aws-sdk-auditmanager 1.27.0 → 1.29.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36c547104a75ab6080ecd324e66c3700e47858a41784746af85c69afd4e03159
-  data.tar.gz: e2dcb630a75347b53a3aa46de94f75ea28b703148b00f96f785558d475f0779c
+  metadata.gz: 8972e9bd0e4f608a9096f41e7ef3013337d9ce4bfd9cc11647a61b4f65d5d2f6
+  data.tar.gz: 1a1490c229c96eff6033aa840f1d2895d8e967cc89bdec4713decd18bdea91e6
 SHA512:
-  metadata.gz: afe0d546cddcbad7595b08eb087789606b2e5229255b169aa70c571a3d95b3e884f5e5d82af126ce323c96a5b4b5ddc85038fee37f800768c819cc264b0451ca
-  data.tar.gz: 2bc984898c428784d1160c9b69b540db99760a71f8d56c7b916ef43cccb110fb66d5a94f8a99110acbb8f8a72d0922ae07ae12c64c9e6b31a891c5210c3c0522
+  metadata.gz: 143d79930226e388f6e6eeaf246ac62d3e2f20d81f8778dfc1d0b616bee419a9b3d9d7563469792021559958c5bc2c8459f6bd95037f98df2fed2e0196fd9d61
+  data.tar.gz: afe797c8b860542d42ffbc6c3a5eed1edee8090ef2409f1102a8f80b589c846bd5b526d0a71668f705d28872d1dd9222e8ca48be0ca5f50f1b0ed4ddcec31d69

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.29.0 (2023-01-06)
+------------------
+
+* Feature - This release introduces a new data retention option in your Audit Manager settings. You can now use the DeregistrationPolicy parameter to specify if you want to delete your data when you deregister Audit Manager.
+
+1.28.0 (2022-11-18)
+------------------
+
+* Feature - This release introduces a new feature for Audit Manager: Evidence finder. You can now use evidence finder to quickly query your evidence, and add the matching evidence results to an assessment report.
+
 1.27.0 (2022-10-25)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.27.0
+1.29.0

data/lib/aws-sdk-auditmanager/client.rb

@@ -368,7 +368,7 @@ module Aws::AuditManager
 
     # @!group API Operations
 
-    # Associates an evidence folder to an assessment report in a Audit
+    # Associates an evidence folder to an assessment report in an Audit
     # Manager assessment.
     #
     # @option params [required, String] :assessment_id
@@ -575,7 +575,33 @@ module Aws::AuditManager
     end
 
     # Uploads one or more pieces of evidence to a control in an Audit
-    # Manager assessment.
+    # Manager assessment. You can upload manual evidence from any Amazon
+    # Simple Storage Service (Amazon S3) bucket by specifying the S3 URI of
+    # the evidence.
+    #
+    # You must upload manual evidence to your S3 bucket before you can
+    # upload it to your assessment. For instructions, see [CreateBucket][1]
+    # and [PutObject][2] in the *Amazon Simple Storage Service API
+    # Reference.*
+    #
+    # The following restrictions apply to this action:
+    #
+    # * Maximum size of an individual evidence file: 100 MB
+    #
+    # * Number of daily manual evidence uploads per control: 100
+    #
+    # * Supported file formats: See [Supported file types for manual
+    #   evidence][3] in the *Audit Manager User Guide*
+    #
+    # For more information about Audit Manager service restrictions, see
+    # [Quotas and restrictions for Audit Manager][4].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html#supported-manual-evidence-files
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html
     #
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
@@ -885,6 +911,30 @@ module Aws::AuditManager
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
     #
+    # @option params [String] :query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment report
+    #   from the results of an evidence finder search query. When you use this
+    #   parameter, Audit Manager generates a one-time report using only the
+    #   evidence from the query output. This report does not include any
+    #   assessment evidence that was manually [added to a report using the
+    #   console][1], or [associated with a report using the API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the
+    #   *Audit Manager User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_EvidenceFinderEnablement.html#auditmanager-Type-EvidenceFinderEnablement-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #
     # @return [Types::CreateAssessmentReportResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateAssessmentReportResponse#assessment_report #assessment_report} => Types::AssessmentReport
@@ -895,6 +945,7 @@ module Aws::AuditManager
     #     name: "AssessmentReportName", # required
     #     description: "AssessmentReportDescription",
     #     assessment_id: "UUID", # required
+    #     query_statement: "QueryStatement",
     #   })
     #
     # @example Response structure
@@ -1158,47 +1209,21 @@ module Aws::AuditManager
 
