aws-sdk-auditmanager 1.23.0 → 1.26.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-auditmanager/client.rb +67 -12
- data/lib/aws-sdk-auditmanager/client_api.rb +15 -2
- data/lib/aws-sdk-auditmanager/errors.rb +32 -0
- data/lib/aws-sdk-auditmanager/types.rb +153 -14
- data/lib/aws-sdk-auditmanager.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 85293e710b9fde06bc424368aedd260eba403da7e2ad96071c25303749becc72
|
4
|
+
data.tar.gz: 8e3cea7674bcd05eab13df691f5a34273ee08d6ce435b11c82d6ddd746424d6f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e0d3c2bd3224884f3e73aa29f0ade496dfbe545442c9ba22b29070f5ff77b8fdbc1d4ab28bdd1bf736d10dcf64eaa63d7474ddd1c380eea3e473390360a3cd8b
|
7
|
+
data.tar.gz: 607ef3f41f13ac29557a612a8cb81f14396e88cb94e166c6a2a7354e3db10cdbad4a5baea50122134fe9c8a3fdf8854b8d807a01cb86285026d9ff48d4bcdd4b
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,21 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.26.0 (2022-07-27)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - This release adds an exceeded quota exception to several APIs. We added a ServiceQuotaExceededException for the following operations: CreateAssessment, CreateControl, CreateAssessmentFramework, and UpdateAssessmentStatus.
|
8
|
+
|
9
|
+
1.25.0 (2022-06-07)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - This release introduces 2 updates to the Audit Manager API. The roleType and roleArn attributes are now required when you use the CreateAssessment or UpdateAssessment operation. We also added a throttling exception to the RegisterAccount API operation.
|
13
|
+
|
14
|
+
1.24.0 (2022-04-28)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - This release adds documentation updates for Audit Manager. We provided examples of how to use the Custom_ prefix for the keywordValue attribute. We also provided more details about the DeleteAssessmentReport operation.
|
18
|
+
|
4
19
|
1.23.0 (2022-03-31)
|
5
20
|
------------------
|
6
21
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.26.0
|
@@ -660,8 +660,8 @@ module Aws::AuditManager
|
|
660
660
|
# },
|
661
661
|
# roles: [ # required
|
662
662
|
# {
|
663
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
664
|
-
# role_arn: "IamArn",
|
663
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
664
|
+
# role_arn: "IamArn", # required
|
665
665
|
# },
|
666
666
|
# ],
|
667
667
|
# framework_id: "UUID", # required
|
@@ -1063,7 +1063,35 @@ module Aws::AuditManager
|
|
1063
1063
|
req.send_request(options)
