aws-sdk-auditmanager 1.21.0 → 1.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1aa67868bc5168765a006eb1e85f22790a7458ea3affa0956776eed29975f83a
-  data.tar.gz: 64094150daddc01c3ffd6742dbd901dbe9ce8d1c4e2dd4f3d44566d41ca2f665
+  metadata.gz: b2463985326c4e8f2e362e77a9427fc47072173b9ff279ba09f10e5fc458ebf0
+  data.tar.gz: 81b1223019962a51db9853a74406b7d09b91753abf0d9c014be6ac885340c280
 SHA512:
-  metadata.gz: 2a86cef96ae21b765fbf4737a785e92b6b31ebd8d97d2bab7ba45794acf1e9bcd7f979d47302235807fd96ee2fbc56d7e3fa65ee0bccdadd01646cf71a3cc98a
-  data.tar.gz: f8020dee4c1a0388a252e665bac72b249f6d6aacf06e496c238d6c71167753bf0ccd55ac68b1b2e47dc57a27939ac5fe3d46b8e7f7db09658bae9d83b74ba507
+  metadata.gz: dd22a0016bb1472f297fee2d9d4530a976d1de27ebfc73383f22efbbdaf1539d8094a755a4124975e6ef6db007429c56ad9c3802553d674b8fa704600f84ebe0
+  data.tar.gz: faefb73fb6f656552d28939ae0a6b7e2b75f4a0f7bb44f6bf53009b9b7adb8f5939d5e4ac29f7e71e6f0e7fdc776c01d05acef588a39caf8cfa94c0162dbf1f8

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
 
+1.24.0 (2022-04-28)
+------------------
+
+* Feature - This release adds documentation updates for Audit Manager. We provided examples of how to use the Custom_ prefix for the keywordValue attribute. We also provided more details about the DeleteAssessmentReport operation.
+
+1.23.0 (2022-03-31)
+------------------
+
+* Feature - This release adds documentation updates for Audit Manager. The updates provide data deletion guidance when a customer deregisters Audit Manager or deregisters a delegated administrator.
+
+1.22.0 (2022-03-23)
+------------------
+
+* Feature - This release updates 1 API parameter, the SnsArn attribute. The character length and regex pattern for the SnsArn attribute have been updated, which enables you to deselect an SNS topic when using the UpdateSettings operation.
+
 1.21.0 (2022-02-24)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.21.0
+1.24.0

data/lib/aws-sdk-auditmanager/client.rb

@@ -1063,7 +1063,35 @@ module Aws::AuditManager
       req.send_request(options)
     end
 
-    # Deletes an assessment report from an assessment in Audit Manager.
+    # Deletes an assessment report in Audit Manager.
+    #
+    # When you run the `DeleteAssessmentReport` operation, Audit Manager
+    # attempts to delete the following data:
+    #
+    # 1.  The specified assessment report that’s stored in your S3 bucket
+    #
+    # 2.  The associated metadata that’s stored in Audit Manager
+    #
+    # If Audit Manager can’t access the assessment report in your S3 bucket,
+    # the report isn’t deleted. In this event, the `DeleteAssessmentReport`
+    # operation doesn’t fail. Instead, it proceeds to delete the associated
+    # metadata only. You must then delete the assessment report from the S3
+    # bucket yourself.
+    #
+    # This scenario happens when Audit Manager receives a `403 (Forbidden)`
+    # or `404 (Not Found)` error from Amazon S3. To avoid this, make sure
+    # that your S3 bucket is available, and that you configured the correct
+    # permissions for Audit Manager to delete resources in your S3 bucket.
+    # For an example permissions policy that you can use, see [Assessment
+    # report destination permissions][1] in the *Audit Manager User Guide*.
+    # For information about the issues that could cause a `403 (Forbidden)`
+    # or `404 (Not Found`) error from Amazon S3, see [List of Error
+    # Codes][2] in the *Amazon Simple Storage Service API Reference*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/security_iam_id-based-policy-examples.html#full-administrator-access-assessment-report-destination
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList
     #
     # @option params [required, String] :assessment_id
     #   The unique identifier for the assessment.
@@ -1113,6 +1141,48 @@ module Aws::AuditManager
 
     # Deregisters an account in Audit Manager.
     #
+    # <note markdown="1"> When you deregister your account from Audit Manager, your data isn’t
+    # deleted. If you want to delete your resource data, you must perform
+    # that task separately before you deregister your account. Either, you
+    # can do this in the Audit Manager console. Or, you can use one of the
+    # delete API operations that are provided by Audit Manager.
+    #
+    #  To delete your Audit Manager resource data, see the following
+    # instructions:
+    #
+    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
+    #   *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
+    #   framework][4] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
+    #   request][6] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
+    #   report][8] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
+    #   *Audit Manager User Guide*)
+    #
+    #  At this time, Audit Manager doesn't provide an option to delete
+    # evidence. All available delete operations are listed above.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
+    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
+    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
+    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
+    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
+    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
+    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    #
     # @return [Types::DeregisterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::DeregisterAccountResponse#status #status} => String
@@ -1130,16 +1200,59 @@ module Aws::AuditManager
       req.send_request(options)
     end
 
