aws-sdk-auditmanager 1.22.0 → 1.25.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-auditmanager/client.rb +155 -15
- data/lib/aws-sdk-auditmanager/client_api.rb +7 -2
- data/lib/aws-sdk-auditmanager/errors.rb +16 -0
- data/lib/aws-sdk-auditmanager/types.rb +74 -14
- data/lib/aws-sdk-auditmanager.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a0735abba5c1d862b6b91cf899c4bee8f5db2c1422c155cbf2f0cf2a835deb2e
|
4
|
+
data.tar.gz: 28b425c78598800e366c9e92e46b91723cb83ddfe7c8fdd99e8c6807942a83b8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fefb30248da4ebca805dd6cbc451137f9605ff6de53eb6b4fedfc5c2b47cd37e0b6e83f8611dcdd308c29c5843e51ccf374b3f2de643031b54171464e69455ae
|
7
|
+
data.tar.gz: cc75e8e7786910896dd6fdb487c46bab32559fd7b4418742d7b4ba2463503371d1c3e58993d5b736af4acb5f46902ca03bda9afff495e1c137b746dfa2615170
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,21 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.25.0 (2022-06-07)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - This release introduces 2 updates to the Audit Manager API. The roleType and roleArn attributes are now required when you use the CreateAssessment or UpdateAssessment operation. We also added a throttling exception to the RegisterAccount API operation.
|
8
|
+
|
9
|
+
1.24.0 (2022-04-28)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - This release adds documentation updates for Audit Manager. We provided examples of how to use the Custom_ prefix for the keywordValue attribute. We also provided more details about the DeleteAssessmentReport operation.
|
13
|
+
|
14
|
+
1.23.0 (2022-03-31)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - This release adds documentation updates for Audit Manager. The updates provide data deletion guidance when a customer deregisters Audit Manager or deregisters a delegated administrator.
|
18
|
+
|
4
19
|
1.22.0 (2022-03-23)
|
5
20
|
------------------
|
6
21
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.25.0
|
@@ -660,8 +660,8 @@ module Aws::AuditManager
|
|
660
660
|
# },
|
661
661
|
# roles: [ # required
|
662
662
|
# {
|
663
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
664
|
-
# role_arn: "IamArn",
|
663
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
664
|
+
# role_arn: "IamArn", # required
|
665
665
|
# },
|
666
666
|
# ],
|
667
667
|
# framework_id: "UUID", # required
|
@@ -1063,7 +1063,35 @@ module Aws::AuditManager
|
|
1063
1063
|
req.send_request(options)
