RubyGems - aws-sdk-auditmanager - Versions diffs - 1.27.0 → 1.28.0 - Mend

aws-sdk-auditmanager 1.27.0 → 1.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-auditmanager/client.rb +135 -29
data/lib/aws-sdk-auditmanager/client_api.rb +15 -0
data/lib/aws-sdk-auditmanager/types.rb +174 -19
data/lib/aws-sdk-auditmanager.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36c547104a75ab6080ecd324e66c3700e47858a41784746af85c69afd4e03159
-  data.tar.gz: e2dcb630a75347b53a3aa46de94f75ea28b703148b00f96f785558d475f0779c
+  metadata.gz: 14c9a2bbba11aa4991946da8d6a60d605977a49c1b5a66e6dd8cfe1bd4d497c4
+  data.tar.gz: 0135c251504249a65941fa1b72f2305b699860d26777f731a96d8ef2459aa797
 SHA512:
-  metadata.gz: afe0d546cddcbad7595b08eb087789606b2e5229255b169aa70c571a3d95b3e884f5e5d82af126ce323c96a5b4b5ddc85038fee37f800768c819cc264b0451ca
-  data.tar.gz: 2bc984898c428784d1160c9b69b540db99760a71f8d56c7b916ef43cccb110fb66d5a94f8a99110acbb8f8a72d0922ae07ae12c64c9e6b31a891c5210c3c0522
+  metadata.gz: 1f3240882caa2165a12ad980d32aac132cebb882785a6a86b7bc355050a7d912363d96cef586d2e6f6ac35fe26a1490c4edf7d2f7acc6e47b164f7581156c5e1
+  data.tar.gz: d0db54b1830a2f41a9f80a29780a2033d8c1c620ffea16ee120579090bb2fa40c7680207ff00cdbae12b142a52228a0867844bbc14b9f162d57f742081df590c

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.28.0 (2022-11-18)
+------------------
+* Feature - This release introduces a new feature for Audit Manager: Evidence finder. You can now use evidence finder to quickly query your evidence, and add the matching evidence results to an assessment report.
 1.27.0 (2022-10-25)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.27.0
1	+ 1.28.0

data/lib/aws-sdk-auditmanager/client.rb CHANGED Viewed

@@ -575,7 +575,33 @@ module Aws::AuditManager
     end
     # Uploads one or more pieces of evidence to a control in an Audit
-    # Manager assessment.
+    # Manager assessment. You can upload manual evidence from any Amazon
+    # Simple Storage Service (Amazon S3) bucket by specifying the S3 URI of
+    # the evidence.
+    #
+    # You must upload manual evidence to your S3 bucket before you can
+    # upload it to your assessment. For instructions, see [CreateBucket][1]
+    # and [PutObject][2] in the *Amazon Simple Storage Service API
+    # Reference.*
+    #
+    # The following restrictions apply to this action:
+    #
+    # * Maximum size of an individual evidence file: 100 MB
+    #
+    # * Number of daily manual evidence uploads per control: 100
+    #
+    # * Supported file formats: See [Supported file types for manual
+    #   evidence][3] in the *Audit Manager User Guide*
+    #
+    # For more information about Audit Manager service restrictions, see
+    # [Quotas and restrictions for Audit Manager][4].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html#supported-manual-evidence-files
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html
     #
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
@@ -885,6 +911,30 @@ module Aws::AuditManager
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
     #
+    # @option params [String] :query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment report
+    #   from the results of an evidence finder search query. When you use this
+    #   parameter, Audit Manager generates a one-time report using only the
+    #   evidence from the query output. This report does not include any
+    #   assessment evidence that was manually [added to a report using the
+    #   console][1], or [associated with a report using the API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the AWS
+    #   Audit Manager User Guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_EvidenceFinderSetup.html#auditmanager-Type-EvidenceFinderSetup-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #
     # @return [Types::CreateAssessmentReportResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateAssessmentReportResponse#assessment_report #assessment_report} => Types::AssessmentReport
@@ -895,6 +945,7 @@ module Aws::AuditManager
     #     name: "AssessmentReportName", # required
     #     description: "AssessmentReportDescription",
     #     assessment_id: "UUID", # required
+    #     query_statement: "QueryStatement",
     #   })
     #
     # @example Response structure
@@ -1227,48 +1278,65 @@ module Aws::AuditManager
     # Audit Manager will stop collecting and attaching evidence to that
     # delegated administrator account moving forward.
     #
-    # <note markdown="1"> When you deregister a delegated administrator account for Audit
+    # Keep in mind the following cleanup task if you use evidence finder:
+    #
+    #  Before you use your management account to remove a delegated
+    # administrator, make sure that the current delegated administrator
+    # account signs in to Audit Manager and disables evidence finder first.