     # Deregisters an account in Audit Manager.
     #
-    # <note markdown="1"> When you deregister your account from Audit Manager, your data isn’t
-    # deleted. If you want to delete your resource data, you must perform
-    # that task separately before you deregister your account. Either, you
-    # can do this in the Audit Manager console. Or, you can use one of the
-    # delete API operations that are provided by Audit Manager.
-    #
-    #  To delete your Audit Manager resource data, see the following
-    # instructions:
-    #
-    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
-    #   *Audit Manager User Guide*)
-    #
-    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
-    #   framework][4] in the *Audit Manager User Guide*)
-    #
-    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
-    #   request][6] in the *Audit Manager User Guide*)
-    #
-    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
-    #   report][8] in the *Audit Manager User Guide*)
-    #
-    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
-    #   *Audit Manager User Guide*)
+    # <note markdown="1"> Before you deregister, you can use the [UpdateSettings][1] API
+    # operation to set your preferred data retention policy. By default,
+    # Audit Manager retains your data. If you want to delete your data, you
+    # can use the `DeregistrationPolicy` attribute to request the deletion
+    # of your data.
     #
-    #  At this time, Audit Manager doesn't provide an option to delete
-    # evidence. All available delete operations are listed above.
+    #  For more information about data retention, see [Data Protection][2] in
+    # the *Audit Manager User Guide*.
     #
     #  </note>
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
-    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
-    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
-    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
-    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
-    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
-    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
-    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
-    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
-    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateSettings.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html
     #
     # @return [Types::DeregisterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1224,51 +1249,71 @@ module Aws::AuditManager
     # settings, you continue to have access to the evidence that you
     # previously collected under that account. This is also the case when
     # you deregister a delegated administrator from Organizations. However,
-    # Audit Manager will stop collecting and attaching evidence to that
+    # Audit Manager stops collecting and attaching evidence to that
     # delegated administrator account moving forward.
     #
-    # <note markdown="1"> When you deregister a delegated administrator account for Audit
+    # Keep in mind the following cleanup task if you use evidence finder:
+    #
+    #  Before you use your management account to remove a delegated
+    # administrator, make sure that the current delegated administrator
+    # account signs in to Audit Manager and disables evidence finder first.
+    # Disabling evidence finder automatically deletes the event data store
+    # that was created in their account when they enabled evidence finder.
+    # If this task isn’t completed, the event data store remains in their
+    # account. In this case, we recommend that the original delegated
+    # administrator goes to CloudTrail Lake and manually [deletes the event
+    # data store][1].
+    #
+    #  This cleanup task is necessary to ensure that you don't end up with
+    # multiple event data stores. Audit Manager ignores an unused event data
+    # store after you remove or change a delegated administrator account.
+    # However, the unused event data store continues to incur storage costs
+    # from CloudTrail Lake if you don't delete it.
+    #
+    # When you deregister a delegated administrator account for Audit
     # Manager, the data for that account isn’t deleted. If you want to
     # delete resource data for a delegated administrator account, you must
     # perform that task separately before you deregister the account.
     # Either, you can do this in the Audit Manager console. Or, you can use
     # one of the delete API operations that are provided by Audit Manager.
     #
-    #  To delete your Audit Manager resource data, see the following
+    # To delete your Audit Manager resource data, see the following
     # instructions:
     #
-    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
+    # * [DeleteAssessment][2] (see also: [Deleting an assessment][3] in the
     #   *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
-    #   framework][4] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFramework][4] (see also: [Deleting a custom
+    #   framework][5] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
-    #   request][6] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFrameworkShare][6] (see also: [Deleting a share
+    #   request][7] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
-    #   report][8] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentReport][8] (see also: [Deleting an assessment
+    #   report][9] in the *Audit Manager User Guide*)
     #
-    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
-    #   *Audit Manager User Guide*)
+    # * [DeleteControl][10] (see also: [Deleting a custom control][11] in
+    #   the *Audit Manager User Guide*)
     #
-    #  At this time, Audit Manager doesn't provide an option to delete
-    # evidence. All available delete operations are listed above.
+    # At this time, Audit Manager doesn't provide an option to delete
+    # evidence for a specific delegated administrator. Instead, when your
+    # management account deregisters Audit Manager, we perform a cleanup for
+    # the current delegated administrator account at the time of
+    # deregistration.
     #
-    #  </note>
     #
     #
-    #
-    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
-    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
-    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
-    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
-    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
-    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
-    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
-    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
-    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
-    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    # [1]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-eds-disable-termination.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
+    # [5]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
+    # [6]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
+    # [7]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
+    # [8]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
+    # [9]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
+    # [10]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
+    # [11]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
     #
     # @option params [String] :admin_account_id
     #   The identifier for the administrator account.
@@ -1734,6 +1779,7 @@ module Aws::AuditManager
     #   resp.evidence.resources_included #=> Array
     #   resp.evidence.resources_included[0].arn #=> String
     #   resp.evidence.resources_included[0].value #=> String
+    #   resp.evidence.resources_included[0].compliance_check #=> String
     #   resp.evidence.attributes #=> Hash
     #   resp.evidence.attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence.iam_id #=> String
@@ -1801,6 +1847,7 @@ module Aws::AuditManager
     #   resp.evidence[0].resources_included #=> Array
     #   resp.evidence[0].resources_included[0].arn #=> String
     #   resp.evidence[0].resources_included[0].value #=> String
+    #   resp.evidence[0].resources_included[0].compliance_check #=> String
     #   resp.evidence[0].attributes #=> Hash
     #   resp.evidence[0].attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence[0].iam_id #=> String
@@ -1936,7 +1983,7 @@ module Aws::AuditManager
     end
 