|
1064
1064
|
end
|
1065
1065
|
|
1066
|
-
# Deletes an assessment report
|
1066
|
+
# Deletes an assessment report in Audit Manager.
|
1067
|
+
#
|
1068
|
+
# When you run the `DeleteAssessmentReport` operation, Audit Manager
|
1069
|
+
# attempts to delete the following data:
|
1070
|
+
#
|
1071
|
+
# 1. The specified assessment report that’s stored in your S3 bucket
|
1072
|
+
#
|
1073
|
+
# 2. The associated metadata that’s stored in Audit Manager
|
1074
|
+
#
|
1075
|
+
# If Audit Manager can’t access the assessment report in your S3 bucket,
|
1076
|
+
# the report isn’t deleted. In this event, the `DeleteAssessmentReport`
|
1077
|
+
# operation doesn’t fail. Instead, it proceeds to delete the associated
|
1078
|
+
# metadata only. You must then delete the assessment report from the S3
|
1079
|
+
# bucket yourself.
|
1080
|
+
#
|
1081
|
+
# This scenario happens when Audit Manager receives a `403 (Forbidden)`
|
1082
|
+
# or `404 (Not Found)` error from Amazon S3. To avoid this, make sure
|
1083
|
+
# that your S3 bucket is available, and that you configured the correct
|
1084
|
+
# permissions for Audit Manager to delete resources in your S3 bucket.
|
1085
|
+
# For an example permissions policy that you can use, see [Assessment
|
1086
|
+
# report destination permissions][1] in the *Audit Manager User Guide*.
|
1087
|
+
# For information about the issues that could cause a `403 (Forbidden)`
|
1088
|
+
# or `404 (Not Found`) error from Amazon S3, see [List of Error
|
1089
|
+
# Codes][2] in the *Amazon Simple Storage Service API Reference*.
|
1090
|
+
#
|
1091
|
+
#
|
1092
|
+
#
|
1093
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/security_iam_id-based-policy-examples.html#full-administrator-access-assessment-report-destination
|
1094
|
+
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList
|
1067
1095
|
#
|
1068
1096
|
# @option params [required, String] :assessment_id
|
1069
1097
|
# The unique identifier for the assessment.
|
@@ -2039,8 +2067,8 @@ module Aws::AuditManager
|
|
2039
2067
|
req.send_request(options)
|
2040
2068
|
end
|
2041
2069
|
|
2042
|
-
# Returns a list of the in-scope Amazon Web Services
|
2043
|
-
#
|
2070
|
+
# Returns a list of the in-scope Amazon Web Services for the specified
|
2071
|
+
# assessment.
|
2044
2072
|
#
|
2045
2073
|
# @return [Types::GetServicesInScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2046
2074
|
#
|
@@ -2776,6 +2804,32 @@ module Aws::AuditManager
|
|
2776
2804
|
# custom framework is available. Recipients have 120 days to accept or
|
2777
2805
|
# decline the request. If no action is taken, the share request expires.
|
2778
2806
|
#
|
2807
|
+
# When you create a share request, Audit Manager stores a snapshot of
|
2808
|
+
# your custom framework in the US East (N. Virginia) Amazon Web Services
|
2809
|
+
# Region. Audit Manager also stores a backup of the same snapshot in the
|
2810
|
+
# US West (Oregon) Amazon Web Services Region.
|
2811
|
+
#
|
2812
|
+
# Audit Manager deletes the snapshot and the backup snapshot when one of
|
2813
|
+
# the following events occurs:
|
2814
|
+
#
|
2815
|
+
# * The sender revokes the share request.
|
2816
|
+
#
|
2817
|
+
# * The recipient declines the share request.
|
2818
|
+
#
|
2819
|
+
# * The recipient encounters an error and doesn't successfully accept
|
2820
|
+
# the share request.
|
2821
|
+
#
|
2822
|
+
# * The share request expires before the recipient responds to the
|
2823
|
+
# request.
|
2824
|
+
#
|
2825
|
+
# When a sender [resends a share request][1], the snapshot is replaced
|
2826
|
+
# with an updated version that corresponds with the latest version of
|
2827
|
+
# the custom framework.
|
2828
|
+
#
|
2829
|
+
# When a recipient accepts a share request, the snapshot is replicated
|
2830
|
+
# into their Amazon Web Services account under the Amazon Web Services
|
2831
|
+
# Region that was specified in the share request.
|
2832
|
+
#
|
2779
2833
|
# When you invoke the `StartAssessmentFrameworkShare` API, you are about
|
2780
2834
|
# to share a custom framework with another Amazon Web Services account.
|
2781
2835
|
# You may not share a custom framework that is derived from a standard
|
@@ -2783,11 +2837,12 @@ module Aws::AuditManager
|
|
2783
2837
|
# sharing by Amazon Web Services, unless you have obtained permission to
|
2784
2838
|
# do so from the owner of the standard framework. To learn more about
|
2785
2839
|
# which standard frameworks are eligible for sharing, see [Framework
|
2786
|
-
# sharing eligibility][
|
2840
|
+
# sharing eligibility][2] in the *Audit Manager User Guide*.
|
2787
2841
|
#
|
2788
2842
|
#
|
2789
2843
|
#
|
2790
|
-
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/
|
2844
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/framework-sharing.html#framework-sharing-resend
|
2845
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/share-custom-framework-concepts-and-terminology.html#eligibility
