RubyGems - aws-sdk-auditmanager - Versions diffs - 1.27.0 → 1.28.0 - Mend

aws-sdk-auditmanager 1.27.0 → 1.28.0

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-auditmanager/client.rb +135 -29
data/lib/aws-sdk-auditmanager/client_api.rb +15 -0
data/lib/aws-sdk-auditmanager/types.rb +174 -19
data/lib/aws-sdk-auditmanager.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 36c547104a75ab6080ecd324e66c3700e47858a41784746af85c69afd4e03159
-  data.tar.gz: e2dcb630a75347b53a3aa46de94f75ea28b703148b00f96f785558d475f0779c
+  metadata.gz: 14c9a2bbba11aa4991946da8d6a60d605977a49c1b5a66e6dd8cfe1bd4d497c4
+  data.tar.gz: 0135c251504249a65941fa1b72f2305b699860d26777f731a96d8ef2459aa797
 SHA512:
-  metadata.gz: afe0d546cddcbad7595b08eb087789606b2e5229255b169aa70c571a3d95b3e884f5e5d82af126ce323c96a5b4b5ddc85038fee37f800768c819cc264b0451ca
-  data.tar.gz: 2bc984898c428784d1160c9b69b540db99760a71f8d56c7b916ef43cccb110fb66d5a94f8a99110acbb8f8a72d0922ae07ae12c64c9e6b31a891c5210c3c0522
+  metadata.gz: 1f3240882caa2165a12ad980d32aac132cebb882785a6a86b7bc355050a7d912363d96cef586d2e6f6ac35fe26a1490c4edf7d2f7acc6e47b164f7581156c5e1
+  data.tar.gz: d0db54b1830a2f41a9f80a29780a2033d8c1c620ffea16ee120579090bb2fa40c7680207ff00cdbae12b142a52228a0867844bbc14b9f162d57f742081df590c

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.28.0 (2022-11-18)
+------------------
+* Feature - This release introduces a new feature for Audit Manager: Evidence finder. You can now use evidence finder to quickly query your evidence, and add the matching evidence results to an assessment report.
 1.27.0 (2022-10-25)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.27.0
1	+ 1.28.0

data/lib/aws-sdk-auditmanager/client.rb CHANGED Viewed

@@ -575,7 +575,33 @@ module Aws::AuditManager
     end
     # Uploads one or more pieces of evidence to a control in an Audit
-    # Manager assessment.
+    # Manager assessment. You can upload manual evidence from any Amazon
+    # Simple Storage Service (Amazon S3) bucket by specifying the S3 URI of
+    # the evidence.
+    #
+    # You must upload manual evidence to your S3 bucket before you can
+    # upload it to your assessment. For instructions, see [CreateBucket][1]
+    # and [PutObject][2] in the *Amazon Simple Storage Service API
+    # Reference.*
+    #
+    # The following restrictions apply to this action:
+    #
+    # * Maximum size of an individual evidence file: 100 MB
+    #
+    # * Number of daily manual evidence uploads per control: 100
+    #
+    # * Supported file formats: See [Supported file types for manual
+    #   evidence][3] in the *Audit Manager User Guide*
+    #
+    # For more information about Audit Manager service restrictions, see
+    # [Quotas and restrictions for Audit Manager][4].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html
+    # [2]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html#supported-manual-evidence-files
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html
     #
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
@@ -885,6 +911,30 @@ module Aws::AuditManager
     # @option params [required, String] :assessment_id
     #   The identifier for the assessment.
     #
+    # @option params [String] :query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment report
+    #   from the results of an evidence finder search query. When you use this
+    #   parameter, Audit Manager generates a one-time report using only the
+    #   evidence from the query output. This report does not include any
+    #   assessment evidence that was manually [added to a report using the
+    #   console][1], or [associated with a report using the API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the AWS
+    #   Audit Manager User Guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_EvidenceFinderSetup.html#auditmanager-Type-EvidenceFinderSetup-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #
     # @return [Types::CreateAssessmentReportResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateAssessmentReportResponse#assessment_report #assessment_report} => Types::AssessmentReport
