aws-sdk-auditmanager 1.27.0 → 1.29.0

data/lib/aws-sdk-auditmanager/types.rb

@@ -13,15 +13,6 @@ module Aws::AuditManager
     # The wrapper of Amazon Web Services account details, such as account ID
     # or email address.
     #
-    # @note When making an API call, you may pass AWSAccount
-    #   data as a hash:
-    #
-    #       {
-    #         id: "AccountId",
-    #         email_address: "EmailAddress",
-    #         name: "AccountName",
-    #       }
-    #
     # @!attribute [rw] id
     #   The identifier for the Amazon Web Services account.
     #   @return [String]
@@ -47,13 +38,6 @@ module Aws::AuditManager
 
     # An Amazon Web Service such as Amazon S3 or CloudTrail.
     #
-    # @note When making an API call, you may pass AWSService
-    #   data as a hash:
-    #
-    #       {
-    #         service_name: "AWSServiceName",
-    #       }
-    #
     # @!attribute [rw] service_name
     #   The name of the Amazon Web Service.
     #   @return [String]
@@ -149,7 +133,7 @@ module Aws::AuditManager
     #   @return [Array<String>]
     #
     # @!attribute [rw] evidence_count
-    #   The amount of evidence that's generated for the control.
+    #   The amount of evidence that's collected for the control.
     #   @return [Integer]
     #
     # @!attribute [rw] assessment_report_evidence_count
@@ -184,7 +168,7 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] status
-    #   Specifies the current status of the control set.
+    #   The current status of the control set.
     #   @return [String]
     #
     # @!attribute [rw] roles
@@ -403,11 +387,11 @@ module Aws::AuditManager
     #   @return [Integer]
     #
     # @!attribute [rw] created_at
-    #   Specifies when the framework was created.
+    #   The time when the framework was created.
     #   @return [Time]
     #
     # @!attribute [rw] last_updated_at
-    #   Specifies when the framework was most recently updated.
+    #   The time when the framework was most recently updated.
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/AssessmentFrameworkMetadata AWS API Documentation
@@ -691,19 +675,19 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # An error entity for the `AssessmentReportEvidence` API. This is used
-    # to provide more meaningful errors than a simple string message.
+    # An error entity for assessment report evidence errors. This is used to
+    # provide more meaningful errors than a simple string message.
     #
     # @!attribute [rw] evidence_id
     #   The identifier for the evidence.
     #   @return [String]
     #
     # @!attribute [rw] error_code
-    #   The error code that the `AssessmentReportEvidence` API returned.
+    #   The error code that was returned.
     #   @return [String]
     #
     # @!attribute [rw] error_message
-    #   The error message that the `AssessmentReportEvidence` API returned.
+    #   The error message that was returned.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/AssessmentReportEvidenceError AWS API Documentation
@@ -769,14 +753,6 @@ module Aws::AuditManager
     # The location where Audit Manager saves assessment reports for the
     # given assessment.
     #
-    # @note When making an API call, you may pass AssessmentReportsDestination
-    #   data as a hash:
-    #
-    #       {
-    #         destination_type: "S3", # accepts S3
-    #         destination: "S3Url",
-    #       }
-    #
     # @!attribute [rw] destination_type
     #   The destination type, such as Amazon S3.
     #   @return [String]
@@ -794,14 +770,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass AssociateAssessmentReportEvidenceFolderRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         evidence_folder_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -823,15 +791,6 @@ module Aws::AuditManager
     #
     class AssociateAssessmentReportEvidenceFolderResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass BatchAssociateAssessmentReportEvidenceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         evidence_folder_id: "UUID", # required
-    #         evidence_ids: ["UUID"], # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -900,21 +859,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass BatchCreateDelegationByAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         create_delegation_requests: [ # required
-    #           {
-    #             comment: "DelegationComment",
-    #             control_set_id: "ControlSetId",
-    #             role_arn: "IamArn",
-    #             role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
-    #           },
-    #         ],
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] create_delegation_requests
     #   The API request to batch create delegations in Audit Manager.
     #   @return [Array<Types::CreateDelegationRequest>]
@@ -978,14 +922,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass BatchDeleteDelegationByAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         delegation_ids: ["UUID"], # required
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] delegation_ids
     #   The identifiers for the delegations.
     #   @return [Array<String>]
@@ -1016,15 +952,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass BatchDisassociateAssessmentReportEvidenceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         evidence_folder_id: "UUID", # required
-    #         evidence_ids: ["UUID"], # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -1094,20 +1021,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass BatchImportEvidenceToAssessmentControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         control_id: "UUID", # required
-    #         manual_evidence: [ # required
-    #           {
-    #             s3_resource_path: "S3Url",
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -1224,7 +1137,7 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] control_sources
-    #   The data source that determines where Audit Manager collects
+    #   The data source types that determine where Audit Manager collects
     #   evidence from for the control.
     #   @return [String]
     #
@@ -1233,11 +1146,11 @@ module Aws::AuditManager
     #   @return [Array<Types::ControlMappingSource>]
     #
     # @!attribute [rw] created_at
-    #   Specifies when the control was created.