|
2791
2846
|
#
|
2792
2847
|
# @option params [required, String] :framework_id
|
2793
2848
|
# The unique identifier for the custom framework to be shared.
|
@@ -2946,8 +3001,8 @@ module Aws::AuditManager
|
|
2946
3001
|
# },
|
2947
3002
|
# roles: [
|
2948
3003
|
# {
|
2949
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
2950
|
-
# role_arn: "IamArn",
|
3004
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
3005
|
+
# role_arn: "IamArn", # required
|
2951
3006
|
# },
|
2952
3007
|
# ],
|
2953
3008
|
# })
|
@@ -3545,8 +3600,8 @@ module Aws::AuditManager
|
|
3545
3600
|
# },
|
3546
3601
|
# default_process_owners: [
|
3547
3602
|
# {
|
3548
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
3549
|
-
# role_arn: "IamArn",
|
3603
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
3604
|
+
# role_arn: "IamArn", # required
|
3550
3605
|
# },
|
3551
3606
|
# ],
|
3552
3607
|
# kms_key: "KmsKey",
|
@@ -3623,7 +3678,7 @@ module Aws::AuditManager
|
|
3623
3678
|
params: params,
|
3624
3679
|
config: config)
|
3625
3680
|
context[:gem_name] = 'aws-sdk-auditmanager'
|
3626
|
-
context[:gem_version] = '1.
|
3681
|
+
context[:gem_version] = '1.26.0'
|
3627
3682
|
Seahorse::Client::Request.new(handlers, context)
|
3628
3683
|
end
|
3629
3684
|
|
@@ -258,6 +258,7 @@ module Aws::AuditManager
|
|
258
258
|
Scope = Shapes::StructureShape.new(name: 'Scope')
|
259
259
|
ServiceMetadata = Shapes::StructureShape.new(name: 'ServiceMetadata')
|
260
260
|
ServiceMetadataList = Shapes::ListShape.new(name: 'ServiceMetadataList')
|
261
|
+
ServiceQuotaExceededException = Shapes::StructureShape.new(name: 'ServiceQuotaExceededException')
|
261
262
|
SettingAttribute = Shapes::StringShape.new(name: 'SettingAttribute')
|
262
263
|
Settings = Shapes::StructureShape.new(name: 'Settings')
|
263
264
|
ShareRequestAction = Shapes::StringShape.new(name: 'ShareRequestAction')
|
@@ -281,6 +282,7 @@ module Aws::AuditManager
|
|
281
282
|
TagResourceResponse = Shapes::StructureShape.new(name: 'TagResourceResponse')
|
282
283
|
TagValue = Shapes::StringShape.new(name: 'TagValue')
|
283
284
|
TestingInformation = Shapes::StringShape.new(name: 'TestingInformation')
|
285
|
+
ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
|
284
286
|
Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
|
285
287
|
TimestampUUID = Shapes::StringShape.new(name: 'TimestampUUID')
|
286
288
|
Token = Shapes::StringShape.new(name: 'Token')
|
@@ -1135,8 +1137,8 @@ module Aws::AuditManager
|
|
1135
1137
|
|
1136
1138
|
Resources.member = Shapes::ShapeRef.new(shape: Resource)
|
1137
1139
|
|
1138
|
-
Role.add_member(:role_type, Shapes::ShapeRef.new(shape: RoleType, location_name: "roleType"))
|
1139
|
-
Role.add_member(:role_arn, Shapes::ShapeRef.new(shape: IamArn, location_name: "roleArn"))
|
1140
|
+
Role.add_member(:role_type, Shapes::ShapeRef.new(shape: RoleType, required: true, location_name: "roleType"))
|
1141
|
+
Role.add_member(:role_arn, Shapes::ShapeRef.new(shape: IamArn, required: true, location_name: "roleArn"))
|
1140
1142
|
Role.struct_class = Types::Role
|
1141
1143
|
|
1142
1144
|
Roles.member = Shapes::ShapeRef.new(shape: Role)
|
@@ -1153,6 +1155,9 @@ module Aws::AuditManager
|
|
1153
1155
|
|
1154
1156
|
ServiceMetadataList.member = Shapes::ShapeRef.new(shape: ServiceMetadata)
|
1155
1157
|
|
1158
|
+
ServiceQuotaExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
|
1159
|
+
ServiceQuotaExceededException.struct_class = Types::ServiceQuotaExceededException
|
1160
|
+
|
1156
1161
|
Settings.add_member(:is_aws_org_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "isAwsOrgEnabled"))
|
1157
1162
|
Settings.add_member(:sns_topic, Shapes::ShapeRef.new(shape: SNSTopic, location_name: "snsTopic"))
|
1158
1163
|
Settings.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
|
@@ -1184,6 +1189,9 @@ module Aws::AuditManager
|
|
1184
1189
|
|
1185
1190
|
TagResourceResponse.struct_class = Types::TagResourceResponse
|
1186
1191
|
|
1192
|
+