@@ -895,6 +945,7 @@ module Aws::AuditManager
     #     name: "AssessmentReportName", # required
     #     description: "AssessmentReportDescription",
     #     assessment_id: "UUID", # required
+    #     query_statement: "QueryStatement",
     #   })
     #
     # @example Response structure
@@ -1227,48 +1278,65 @@ module Aws::AuditManager
     # Audit Manager will stop collecting and attaching evidence to that
     # delegated administrator account moving forward.
     #
-    # <note markdown="1"> When you deregister a delegated administrator account for Audit
+    # Keep in mind the following cleanup task if you use evidence finder:
+    #
+    #  Before you use your management account to remove a delegated
+    # administrator, make sure that the current delegated administrator
+    # account signs in to Audit Manager and disables evidence finder first.
+    # Disabling evidence finder automatically deletes the event data store
+    # that was created in their account when they enabled evidence finder.
+    # If this task isn’t completed, the event data store remains in their
+    # account. In this case, we recommend that the original delegated
+    # administrator goes to CloudTrail Lake and manually [deletes the event
+    # data store][1].
+    #
+    #  This cleanup task is necessary to ensure that you don't end up with
+    # multiple event data stores. Audit Manager will ignore an unused event
+    # data store after you remove or change a delegated administrator
+    # account. However, the unused event data store continues to incur
+    # storage costs from CloudTrail Lake if you don't delete it.
+    #
+    # When you deregister a delegated administrator account for Audit
     # Manager, the data for that account isn’t deleted. If you want to
     # delete resource data for a delegated administrator account, you must
     # perform that task separately before you deregister the account.
     # Either, you can do this in the Audit Manager console. Or, you can use
     # one of the delete API operations that are provided by Audit Manager.
     #
-    #  To delete your Audit Manager resource data, see the following
+    # To delete your Audit Manager resource data, see the following
     # instructions:
     #
-    #  * [DeleteAssessment][1] (see also: [Deleting an assessment][2] in the
+    # * [DeleteAssessment][2] (see also: [Deleting an assessment][3] in the
     #   *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFramework][3] (see also: [Deleting a custom
-    #   framework][4] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFramework][4] (see also: [Deleting a custom
+    #   framework][5] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentFrameworkShare][5] (see also: [Deleting a share
-    #   request][6] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentFrameworkShare][6] (see also: [Deleting a share
+    #   request][7] in the *Audit Manager User Guide*)
     #
-    # * [DeleteAssessmentReport][7] (see also: [Deleting an assessment
-    #   report][8] in the *Audit Manager User Guide*)
+    # * [DeleteAssessmentReport][8] (see also: [Deleting an assessment
+    #   report][9] in the *Audit Manager User Guide*)
     #
-    # * [DeleteControl][9] (see also: [Deleting a custom control][10] in the
-    #   *Audit Manager User Guide*)
+    # * [DeleteControl][10] (see also: [Deleting a custom control][11] in
+    #   the *Audit Manager User Guide*)
     #
-    #  At this time, Audit Manager doesn't provide an option to delete
+    # At this time, Audit Manager doesn't provide an option to delete
     # evidence. All available delete operations are listed above.
     #
-    #  </note>
     #
     #
-    #
-    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
-    # [2]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
-    # [3]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
-    # [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
-    # [5]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
-    # [6]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
-    # [7]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
-    # [8]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
-    # [9]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
-    # [10]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
+    # [1]: https://docs.aws.amazon.com/userguide/awscloudtrail/latest/userguide/query-eds-disable-termination.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html