|
1064
1064
|
end
|
1065
1065
|
|
1066
|
-
# Deletes an assessment report
|
1066
|
+
# Deletes an assessment report in Audit Manager.
|
1067
|
+
#
|
1068
|
+
# When you run the `DeleteAssessmentReport` operation, Audit Manager
|
1069
|
+
# attempts to delete the following data:
|
1070
|
+
#
|
1071
|
+
# 1. The specified assessment report that’s stored in your S3 bucket
|
1072
|
+
#
|
1073
|
+
# 2. The associated metadata that’s stored in Audit Manager
|
1074
|
+
#
|
1075
|
+
# If Audit Manager can’t access the assessment report in your S3 bucket,
|
1076
|
+
# the report isn’t deleted. In this event, the `DeleteAssessmentReport`
|
1077
|
+
# operation doesn’t fail. Instead, it proceeds to delete the associated
|
1078
|
+
# metadata only. You must then delete the assessment report from the S3
|
1079
|
+
# bucket yourself.
|
1080
|
+
#
|
1081
|
+
# This scenario happens when Audit Manager receives a `403 (Forbidden)`
|
1082
|
+
# or `404 (Not Found)` error from Amazon S3. To avoid this, make sure
|
1083
|
+
# that your S3 bucket is available, and that you configured the correct
|
1084
|
+
# permissions for Audit Manager to delete resources in your S3 bucket.
|
1085
|
+
# For an example permissions policy that you can use, see [Assessment
|
1086
|
+
# report destination permissions][1] in the *Audit Manager User Guide*.
|
1087
|
+
# For information about the issues that could cause a `403 (Forbidden)`
|
1088
|
+
# or `404 (Not Found`) error from Amazon S3, see [List of Error
|
1089
|
+
# Codes][2] in the *Amazon Simple Storage Service API Reference*.
|
1090
|
+
#
|
1091
|
+
#
|
1092
|
+
#
|
1093
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/security_iam_id-based-policy-examples.html#full-administrator-access-assessment-report-destination
|
1094
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList
|
1067
1095
|
#
|
1068
1096
|
# @option params [required, String] :assessment_id
|
1069
1097
|
# The unique identifier for the assessment.
|
@@ -1113,6 +1141,48 @@ module Aws::AuditManager
|
|
1113
1141
|
|
1114
1142
|
# Deregisters an account in Audit Manager.
|
1115
1143
|
#
|
1144
|
+
# <note markdown="1"> When you deregister your account from Audit Manager, your data isn’t
|
1145
|
+
# deleted. If you want to delete your resource data, you must perform
|
1146
|
+
# that task separately before you deregister your account. Either, you
|
1147
|
+
# can do this in the Audit Manager console. Or, you can use one of the
|
1148
|
+
# delete API operations that are provided by Audit Manager.
|
1149
|
+
#
|
1150
|
+
# To delete your Audit Manager resource data, see the following
|
1151
|
+
# instructions:
|
1152
|
+
#
|
1153
|
+
# * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
|
1154
|
+
# *Audit Manager User Guide*)
|
1155
|
+
#
|
1156
|
+
# * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
|
1157
|
+
# framework][4] in the *Audit Manager User Guide*)
|
1158
|
+
#
|
1159
|
+
# * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
|
1160
|
+
# request][6] in the *Audit Manager User Guide*)
|
1161
|
+
#
|
1162
|
+
# * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
|
1163
|
+
# report][8] in the *Audit Manager User Guide*)
|
1164
|
+
#
|
1165
|
+
# * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
|
1166
|
+
# *Audit Manager User Guide*)
|
1167
|
+
#
|
1168
|
+
# At this time, Audit Manager doesn't provide an option to delete
|
1169
|
+
# evidence. All available delete operations are listed above.
|
1170
|
+
#
|
1171
|
+
# </note>
|
1172
|
+
#
|
1173
|
+
#
|
1174
|
+
#
|
1175
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
|
1176
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
|
1177
|
+
# [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
|
1178
|
+
# [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
|
1179
|
+
# [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
|
1180
|
+
# [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
|
1181
|
+
# [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
|
1182
|
+
# [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
|
1183
|
+
# [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
|
1184
|
+
# [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
|
1185
|
+
#
|
1116
1186
|
# @return [Types::DeregisterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1117
1187
|
#
|
1118
1188
|
# * {Types::DeregisterAccountResponse#status #status} => String
|
@@ -1130,16 +1200,59 @@ module Aws::AuditManager
|
|
1130
1200
|
req.send_request(options)