ThrottlingException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
|
1193
|
+
ThrottlingException.struct_class = Types::ThrottlingException
|
1194
|
+
|
1187
1195
|
URL.add_member(:hyperlink_name, Shapes::ShapeRef.new(shape: HyperlinkName, location_name: "hyperlinkName"))
|
1188
1196
|
URL.add_member(:link, Shapes::ShapeRef.new(shape: UrlLink, location_name: "link"))
|
1189
1197
|
URL.struct_class = Types::URL
|
@@ -1400,6 +1408,7 @@ module Aws::AuditManager
|
|
1400
1408
|
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
1401
1409
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
1402
1410
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
1411
|
+
o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
|
1403
1412
|
end)
|
1404
1413
|
|
1405
1414
|
api.add_operation(:create_assessment_framework, Seahorse::Model::Operation.new.tap do |o|
|
@@ -1412,6 +1421,7 @@ module Aws::AuditManager
|
|
1412
1421
|
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
1413
1422
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
1414
1423
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
1424
|
+
o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
|
1415
1425
|
end)
|
1416
1426
|
|
1417
1427
|
api.add_operation(:create_assessment_report, Seahorse::Model::Operation.new.tap do |o|
|
@@ -1436,6 +1446,7 @@ module Aws::AuditManager
|
|
1436
1446
|
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
1437
1447
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
1438
1448
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
1449
|
+
o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
|
1439
1450
|
end)
|
1440
1451
|
|
1441
1452
|
api.add_operation(:delete_assessment, Seahorse::Model::Operation.new.tap do |o|
|
@@ -1971,6 +1982,7 @@ module Aws::AuditManager
|
|
1971
1982
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
1972
1983
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
1973
1984
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
1985
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
1974
1986
|
end)
|
1975
1987
|
|
1976
1988
|
api.add_operation(:register_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
@@ -2089,6 +2101,7 @@ module Aws::AuditManager
|
|
2089
2101
|
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
2090
2102
|
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
2091
2103
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
2104
|
+
o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
|
2092
2105
|
end)
|
2093
2106
|
|
2094
2107
|
api.add_operation(:update_control, Seahorse::Model::Operation.new.tap do |o|
|
@@ -30,6 +30,8 @@ module Aws::AuditManager
|
|
30
30
|
# * {AccessDeniedException}
|
31
31
|
# * {InternalServerException}
|
32
32
|
# * {ResourceNotFoundException}
|
33
|
+
# * {ServiceQuotaExceededException}
|
34
|
+
# * {ThrottlingException}
|
33
35
|
# * {ValidationException}
|
34
36
|
#
|
35
37
|
# Additionally, error classes are dynamically generated for service errors based on the error code
|
@@ -93,6 +95,36 @@ module Aws::AuditManager
|
|
93
95
|
end
|
94
96
|
end
|
95
97
|
|
98
|
+
class ServiceQuotaExceededException < ServiceError
|
99
|
+
|
100
|
+
# @param [Seahorse::Client::RequestContext] context
|
101
|
+
# @param [String] message
|
102
|
+
# @param [Aws::AuditManager::Types::ServiceQuotaExceededException] data
|
103
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
104
|
+
super(context, message, data)
|
105
|
+
end
|
106
|
+
|
107
|
+
# @return [String]
|
108
|
+
def message
|
109
|
+
@message || @data[:message]
|
110
|
+
end
|
111
|
+
end
|
112
|
+
|
113
|
+
class ThrottlingException < ServiceError
|
114
|
+
|
115
|
+
# @param [Seahorse::Client::RequestContext] context
|
116
|
+
# @param [String] message
|
117
|
+
# @param [Aws::AuditManager::Types::ThrottlingException] data
|
118
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
119
|
+
super(context, message, data)
|
120
|
+
end
|
121
|
+
|
122
|
+
# @return [String]
|
123
|
+
def message
|
124
|
+
@message || @data[:message]