+    #   The time when the control was created.
     #   @return [Time]
     #
     # @!attribute [rw] last_updated_at
-    #   Specifies when the control was most recently updated.
+    #   The time when the control was most recently updated.
     #   @return [Time]
     #
     # @!attribute [rw] created_by
@@ -1420,23 +1333,6 @@ module Aws::AuditManager
     # The data source that determines where Audit Manager collects evidence
     # from for the control.
     #
-    # @note When making an API call, you may pass ControlMappingSource
-    #   data as a hash:
-    #
-    #       {
-    #         source_id: "UUID",
-    #         source_name: "SourceName",
-    #         source_description: "SourceDescription",
-    #         source_set_up_option: "System_Controls_Mapping", # accepts System_Controls_Mapping, Procedural_Controls_Mapping
-    #         source_type: "AWS_Cloudtrail", # accepts AWS_Cloudtrail, AWS_Config, AWS_Security_Hub, AWS_API_Call, MANUAL
-    #         source_keyword: {
-    #           keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
-    #           keyword_value: "KeywordValue",
-    #         },
-    #         source_frequency: "DAILY", # accepts DAILY, WEEKLY, MONTHLY
-    #         troubleshooting_text: "TroubleshootingText",
-    #       }
-    #
     # @!attribute [rw] source_id
     #   The unique identifier for the source.
     #   @return [String]
@@ -1455,8 +1351,7 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] source_type
-    #   Specifies one of the five types of data sources for evidence
-    #   collection.
+    #   Specifies one of the five data source types for evidence collection.
     #   @return [String]
     #
     # @!attribute [rw] source_keyword
@@ -1527,11 +1422,11 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] created_at
-    #   Specifies when the control was created.
+    #   The time when the control was created.
     #   @return [Time]
     #
     # @!attribute [rw] last_updated_at
-    #   Specifies when the control was most recently updated.
+    #   The time when the control was most recently updated.
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/ControlMetadata AWS API Documentation
@@ -1575,13 +1470,6 @@ module Aws::AuditManager
     # The control entity attributes that uniquely identify an existing
     # control to be added to a framework in Audit Manager.
     #
-    # @note When making an API call, you may pass CreateAssessmentFrameworkControl
-    #   data as a hash:
-    #
-    #       {
-    #         id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   The unique identifier of the control.
     #   @return [String]
@@ -1597,18 +1485,6 @@ module Aws::AuditManager
     # A `controlSet` entity that represents a collection of controls in
     # Audit Manager. This doesn't contain the control set ID.
     #
-    # @note When making an API call, you may pass CreateAssessmentFrameworkControlSet
-    #   data as a hash:
-    #
-    #       {
-    #         name: "ControlSetName", # required
-    #         controls: [
-    #           {
-    #             id: "UUID", # required
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the control set.
     #   @return [String]
@@ -1627,28 +1503,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateAssessmentFrameworkRequest
-    #   data as a hash:
-    #
-    #       {
-    #         name: "FrameworkName", # required
-    #         description: "FrameworkDescription",
-    #         compliance_type: "ComplianceType",
-    #         control_sets: [ # required
-    #           {
-    #             name: "ControlSetName", # required
-    #             controls: [
-    #               {
-    #                 id: "UUID", # required
-    #               },
-    #             ],
-    #           },
-    #         ],
-    #         tags: {
-    #           "TagKey" => "TagValue",
-    #         },
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the new custom framework.
     #   @return [String]
@@ -1695,15 +1549,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateAssessmentReportRequest
-    #   data as a hash:
-    #
-    #       {
-    #         name: "AssessmentReportName", # required
-    #         description: "AssessmentReportDescription",
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the new assessment report.
