RestApi, AWS::CodeArtifact::Domain, AWS::Backup::BackupVault, AWS::CloudTrail::Dashboard, AWS::CloudTrail::EventDataStore, AWS::S3Tables::Table, AWS::S3Express::AccessPoint
     #   })
     #
     # @example Response structure
@@ -931,6 +931,18 @@ module Aws::AccessAnalyzer
     #         },
     #         s3_express_directory_bucket: {
     #           bucket_policy: "S3ExpressDirectoryBucketPolicy",
+    #           access_points: {
+    #             "S3ExpressDirectoryAccessPointArn" => {
+    #               access_point_policy: "AccessPointPolicy",
+    #               network_origin: {
+    #                 vpc_configuration: {
+    #                   vpc_id: "VpcId", # required
+    #                 },
+    #                 internet_configuration: {
+    #                 },
+    #               },
+    #             },
+    #           },
     #         },
     #         dynamodb_stream: {
     #           stream_policy: "DynamodbStreamPolicy",
@@ -1295,6 +1307,9 @@ module Aws::AccessAnalyzer
     #   resp.access_preview.configurations["ConfigurationsMapKey"].sns_topic.topic_policy #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].sqs_queue.queue_policy #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].s3_express_directory_bucket.bucket_policy #=> String
+    #   resp.access_preview.configurations["ConfigurationsMapKey"].s3_express_directory_bucket.access_points #=> Hash
+    #   resp.access_preview.configurations["ConfigurationsMapKey"].s3_express_directory_bucket.access_points["S3ExpressDirectoryAccessPointArn"].access_point_policy #=> String
+    #   resp.access_preview.configurations["ConfigurationsMapKey"].s3_express_directory_bucket.access_points["S3ExpressDirectoryAccessPointArn"].network_origin.vpc_configuration.vpc_id #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].dynamodb_stream.stream_policy #=> String
     #   resp.access_preview.configurations["ConfigurationsMapKey"].dynamodb_table.table_policy #=> String
     #   resp.access_preview.created_at #=> Time
@@ -2826,7 +2841,7 @@ module Aws::AccessAnalyzer
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-accessanalyzer'
-      context[:gem_version] = '1.67.0'
+      context[:gem_version] = '1.69.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-accessanalyzer/client_api.rb

@@ -250,6 +250,9 @@ module Aws::AccessAnalyzer
     S3BucketAclGrantConfigurationsList = Shapes::ListShape.new(name: 'S3BucketAclGrantConfigurationsList')
     S3BucketConfiguration = Shapes::StructureShape.new(name: 'S3BucketConfiguration')
     S3BucketPolicy = Shapes::StringShape.new(name: 'S3BucketPolicy')
+    S3ExpressDirectoryAccessPointArn = Shapes::StringShape.new(name: 'S3ExpressDirectoryAccessPointArn')
+    S3ExpressDirectoryAccessPointConfiguration = Shapes::StructureShape.new(name: 'S3ExpressDirectoryAccessPointConfiguration')
+    S3ExpressDirectoryAccessPointConfigurationsMap = Shapes::MapShape.new(name: 'S3ExpressDirectoryAccessPointConfigurationsMap')
     S3ExpressDirectoryBucketConfiguration = Shapes::StructureShape.new(name: 'S3ExpressDirectoryBucketConfiguration')
     S3ExpressDirectoryBucketPolicy = Shapes::StringShape.new(name: 'S3ExpressDirectoryBucketPolicy')
     S3PublicAccessBlockConfiguration = Shapes::StructureShape.new(name: 'S3PublicAccessBlockConfiguration')
@@ -1081,7 +1084,15 @@ module Aws::AccessAnalyzer
     S3BucketConfiguration.add_member(:access_points, Shapes::ShapeRef.new(shape: S3AccessPointConfigurationsMap, location_name: "accessPoints"))
     S3BucketConfiguration.struct_class = Types::S3BucketConfiguration
 