|
1131
1201
|
end
|
1132
1202
|
|
1133
|
-
# Removes the specified
|
1134
|
-
#
|
1203
|
+
# Removes the specified Amazon Web Services account as a delegated
|
1204
|
+
# administrator for Audit Manager.
|
1135
1205
|
#
|
1136
1206
|
# When you remove a delegated administrator from your Audit Manager
|
1137
1207
|
# settings, you continue to have access to the evidence that you
|
1138
1208
|
# previously collected under that account. This is also the case when
|
1139
|
-
# you deregister a delegated administrator from
|
1209
|
+
# you deregister a delegated administrator from Organizations. However,
|
1140
1210
|
# Audit Manager will stop collecting and attaching evidence to that
|
1141
1211
|
# delegated administrator account moving forward.
|
1142
1212
|
#
|
1213
|
+
# <note markdown="1"> When you deregister a delegated administrator account for Audit
|
1214
|
+
# Manager, the data for that account isn’t deleted. If you want to
|
1215
|
+
# delete resource data for a delegated administrator account, you must
|
1216
|
+
# perform that task separately before you deregister the account.
|
1217
|
+
# Either, you can do this in the Audit Manager console. Or, you can use
|
1218
|
+
# one of the delete API operations that are provided by Audit Manager.
|
1219
|
+
#
|
1220
|
+
# To delete your Audit Manager resource data, see the following
|
1221
|
+
# instructions:
|
1222
|
+
#
|
1223
|
+
# * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
|
1224
|
+
# *Audit Manager User Guide*)
|
1225
|
+
#
|
1226
|
+
# * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
|
1227
|
+
# framework][4] in the *Audit Manager User Guide*)
|
1228
|
+
#
|
1229
|
+
# * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
|
1230
|
+
# request][6] in the *Audit Manager User Guide*)
|
1231
|
+
#
|
1232
|
+
# * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
|
1233
|
+
# report][8] in the *Audit Manager User Guide*)
|
1234
|
+
#
|
1235
|
+
# * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
|
1236
|
+
# *Audit Manager User Guide*)
|
1237
|
+
#
|
1238
|
+
# At this time, Audit Manager doesn't provide an option to delete
|
1239
|
+
# evidence. All available delete operations are listed above.
|
1240
|
+
#
|
1241
|
+
# </note>
|
1242
|
+
#
|
1243
|
+
#
|
1244
|
+
#
|
1245
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
|
1246
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
|
1247
|
+
# [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
|
1248
|
+
# [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
|
1249
|
+
# [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
|
1250
|
+
# [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
|
1251
|
+
# [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
|
1252
|
+
# [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
|
1253
|
+
# [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
|
1254
|
+
# [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
|
1255
|
+
#
|
1143
1256
|
# @option params [String] :admin_account_id
|
1144
1257
|
# The identifier for the administrator account.
|
1145
1258
|
#
|
@@ -1954,8 +2067,8 @@ module Aws::AuditManager
|
|
1954
2067
|
req.send_request(options)