     # Returns a list of evidence folders that are associated with a
-    # specified control of an assessment in Audit Manager.
+    # specified control in an Audit Manager assessment.
     #
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
@@ -2084,8 +2131,15 @@ module Aws::AuditManager
       req.send_request(options)
     end
 
-    # Returns a list of the in-scope Amazon Web Services for the specified
-    # assessment.
+    # Returns a list of all of the Amazon Web Services that you can choose
+    # to include in your assessment. When you [create an assessment][1],
+    # specify which of these services you want to include to narrow the
+    # assessment's [scope][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_Scope.html
     #
     # @return [Types::GetServicesInScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2111,7 +2165,7 @@ module Aws::AuditManager
     # Returns the settings for the specified Amazon Web Services account.
     #
     # @option params [required, String] :attribute
-    #   The list of `SettingAttribute` enum values.
+    #   The list of setting attribute enum values.
     #
     # @return [Types::GetSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2120,7 +2174,7 @@ module Aws::AuditManager
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_settings({
-    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
+    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS, EVIDENCE_FINDER_ENABLEMENT, DEREGISTRATION_POLICY
     #   })
     #
     # @example Response structure
@@ -2133,6 +2187,11 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
+    #   resp.settings.deregistration_policy.delete_resources #=> String, one of "ALL", "DEFAULT"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/GetSettings AWS API Documentation
     #
@@ -3603,6 +3662,26 @@ module Aws::AuditManager
     # @option params [String] :kms_key
     #   The KMS key details.
     #
+    # @option params [Boolean] :evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change this
+    #   attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit Manager
+    #   deletes the event data store that’s used to query your evidence data.
+    #   As a result, you can’t re-enable evidence finder and use the feature
+    #   again. Your only alternative is to [deregister][1] and then
+    #   [re-register][2] Audit Manager.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #
+    # @option params [Types::DeregistrationPolicy] :deregistration_policy
+    #   The deregistration policy for your Audit Manager data. You can use
+    #   this attribute to determine how your data is handled when you
+    #   deregister Audit Manager.
+    #
     # @return [Types::UpdateSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateSettingsResponse#settings #settings} => Types::Settings
@@ -3622,6 +3701,10 @@ module Aws::AuditManager
     #       },
     #     ],
     #     kms_key: "KmsKey",
+    #     evidence_finder_enabled: false,
+    #     deregistration_policy: {
+    #       delete_resources: "ALL", # accepts ALL, DEFAULT
+    #     },
     #   })
     #
     # @example Response structure
@@ -3634,6 +3717,11 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
+    #   resp.settings.deregistration_policy.delete_resources #=> String, one of "ALL", "DEFAULT"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettings AWS API Documentation
     #
@@ -3695,7 +3783,7 @@ module Aws::AuditManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-auditmanager'
-      context[:gem_version] = '1.27.0'
+      context[:gem_version] = '1.29.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-auditmanager/client_api.rb