+    # [3]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html
+    # [4]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html
+    # [5]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html
+    # [6]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html
+    # [7]: https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html
+    # [8]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html
+    # [9]: https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps
+    # [10]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html
+    # [11]: https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html
     #
     # @option params [String] :admin_account_id
     #   The identifier for the administrator account.
@@ -1734,6 +1802,7 @@ module Aws::AuditManager
     #   resp.evidence.resources_included #=> Array
     #   resp.evidence.resources_included[0].arn #=> String
     #   resp.evidence.resources_included[0].value #=> String
+    #   resp.evidence.resources_included[0].compliance_check #=> String
     #   resp.evidence.attributes #=> Hash
     #   resp.evidence.attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence.iam_id #=> String
@@ -1801,6 +1870,7 @@ module Aws::AuditManager
     #   resp.evidence[0].resources_included #=> Array
     #   resp.evidence[0].resources_included[0].arn #=> String
     #   resp.evidence[0].resources_included[0].value #=> String
+    #   resp.evidence[0].resources_included[0].compliance_check #=> String
     #   resp.evidence[0].attributes #=> Hash
     #   resp.evidence[0].attributes["EvidenceAttributeKey"] #=> String
     #   resp.evidence[0].iam_id #=> String
@@ -2084,8 +2154,15 @@ module Aws::AuditManager
       req.send_request(options)
     end
-    # Returns a list of the in-scope Amazon Web Services for the specified
-    # assessment.
+    # Returns a list of all of the Amazon Web Services that you can choose
+    # to include in your assessment. When you [create an assessment][1],
+    # specify which of these services you want to include to narrow the
+    # assessment's [scope][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html
+    # [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_Scope.html
     #
     # @return [Types::GetServicesInScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2120,7 +2197,7 @@ module Aws::AuditManager
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_settings({
-    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
+    #     attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS, EVIDENCE_FINDER_ENABLEMENT
     #   })
     #
     # @example Response structure
@@ -2133,6 +2210,10 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/GetSettings AWS API Documentation
     #
@@ -3603,6 +3684,26 @@ module Aws::AuditManager
     # @option params [String] :kms_key
     #   The KMS key details.
     #
+    # @option params [Boolean] :evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change this
+    #   attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit Manager
+    #   deletes the event data store that’s used to query your evidence data.
+    #   As a result, you can’t re-enable evidence finder and use the feature
+    #   again. Your only alternative is to [deregister][1] and then
+    #   [re-register][2] Audit Manager.
+    #
+    #    Disabling evidence finder is permanent, so consider this decision
+    #   carefully before you proceed. If you’re using Audit Manager as a
+    #   delegated administrator, keep in mind that this action applies to all
+    #   member accounts in your organization.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #
     # @return [Types::UpdateSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateSettingsResponse#settings #settings} => Types::Settings
@@ -3622,6 +3723,7 @@ module Aws::AuditManager
     #       },
     #     ],
     #     kms_key: "KmsKey",
+    #     evidence_finder_enabled: false,
     #   })
     #
     # @example Response structure
@@ -3634,6 +3736,10 @@ module Aws::AuditManager
     #   resp.settings.default_process_owners[0].role_type #=> String, one of "PROCESS_OWNER", "RESOURCE_OWNER"
     #   resp.settings.default_process_owners[0].role_arn #=> String
     #   resp.settings.kms_key #=> String
+    #   resp.settings.evidence_finder_enablement.event_data_store_arn #=> String
+    #   resp.settings.evidence_finder_enablement.enablement_status #=> String, one of "ENABLED", "DISABLED", "ENABLE_IN_PROGRESS", "DISABLE_IN_PROGRESS"
+    #   resp.settings.evidence_finder_enablement.backfill_status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED"
+    #   resp.settings.evidence_finder_enablement.error #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettings AWS API Documentation
     #