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
96
128
|
class ValidationException < ServiceError
|
97
129
|
|
98
130
|
# @param [Seahorse::Client::RequestContext] context
|
@@ -278,8 +278,7 @@ module Aws::AuditManager
|
|
278
278
|
# @!attribute [rw] evidence_by_type_configuration_data_count
|
279
279
|
# The number of evidence that falls under the configuration data
|
280
280
|
# category. This evidence is collected from configuration snapshots of
|
281
|
-
# other Amazon Web Services
|
282
|
-
# IAM.
|
281
|
+
# other Amazon Web Services such as Amazon EC2, Amazon S3, or IAM.
|
283
282
|
# @return [Integer]
|
284
283
|
#
|
285
284
|
# @!attribute [rw] evidence_by_type_manual_count
|
@@ -1463,6 +1462,25 @@ module Aws::AuditManager
|
|
1463
1462
|
# @!attribute [rw] source_keyword
|
1464
1463
|
# The keyword to search for in CloudTrail logs, Config rules, Security
|
1465
1464
|
# Hub checks, and Amazon Web Services API names.
|
1465
|
+
#
|
1466
|
+
# To learn more about the supported keywords that you can use when
|
1467
|
+
# mapping a control data source, see the following pages in the *Audit
|
1468
|
+
# Manager User Guide*\:
|
1469
|
+
#
|
1470
|
+
# * [Config rules supported by Audit Manager][1]
|
1471
|
+
#
|
1472
|
+
# * [Security Hub controls supported by Audit Manager][2]
|
1473
|
+
#
|
1474
|
+
# * [API calls supported by Audit Manager][3]
|
1475
|
+
#
|
1476
|
+
# * [CloudTrail event names supported by Audit Manager][4]
|
1477
|
+
#
|
1478
|
+
#
|
1479
|
+
#
|
1480
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-ash.html
|
1481
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-config.html
|
1482
|
+
# [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html
|
1483
|
+
# [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html
|
1466
1484
|
# @return [Types::SourceKeyword]
|
1467
1485
|
#
|
1468
1486
|
# @!attribute [rw] source_frequency
|
@@ -1747,8 +1765,8 @@ module Aws::AuditManager
|
|
1747
1765
|
# },
|
1748
1766
|
# roles: [ # required
|
1749
1767
|
# {
|
1750
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
1751
|
-
# role_arn: "IamArn",
|
1768
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
1769
|
+
# role_arn: "IamArn", # required
|
1752
1770
|
# },
|
1753
1771
|
# ],
|
1754
1772
|
# framework_id: "UUID", # required
|
@@ -1858,6 +1876,25 @@ module Aws::AuditManager
|
|
1858
1876
|
# @!attribute [rw] source_keyword
|
1859
1877
|
# The keyword to search for in CloudTrail logs, Config rules, Security
|
1860
1878
|
# Hub checks, and Amazon Web Services API names.
|
1879
|
+
#
|
1880
|
+
# To learn more about the supported keywords that you can use when
|
1881
|
+
# mapping a control data source, see the following pages in the *Audit
|
1882
|
+
# Manager User Guide*\:
|
1883
|
+
#
|
1884
|
+
# * [Config rules supported by Audit Manager][1]
|
1885
|
+
#
|
1886
|
+
# * [Security Hub controls supported by Audit Manager][2]
|
1887
|
+
#
|
1888
|
+
# * [API calls supported by Audit Manager][3]
|
1889
|
+
#
|
1890
|
+
# * [CloudTrail event names supported by Audit Manager][4]
|
1891
|
+
#
|
1892
|
+
#
|
1893
|
+
#
|
1894
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-ash.html
|
1895
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-config.html
|
1896
|
+
# [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html
|
1897
|
+
# [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html
|
1861
1898
|
# @return [Types::SourceKeyword]
|
1862
1899
|
#
|
1863
1900
|
# @!attribute [rw] source_frequency
|
@@ -4174,8 +4211,8 @@ module Aws::AuditManager
|
|
4174
4211
|
# data as a hash:
|
4175
4212
|
#
|
4176
4213
|
# {
|
4177
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4178
|
-
# role_arn: "IamArn",
|
4214
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
4215
|
+
# role_arn: "IamArn", # required
|
4179
4216
|
# }
|
4180
4217
|
#
|
4181
4218
|
# @!attribute [rw] role_type
|
@@ -4274,6 +4311,28 @@ module Aws::AuditManager
|
|
4274
4311
|
include Aws::Structure
|
4275
4312
|
end
|
4276
4313
|
|
4314
|
+
# You've reached your account quota for this resource type. To perform
|
4315
|
+
# the requested action, delete some existing resources or [request a
|
4316
|
+
# quota increase][1] from the Service Quotas console. For a list of
|
4317
|
+
# Audit Manager service quotas, see [Quotas and restrictions for Audit
|
4318
|
+
# Manager][2].
|
4319
|
+
#
|
4320
|
+
#
|
4321
|
+
#
|
4322
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html
|
4323
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html
|
4324
|
+
#
|
4325
|
+
# @!attribute [rw] message
|
4326
|
+
# @return [String]
|
4327
|
+
#
|
4328
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/ServiceQuotaExceededException AWS API Documentation
|
4329
|
+
#
|
4330
|
+
class ServiceQuotaExceededException < Struct.new(
|
4331
|
+
:message)
|
4332
|
+
SENSITIVE = []