|
1955
2068
|
end
|
1956
2069
|
|
1957
|
-
# Returns a list of the in-scope Amazon Web Services
|
1958
|
-
#
|
2070
|
+
# Returns a list of the in-scope Amazon Web Services for the specified
|
2071
|
+
# assessment.
|
1959
2072
|
#
|
1960
2073
|
# @return [Types::GetServicesInScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1961
2074
|
#
|
@@ -2691,6 +2804,32 @@ module Aws::AuditManager
|
|
2691
2804
|
# custom framework is available. Recipients have 120 days to accept or
|
2692
2805
|
# decline the request. If no action is taken, the share request expires.
|
2693
2806
|
#
|
2807
|
+
# When you create a share request, Audit Manager stores a snapshot of
|
2808
|
+
# your custom framework in the US East (N. Virginia) Amazon Web Services
|
2809
|
+
# Region. Audit Manager also stores a backup of the same snapshot in the
|
2810
|
+
# US West (Oregon) Amazon Web Services Region.
|
2811
|
+
#
|
2812
|
+
# Audit Manager deletes the snapshot and the backup snapshot when one of
|
2813
|
+
# the following events occurs:
|
2814
|
+
#
|
2815
|
+
# * The sender revokes the share request.
|
2816
|
+
#
|
2817
|
+
# * The recipient declines the share request.
|
2818
|
+
#
|
2819
|
+
# * The recipient encounters an error and doesn't successfully accept
|
2820
|
+
# the share request.
|
2821
|
+
#
|
2822
|
+
# * The share request expires before the recipient responds to the
|
2823
|
+
# request.
|
2824
|
+
#
|
2825
|
+
# When a sender [resends a share request][1], the snapshot is replaced
|
2826
|
+
# with an updated version that corresponds with the latest version of
|
2827
|
+
# the custom framework.
|
2828
|
+
#
|
2829
|
+
# When a recipient accepts a share request, the snapshot is replicated
|
2830
|
+
# into their Amazon Web Services account under the Amazon Web Services
|
2831
|
+
# Region that was specified in the share request.
|
2832
|
+
#
|
2694
2833
|
# When you invoke the `StartAssessmentFrameworkShare` API, you are about
|
2695
2834
|
# to share a custom framework with another Amazon Web Services account.
|
2696
2835
|
# You may not share a custom framework that is derived from a standard
|
@@ -2698,11 +2837,12 @@ module Aws::AuditManager
|
|
2698
2837
|
# sharing by Amazon Web Services, unless you have obtained permission to
|
2699
2838
|
# do so from the owner of the standard framework. To learn more about
|
2700
2839
|
# which standard frameworks are eligible for sharing, see [Framework
|
2701
|
-
# sharing eligibility][
|
2840
|
+
# sharing eligibility][2] in the *Audit Manager User Guide*.
|
2702
2841
|
#
|
2703
2842
|
#
|
2704
2843
|
#
|
2705
|
-
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/
|
2844
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/framework-sharing.html#framework-sharing-resend
|
2845
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/share-custom-framework-concepts-and-terminology.html#eligibility
|
2706
2846
|
#
|
2707
2847
|
# @option params [required, String] :framework_id
|
2708
2848
|
# The unique identifier for the custom framework to be shared.
|
@@ -2861,8 +3001,8 @@ module Aws::AuditManager
|
|
2861
3001
|
# },
|
2862
3002
|
# roles: [
|
2863
3003
|
# {
|
2864
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
2865
|
-
# role_arn: "IamArn",
|
3004
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
3005
|
+
# role_arn: "IamArn", # required
|
2866
3006
|
# },
|
2867
3007
|
# ],
|
2868
3008
|
# })
|
@@ -3460,8 +3600,8 @@ module Aws::AuditManager
|
|
3460
3600
|
# },
|
3461
3601
|
# default_process_owners: [
|
3462
3602
|
# {
|
3463
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
3464
|
-
# role_arn: "IamArn",
|
3603
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
3604
|
+
# role_arn: "IamArn", # required
|
3465
3605
|
# },
|