     #   @return [String]
@@ -1716,12 +1561,39 @@ module Aws::AuditManager
     #   The identifier for the assessment.
     #   @return [String]
     #
+    # @!attribute [rw] query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment
+    #   report from the results of an evidence finder search query. When you
+    #   use this parameter, Audit Manager generates a one-time report using
+    #   only the evidence from the query output. This report does not
+    #   include any assessment evidence that was manually [added to a report
+    #   using the console][1], or [associated with a report using the
+    #   API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the
+    #   *Audit Manager User Guide.*
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_EvidenceFinderEnablement.html#auditmanager-Type-EvidenceFinderEnablement-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/CreateAssessmentReportRequest AWS API Documentation
     #
     class CreateAssessmentReportRequest < Struct.new(
       :name,
       :description,
-      :assessment_id)
+      :assessment_id,
+      :query_statement)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1739,42 +1611,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         name: "AssessmentName", # required
-    #         description: "AssessmentDescription",
-    #         assessment_reports_destination: { # required
-    #           destination_type: "S3", # accepts S3
-    #           destination: "S3Url",
-    #         },
-    #         scope: { # required
-    #           aws_accounts: [
-    #             {
-    #               id: "AccountId",
-    #               email_address: "EmailAddress",
-    #               name: "AccountName",
-    #             },
-    #           ],
-    #           aws_services: [
-    #             {
-    #               service_name: "AWSServiceName",
-    #             },
-    #           ],
-    #         },
-    #         roles: [ # required
-    #           {
-    #             role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
-    #             role_arn: "IamArn", # required
-    #           },
-    #         ],
-    #         framework_id: "UUID", # required
-    #         tags: {
-    #           "TagKey" => "TagValue",
-    #         },
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the assessment to be created.
     #   @return [String]
@@ -1838,22 +1674,6 @@ module Aws::AuditManager
     # collection, along with related parameters and metadata. This doesn't
     # contain `mappingID`.
     #
-    # @note When making an API call, you may pass CreateControlMappingSource
-    #   data as a hash:
-    #
-    #       {
-    #         source_name: "SourceName",
-    #         source_description: "SourceDescription",
-    #         source_set_up_option: "System_Controls_Mapping", # accepts System_Controls_Mapping, Procedural_Controls_Mapping
-    #         source_type: "AWS_Cloudtrail", # accepts AWS_Cloudtrail, AWS_Config, AWS_Security_Hub, AWS_API_Call, MANUAL
-    #         source_keyword: {
-    #           keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
-    #           keyword_value: "KeywordValue",
-    #         },
-    #         source_frequency: "DAILY", # accepts DAILY, WEEKLY, MONTHLY
-    #         troubleshooting_text: "TroubleshootingText",
-    #       }
-    #
     # @!attribute [rw] source_name
     #   The name of the control mapping data source.
     #   @return [String]
@@ -1919,34 +1739,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass CreateControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         name: "ControlName", # required
-    #         description: "ControlDescription",
-    #         testing_information: "TestingInformation",
-    #         action_plan_title: "ActionPlanTitle",
-    #         action_plan_instructions: "ActionPlanInstructions",
-    #         control_mapping_sources: [ # required
-    #           {
-    #             source_name: "SourceName",
-    #             source_description: "SourceDescription",
-    #             source_set_up_option: "System_Controls_Mapping", # accepts System_Controls_Mapping, Procedural_Controls_Mapping
-    #             source_type: "AWS_Cloudtrail", # accepts AWS_Cloudtrail, AWS_Config, AWS_Security_Hub, AWS_API_Call, MANUAL
-    #             source_keyword: {
-    #               keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
-    #               keyword_value: "KeywordValue",
-    #             },
-    #             source_frequency: "DAILY", # accepts DAILY, WEEKLY, MONTHLY
-    #             troubleshooting_text: "TroubleshootingText",
-    #           },
-    #         ],
-    #         tags: {
-    #           "TagKey" => "TagValue",
-    #         },
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the control.
     #   @return [String]
@@ -2005,16 +1797,6 @@ module Aws::AuditManager
     # A collection of attributes that's used to create a delegation for an
     # assessment in Audit Manager.
     #
-    # @note When making an API call, you may pass CreateDelegationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         comment: "DelegationComment",
-    #         control_set_id: "ControlSetId",
-    #         role_arn: "IamArn",
-    #         role_type: "PROCESS_OWNER", # accepts PROCESS_OWNER, RESOURCE_OWNER
-    #       }
-    #
     # @!attribute [rw] comment
     #   A comment that's related to the delegation request.
     #   @return [String]
@@ -2170,13 +1952,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeleteAssessmentFrameworkRequest
-    #   data as a hash:
-    #
-    #       {
-    #         framework_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] framework_id
     #   The identifier for the custom framework.
     #   @return [String]
@@ -2193,14 +1968,6 @@ module Aws::AuditManager
     #
     class DeleteAssessmentFrameworkResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteAssessmentFrameworkShareRequest
-    #   data as a hash:
-    #
-    #       {
-    #         request_id: "UUID", # required
-    #         request_type: "SENT", # required, accepts SENT, RECEIVED
-    #       }
-    #
     # @!attribute [rw] request_id
     #   The unique identifier for the share request to be deleted.
     #   @return [String]
@@ -2223,14 +1990,6 @@ module Aws::AuditManager
     #
     class DeleteAssessmentFrameworkShareResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteAssessmentReportRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         assessment_report_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -2252,13 +2011,6 @@ module Aws::AuditManager
     #
     class DeleteAssessmentReportResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -2275,13 +2027,6 @@ module Aws::AuditManager
     #
     class DeleteAssessmentResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] control_id
     #   The unique identifier for the control.
     #   @return [String]
@@ -2316,13 +2061,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeregisterOrganizationAdminAccountRequest
-    #   data as a hash:
-    #
-    #       {
-    #         admin_account_id: "AccountId",
-    #       }
-    #
     # @!attribute [rw] admin_account_id
     #   The identifier for the administrator account.
     #   @return [String]
@@ -2339,14 +2077,52 @@ module Aws::AuditManager
     #
     class DeregisterOrganizationAdminAccountResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DisassociateAssessmentReportEvidenceFolderRequest
-    #   data as a hash:
+    # The deregistration policy for the data that's stored in Audit
+    # Manager. You can use this attribute to determine how your data is
+    # handled when you [deregister Audit Manager][1].
+    #
+    # By default, Audit Manager retains evidence data for two years from the
+    # time of its creation. Other Audit Manager resources (including
+    # assessments, custom controls, and custom frameworks) remain in Audit
+    # Manager indefinitely, and are available if you [re-register Audit
+    # Manager][2] in the future. For more information about data retention,
+    # see [Data Protection][3] in the *Audit Manager User Guide*.
+    #
+    # If you choose to delete all data, this action permanently deletes all
+    # evidence data in your account within seven days. It also deletes all
+    # of the Audit Manager resources that you created, including
+    # assessments, custom controls, and custom frameworks. Your data will
+    # not be available if you re-register Audit Manager in the future.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html
+    #
+    # @!attribute [rw] delete_resources
+    #   Specifies which Audit Manager data will be deleted when you
+    #   deregister Audit Manager.
     #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         evidence_folder_id: "UUID", # required
-    #       }
+    #   * If you set the value to `ALL`, all of your data is deleted within
+    #     seven days of deregistration.
     #
+    #   * If you set the value to `DEFAULT`, none of your data is deleted at
+    #     the time of deregistration. However, keep in mind that the Audit
+    #     Manager data retention policy still applies. As a result, any
+    #     evidence data will be deleted two years after its creation date.
+    #     Your other Audit Manager resources will continue to exist
+    #     indefinitely.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/DeregistrationPolicy AWS API Documentation
+    #
+    class DeregistrationPolicy < Struct.new(
+      :delete_resources)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -2370,7 +2146,7 @@ module Aws::AuditManager
 
     # A record that contains the information needed to demonstrate
     # compliance with the requirements specified by a control. Examples of
-    # evidence include change activity triggered by a user, or a system
+    # evidence include change activity invoked by a user, or a system
     # configuration snapshot.
     #
     # @!attribute [rw] data_source
@@ -2413,10 +2189,24 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] compliance_check
-    #   The evaluation status for evidence that falls under the compliance
-    #   check category. For evidence collected from Security Hub, a *Pass*
-    #   or *Fail* result is shown. For evidence collected from Config, a
-    #   *Compliant* or *Noncompliant* result is shown.
+    #   The evaluation status for automated evidence that falls under the
+    #   compliance check category.
+    #
+    #   * Audit Manager classes evidence as non-compliant if Security Hub
+    #     reports a *Fail* result, or if Config reports a *Non-compliant*
+    #     result.
+    #
+    #   * Audit Manager classes evidence as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that evidence. This is the
+    #     case if the evidence uses Config or Security Hub as the underlying
+    #     data source type, but those services aren't enabled. This is also
+    #     the case if the evidence uses an underlying data source type that
+    #     doesn't support compliance checks (such as manual evidence,
+    #     Amazon Web Services API calls, or CloudTrail).
     #   @return [String]
     #
     # @!attribute [rw] aws_organization
@@ -2462,6 +2252,74 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
+    # The settings object that specifies whether evidence finder is enabled.
+    # This object also describes the related event data store, and the
+    # backfill status for populating the event data store with evidence
+    # data.
+    #
+    # @!attribute [rw] event_data_store_arn
+    #   The Amazon Resource Name (ARN) of the CloudTrail Lake event data
+    #   store that’s used by evidence finder. The event data store is the
+    #   lake of evidence data that evidence finder runs queries against.
+    #   @return [String]
+    #
+    # @!attribute [rw] enablement_status
+    #   The current status of the evidence finder feature and the related
+    #   event data store.
+    #
+    #   * `ENABLE_IN_PROGRESS` means that you requested to enable evidence
+    #     finder. An event data store is currently being created to support
+    #     evidence finder queries.