+    # Disabling evidence finder automatically deletes the event data store
+    # that was created in their account when they enabled evidence finder.
+    # If this task isn’t completed, the event data store remains in their
+    # account. In this case, we recommend that the original delegated
+    # administrator goes to CloudTrail Lake and manually [deletes the event
+    # data store][1].
+    #
+    #  This cleanup task is necessary to ensure that you don't end up with
+    # multiple event data stores. Audit Manager will ignore an unused event
+    # data store after you remove or change a delegated administrator
+    # account. However, the unused event data store continues to incur
+    # storage costs from CloudTrail Lake if you don't delete it.
+    #
+    # When you deregister a delegated administrator account for Audit
     # Manager, the data for that account isn’t deleted. If you want to
     # delete resource data for a delegated administrator account, you must
     # perform that task separately before you deregister the account.
     # Either, you can do this in the Audit Manager console. Or, you can use
     # one of the delete API operations that are provided by Audit Manager.
     #
-    #  To delete your Audit Manager resource data, see the following
+    # To delete your Audit Manager resource data, see the following
     # instructions:
     #
-    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
+    # * [DeleteAssessment][2] (see also: [Deleting an assessment][3] in the
     #   *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
-    #   framework][4] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFramework][4] (see also: [Deleting a custom
+    #   framework][5] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
-    #   request][6] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFrameworkShare][6] (see also: [Deleting a share
+    #   request][7] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
-    #   report][8] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentReport][8] (see also: [Deleting an assessment
+    #   report][9] in the *Audit Manager User Guide*)
     #
-    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
-    #   *Audit Manager User Guide*)
+    # * [DeleteControl][10] (see also: [Deleting a custom control][11] in
+    #   the *Audit Manager User Guide*)
     #
-    #  At this time, Audit Manager doesn't provide an option to delete
+    # At this time, Audit Manager doesn't provide an option to delete
     # evidence. All available delete operations are listed above.
     #
-    #  </note>
     #
     #
-    #
-    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
-    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
-    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
-    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
-    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
-    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
-    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
-    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
-    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
-    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    # [1]: https://docs.aws.amazon.com/userguide/awscloudtrail/latest/userguide/query-eds-disable-termination.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
+    # [5]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
+    # [6]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
+    # [7]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
+    # [8]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
+    # [9]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
+    # [10]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
+    # [11]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
     #
     # @option params [String] :admin_account_id
     #   The identifier for the administrator account.
@@ -1734,6 +1802,7 @@ module Aws::AuditManager
     #   resp.evidence.resources_included #=> Array
     #   resp.evidence.resources_included[0].arn #=> String
     #   resp.evidence.resources_included[0].value #=> String
+    #   resp.evidence.resources_included[0].compliance_check #=> String
     #   resp.evidence.attributes #=> Hash
     #   resp.evidence.attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence.iam_id #=> String
@@ -1801,6 +1870,7 @@ module Aws::AuditManager
     #   resp.evidence[0].resources_included #=> Array
     #   resp.evidence[0].resources_included[0].arn #=> String
     #   resp.evidence[0].resources_included[0].value #=> String
+    #   resp.evidence[0].resources_included[0].compliance_check #=> String
     #   resp.evidence[0].attributes #=> Hash
     #   resp.evidence[0].attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence[0].iam_id #=> String
@@ -2084,8 +2154,15 @@ module Aws::AuditManager
       req.send_request(options)
     end
-    # Returns a list of the in-scope Amazon Web Services for the specified
-    # assessment.