3466
3606
|
# ],
|
3467
3607
|
# kms_key: "KmsKey",
|
@@ -3538,7 +3678,7 @@ module Aws::AuditManager
|
|
3538
3678
|
params: params,
|
3539
3679
|
config: config)
|
3540
3680
|
context[:gem_name] = 'aws-sdk-auditmanager'
|
3541
|
-
context[:gem_version] = '1.
|
3681
|
+
context[:gem_version] = '1.25.0'
|
3542
3682
|
Seahorse::Client::Request.new(handlers, context)
|
3543
3683
|
end
|
3544
3684
|
|
@@ -281,6 +281,7 @@ module Aws::AuditManager
|
|
281
281
|
TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse')
|
282
282
|
TagValue = Shapes::StringShape.new(name: 'TagValue')
|
283
283
|
TestingInformation = Shapes::StringShape.new(name: 'TestingInformation')
|
284
|
+
ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
|
284
285
|
Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
|
285
286
|
TimestampUUID = Shapes::StringShape.new(name: 'TimestampUUID')
|
286
287
|
Token = Shapes::StringShape.new(name: 'Token')
|
@@ -1135,8 +1136,8 @@ module Aws::AuditManager
|
|
1135
1136
|
|
1136
1137
|
Resources.member = Shapes::ShapeRef.new(shape: Resource)
|
1137
1138
|
|
1138
|
-
Role.add_member(:role_type, Shapes::ShapeRef.new(shape: RoleType, location_name: "roleType"))
|
1139
|
-
Role.add_member(:role_arn, Shapes::ShapeRef.new(shape: IamArn, location_name: "roleArn"))
|
1139
|
+
Role.add_member(:role_type, Shapes::ShapeRef.new(shape: RoleType, required: true, location_name: "roleType"))
|
1140
|
+
Role.add_member(:role_arn, Shapes::ShapeRef.new(shape: IamArn, required: true, location_name: "roleArn"))
|
1140
1141
|
Role.struct_class = Types::Role
|
1141
1142
|
|
1142
1143
|
Roles.member = Shapes::ShapeRef.new(shape: Role)
|
@@ -1184,6 +1185,9 @@ module Aws::AuditManager
|
|
1184
1185
|
|
1185
1186
|
TagResourceResponse.struct_class = Types::TagResourceResponse
|
1186
1187
|
|
1188
|
+
ThrottlingException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
|
1189
|
+
ThrottlingException.struct_class = Types::ThrottlingException
|
1190
|
+
|
1187
1191
|
URL.add_member(:hyperlink_name, Shapes::ShapeRef.new(shape: HyperlinkName, location_name: "hyperlinkName"))
|
1188
1192
|
URL.add_member(:link, Shapes::ShapeRef.new(shape: UrlLink, location_name: "link"))
|
1189
1193
|
URL.struct_class = Types::URL
|
@@ -1971,6 +1975,7 @@ module Aws::AuditManager
|
|
1971
1975
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
1972
1976
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
1973
1977
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
1978
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
1974
1979
|
end)
|
1975
1980
|
|
1976
1981
|
api.add_operation(:register_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
@@ -30,6 +30,7 @@ module Aws::AuditManager
|
|
30
30
|
# * {AccessDeniedException}
|
31
31
|
# * {InternalServerException}
|
32
32
|
# * {ResourceNotFoundException}
|
33
|
+
# * {ThrottlingException}
|
33
34
|
# * {ValidationException}
|
34
35
|
#
|
35
36
|
# Additionally, error classes are dynamically generated for service errors based on the error code
|
@@ -93,6 +94,21 @@ module Aws::AuditManager
|
|
93
94
|
end
|
94
95
|
end
|
95
96
|
|
97
|
+
class ThrottlingException < ServiceError
|
98
|
+
|
99
|
+
# @param [Seahorse::Client::RequestContext] context
|
100
|
+
# @param [String] message
|
101
|
+
# @param [Aws::AuditManager::Types::ThrottlingException] data
|
102
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
103
|
+
super(context, message, data)
|
104
|
+
end
|
105
|
+
|
106
|
+
# @return [String]
|
107
|
+
def message
|
108
|
+
@message || @data[:message]
|
109
|
+
end
|
110
|
+
end
|
111
|
+
|
96
112
|
class ValidationException < ServiceError
|
97
113
|
|
98
114
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -278,8 +278,7 @@ module Aws::AuditManager