+    #
+    #   * `ENABLED` means that an event data store was successfully created
+    #     and evidence finder is enabled. We recommend that you wait 7 days
+    #     until the event data store is backfilled with your past two years’
+    #     worth of evidence data. You can use evidence finder in the
+    #     meantime, but not all data might be available until the backfill
+    #     is complete.
+    #
+    #   * `DISABLE_IN_PROGRESS` means that you requested to disable evidence
+    #     finder, and your request is pending the deletion of the event data
+    #     store.
+    #
+    #   * `DISABLED` means that you have permanently disabled evidence
+    #     finder and the event data store has been deleted. You can't
+    #     re-enable evidence finder after this point.
+    #   @return [String]
+    #
+    # @!attribute [rw] backfill_status
+    #   The current status of the evidence data backfill process.
+    #
+    #   The backfill starts after you enable evidence finder. During this
+    #   task, Audit Manager populates an event data store with your past two
+    #   years’ worth of evidence data so that your evidence can be queried.
+    #
+    #   * `NOT_STARTED` means that the backfill hasn’t started yet.
+    #
+    #   * `IN_PROGRESS` means that the backfill is in progress. This can
+    #     take up to 7 days to complete, depending on the amount of evidence
+    #     data.
+    #
+    #   * `COMPLETED` means that the backfill is complete. All of your past
+    #     evidence is now queryable.
+    #   @return [String]
+    #
+    # @!attribute [rw] error
+    #   Represents any errors that occurred when enabling or disabling
+    #   evidence finder.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/EvidenceFinderEnablement AWS API Documentation
+    #
+    class EvidenceFinderEnablement < Struct.new(
+      :event_data_store_arn,
+      :enablement_status,
+      :backfill_status,
+      :error)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # A breakdown of the latest compliance check status for the evidence in
     # your Audit Manager assessments.
     #
@@ -2547,11 +2405,11 @@ module Aws::AuditManager
     #   @return [Array<Types::ControlSet>]
     #
     # @!attribute [rw] created_at
-    #   Specifies when the framework was created.
+    #   The time when the framework was created.
     #   @return [Time]
     #
     # @!attribute [rw] last_updated_at
-    #   Specifies when the framework was most recently updated.
+    #   The time when the framework was most recently updated.
     #   @return [Time]
     #
     # @!attribute [rw] created_by
@@ -2635,13 +2493,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetAssessmentFrameworkRequest
-    #   data as a hash:
-    #
-    #       {
-    #         framework_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] framework_id
     #   The identifier for the framework.
     #   @return [String]
@@ -2666,14 +2517,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetAssessmentReportUrlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_report_id: "UUID", # required
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_report_id
     #   The unique identifier for the assessment report.
     #   @return [String]
@@ -2704,13 +2547,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -2744,17 +2580,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetChangeLogsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId",
-    #         control_id: "UUID",
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -2805,13 +2630,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] control_id
     #   The identifier for the control.
     #   @return [String]
@@ -2836,14 +2654,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetDelegationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] next_token
     #   The pagination token that's used to fetch the next set of results.
     #   @return [String]
@@ -2879,17 +2689,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetEvidenceByEvidenceFolderRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         evidence_folder_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -2941,15 +2740,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetEvidenceFolderRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         evidence_folder_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -2984,17 +2774,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetEvidenceFoldersByAssessmentControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         control_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The identifier for the assessment.
     #   @return [String]
@@ -3046,15 +2825,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetEvidenceFoldersByAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -3096,16 +2866,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetEvidenceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         evidence_folder_id: "UUID", # required
-    #         evidence_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -3134,7 +2894,7 @@ module Aws::AuditManager
     end
 
     # @!attribute [rw] evidence
-    #   The evidence that the `GetEvidenceResponse` API returned.
+    #   The evidence that the `GetEvidence` API returned.
     #   @return [Types::Evidence]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/GetEvidenceResponse AWS API Documentation
@@ -3145,13 +2905,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetInsightsByAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -3236,15 +2989,8 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetSettingsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
-    #       }
-    #
     # @!attribute [rw] attribute
-    #   The list of `SettingAttribute` enum values.