-    # Removes the specified member Amazon Web Services account as a
-    # delegated administrator for Audit Manager.
+    # Removes the specified Amazon Web Services account as a delegated
+    # administrator for Audit Manager.
     #
     # When you remove a delegated administrator from your Audit Manager
     # settings, you continue to have access to the evidence that you
     # previously collected under that account. This is also the case when
-    # you deregister a delegated administrator from Audit Manager. However,
+    # you deregister a delegated administrator from Organizations. However,
     # Audit Manager will stop collecting and attaching evidence to that
     # delegated administrator account moving forward.
     #
+    # <note markdown="1"> When you deregister a delegated administrator account for Audit
+    # Manager, the data for that account isn’t deleted. If you want to
+    # delete resource data for a delegated administrator account, you must
+    # perform that task separately before you deregister the account.
+    # Either, you can do this in the Audit Manager console. Or, you can use
+    # one of the delete API operations that are provided by Audit Manager.
+    #
+    #  To delete your Audit Manager resource data, see the following
+    # instructions:
+    #
+    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
+    #   *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
+    #   framework][4] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
+    #   request][6] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
+    #   report][8] in the *Audit Manager User Guide*)
+    #
+    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
+    #   *Audit Manager User Guide*)
+    #
+    #  At this time, Audit Manager doesn't provide an option to delete
+    # evidence. All available delete operations are listed above.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
+    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
+    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
+    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
+    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
+    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
+    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    #
     # @option params [String] :admin_account_id
     #   The identifier for the administrator account.
     #
@@ -3538,7 +3651,7 @@ module Aws::AuditManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-auditmanager'
-      context[:gem_version] = '1.21.0'
+      context[:gem_version] = '1.24.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-auditmanager/types.rb

@@ -4321,13 +4321,61 @@ module Aws::AuditManager
     #       }
     #
     # @!attribute [rw] keyword_input_type
-    #   The method of input for the keyword.
+    #   The input method for the keyword.
     #   @return [String]
     #
     # @!attribute [rw] keyword_value
-    #   The value of the keyword that's used to search CloudTrail logs,
-    #   Config rules, Security Hub checks, and Amazon Web Services API names
-    #   when mapping a control data source.
+    #   The value of the keyword that's used when mapping a control data
+    #   source. For example, this can be a CloudTrail event name, a rule
+    #   name for Config, a Security Hub control, or the name of an Amazon
+    #   Web Services API call.
+    #
+    #   If you’re mapping a data source to a rule in Config, the
+    #   `keywordValue` that you specify depends on the type of rule:
+    #
+    #   * For [managed rules][1], you can use the rule identifier as the
+    #     `keywordValue`. You can find the rule identifier from the [list of
+    #     Config managed rules][2].
+    #
+    #     * Managed rule name: [s3-bucket-acl-prohibited][3]
+    #
+    #       `keywordValue`\: `S3_BUCKET_ACL_PROHIBITED`
+    #
+    #   * For [custom rules][4], you form the `keywordValue` by adding the
+    #     `Custom_` prefix to the rule name. This prefix distinguishes the
+    #     rule from a managed rule.
+    #
+    #     * Custom rule name: my-custom-config-rule
+    #
+    #       `keywordValue`\: `Custom_my-custom-config-rule`
+    #
+    #   * For [service-linked rules][5], you form the `keywordValue` by
+    #     adding the `Custom_` prefix to the rule name. In addition, you
+    #     remove the suffix ID that appears at the end of the rule name.
+    #
+    #     * Service-linked rule name:
+    #       CustomRuleForAccount-conformance-pack-szsm1uv0w
+    #
+    #       `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
+    #
+    #     * Service-linked rule name:
+    #       securityhub-api-gw-cache-encrypted-101104e1
+    #
+    #       `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
+    #
+    #     * Service-linked rule name:
+    #       OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
+    #
+    #       `keywordValue`\:
+    #       `Custom_OrgConfigRule-s3-bucket-versioning-enabled`
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html
+    #   [2]: https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html
+    #   [3]: https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-acl-prohibited.html
+    #   [4]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html
+    #   [5]: https://docs.aws.amazon.com/config/latest/developerguide/service-linked-awsconfig-rules.html
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/SourceKeyword AWS API Documentation

data/lib/aws-sdk-auditmanager.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-auditmanager/customizations'
 # @!group service
 module Aws::AuditManager
 
-  GEM_VERSION = '1.21.0'
+  GEM_VERSION = '1.24.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-auditmanager
 version: !ruby/object:Gem::Version
-  version: 1.21.0
+  version: 1.24.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-24 00:00:00.000000000 Z
+date: 2022-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core