+    S3ExpressDirectoryAccessPointConfiguration.add_member(:access_point_policy, Shapes::ShapeRef.new(shape: AccessPointPolicy, location_name: "accessPointPolicy"))
+    S3ExpressDirectoryAccessPointConfiguration.add_member(:network_origin, Shapes::ShapeRef.new(shape: NetworkOriginConfiguration, location_name: "networkOrigin"))
+    S3ExpressDirectoryAccessPointConfiguration.struct_class = Types::S3ExpressDirectoryAccessPointConfiguration
+
+    S3ExpressDirectoryAccessPointConfigurationsMap.key = Shapes::ShapeRef.new(shape: S3ExpressDirectoryAccessPointArn)
+    S3ExpressDirectoryAccessPointConfigurationsMap.value = Shapes::ShapeRef.new(shape: S3ExpressDirectoryAccessPointConfiguration)
+
     S3ExpressDirectoryBucketConfiguration.add_member(:bucket_policy, Shapes::ShapeRef.new(shape: S3ExpressDirectoryBucketPolicy, location_name: "bucketPolicy"))
+    S3ExpressDirectoryBucketConfiguration.add_member(:access_points, Shapes::ShapeRef.new(shape: S3ExpressDirectoryAccessPointConfigurationsMap, location_name: "accessPoints"))
     S3ExpressDirectoryBucketConfiguration.struct_class = Types::S3ExpressDirectoryBucketConfiguration
 
     S3PublicAccessBlockConfiguration.add_member(:ignore_public_acls, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "ignorePublicAcls"))
@@ -1312,8 +1323,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/generation/{jobId}"
         o.input = Shapes::ShapeRef.new(shape: CancelPolicyGenerationRequest)
         o.output = Shapes::ShapeRef.new(shape: CancelPolicyGenerationResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1324,8 +1335,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/check-access-not-granted"
         o.input = Shapes::ShapeRef.new(shape: CheckAccessNotGrantedRequest)
         o.output = Shapes::ShapeRef.new(shape: CheckAccessNotGrantedResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
@@ -1338,8 +1349,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/check-no-new-access"
         o.input = Shapes::ShapeRef.new(shape: CheckNoNewAccessRequest)
         o.output = Shapes::ShapeRef.new(shape: CheckNoNewAccessResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
@@ -1352,8 +1363,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/check-no-public-access"
         o.input = Shapes::ShapeRef.new(shape: CheckNoPublicAccessRequest)
         o.output = Shapes::ShapeRef.new(shape: CheckNoPublicAccessResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: UnprocessableEntityException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
@@ -1366,10 +1377,10 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/access-preview"
         o.input = Shapes::ShapeRef.new(shape: CreateAccessPreviewRequest)
         o.output = Shapes::ShapeRef.new(shape: CreateAccessPreviewResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: ConflictException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
@@ -1395,8 +1406,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/analyzer/{analyzerName}/archive-rule"
         o.input = Shapes::ShapeRef.new(shape: CreateArchiveRuleRequest)
         o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
-        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
         o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
@@ -1436,8 +1447,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/recommendation/{id}"
         o.input = Shapes::ShapeRef.new(shape: GenerateFindingRecommendationRequest)
         o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1449,8 +1460,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: GetAccessPreviewRequest)
         o.output = Shapes::ShapeRef.new(shape: GetAccessPreviewResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1564,8 +1575,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/generation/{jobId}"
         o.input = Shapes::ShapeRef.new(shape: GetGeneratedPolicyRequest)
         o.output = Shapes::ShapeRef.new(shape: GetGeneratedPolicyResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1576,10 +1587,10 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/access-preview/{accessPreviewId}"
         o.input = Shapes::ShapeRef.new(shape: ListAccessPreviewFindingsRequest)
         o.output = Shapes::ShapeRef.new(shape: ListAccessPreviewFindingsResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: ConflictException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
         o[:pager] = Aws::Pager.new(
@@ -1597,8 +1608,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: ListAccessPreviewsRequest)
         o.output = Shapes::ShapeRef.new(shape: ListAccessPreviewsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
         o[:pager] = Aws::Pager.new(
@@ -1708,8 +1719,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/generation"
         o.input = Shapes::ShapeRef.new(shape: ListPolicyGenerationsRequest)
         o.output = Shapes::ShapeRef.new(shape: ListPolicyGenerationsResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
         o[:pager] = Aws::Pager.new(
@@ -1727,8 +1738,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: ListTagsForResourceRequest)
         o.output = Shapes::ShapeRef.new(shape: ListTagsForResourceResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1740,8 +1751,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: StartPolicyGenerationRequest)
         o.output = Shapes::ShapeRef.new(shape: StartPolicyGenerationResponse)
         o.errors << Shapes::ShapeRef.new(shape: ConflictException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
@@ -1767,8 +1778,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: TagResourceRequest)
         o.output = Shapes::ShapeRef.new(shape: TagResourceResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1780,8 +1791,8 @@ module Aws::AccessAnalyzer
         o.input = Shapes::ShapeRef.new(shape: UntagResourceRequest)
         o.output = Shapes::ShapeRef.new(shape: UntagResourceResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
@@ -1832,8 +1843,8 @@ module Aws::AccessAnalyzer
         o.http_request_uri = "/policy/validation"
         o.input = Shapes::ShapeRef.new(shape: ValidatePolicyRequest)
         o.output = Shapes::ShapeRef.new(shape: ValidatePolicyResponse)
-        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
         o[:pager] = Aws::Pager.new(