+    #   The list of setting attribute enum values.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/GetSettingsRequest AWS API Documentation
@@ -3448,16 +3194,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAssessmentControlInsightsByControlDomainRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_domain_id: "UUID", # required
-    #         assessment_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] control_domain_id
     #   The unique identifier for the control domain.
     #   @return [String]
@@ -3504,15 +3240,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAssessmentFrameworkShareRequestsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         request_type: "SENT", # required, accepts SENT, RECEIVED
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] request_type
     #   Specifies whether the share request is a sent request or a received
     #   request.
@@ -3555,15 +3282,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAssessmentFrameworksRequest
-    #   data as a hash:
-    #
-    #       {
-    #         framework_type: "Standard", # required, accepts Standard, Custom
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] framework_type
     #   The type of framework, such as a standard framework or a custom
     #   framework.
@@ -3605,14 +3323,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAssessmentReportsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] next_token
     #   The pagination token that's used to fetch the next set of results.
     #   @return [String]
@@ -3649,15 +3359,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAssessmentsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         status: "ACTIVE", # accepts ACTIVE, INACTIVE
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] status
     #   The current status of the assessment.
     #   @return [String]
@@ -3698,15 +3399,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListControlDomainInsightsByAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the active assessment.
     #   @return [String]
@@ -3748,14 +3440,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListControlDomainInsightsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] next_token
     #   The pagination token that's used to fetch the next set of results.
     #   @return [String]
@@ -3792,15 +3476,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListControlInsightsByControlDomainRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_domain_id: "UUID", # required
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] control_domain_id
     #   The unique identifier for the control domain.
     #   @return [String]
@@ -3842,15 +3517,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListControlsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_type: "Standard", # required, accepts Standard, Custom
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] control_type
     #   The type of control, such as a standard control or a custom control.
     #   @return [String]
@@ -3892,15 +3558,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListKeywordsForDataSourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         source: "AWS_Cloudtrail", # required, accepts AWS_Cloudtrail, AWS_Config, AWS_Security_Hub, AWS_API_Call, MANUAL
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] source
     #   The control mapping data source that the keywords apply to.
     #   @return [String]
@@ -3941,14 +3598,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListNotificationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         next_token: "Token",
-    #         max_results: 1,
-    #       }
-    #
     # @!attribute [rw] next_token
     #   The pagination token that's used to fetch the next set of results.
     #   @return [String]
@@ -3984,13 +3633,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListTagsForResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "AuditManagerArn", # required
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The Amazon Resource Name (ARN) of the resource.
     #   @return [String]
@@ -4017,13 +3659,6 @@ module Aws::AuditManager
 
     # Evidence that's uploaded to Audit Manager manually.
     #
-    # @note When making an API call, you may pass ManualEvidence
-    #   data as a hash:
-    #
-    #       {
-    #         s3_resource_path: "S3Url",
-    #       }
-    #
     # @!attribute [rw] s3_resource_path
     #   The Amazon S3 URL that points to a manual evidence object.
     #   @return [String]
@@ -4088,14 +3723,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass RegisterAccountRequest
-    #   data as a hash:
-    #
-    #       {
-    #         kms_key: "KmsKey",
-    #         delegated_admin_account: "AccountId",
-    #       }
-    #
     # @!attribute [rw] kms_key
     #   The KMS key details.
     #   @return [String]
@@ -4125,13 +3752,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass RegisterOrganizationAdminAccountRequest
-    #   data as a hash:
-    #
-    #       {
-    #         admin_account_id: "AccountId", # required
-    #       }
-    #
     # @!attribute [rw] admin_account_id
     #   The identifier for the delegated administrator account.
     #   @return [String]
@@ -4171,11 +3791,34 @@ module Aws::AuditManager
     #   The value of the resource.
     #   @return [String]
     #
+    # @!attribute [rw] compliance_check
+    #   The evaluation status for a resource that was assessed when
+    #   collecting compliance check evidence.
+    #
+    #   * Audit Manager classes the resource as non-compliant if Security
+    #     Hub reports a *Fail* result, or if Config reports a
+    #     *Non-compliant* result.
+    #
+    #   * Audit Manager classes the resource as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that resource. This is the
+    #     case if a resource assessment uses Config or Security Hub as the
+    #     underlying data source type, but those services aren't enabled.
+    #     This is also the case if the resource assessment uses an
+    #     underlying data source type that doesn't support compliance
+    #     checks (such as manual evidence, Amazon Web Services API calls, or
+    #     CloudTrail).
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Resource AWS API Documentation
     #
     class Resource < Struct.new(
       :arn,
-      :value)
+      :value,
+      :compliance_check)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4207,14 +3850,6 @@ module Aws::AuditManager
     # current user. This includes the role type and IAM Amazon Resource Name
     # (ARN).
     #
-    # @note When making an API call, you may pass Role
-    #   data as a hash:
-    #
-    #       {
-    #         role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
-    #         role_arn: "IamArn", # required
-    #       }
-    #
     # @!attribute [rw] role_type
     #   The type of customer persona.
     #
@@ -4244,24 +3879,6 @@ module Aws::AuditManager
     # The wrapper that contains the Amazon Web Services accounts and
     # services that are in scope for the assessment.
     #
-    # @note When making an API call, you may pass Scope
-    #   data as a hash:
-    #
-    #       {
-    #         aws_accounts: [
-    #           {
-    #             id: "AccountId",
-    #             email_address: "EmailAddress",
-    #             name: "AccountName",
-    #           },
-    #         ],
-    #         aws_services: [
-    #           {
-    #             service_name: "AWSServiceName",
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] aws_accounts
     #   The Amazon Web Services accounts that are included in the scope of
     #   the assessment.
@@ -4356,6 +3973,16 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enablement
+    #   The current evidence finder status and event data store details.