+    # Returns a list of all of the Amazon Web Services that you can choose
+    # to include in your assessment. When you [create an assessment][1],
+    # specify which of these services you want to include to narrow the
+    # assessment's [scope][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_Scope.html
     #
     # @return [Types::GetServicesInScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2120,7 +2197,7 @@ module Aws::AuditManager
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_settings({
-    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
+    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS, EVIDENCE_FINDER_ENABLEMENT
     #   })
     #
     # @example Response structure
@@ -2133,6 +2210,10 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/GetSettings AWS API Documentation
     #
@@ -3603,6 +3684,26 @@ module Aws::AuditManager
     # @option params [String] :kms_key
     #   The KMS key details.
     #
+    # @option params [Boolean] :evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change this
+    #   attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit Manager
+    #   deletes the event data store that’s used to query your evidence data.
+    #   As a result, you can’t re-enable evidence finder and use the feature
+    #   again. Your only alternative is to [deregister][1] and then
+    #   [re-register][2] Audit Manager.
+    #
+    #    Disabling evidence finder is permanent, so consider this decision
+    #   carefully before you proceed. If you’re using Audit Manager as a
+    #   delegated administrator, keep in mind that this action applies to all
+    #   member accounts in your organization.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #
     # @return [Types::UpdateSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateSettingsResponse#settings #settings} => Types::Settings
@@ -3622,6 +3723,7 @@ module Aws::AuditManager
     #       },
     #     ],
     #     kms_key: "KmsKey",
+    #     evidence_finder_enabled: false,
     #   })
     #
     # @example Response structure
@@ -3634,6 +3736,10 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettings AWS API Documentation
     #
@@ -3695,7 +3801,7 @@ module Aws::AuditManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-auditmanager'
-      context[:gem_version] = '1.27.0'
+      context[:gem_version] = '1.28.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-auditmanager/client_api.rb CHANGED Viewed

@@ -75,6 +75,7 @@ module Aws::AuditManager
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ChangeLog = Shapes::StructureShape.new(name: 'ChangeLog')
     ChangeLogs = Shapes::ListShape.new(name: 'ChangeLogs')
+    CloudTrailArn = Shapes::StringShape.new(name: 'CloudTrailArn')
     ComplianceType = Shapes::StringShape.new(name: 'ComplianceType')
     Control = Shapes::StructureShape.new(name: 'Control')
     ControlComment = Shapes::StructureShape.new(name: 'ControlComment')
@@ -152,6 +153,9 @@ module Aws::AuditManager
     EvidenceAttributeKey = Shapes::StringShape.new(name: 'EvidenceAttributeKey')
     EvidenceAttributeValue = Shapes::StringShape.new(name: 'EvidenceAttributeValue')
     EvidenceAttributes = Shapes::MapShape.new(name: 'EvidenceAttributes')
+    EvidenceFinderBackfillStatus = Shapes::StringShape.new(name: 'EvidenceFinderBackfillStatus')
+    EvidenceFinderEnablement = Shapes::StructureShape.new(name: 'EvidenceFinderEnablement')
+    EvidenceFinderEnablementStatus = Shapes::StringShape.new(name: 'EvidenceFinderEnablementStatus')
     EvidenceIds = Shapes::ListShape.new(name: 'EvidenceIds')
     EvidenceInsights = Shapes::StructureShape.new(name: 'EvidenceInsights')
     EvidenceList = Shapes::ListShape.new(name: 'EvidenceList')
@@ -242,6 +246,7 @@ module Aws::AuditManager
     Notifications = Shapes::ListShape.new(name: 'Notifications')
     NullableInteger = Shapes::IntegerShape.new(name: 'NullableInteger')
     ObjectTypeEnum = Shapes::StringShape.new(name: 'ObjectTypeEnum')
+    QueryStatement = Shapes::StringShape.new(name: 'QueryStatement')
     Region = Shapes::StringShape.new(name: 'Region')
     RegisterAccountRequest = Shapes::StructureShape.new(name: 'RegisterAccountRequest')
     RegisterAccountResponse = Shapes::StructureShape.new(name: 'RegisterAccountResponse')
@@ -668,6 +673,7 @@ module Aws::AuditManager