|
4333
|
+
include Aws::Structure
|
4334
|
+
end
|
4335
|
+
|
4277
4336
|
# The settings object that holds all supported Audit Manager settings.
|
4278
4337
|
#
|
4279
4338
|
# @!attribute [rw] is_aws_org_enabled
|
@@ -4312,6 +4371,25 @@ module Aws::AuditManager
|
|
4312
4371
|
# The keyword to search for in CloudTrail logs, Config rules, Security
|
4313
4372
|
# Hub checks, and Amazon Web Services API names.
|
4314
4373
|
#
|
4374
|
+
# To learn more about the supported keywords that you can use when
|
4375
|
+
# mapping a control data source, see the following pages in the *Audit
|
4376
|
+
# Manager User Guide*\:
|
4377
|
+
#
|
4378
|
+
# * [Config rules supported by Audit Manager][1]
|
4379
|
+
#
|
4380
|
+
# * [Security Hub controls supported by Audit Manager][2]
|
4381
|
+
#
|
4382
|
+
# * [API calls supported by Audit Manager][3]
|
4383
|
+
#
|
4384
|
+
# * [CloudTrail event names supported by Audit Manager][4]
|
4385
|
+
#
|
4386
|
+
#
|
4387
|
+
#
|
4388
|
+
# [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-ash.html
|
4389
|
+
# [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-config.html
|
4390
|
+
# [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html
|
4391
|
+
# [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html
|
4392
|
+
#
|
4315
4393
|
# @note When making an API call, you may pass SourceKeyword
|
4316
4394
|
# data as a hash:
|
4317
4395
|
#
|
@@ -4321,13 +4399,61 @@ module Aws::AuditManager
|
|
4321
4399
|
# }
|
4322
4400
|
#
|
4323
4401
|
# @!attribute [rw] keyword_input_type
|
4324
|
-
# The method
|
4402
|
+
# The input method for the keyword.
|
4325
4403
|
# @return [String]
|
4326
4404
|
#
|
4327
4405
|
# @!attribute [rw] keyword_value
|
4328
|
-
# The value of the keyword that's used
|
4329
|
-
#
|
4330
|
-
#
|
4406
|
+
# The value of the keyword that's used when mapping a control data
|
4407
|
+
# source. For example, this can be a CloudTrail event name, a rule
|
4408
|
+
# name for Config, a Security Hub control, or the name of an Amazon
|
4409
|
+
# Web Services API call.
|
4410
|
+
#
|
4411
|
+
# If you’re mapping a data source to a rule in Config, the
|
4412
|
+
# `keywordValue` that you specify depends on the type of rule:
|
4413
|
+
#
|
4414
|
+
# * For [managed rules][1], you can use the rule identifier as the
|
4415
|
+
# `keywordValue`. You can find the rule identifier from the [list of
|
4416
|
+
# Config managed rules][2].
|
4417
|
+
#
|
4418
|
+
# * Managed rule name: [s3-bucket-acl-prohibited][3]
|
4419
|
+
#
|
4420
|
+
# `keywordValue`\: `S3_BUCKET_ACL_PROHIBITED`
|
4421
|
+
#
|
4422
|
+
# * For [custom rules][4], you form the `keywordValue` by adding the
|
4423
|
+
# `Custom_` prefix to the rule name. This prefix distinguishes the
|
4424
|
+
# rule from a managed rule.
|
4425
|
+
#
|
4426
|
+
# * Custom rule name: my-custom-config-rule
|
4427
|
+
#
|
4428
|
+
# `keywordValue`\: `Custom_my-custom-config-rule`
|
4429
|
+
#
|
4430
|
+
# * For [service-linked rules][5], you form the `keywordValue` by
|
4431
|
+
# adding the `Custom_` prefix to the rule name. In addition, you
|
4432
|
+