@@ -3695,7 +3801,7 @@ module Aws::AuditManager
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-auditmanager'
-      context[:gem_version] = '1.27.0'
+      context[:gem_version] = '1.28.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-auditmanager/client_api.rb CHANGED Viewed

@@ -75,6 +75,7 @@ module Aws::AuditManager
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ChangeLog = Shapes::StructureShape.new(name: 'ChangeLog')
     ChangeLogs = Shapes::ListShape.new(name: 'ChangeLogs')
+    CloudTrailArn = Shapes::StringShape.new(name: 'CloudTrailArn')
     ComplianceType = Shapes::StringShape.new(name: 'ComplianceType')
     Control = Shapes::StructureShape.new(name: 'Control')
     ControlComment = Shapes::StructureShape.new(name: 'ControlComment')
@@ -152,6 +153,9 @@ module Aws::AuditManager
     EvidenceAttributeKey = Shapes::StringShape.new(name: 'EvidenceAttributeKey')
     EvidenceAttributeValue = Shapes::StringShape.new(name: 'EvidenceAttributeValue')
     EvidenceAttributes = Shapes::MapShape.new(name: 'EvidenceAttributes')
+    EvidenceFinderBackfillStatus = Shapes::StringShape.new(name: 'EvidenceFinderBackfillStatus')
+    EvidenceFinderEnablement = Shapes::StructureShape.new(name: 'EvidenceFinderEnablement')
+    EvidenceFinderEnablementStatus = Shapes::StringShape.new(name: 'EvidenceFinderEnablementStatus')
     EvidenceIds = Shapes::ListShape.new(name: 'EvidenceIds')
     EvidenceInsights = Shapes::StructureShape.new(name: 'EvidenceInsights')
     EvidenceList = Shapes::ListShape.new(name: 'EvidenceList')
@@ -242,6 +246,7 @@ module Aws::AuditManager
     Notifications = Shapes::ListShape.new(name: 'Notifications')
     NullableInteger = Shapes::IntegerShape.new(name: 'NullableInteger')
     ObjectTypeEnum = Shapes::StringShape.new(name: 'ObjectTypeEnum')
+    QueryStatement = Shapes::StringShape.new(name: 'QueryStatement')
     Region = Shapes::StringShape.new(name: 'Region')
     RegisterAccountRequest = Shapes::StructureShape.new(name: 'RegisterAccountRequest')
     RegisterAccountResponse = Shapes::StructureShape.new(name: 'RegisterAccountResponse')
@@ -668,6 +673,7 @@ module Aws::AuditManager
     CreateAssessmentReportRequest.add_member(:name, Shapes::ShapeRef.new(shape: AssessmentReportName, required: true, location_name: "name"))
     CreateAssessmentReportRequest.add_member(:description, Shapes::ShapeRef.new(shape: AssessmentReportDescription, location_name: "description"))
     CreateAssessmentReportRequest.add_member(:assessment_id, Shapes::ShapeRef.new(shape: UUID, required: true, location: "uri", location_name: "assessmentId"))
+    CreateAssessmentReportRequest.add_member(:query_statement, Shapes::ShapeRef.new(shape: QueryStatement, location_name: "queryStatement"))
     CreateAssessmentReportRequest.struct_class = Types::CreateAssessmentReportRequest
     CreateAssessmentReportResponse.add_member(:assessment_report, Shapes::ShapeRef.new(shape: AssessmentReport, location_name: "assessmentReport"))
@@ -807,6 +813,12 @@ module Aws::AuditManager
     EvidenceAttributes.key = Shapes::ShapeRef.new(shape: EvidenceAttributeKey)
     EvidenceAttributes.value = Shapes::ShapeRef.new(shape: EvidenceAttributeValue)
+    EvidenceFinderEnablement.add_member(:event_data_store_arn, Shapes::ShapeRef.new(shape: CloudTrailArn, location_name: "eventDataStoreArn"))
+    EvidenceFinderEnablement.add_member(:enablement_status, Shapes::ShapeRef.new(shape: EvidenceFinderEnablementStatus, location_name: "enablementStatus"))
+    EvidenceFinderEnablement.add_member(:backfill_status, Shapes::ShapeRef.new(shape: EvidenceFinderBackfillStatus, location_name: "backfillStatus"))
+    EvidenceFinderEnablement.add_member(:error, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "error"))
+    EvidenceFinderEnablement.struct_class = Types::EvidenceFinderEnablement
     EvidenceIds.member = Shapes::ShapeRef.new(shape: UUID)
     EvidenceInsights.add_member(:noncompliant_evidence_count, Shapes::ShapeRef.new(shape: NullableInteger, location_name: "noncompliantEvidenceCount"))
@@ -1128,6 +1140,7 @@ module Aws::AuditManager
     Resource.add_member(:arn, Shapes::ShapeRef.new(shape: GenericArn, location_name: "arn"))
     Resource.add_member(:value, Shapes::ShapeRef.new(shape: String, location_name: "value"))
+    Resource.add_member(:compliance_check, Shapes::ShapeRef.new(shape: String, location_name: "complianceCheck"))
     Resource.struct_class = Types::Resource
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -1163,6 +1176,7 @@ module Aws::AuditManager
     Settings.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     Settings.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     Settings.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    Settings.add_member(:evidence_finder_enablement, Shapes::ShapeRef.new(shape: EvidenceFinderEnablement, location_name: "evidenceFinderEnablement"))