     CreateAssessmentReportRequest.add_member(:name, Shapes::ShapeRef.new(shape: AssessmentReportName, required: true, location_name: "name"))
     CreateAssessmentReportRequest.add_member(:description, Shapes::ShapeRef.new(shape: AssessmentReportDescription, location_name: "description"))
     CreateAssessmentReportRequest.add_member(:assessment_id, Shapes::ShapeRef.new(shape: UUID, required: true, location: "uri", location_name: "assessmentId"))
+    CreateAssessmentReportRequest.add_member(:query_statement, Shapes::ShapeRef.new(shape: QueryStatement, location_name: "queryStatement"))
     CreateAssessmentReportRequest.struct_class = Types::CreateAssessmentReportRequest
     CreateAssessmentReportResponse.add_member(:assessment_report, Shapes::ShapeRef.new(shape: AssessmentReport, location_name: "assessmentReport"))
@@ -807,6 +813,12 @@ module Aws::AuditManager
     EvidenceAttributes.key = Shapes::ShapeRef.new(shape: EvidenceAttributeKey)
     EvidenceAttributes.value = Shapes::ShapeRef.new(shape: EvidenceAttributeValue)
+    EvidenceFinderEnablement.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: CloudTrailArn, location_name: "eventDataStoreArn"))
+    EvidenceFinderEnablement.add_member(:enablement_status, Shapes::ShapeRef.new(shape: EvidenceFinderEnablementStatus, location_name: "enablementStatus"))
+    EvidenceFinderEnablement.add_member(:backfill_status, Shapes::ShapeRef.new(shape: EvidenceFinderBackfillStatus, location_name: "backfillStatus"))
+    EvidenceFinderEnablement.add_member(:error, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "error"))
+    EvidenceFinderEnablement.struct_class = Types::EvidenceFinderEnablement
     EvidenceIds.member = Shapes::ShapeRef.new(shape: UUID)
     EvidenceInsights.add_member(:noncompliant_evidence_count, Shapes::ShapeRef.new(shape: NullableInteger, location_name: "noncompliantEvidenceCount"))
@@ -1128,6 +1140,7 @@ module Aws::AuditManager
     Resource.add_member(:arn, Shapes::ShapeRef.new(shape: GenericArn, location_name: "arn"))
     Resource.add_member(:value, Shapes::ShapeRef.new(shape: String, location_name: "value"))
+    Resource.add_member(:compliance_check, Shapes::ShapeRef.new(shape: String, location_name: "complianceCheck"))
     Resource.struct_class = Types::Resource
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -1163,6 +1176,7 @@ module Aws::AuditManager
     Settings.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     Settings.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     Settings.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    Settings.add_member(:evidence_finder_enablement, Shapes::ShapeRef.new(shape: EvidenceFinderEnablement, location_name: "evidenceFinderEnablement"))
     Settings.struct_class = Types::Settings
     SourceKeyword.add_member(:keyword_input_type, Shapes::ShapeRef.new(shape: KeywordInputType, location_name: "keywordInputType"))
@@ -1280,6 +1294,7 @@ module Aws::AuditManager
     UpdateSettingsRequest.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     UpdateSettingsRequest.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     UpdateSettingsRequest.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    UpdateSettingsRequest.add_member(:evidence_finder_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "evidenceFinderEnabled"))
     UpdateSettingsRequest.struct_class = Types::UpdateSettingsRequest
     UpdateSettingsResponse.add_member(:settings, Shapes::ShapeRef.new(shape: Settings, location_name: "settings"))

data/lib/aws-sdk-auditmanager/types.rb CHANGED Viewed

@@ -691,19 +691,19 @@ module Aws::AuditManager
       include Aws::Structure
     end
-    # An error entity for the `AssessmentReportEvidence` API. This is used
-    # to provide more meaningful errors than a simple string message.
+    # An error entity for assessment report evidence errors. This is used to
+    # provide more meaningful errors than a simple string message.
     #
     # @!attribute [rw] evidence_id
     #   The identifier for the evidence.
     #   @return [String]
     #
     # @!attribute [rw] error_code
-    #   The error code that the `AssessmentReportEvidence` API returned.
+    #   The error code that was returned.
     #   @return [String]
     #
     # @!attribute [rw] error_message
-    #   The error message that the `AssessmentReportEvidence` API returned.