@@ -75,6 +75,7 @@ module Aws::AuditManager
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ChangeLog = Shapes::StructureShape.new(name: 'ChangeLog')
     ChangeLogs = Shapes::ListShape.new(name: 'ChangeLogs')
+    CloudTrailArn = Shapes::StringShape.new(name: 'CloudTrailArn')
     ComplianceType = Shapes::StringShape.new(name: 'ComplianceType')
     Control = Shapes::StructureShape.new(name: 'Control')
     ControlComment = Shapes::StructureShape.new(name: 'ControlComment')
@@ -138,10 +139,12 @@ module Aws::AuditManager
     DeleteAssessmentResponse = Shapes::StructureShape.new(name: 'DeleteAssessmentResponse')
     DeleteControlRequest = Shapes::StructureShape.new(name: 'DeleteControlRequest')
     DeleteControlResponse = Shapes::StructureShape.new(name: 'DeleteControlResponse')
+    DeleteResources = Shapes::StringShape.new(name: 'DeleteResources')
     DeregisterAccountRequest = Shapes::StructureShape.new(name: 'DeregisterAccountRequest')
     DeregisterAccountResponse = Shapes::StructureShape.new(name: 'DeregisterAccountResponse')
     DeregisterOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'DeregisterOrganizationAdminAccountRequest')
     DeregisterOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'DeregisterOrganizationAdminAccountResponse')
+    DeregistrationPolicy = Shapes::StructureShape.new(name: 'DeregistrationPolicy')
     DisassociateAssessmentReportEvidenceFolderRequest = Shapes::StructureShape.new(name: 'DisassociateAssessmentReportEvidenceFolderRequest')
     DisassociateAssessmentReportEvidenceFolderResponse = Shapes::StructureShape.new(name: 'DisassociateAssessmentReportEvidenceFolderResponse')
     EmailAddress = Shapes::StringShape.new(name: 'EmailAddress')
@@ -152,6 +155,9 @@ module Aws::AuditManager
     EvidenceAttributeKey = Shapes::StringShape.new(name: 'EvidenceAttributeKey')
     EvidenceAttributeValue = Shapes::StringShape.new(name: 'EvidenceAttributeValue')
     EvidenceAttributes = Shapes::MapShape.new(name: 'EvidenceAttributes')
+    EvidenceFinderBackfillStatus = Shapes::StringShape.new(name: 'EvidenceFinderBackfillStatus')
+    EvidenceFinderEnablement = Shapes::StructureShape.new(name: 'EvidenceFinderEnablement')
+    EvidenceFinderEnablementStatus = Shapes::StringShape.new(name: 'EvidenceFinderEnablementStatus')
     EvidenceIds = Shapes::ListShape.new(name: 'EvidenceIds')
     EvidenceInsights = Shapes::StructureShape.new(name: 'EvidenceInsights')
     EvidenceList = Shapes::ListShape.new(name: 'EvidenceList')
@@ -242,6 +248,7 @@ module Aws::AuditManager
     Notifications = Shapes::ListShape.new(name: 'Notifications')
     NullableInteger = Shapes::IntegerShape.new(name: 'NullableInteger')
     ObjectTypeEnum = Shapes::StringShape.new(name: 'ObjectTypeEnum')
+    QueryStatement = Shapes::StringShape.new(name: 'QueryStatement')
     Region = Shapes::StringShape.new(name: 'Region')
     RegisterAccountRequest = Shapes::StructureShape.new(name: 'RegisterAccountRequest')
     RegisterAccountResponse = Shapes::StructureShape.new(name: 'RegisterAccountResponse')
@@ -668,6 +675,7 @@ module Aws::AuditManager
     CreateAssessmentReportRequest.add_member(:name, Shapes::ShapeRef.new(shape: AssessmentReportName, required: true, location_name: "name"))
     CreateAssessmentReportRequest.add_member(:description, Shapes::ShapeRef.new(shape: AssessmentReportDescription, location_name: "description"))
     CreateAssessmentReportRequest.add_member(:assessment_id, Shapes::ShapeRef.new(shape: UUID, required: true, location: "uri", location_name: "assessmentId"))
+    CreateAssessmentReportRequest.add_member(:query_statement, Shapes::ShapeRef.new(shape: QueryStatement, location_name: "queryStatement"))
     CreateAssessmentReportRequest.struct_class = Types::CreateAssessmentReportRequest
 
     CreateAssessmentReportResponse.add_member(:assessment_report, Shapes::ShapeRef.new(shape: AssessmentReport, location_name: "assessmentReport"))
@@ -781,6 +789,9 @@ module Aws::AuditManager
 