     Settings.struct_class = Types::Settings
     SourceKeyword.add_member(:keyword_input_type, Shapes::ShapeRef.new(shape: KeywordInputType, location_name: "keywordInputType"))
@@ -1280,6 +1294,7 @@ module Aws::AuditManager
     UpdateSettingsRequest.add_member(:default_assessment_reports_destination, Shapes::ShapeRef.new(shape: AssessmentReportsDestination, location_name: "defaultAssessmentReportsDestination"))
     UpdateSettingsRequest.add_member(:default_process_owners, Shapes::ShapeRef.new(shape: Roles, location_name: "defaultProcessOwners"))
     UpdateSettingsRequest.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "kmsKey"))
+    UpdateSettingsRequest.add_member(:evidence_finder_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "evidenceFinderEnabled"))
     UpdateSettingsRequest.struct_class = Types::UpdateSettingsRequest
     UpdateSettingsResponse.add_member(:settings, Shapes::ShapeRef.new(shape: Settings, location_name: "settings"))

data/lib/aws-sdk-auditmanager/types.rb CHANGED Viewed

@@ -691,19 +691,19 @@ module Aws::AuditManager
       include Aws::Structure
     end
-    # An error entity for the `AssessmentReportEvidence` API. This is used
-    # to provide more meaningful errors than a simple string message.
+    # An error entity for assessment report evidence errors. This is used to
+    # provide more meaningful errors than a simple string message.
     #
     # @!attribute [rw] evidence_id
     #   The identifier for the evidence.
     #   @return [String]
     #
     # @!attribute [rw] error_code
-    #   The error code that the `AssessmentReportEvidence` API returned.
+    #   The error code that was returned.
     #   @return [String]
     #
     # @!attribute [rw] error_message
-    #   The error message that the `AssessmentReportEvidence` API returned.
+    #   The error message that was returned.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/AssessmentReportEvidenceError AWS API Documentation
@@ -1224,7 +1224,7 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] control_sources
-    #   The data source that determines where Audit Manager collects
+    #   The data source types that determine where Audit Manager collects
     #   evidence from for the control.
     #   @return [String]
     #
@@ -1702,6 +1702,7 @@ module Aws::AuditManager
     #         name: "AssessmentReportName", # required
     #         description: "AssessmentReportDescription",
     #         assessment_id: "UUID", # required
+    #         query_statement: "QueryStatement",
     #       }
     #
     # @!attribute [rw] name
@@ -1716,12 +1717,39 @@ module Aws::AuditManager
     #   The identifier for the assessment.
     #   @return [String]
     #
+    # @!attribute [rw] query_statement
+    #   A SQL statement that represents an evidence finder query.
+    #
+    #   Provide this parameter when you want to generate an assessment
+    #   report from the results of an evidence finder search query. When you
+    #   use this parameter, Audit Manager generates a one-time report using
+    #   only the evidence from the query output. This report does not
+    #   include any assessment evidence that was manually [added to a report
+    #   using the console][1], or [associated with a report using the
+    #   API][2].
+    #
+    #   To use this parameter, the [enablementStatus][3] of evidence finder
+    #   must be `ENABLED`.
+    #
+    #   For examples and help resolving `queryStatement` validation
+    #   exceptions, see [Troubleshooting evidence finder issues][4] in the
+    #   AWS Audit Manager User Guide.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence
+    #   [2]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_BatchAssociateAssessmentReportEvidence.html
+    #   [3]: https://docs.aws.amazon.com/APIReference-evidenceFinder/API_EvidenceFinderSetup.html#auditmanager-Type-EvidenceFinderSetup-enablementStatus
+    #   [4]: https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/CreateAssessmentReportRequest AWS API Documentation
     #
     class CreateAssessmentReportRequest < Struct.new(
       :name,
       :description,
-      :assessment_id)
+      :assessment_id,
+      :query_statement)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2413,10 +2441,24 @@ module Aws::AuditManager
     #   @return [String]
     #
     # @!attribute [rw] compliance_check
-    #   The evaluation status for evidence that falls under the compliance
-    #   check category. For evidence collected from Security Hub, a *Pass*
-    #   or *Fail* result is shown. For evidence collected from Config, a
-    #   *Compliant* or *Noncompliant* result is shown.