+    #   @return [Types::EvidenceFinderEnablement]
+    #
+    # @!attribute [rw] deregistration_policy
+    #   The deregistration policy for your Audit Manager data. You can use
+    #   this attribute to determine how your data is handled when you
+    #   deregister Audit Manager.
+    #   @return [Types::DeregistrationPolicy]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Settings AWS API Documentation
     #
     class Settings < Struct.new(
@@ -4363,7 +3990,9 @@ module Aws::AuditManager
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enablement,
+      :deregistration_policy)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4390,14 +4019,6 @@ module Aws::AuditManager
     # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html
     # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html
     #
-    # @note When making an API call, you may pass SourceKeyword
-    #   data as a hash:
-    #
-    #       {
-    #         keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
-    #         keyword_value: "KeywordValue",
-    #       }
-    #
     # @!attribute [rw] keyword_input_type
     #   The input method for the keyword.
     #   @return [String]
@@ -4437,11 +4058,6 @@ module Aws::AuditManager
     #       `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
     #
     #     * Service-linked rule name:
-    #       securityhub-api-gw-cache-encrypted-101104e1
-    #
-    #       `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
-    #
-    #     * Service-linked rule name:
     #       OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
     #
     #       `keywordValue`\:
@@ -4465,16 +4081,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass StartAssessmentFrameworkShareRequest
-    #   data as a hash:
-    #
-    #       {
-    #         framework_id: "UUID", # required
-    #         destination_account: "AccountId", # required
-    #         destination_region: "Region", # required
-    #         comment: "ShareRequestComment",
-    #       }
-    #
     # @!attribute [rw] framework_id
     #   The unique identifier for the custom framework to be shared.
     #   @return [String]
@@ -4515,16 +4121,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass TagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "AuditManagerArn", # required
-    #         tags: { # required
-    #           "TagKey" => "TagValue",
-    #         },
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The Amazon Resource Name (ARN) of the resource.
     #   @return [String]
@@ -4579,14 +4175,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UntagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "AuditManagerArn", # required
-    #         tag_keys: ["TagKey"], # required
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   The Amazon Resource Name (ARN) of the specified resource.
     #   @return [String]
@@ -4608,17 +4196,6 @@ module Aws::AuditManager
     #
     class UntagResourceResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass UpdateAssessmentControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "ControlSetId", # required
-    #         control_id: "UUID", # required
-    #         control_status: "UNDER_REVIEW", # accepts UNDER_REVIEW, REVIEWED, INACTIVE
-    #         comment_body: "ControlCommentBody",
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -4664,16 +4241,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateAssessmentControlSetStatusRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         control_set_id: "String", # required
-    #         status: "ACTIVE", # required, accepts ACTIVE, UNDER_REVIEW, REVIEWED
-    #         comment: "DelegationComment", # required
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -4717,19 +4284,6 @@ module Aws::AuditManager
     # A `controlSet` entity that represents a collection of controls in
     # Audit Manager. This doesn't contain the control set ID.
     #
-    # @note When making an API call, you may pass UpdateAssessmentFrameworkControlSet
-    #   data as a hash:
-    #
-    #       {
-    #         id: "ControlSetName",
-    #         name: "ControlSetName", # required
-    #         controls: [ # required
-    #           {
-    #             id: "UUID", # required
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] id
     #   The unique identifier for the control set.
     #   @return [String]
@@ -4752,27 +4306,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateAssessmentFrameworkRequest
-    #   data as a hash:
-    #
-    #       {
-    #         framework_id: "UUID", # required
-    #         name: "FrameworkName", # required
-    #         description: "FrameworkDescription",
-    #         compliance_type: "ComplianceType",
-    #         control_sets: [ # required
-    #           {
-    #             id: "ControlSetName",
-    #             name: "ControlSetName", # required
-    #             controls: [ # required
-    #               {
-    #                 id: "UUID", # required
-    #               },
-    #             ],
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] framework_id
     #   The unique identifier for the framework.
     #   @return [String]
@@ -4818,15 +4351,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateAssessmentFrameworkShareRequest
-    #   data as a hash:
-    #
-    #       {
-    #         request_id: "UUID", # required
-    #         request_type: "SENT", # required, accepts SENT, RECEIVED
-    #         action: "ACCEPT", # required, accepts ACCEPT, DECLINE, REVOKE
-    #       }
-    #
     # @!attribute [rw] request_id
     #   The unique identifier for the share request.
     #   @return [String]
@@ -4863,39 +4387,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateAssessmentRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         assessment_name: "AssessmentName",
-    #         assessment_description: "AssessmentDescription",
-    #         scope: { # required
-    #           aws_accounts: [
-    #             {
-    #               id: "AccountId",
-    #               email_address: "EmailAddress",
-    #               name: "AccountName",
-    #             },
-    #           ],
-    #           aws_services: [
-    #             {
-    #               service_name: "AWSServiceName",
-    #             },
-    #           ],
-    #         },
-    #         assessment_reports_destination: {
-    #           destination_type: "S3", # accepts S3
-    #           destination: "S3Url",
-    #         },
-    #         roles: [
-    #           {
-    #             role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
-    #             role_arn: "IamArn", # required
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -4935,8 +4426,8 @@ module Aws::AuditManager
     end
 
     # @!attribute [rw] assessment
-    #   The response object for the `UpdateAssessmentRequest` API. This is
-    #   the name of the updated assessment.
+    #   The response object for the `UpdateAssessment` API. This is the name
+    #   of the updated assessment.
     #   @return [Types::Assessment]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateAssessmentResponse AWS API Documentation
@@ -4947,14 +4438,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateAssessmentStatusRequest
-    #   data as a hash:
-    #
-    #       {
-    #         assessment_id: "UUID", # required
-    #         status: "ACTIVE", # required, accepts ACTIVE, INACTIVE
-    #       }
-    #
     # @!attribute [rw] assessment_id
     #   The unique identifier for the assessment.
     #   @return [String]
@@ -4985,33 +4468,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateControlRequest
-    #   data as a hash:
-    #
-    #       {
-    #         control_id: "UUID", # required
-    #         name: "ControlName", # required
-    #         description: "ControlDescription",
-    #         testing_information: "TestingInformation",
-    #         action_plan_title: "ActionPlanTitle",
-    #         action_plan_instructions: "ActionPlanInstructions",
-    #         control_mapping_sources: [ # required
-    #           {
-    #             source_id: "UUID",
-    #             source_name: "SourceName",
-    #             source_description: "SourceDescription",
-    #             source_set_up_option: "System_Controls_Mapping", # accepts System_Controls_Mapping, Procedural_Controls_Mapping
-    #             source_type: "AWS_Cloudtrail", # accepts AWS_Cloudtrail, AWS_Config, AWS_Security_Hub, AWS_API_Call, MANUAL
-    #             source_keyword: {
-    #               keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
-    #               keyword_value: "KeywordValue",
-    #             },
-    #             source_frequency: "DAILY", # accepts DAILY, WEEKLY, MONTHLY
-    #             troubleshooting_text: "TroubleshootingText",
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] control_id
     #   The identifier for the control.
     #   @return [String]
@@ -5068,24 +4524,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UpdateSettingsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         sns_topic: "SnsArn",
-    #         default_assessment_reports_destination: {
-    #           destination_type: "S3", # accepts S3
-    #           destination: "S3Url",
-    #         },
-    #         default_process_owners: [
-    #           {
-    #             role_type: "PROCESS_OWNER", # required, accepts PROCESS_OWNER, RESOURCE_OWNER
-    #             role_arn: "IamArn", # required
-    #           },
-    #         ],
-    #         kms_key: "KmsKey",
-    #       }
-    #
     # @!attribute [rw] sns_topic
     #   The Amazon Simple Notification Service (Amazon SNS) topic that Audit
     #   Manager sends notifications to.
@@ -5103,13 +4541,37 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change
+    #   this attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit
+    #   Manager deletes the event data store that’s used to query your
+    #   evidence data. As a result, you can’t re-enable evidence finder and
+    #   use the feature again. Your only alternative is to [deregister][1]
+    #   and then [re-register][2] Audit Manager.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] deregistration_policy
+    #   The deregistration policy for your Audit Manager data. You can use
+    #   this attribute to determine how your data is handled when you
+    #   deregister Audit Manager.
+    #   @return [Types::DeregistrationPolicy]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettingsRequest AWS API Documentation
     #
     class UpdateSettingsRequest < Struct.new(
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enabled,
+      :deregistration_policy)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5126,13 +4588,6 @@ module Aws::AuditManager
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ValidateAssessmentReportIntegrityRequest
-    #   data as a hash:
-    #
-    #       {
-    #         s3_relative_path: "S3Url", # required
-    #       }
-    #
     # @!attribute [rw] s3_relative_path
     #   The relative path of the Amazon S3 bucket that the assessment report
     #   is stored in.