     DeregisterOrganizationAdminAccountResponse.struct_class = Types::DeregisterOrganizationAdminAccountResponse
 
+    DeregistrationPolicy.add_member(:delete_resources, Shapes::ShapeRef.new(shape: DeleteResources, location_name: "deleteResources"))
+    DeregistrationPolicy.struct_class = Types::DeregistrationPolicy
+
     DisassociateAssessmentReportEvidenceFolderRequest.add_member(:assessment_id, Shapes::ShapeRef.new(shape: UUID, required: true, location: "uri", location_name: "assessmentId"))
     DisassociateAssessmentReportEvidenceFolderRequest.add_member(:evidence_folder_id, Shapes::ShapeRef.new(shape: UUID, required: true, location_name: "evidenceFolderId"))
     DisassociateAssessmentReportEvidenceFolderRequest.struct_class = Types::DisassociateAssessmentReportEvidenceFolderRequest
@@ -807,6 +818,12 @@ module Aws::AuditManager
     EvidenceAttributes.key = Shapes::ShapeRef.new(shape: EvidenceAttributeKey)
     EvidenceAttributes.value = Shapes::ShapeRef.new(shape: EvidenceAttributeValue)
 
+    EvidenceFinderEnablement.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: CloudTrailArn, location_name: "eventDataStoreArn"))
+    EvidenceFinderEnablement.add_member(:enablement_status, Shapes::ShapeRef.new(shape: EvidenceFinderEnablementStatus, location_name: "enablementStatus"))
+    EvidenceFinderEnablement.add_member(:backfill_status, Shapes::ShapeRef.new(shape: EvidenceFinderBackfillStatus, location_name: "backfillStatus"))
+    EvidenceFinderEnablement.add_member(:error, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "error"))
+    EvidenceFinderEnablement.struct_class = Types::EvidenceFinderEnablement
+
     EvidenceIds.member = Shapes::ShapeRef.new(shape: UUID)
 
     EvidenceInsights.add_member(:noncompliant_evidence_count, Shapes::ShapeRef.new(shape: NullableInteger, location_name: "noncompliantEvidenceCount"))
@@ -1128,6 +1145,7 @@ module Aws::AuditManager
 
     Resource.add_member(:arn, Shapes::ShapeRef.new(shape: GenericArn, location_name: "arn"))
     Resource.add_member(:value, Shapes::ShapeRef.new(shape: String, location_name: "value"))
+    Resource.add_member(:compliance_check, Shapes::ShapeRef.new(shape: String, location_name: "complianceCheck"))
     Resource.struct_class = Types::Resource
 
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -1163,6 +1181,8 @@ module Aws::AuditManager
     Settings.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     Settings.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     Settings.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    Settings.add_member(:evidence_finder_enablement, Shapes::ShapeRef.new(shape: EvidenceFinderEnablement, location_name: "evidenceFinderEnablement"))
+    Settings.add_member(:deregistration_policy, Shapes::ShapeRef.new(shape: DeregistrationPolicy, location_name: "deregistrationPolicy"))
     Settings.struct_class = Types::Settings
 
     SourceKeyword.add_member(:keyword_input_type, Shapes::ShapeRef.new(shape: KeywordInputType, location_name: "keywordInputType"))
@@ -1280,6 +1300,8 @@ module Aws::AuditManager
     UpdateSettingsRequest.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     UpdateSettingsRequest.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     UpdateSettingsRequest.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    UpdateSettingsRequest.add_member(:evidence_finder_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "evidenceFinderEnabled"))
+    UpdateSettingsRequest.add_member(:deregistration_policy, Shapes::ShapeRef.new(shape: DeregistrationPolicy, location_name: "deregistrationPolicy"))
     UpdateSettingsRequest.struct_class = Types::UpdateSettingsRequest
 
     UpdateSettingsResponse.add_member(:settings, Shapes::ShapeRef.new(shape: Settings, location_name: "settings"))

data/lib/aws-sdk-auditmanager/endpoint_parameters.rb

@@ -50,6 +50,9 @@ module Aws::AuditManager
 
     def initialize(options = {})
       self[:region] = options[:region]
+      if self[:region].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :region"
+      end
       self[:use_dual_stack] = options[:use_dual_stack]
       self[:use_dual_stack] = false if self[:use_dual_stack].nil?
       if self[:use_dual_stack].nil?