# remove the suffix ID that appears at the end of the rule name.
|
4433
|
+
#
|
4434
|
+
# * Service-linked rule name:
|
4435
|
+
# CustomRuleForAccount-conformance-pack-szsm1uv0w
|
4436
|
+
#
|
4437
|
+
# `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
|
4438
|
+
#
|
4439
|
+
# * Service-linked rule name:
|
4440
|
+
# securityhub-api-gw-cache-encrypted-101104e1
|
4441
|
+
#
|
4442
|
+
# `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
|
4443
|
+
#
|
4444
|
+
# * Service-linked rule name:
|
4445
|
+
# OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
|
4446
|
+
#
|
4447
|
+
# `keywordValue`\:
|
4448
|
+
# `Custom_OrgConfigRule-s3-bucket-versioning-enabled`
|
4449
|
+
#
|
4450
|
+
#
|
4451
|
+
#
|
4452
|
+
# [1]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html
|
4453
|
+
# [2]: https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html
|
4454
|
+
# [3]: https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-acl-prohibited.html
|
4455
|
+
# [4]: https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html
|
4456
|
+
# [5]: https://docs.aws.amazon.com/config/latest/developerguide/service-linked-awsconfig-rules.html
|
4331
4457
|
# @return [String]
|
4332
4458
|
#
|
4333
4459
|
# @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/SourceKeyword AWS API Documentation
|
@@ -4420,6 +4546,19 @@ module Aws::AuditManager
|
|
4420
4546
|
#
|
4421
4547
|
class TagResourceResponse < Aws::EmptyStructure; end
|
4422
4548
|
|
4549
|
+
# The request was denied due to request throttling.
|
4550
|
+
#
|
4551
|
+
# @!attribute [rw] message
|
4552
|
+
# @return [String]
|
4553
|
+
#
|
4554
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/ThrottlingException AWS API Documentation
|
4555
|
+
#
|
4556
|
+
class ThrottlingException < Struct.new(
|
4557
|
+
:message)
|
4558
|
+
SENSITIVE = []
|
4559
|
+
include Aws::Structure
|
4560
|
+
end
|
4561
|
+
|
4423
4562
|
# Short for uniform resource locator. A URL is used as a unique
|
4424
4563
|
# identifier to locate a resource on the internet.
|
4425
4564
|
#
|
@@ -4751,8 +4890,8 @@ module Aws::AuditManager
|
|
4751
4890
|
# },
|
4752
4891
|
# roles: [
|
4753
4892
|
# {
|
4754
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4755
|
-
# role_arn: "IamArn",
|
4893
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
4894
|
+
# role_arn: "IamArn", # required
|
4756
4895
|
# },
|
4757
4896
|
# ],
|
4758
4897
|
# }
|
@@ -4940,8 +5079,8 @@ module Aws::AuditManager
|
|
4940
5079
|
# },
|
4941
5080
|
# default_process_owners: [
|
4942
5081
|
# {
|
4943
|
-
# role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
|
4944
|
-
# role_arn: "IamArn",
|
5082
|
+
# role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
|
5083
|
+
# role_arn: "IamArn", # required
|
4945
5084
|
# },
|
4946
5085
|
# ],
|
4947
5086
|
# kms_key: "KmsKey",
|
data/lib/aws-sdk-auditmanager.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-auditmanager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.26.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-07-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|