data/lib/aws-sdk-accessanalyzer/types.rb

@@ -3189,8 +3189,7 @@ module Aws::AccessAnalyzer
     end
 
     # The proposed `InternetConfiguration` or `VpcConfiguration` to apply to
-    # the Amazon S3 access point. `VpcConfiguration` does not apply to
-    # multi-region access points. You can make the access point accessible
+    # the Amazon S3 access point. You can make the access point accessible
     # from the internet, or you can specify that all requests made through
     # that access point must originate from a specific virtual private cloud
     # (VPC). You can specify only one type of network configuration. For
@@ -3666,7 +3665,7 @@ module Aws::AccessAnalyzer
     #   resource and neither is specified, the access preview uses
     #   `Internet` for the network origin. If the access preview is for an
     #   existing resource and neither is specified, the access preview uses
-    #   the exiting network origin.
+    #   the existing network origin.
     #   @return [Types::NetworkOriginConfiguration]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/S3AccessPointConfiguration AWS API Documentation
@@ -3756,6 +3755,49 @@ module Aws::AccessAnalyzer
       include Aws::Structure
     end
 
+    # Proposed configuration for an access point attached to an Amazon S3
+    # directory bucket. You can propose up to 10 access points per bucket.
+    # If the proposed access point configuration is for an existing Amazon
+    # S3 directory bucket, the access preview uses the proposed access point
+    # configuration in place of the existing access points. To propose an
+    # access point without a policy, you can provide an empty string as the
+    # access point policy. For more information about access points for
+    # Amazon S3 directory buckets, see [Managing access to directory buckets
+    # with access points][1] in the Amazon Simple Storage Service User
+    # Guide.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html
+    #
+    # @!attribute [rw] access_point_policy
+    #   The proposed access point policy for an Amazon S3 directory bucket
+    #   access point.
+    #   @return [String]
+    #
+    # @!attribute [rw] network_origin
+    #   The proposed `InternetConfiguration` or `VpcConfiguration` to apply
+    #   to the Amazon S3 access point. You can make the access point
+    #   accessible from the internet, or you can specify that all requests
+    #   made through that access point must originate from a specific
+    #   virtual private cloud (VPC). You can specify only one type of
+    #   network configuration. For more information, see [Creating access
+    #   points][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html
+    #   @return [Types::NetworkOriginConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/S3ExpressDirectoryAccessPointConfiguration AWS API Documentation
+    #
+    class S3ExpressDirectoryAccessPointConfiguration < Struct.new(
+      :access_point_policy,
+      :network_origin)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Proposed access control configuration for an Amazon S3 directory
     # bucket. You can propose a configuration for a new Amazon S3 directory
     # bucket or an existing Amazon S3 directory bucket that you own by
@@ -3767,7 +3809,8 @@ module Aws::AccessAnalyzer
     # assumes an directory bucket without a policy. To propose deletion of
     # an existing bucket policy, you can specify an empty string. For more
     # information about Amazon S3 directory bucket policies, see [Example
-    # directory bucket policies for S3 Express One Zone][1].
+    # bucket policies for directory buckets][1] in the Amazon Simple Storage
+    # Service User Guide.
     #
     #
     #
@@ -3777,10 +3820,15 @@ module Aws::AccessAnalyzer
     #   The proposed bucket policy for the Amazon S3 directory bucket.
     #   @return [String]
     #
+    # @!attribute [rw] access_points
+    #   The proposed access points for the Amazon S3 directory bucket.
+    #   @return [Hash<String,Types::S3ExpressDirectoryAccessPointConfiguration>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/S3ExpressDirectoryBucketConfiguration AWS API Documentation
     #
     class S3ExpressDirectoryBucketConfiguration < Struct.new(
-      :bucket_policy)
+      :bucket_policy,
+      :access_points)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-accessanalyzer.rb