+    #   The error message that was returned.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/AssessmentReportEvidenceError AWS API Documentation
@@ -1224,7 +1224,7 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] control_sources
-    #   The data source that determines where Audit Manager collects
+    #   The data source types that determine where Audit Manager collects
     #   evidence from for the control.
     #   @return [String]
     #
@@ -1702,6 +1702,7 @@ module Aws::AuditManager
     #         name: "AssessmentReportName", # required
     #         description: "AssessmentReportDescription",
     #         assessment_id: "UUID", # required
+    #         query_statement: "QueryStatement",
     #       }
     #
     # @!attribute [rw] name
@@ -1716,12 +1717,39 @@ module Aws::AuditManager
     #   The identifier for the assessment.
     #   @return [String]
     #
+    # @!attribute [rw] query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment
+    #   report from the results of an evidence finder search query. When you
+    #   use this parameter, Audit Manager generates a one-time report using
+    #   only the evidence from the query output. This report does not
+    #   include any assessment evidence that was manually [added to a report
+    #   using the console][1], or [associated with a report using the
+    #   API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the
+    #   AWS Audit Manager User Guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_EvidenceFinderSetup.html#auditmanager-Type-EvidenceFinderSetup-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/CreateAssessmentReportRequest AWS API Documentation
     #
     class CreateAssessmentReportRequest < Struct.new(
       :name,
       :description,
-      :assessment_id)
+      :assessment_id,
+      :query_statement)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2413,10 +2441,24 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] compliance_check
-    #   The evaluation status for evidence that falls under the compliance
-    #   check category. For evidence collected from Security Hub, a *Pass*
-    #   or *Fail* result is shown. For evidence collected from Config, a
-    #   *Compliant* or *Noncompliant* result is shown.
+    #   The evaluation status for automated evidence that falls under the
+    #   compliance check category.
+    #
+    #   * Audit Manager classes evidence as non-compliant if Security Hub
+    #     reports a *Fail* result, or if Config reports a *Non-compliant*
+    #     result.
+    #
+    #   * Audit Manager classes evidence as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that evidence. This is the
+    #     case if the evidence uses Config or Security Hub as the underlying
+    #     data source type, but those services aren't enabled. This is also
+    #     the case if the evidence uses an underlying data source type that
+    #     doesn't support compliance checks (such as manual evidence,
+    #     Amazon Web Services API calls, or CloudTrail).
     #   @return [String]
     #
     # @!attribute [rw] aws_organization
@@ -2462,6 +2504,73 @@ module Aws::AuditManager
       include Aws::Structure
     end
+    # The settings object that specifies whether evidence finder is enabled.
+    # This object also describes the related event data store, and the
+    # backfill status for populating the event data store with evidence
+    # data.
+    #
+    # @!attribute [rw] event_data_store_arn
+    #   The Amazon Resource Name (ARN) of the CloudTrail Lake event data
+    #   store that’s used by evidence finder. The event data store is the
+    #   lake of evidence data that evidence finder runs queries against.
+    #   @return [String]
+    #
+    # @!attribute [rw] enablement_status
+    #   The current status of the evidence finder feature and the related
+    #   event data store.
+    #
+    #   * `ENABLE_IN_PROGRESS` means that you requested to enable evidence
+    #     finder. An event data store is currently being created to support
+    #     evidence finder queries.
+    #
+    #   * `ENABLED` means that an event data store was successfully created
+    #     and evidence finder is enabled. We recommend that you wait 24
+    #     hours until the event data store is backfilled with your past
+    #     evidence data. You can use evidence finder in the meantime, but
+    #     not all data might be available until the backfill is complete.
+    #
+    #   * `DISABLE_IN_PROGRESS` means that you requested to disable evidence
+    #     finder, and your request is pending the deletion of the event data
+    #     store.
+    #
+    #   * `DISABLED` means that you have permanently disabled evidence
+    #     finder and the event data store has been deleted. You can't
+    #     re-enable evidence finder after this point.
+    #   @return [String]
+    #
+    # @!attribute [rw] backfill_status
+    #   The current status of the evidence data backfill process.