|
|
278
278
|
# @!attribute [rw] evidence_by_type_configuration_data_count
|
279
279
|
# The number of evidence that falls under the configuration data
|
280
280
|
# category. This evidence is collected from configuration snapshots of
|
281
|
-
# other Amazon Web Services
|
282
|
-
# IAM.
|
281
|
+
# other Amazon Web Services such as Amazon EC2, Amazon S3, or IAM.
|
283
282
|
# @return [Integer]
|
284
283
|
#
|
285
284
|
# @!attribute [rw] evidence_by_type_manual_count
|
@@ -1747,8 +1746,8 @@ module Aws::AuditManager
|
|
1747
1746
|
# },
|
1748
1747
|
# roles: [ # required
|
1749
1748
|
# {
|
1750
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
1751
|
-
# role_arn: "IamArn",
|
1749
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
1750
|
+
# role_arn: "IamArn", # required
|
1752
1751
|
# },
|
1753
1752
|
# ],
|
1754
1753
|
# framework_id: "UUID", # required
|
@@ -4174,8 +4173,8 @@ module Aws::AuditManager
|
|
4174
4173
|
# data as a hash:
|
4175
4174
|
#
|
4176
4175
|
# {
|
4177
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4178
|
-
# role_arn: "IamArn",
|
4176
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
4177
|
+
# role_arn: "IamArn", # required
|
4179
4178
|
# }
|
4180
4179
|
#
|
4181
4180
|
# @!attribute [rw] role_type
|
@@ -4321,13 +4320,61 @@ module Aws::AuditManager
|
|
4321
4320
|
# }
|
4322
4321
|
#
|
4323
4322
|
# @!attribute [rw] keyword_input_type
|
4324
|
-
# The method
|
4323
|
+
# The input method for the keyword.
|
4325
4324
|
# @return [String]
|
4326
4325
|
#
|
4327
4326
|
# @!attribute [rw] keyword_value
|
4328
|
-
# The value of the keyword that's used
|
4329
|
-
#
|
4330
|
-
#
|
4327
|
+
# The value of the keyword that's used when mapping a control data
|
4328
|
+
# source. For example, this can be a CloudTrail event name, a rule
|
4329
|
+
# name for Config, a Security Hub control, or the name of an Amazon
|
4330
|
+
# Web Services API call.
|
4331
|
+
#
|
4332
|
+
# If you’re mapping a data source to a rule in Config, the
|
4333
|
+
# `keywordValue` that you specify depends on the type of rule:
|
4334
|
+
#
|
4335
|
+
# * For [managed rules][1], you can use the rule identifier as the
|
4336
|
+
# `keywordValue`. You can find the rule identifier from the [list of
|
4337
|
+
# Config managed rules][2].
|
4338
|
+
#
|
4339
|
+
# * Managed rule name: [s3-bucket-acl-prohibited][3]
|
4340
|
+
#
|
4341
|
+
# `keywordValue`\: `S3_BUCKET_ACL_PROHIBITED`
|
4342
|
+
#
|
4343
|
+
# * For [custom rules][4], you form the `keywordValue` by adding the
|
4344
|
+
# `Custom_` prefix to the rule name. This prefix distinguishes the
|
4345
|
+
# rule from a managed rule.
|
4346
|
+
#
|
4347
|
+
# * Custom rule name: my-custom-config-rule
|
4348
|
+
#
|
4349
|
+
# `keywordValue`\: `Custom_my-custom-config-rule`
|
4350
|
+
#
|
4351
|
+
# * For [service-linked rules][5], you form the `keywordValue` by
|
4352
|
+
# adding the `Custom_` prefix to the rule name. In addition, you
|
4353
|
+
# remove the suffix ID that appears at the end of the rule name.
|
4354
|
+
#
|
4355
|
+
# * Service-linked rule name:
|
4356
|
+
# CustomRuleForAccount-conformance-pack-szsm1uv0w
|
4357
|
+
#
|
4358
|
+
# `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
|
4359
|
+
#
|
4360
|
+
# * Service-linked rule name:
|
4361
|
+
# securityhub-api-gw-cache-encrypted-101104e1
|
4362
|
+
#
|
4363
|
+
# `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
|
4364
|
+
#
|
4365
|
+
# * Service-linked rule name:
|
4366
|
+
# OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
|
4367
|
+
#
|
4368
|
+
# `keywordValue`\:
|
4369
|
+
# `Custom_OrgConfigRule-s3-bucket-versioning-enabled`
|
4370
|
+
#
|
4371
|
+
#
|
4372
|
+
#
|
4373
|
+
# [1]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html
|
4374
|
+
# [2]: https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html
|
4375
|
+
# [3]: https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-acl-prohibited.html
|
4376
|
+
# [4]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html
|
4377
|
+
# [5]: https://docs.aws.amazon.com/config/latest/developerguide/service-linked-awsconfig-rules.html
|
4331
4378
|
# @return [String]
|
4332
4379
|
#
|
4333
4380
|
# @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/SourceKeyword AWS API Documentation
|
@@ -4420,6 +4467,19 @@ module Aws::AuditManager
|
|
4420
4467
|
#
|
4421
4468
|
class TagResourceResponse < Aws::EmptyStructure; end
|
4422
4469
|
|
4470
|
+
# The request was denied due to request throttling.
|
4471
|
+
#
|
4472
|
+
# @!attribute [rw] message
|
4473
|
+
# @return [String]
|
4474
|
+
#
|
4475
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/ThrottlingException AWS API Documentation
|
4476
|
+
#
|
4477
|
+
class ThrottlingException < Struct.new(
|
4478
|
+
:message)
|
4479
|
+
SENSITIVE = []
|
4480
|
+
include Aws::Structure
|
4481
|
+
end
|
4482
|
+
|
4423
4483
|
# Short for uniform resource locator. A URL is used as a unique
|
4424
4484
|
# identifier to locate a resource on the internet.
|
4425
4485
|
#
|
@@ -4751,8 +4811,8 @@ module Aws::AuditManager
|
|
4751
4811
|
# },
|
4752
4812
|
# roles: [
|
4753
4813
|
# {
|
4754
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4755
|
-
# role_arn: "IamArn",
|
4814
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
4815
|
+
# role_arn: "IamArn", # required
|
4756
4816
|
# },
|
4757
4817
|
# ],
|
4758
4818
|
# }
|
@@ -4940,8 +5000,8 @@ module Aws::AuditManager
|
|
4940
5000
|
# },
|
4941
5001
|
# default_process_owners: [
|
4942
5002
|
# {
|
4943
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4944
|
-
# role_arn: "IamArn",
|
5003
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
5004
|
+
# role_arn: "IamArn", # required
|
4945
5005
|
# },
|
4946
5006
|
# ],
|
4947
5007
|
# kms_key: "KmsKey",
|
data/lib/aws-sdk-auditmanager.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-auditmanager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.25.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|