@@ -54,7 +54,7 @@ module Aws::AccessAnalyzer
   autoload :EndpointProvider, 'aws-sdk-accessanalyzer/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-accessanalyzer/endpoints'
 
-  GEM_VERSION = '1.67.0'
+  GEM_VERSION = '1.69.0'
 
 end
 

data/sig/client.rbs

@@ -136,7 +136,7 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/AccessAnalyzer/Client.html#check_no_public_access-instance_method
       def check_no_public_access: (
                                     policy_document: ::String,
-                                    resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument")
+                                    resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument" | "AWS::S3Tables::TableBucket" | "AWS::ApiGateway::RestApi" | "AWS::CodeArtifact::Domain" | "AWS::Backup::BackupVault" | "AWS::CloudTrail::Dashboard" | "AWS::CloudTrail::EventDataStore" | "AWS::S3Tables::Table" | "AWS::S3Express::AccessPoint")
                                   ) -> _CheckNoPublicAccessResponseSuccess
                                 | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CheckNoPublicAccessResponseSuccess
 
@@ -230,7 +230,17 @@ module Aws
                                          queue_policy: ::String?
                                        }?,
                                        s3_express_directory_bucket: {
-                                         bucket_policy: ::String?
+                                         bucket_policy: ::String?,
+                                         access_points: Hash[::String, {
+                                             access_point_policy: ::String?,
+                                             network_origin: {
+                                               vpc_configuration: {
+                                                 vpc_id: ::String
+                                               }?,
+                                               internet_configuration: {
+                                               }?
+                                             }?
+                                           }]?
                                        }?,
                                        dynamodb_stream: {
                                          stream_policy: ::String?

data/sig/types.rbs

@@ -188,7 +188,7 @@ module Aws::AccessAnalyzer
 
     class CheckNoPublicAccessRequest
       attr_accessor policy_document: ::String
-      attr_accessor resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument")
+      attr_accessor resource_type: ("AWS::DynamoDB::Table" | "AWS::DynamoDB::Stream" | "AWS::EFS::FileSystem" | "AWS::OpenSearchService::Domain" | "AWS::Kinesis::Stream" | "AWS::Kinesis::StreamConsumer" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::S3::Bucket" | "AWS::S3::AccessPoint" | "AWS::S3Express::DirectoryBucket" | "AWS::S3::Glacier" | "AWS::S3Outposts::Bucket" | "AWS::S3Outposts::AccessPoint" | "AWS::SecretsManager::Secret" | "AWS::SNS::Topic" | "AWS::SQS::Queue" | "AWS::IAM::AssumeRolePolicyDocument" | "AWS::S3Tables::TableBucket" | "AWS::ApiGateway::RestApi" | "AWS::CodeArtifact::Domain" | "AWS::Backup::BackupVault" | "AWS::CloudTrail::Dashboard" | "AWS::CloudTrail::EventDataStore" | "AWS::S3Tables::Table" | "AWS::S3Express::AccessPoint")
       SENSITIVE: [:policy_document]
     end
 
@@ -961,8 +961,15 @@ module Aws::AccessAnalyzer
       SENSITIVE: []
     end
 
+    class S3ExpressDirectoryAccessPointConfiguration
+      attr_accessor access_point_policy: ::String
+      attr_accessor network_origin: Types::NetworkOriginConfiguration
+      SENSITIVE: []
+    end
+
     class S3ExpressDirectoryBucketConfiguration
       attr_accessor bucket_policy: ::String
+      attr_accessor access_points: ::Hash[::String, Types::S3ExpressDirectoryAccessPointConfiguration]
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-accessanalyzer
 version: !ruby/object:Gem::Version
-  version: 1.67.0
+  version: 1.69.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-02-13 00:00:00.000000000 Z
+date: 2025-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core