+    #
+    #   The backfill starts after you enable evidence finder. During this
+    #   task, Audit Manager populates an event data store with your past
+    #   evidence data so that your evidence can be queried.
+    #
+    #   * `NOT_STARTED` means that the backfill hasn’t started yet.
+    #
+    #   * `IN_PROGRESS` means that the backfill is in progress. This can
+    #     take up to 24 hours to complete, depending on the amount of
+    #     evidence data.
+    #
+    #   * `COMPLETED` means that the backfill is complete. All of your past
+    #     evidence is now queryable.
+    #   @return [String]
+    #
+    # @!attribute [rw] error
+    #   Represents any errors that occurred when enabling or disabling
+    #   evidence finder.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/EvidenceFinderEnablement AWS API Documentation
+    #
+    class EvidenceFinderEnablement < Struct.new(
+      :event_data_store_arn,
+      :enablement_status,
+      :backfill_status,
+      :error)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # A breakdown of the latest compliance check status for the evidence in
     # your Audit Manager assessments.
     #
@@ -3240,7 +3349,7 @@ module Aws::AuditManager
     #   data as a hash:
     #
     #       {
-    #         attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
+    #         attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS, EVIDENCE_FINDER_ENABLEMENT
     #       }
     #
     # @!attribute [rw] attribute
@@ -4171,11 +4280,34 @@ module Aws::AuditManager
     #   The value of the resource.
     #   @return [String]
     #
+    # @!attribute [rw] compliance_check
+    #   The evaluation status for a resource that was assessed when
+    #   collecting compliance check evidence.
+    #
+    #   * Audit Manager classes the resource as non-compliant if Security
+    #     Hub reports a *Fail* result, or if Config reports a
+    #     *Non-compliant* result.
+    #
+    #   * Audit Manager classes the resource as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that resource. This is the
+    #     case if a resource assessment uses Config or Security Hub as the
+    #     underlying data source type, but those services aren't enabled.
+    #     This is also the case if the resource assessment uses an
+    #     underlying data source type that doesn't support compliance
+    #     checks (such as manual evidence, Amazon Web Services API calls, or
+    #     CloudTrail).
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Resource AWS API Documentation
     #
     class Resource < Struct.new(
       :arn,
-      :value)
+      :value,
+      :compliance_check)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4356,6 +4488,10 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enablement
+    #   The current evidence finder status and event data store details.
+    #   @return [Types::EvidenceFinderEnablement]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Settings AWS API Documentation
     #
     class Settings < Struct.new(
@@ -4363,7 +4499,8 @@ module Aws::AuditManager
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enablement)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4437,11 +4574,6 @@ module Aws::AuditManager
     #       `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
     #
     #     * Service-linked rule name:
-    #       securityhub-api-gw-cache-encrypted-101104e1
-    #
-    #       `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
-    #
-    #     * Service-linked rule name:
     #       OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
     #
     #       `keywordValue`\:
@@ -5084,6 +5216,7 @@ module Aws::AuditManager
     #           },
     #         ],
     #         kms_key: "KmsKey",
+    #         evidence_finder_enabled: false,
     #       }
     #
     # @!attribute [rw] sns_topic
@@ -5103,13 +5236,35 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change
+    #   this attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit
+    #   Manager deletes the event data store that’s used to query your
+    #   evidence data. As a result, you can’t re-enable evidence finder and
+    #   use the feature again. Your only alternative is to [deregister][1]
+    #   and then [re-register][2] Audit Manager.
+    #
+    #    Disabling evidence finder is permanent, so consider this decision
+    #   carefully before you proceed. If you’re using Audit Manager as a
+    #   delegated administrator, keep in mind that this action applies to
+    #   all member accounts in your organization.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettingsRequest AWS API Documentation
     #
     class UpdateSettingsRequest < Struct.new(
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enabled)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-auditmanager.rb CHANGED Viewed

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-auditmanager/customizations'
 # @!group service
 module Aws::AuditManager
-  GEM_VERSION = '1.27.0'
+  GEM_VERSION = '1.28.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-auditmanager
 version: !ruby/object:Gem::Version
-  version: 1.27.0
+  version: 1.28.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-25 00:00:00.000000000 Z
+date: 2022-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core