+    #   The evaluation status for automated evidence that falls under the
+    #   compliance check category.
+    #
+    #   * Audit Manager classes evidence as non-compliant if Security Hub
+    #     reports a *Fail* result, or if Config reports a *Non-compliant*
+    #     result.
+    #
+    #   * Audit Manager classes evidence as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that evidence. This is the
+    #     case if the evidence uses Config or Security Hub as the underlying
+    #     data source type, but those services aren't enabled. This is also
+    #     the case if the evidence uses an underlying data source type that
+    #     doesn't support compliance checks (such as manual evidence,
+    #     Amazon Web Services API calls, or CloudTrail).
     #   @return [String]
     #
     # @!attribute [rw] aws_organization
@@ -2462,6 +2504,73 @@ module Aws::AuditManager
       include Aws::Structure
     end
+    # The settings object that specifies whether evidence finder is enabled.
+    # This object also describes the related event data store, and the
+    # backfill status for populating the event data store with evidence
+    # data.
+    #
+    # @!attribute [rw] event_data_store_arn
+    #   The Amazon Resource Name (ARN) of the CloudTrail Lake event data
+    #   store that’s used by evidence finder. The event data store is the
+    #   lake of evidence data that evidence finder runs queries against.
+    #   @return [String]
+    #
+    # @!attribute [rw] enablement_status
+    #   The current status of the evidence finder feature and the related
+    #   event data store.
+    #
+    #   * `ENABLE_IN_PROGRESS` means that you requested to enable evidence
+    #     finder. An event data store is currently being created to support
+    #     evidence finder queries.
+    #
+    #   * `ENABLED` means that an event data store was successfully created
+    #     and evidence finder is enabled. We recommend that you wait 24
+    #     hours until the event data store is backfilled with your past
+    #     evidence data. You can use evidence finder in the meantime, but
+    #     not all data might be available until the backfill is complete.
+    #
+    #   * `DISABLE_IN_PROGRESS` means that you requested to disable evidence
+    #     finder, and your request is pending the deletion of the event data
+    #     store.
+    #
+    #   * `DISABLED` means that you have permanently disabled evidence
+    #     finder and the event data store has been deleted. You can't
+    #     re-enable evidence finder after this point.
+    #   @return [String]
+    #
+    # @!attribute [rw] backfill_status
+    #   The current status of the evidence data backfill process.
+    #
+    #   The backfill starts after you enable evidence finder. During this
+    #   task, Audit Manager populates an event data store with your past
+    #   evidence data so that your evidence can be queried.
+    #
+    #   * `NOT_STARTED` means that the backfill hasn’t started yet.
+    #
+    #   * `IN_PROGRESS` means that the backfill is in progress. This can
+    #     take up to 24 hours to complete, depending on the amount of
+    #     evidence data.
+    #
+    #   * `COMPLETED` means that the backfill is complete. All of your past
+    #     evidence is now queryable.
+    #   @return [String]
+    #
+    # @!attribute [rw] error
+    #   Represents any errors that occurred when enabling or disabling
+    #   evidence finder.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/EvidenceFinderEnablement AWS API Documentation
+    #
+    class EvidenceFinderEnablement < Struct.new(
+      :event_data_store_arn,
+      :enablement_status,
+      :backfill_status,
+      :error)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # A breakdown of the latest compliance check status for the evidence in
     # your Audit Manager assessments.
     #
@@ -3240,7 +3349,7 @@ module Aws::AuditManager
     #   data as a hash:
     #
     #       {
-    #         attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS
+    #         attribute: "ALL", # required, accepts ALL, IS_AWS_ORG_ENABLED, SNS_TOPIC, DEFAULT_ASSESSMENT_REPORTS_DESTINATION, DEFAULT_PROCESS_OWNERS, EVIDENCE_FINDER_ENABLEMENT
     #       }
     #
     # @!attribute [rw] attribute
@@ -4171,11 +4280,34 @@ module Aws::AuditManager
     #   The value of the resource.
     #   @return [String]
     #
+    # @!attribute [rw] compliance_check
+    #   The evaluation status for a resource that was assessed when
+    #   collecting compliance check evidence.
+    #
+    #   * Audit Manager classes the resource as non-compliant if Security
+    #     Hub reports a *Fail* result, or if Config reports a
+    #     *Non-compliant* result.
+    #
+    #   * Audit Manager classes the resource as compliant if Security Hub
+    #     reports a *Pass* result, or if Config reports a *Compliant*
+    #     result.
+    #
+    #   * If a compliance check isn't available or applicable, then no
+    #     compliance evaluation can be made for that resource. This is the
+    #     case if a resource assessment uses Config or Security Hub as the
+    #     underlying data source type, but those services aren't enabled.
+    #     This is also the case if the resource assessment uses an
+    #     underlying data source type that doesn't support compliance
+    #     checks (such as manual evidence, Amazon Web Services API calls, or
+    #     CloudTrail).
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Resource AWS API Documentation
     #
     class Resource < Struct.new(
       :arn,
-      :value)
+      :value,
+      :compliance_check)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4356,6 +4488,10 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enablement
+    #   The current evidence finder status and event data store details.
+    #   @return [Types::EvidenceFinderEnablement]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/Settings AWS API Documentation
     #
     class Settings < Struct.new(
@@ -4363,7 +4499,8 @@ module Aws::AuditManager
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enablement)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4437,11 +4574,6 @@ module Aws::AuditManager
     #       `keywordValue`\: `Custom_CustomRuleForAccount-conformance-pack`
     #
     #     * Service-linked rule name:
-    #       securityhub-api-gw-cache-encrypted-101104e1
-    #
-    #       `keywordValue`\: `Custom_securityhub-api-gw-cache-encrypted`
-    #
-    #     * Service-linked rule name:
     #       OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
     #
     #       `keywordValue`\:
@@ -5084,6 +5216,7 @@ module Aws::AuditManager
     #           },
     #         ],
     #         kms_key: "KmsKey",
+    #         evidence_finder_enabled: false,
     #       }
     #
     # @!attribute [rw] sns_topic
@@ -5103,13 +5236,35 @@ module Aws::AuditManager
     #   The KMS key details.
     #   @return [String]
     #
+    # @!attribute [rw] evidence_finder_enabled
+    #   Specifies whether the evidence finder feature is enabled. Change
+    #   this attribute to enable or disable evidence finder.
+    #
+    #   When you use this attribute to disable evidence finder, Audit
+    #   Manager deletes the event data store that’s used to query your
+    #   evidence data. As a result, you can’t re-enable evidence finder and
+    #   use the feature again. Your only alternative is to [deregister][1]
+    #   and then [re-register][2] Audit Manager.
+    #
+    #    Disabling evidence finder is permanent, so consider this decision
+    #   carefully before you proceed. If you’re using Audit Manager as a
+    #   delegated administrator, keep in mind that this action applies to
+    #   all member accounts in your organization.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html
+    #   [2]: https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/auditmanager-2017-07-25/UpdateSettingsRequest AWS API Documentation
     #
     class UpdateSettingsRequest < Struct.new(
       :sns_topic,
       :default_assessment_reports_destination,
       :default_process_owners,
-      :kms_key)
+      :kms_key,
+      :evidence_finder_enabled)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-auditmanager.rb CHANGED Viewed

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-auditmanager/customizations'
 # @!group service
 module Aws::AuditManager
-  GEM_VERSION = '1.27.0'
+  GEM_VERSION = '1.28.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-auditmanager
 version: !ruby/object:Gem::Version
-  version: 1.27.0
+  version: 1.28.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-25 00:00:00.000000000 Z
+date: 2022-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core