aws-sdk-configservice 1.105.0 → 1.106.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8f9184c667ba2066dfe8406a25b02a9fc3596277ce5ae4b88c5301f81470d3e9
-  data.tar.gz: bd7ce97ae8f7fbaa86162b0b389ec3f4650898291bf7d45eef2598bfd2c33a65
+  metadata.gz: e8e080a108b8e4fc09782fcbd4f404c23b0795295e8d2567f717526312a45c67
+  data.tar.gz: 85327c6174063838d322876fede08799ff11beceed30133c87142c6dbcd753dc
 SHA512:
-  metadata.gz: 3b2263fd20943ac1850370f8e696eb3980e6a8513c829f580427099be4b3ced9d2558ac915978991e0668911c2e9cbffa93030749b3e8718f971d3a774af0f29
-  data.tar.gz: d3988bd92b4811475801d95a0e06793f49938e3febdbfd350d1a9d644913cdf58aea9c1e7c9042b4b80a862ee6f833d28c3284c711f88cadec945ef34c9d713b
+  metadata.gz: bb87955f468b18f7280d01cb3ffe65c542ca7b1f3dc52cfa1653c0cf0c13e43db65d9144e82750bfe4faa6bfb0b092a2e9eb0bdc1564c1a5a877c8cd8aa18384
+  data.tar.gz: 33cfb51369f11b33a3323ad4ef61f7d1b6ed241c40eab8a9b5da1b9cbd965894b00c2bd1a71b2febc86b7cff6efea58ffb5179b7694ad5432ee632972867145d

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.106.0 (2024-04-12)
+------------------
+
+* Feature - Updates documentation for AWS Config
+
 1.105.0 (2024-01-26)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.105.0
+1.106.0

data/lib/aws-sdk-configservice/client.rb

@@ -1365,7 +1365,7 @@ module Aws::ConfigService
     #   The number of rule evaluation results that you want returned.
     #
     #   This parameter is required if the rule limit for your account is more
-    #   than the default of 150 rules.
+    #   than the default of 1000 rules.
     #
     #   For information about requesting a rule limit increase, see [Config
     #   Limits][1] in the *Amazon Web Services General Reference Guide*.
@@ -2045,7 +2045,7 @@ module Aws::ConfigService
     # Config rule names. It is only applicable, when you request all the
     # organization Config rules.
     #
-    #  *For accounts within an organzation*
+    #  *For accounts within an organization*
     #
     #  If you deploy an organizational rule or conformance pack in an
     # organization administrator account, and then establish a delegated
@@ -2214,7 +2214,7 @@ module Aws::ConfigService
     # conformance packs names. They are only applicable, when you request
     # all the organization conformance packs.
     #
-    #  *For accounts within an organzation*
+    #  *For accounts within an organization*
     #
     #  If you deploy an organizational rule or conformance pack in an
     # organization administrator account, and then establish a delegated
@@ -4991,7 +4991,9 @@ module Aws::ConfigService
     # target (SSM document) must exist and have permissions to use the
     # target.
     #
-    # <note markdown="1"> If you make backward incompatible changes to the SSM document, you
+    # <note markdown="1"> **Be aware of backward incompatible changes**
+    #
+    #  If you make backward incompatible changes to the SSM document, you
     # must call this again to ensure the remediations can run.
     #
     #  This API does not support adding remediation configurations for
@@ -5001,7 +5003,9 @@ module Aws::ConfigService
     #
     #  </note>
     #
-    # <note markdown="1"> For manual remediation configuration, you need to provide a value for
+    # <note markdown="1"> **Required fields**
+    #
+    #  For manual remediation configuration, you need to provide a value for
     # `automationAssumeRole` or use a value in the `assumeRole`field to
     # remediate your resources. The SSM automation document can use either
     # as long as it maps to a valid parameter.
@@ -5013,6 +5017,28 @@ module Aws::ConfigService
     #
     #  </note>
     #
+    # <note markdown="1"> **Auto remediation can be initiated even for compliant resources**
+    #
+    #  If you enable auto remediation for a specific Config rule using the
+    # [PutRemediationConfigurations][1] API or the Config console, it
+    # initiates the remediation process for all non-compliant resources for
+    # that specific rule. The auto remediation process relies on the
+    # compliance data snapshot which is captured on a periodic basis. Any
+    # non-compliant resource that is updated between the snapshot schedule
+    # will continue to be remediated based on the last known compliance data
+    # snapshot.
+    #
+    #  This means that in some cases auto remediation can be initiated even
+    # for compliant resources, since the bootstrap processor uses a database
+    # that can have stale evaluation results based on the last known
+    # compliance data snapshot.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/config/latest/APIReference/emAPI_PutRemediationConfigurations.html
+    #
     # @option params [required, Array<Types::RemediationConfiguration>] :remediation_configurations
     #   A list of remediation configuration objects.
     #
@@ -5091,13 +5117,17 @@ module Aws::ConfigService
     # updates an existing exception for a specified resource with a
     # specified Config rule.
     #
-    # <note markdown="1"> Config generates a remediation exception when a problem occurs running
+    # <note markdown="1"> **Exceptions block auto remediation**
+    #
+    #  Config generates a remediation exception when a problem occurs running
     # a remediation action for a specified resource. Remediation exceptions
     # blocks auto-remediation until the exception is cleared.
     #
     #  </note>
     #
-    # <note markdown="1"> When placing an exception on an Amazon Web Services resource, it is
+    # <note markdown="1"> **Manual remediation is recommended when placing an exception**
+    #
+    #  When placing an exception on an Amazon Web Services resource, it is
     # recommended that remediation is set as manual remediation until the
     # given Config rule for the specified resource evaluates the resource as
     # `NON_COMPLIANT`. Once the resource has been evaluated as
@@ -5109,7 +5139,9 @@ module Aws::ConfigService
     #
     #  </note>
     #
-    # <note markdown="1"> Placing an exception can only be performed on resources that are
+    # <note markdown="1"> **Exceptions can only be performed on non-compliant resources**
+    #
+    #  Placing an exception can only be performed on resources that are
     # `NON_COMPLIANT`. If you use this API for `COMPLIANT` resources or
     # resources that are `NOT_APPLICABLE`, a remediation exception will not
     # be generated. For more information on the conditions that initiate the
@@ -5118,9 +5150,28 @@ module Aws::ConfigService
     #
     #  </note>
     #
+    # <note markdown="1"> **Auto remediation can be initiated even for compliant resources**
+    #
+    #  If you enable auto remediation for a specific Config rule using the
+    # [PutRemediationConfigurations][2] API or the Config console, it
+    # initiates the remediation process for all non-compliant resources for
+    # that specific rule. The auto remediation process relies on the
+    # compliance data snapshot which is captured on a periodic basis. Any
+    # non-compliant resource that is updated between the snapshot schedule
+    # will continue to be remediated based on the last known compliance data
+    # snapshot.
+    #
+    #  This means that in some cases auto remediation can be initiated even
+    # for compliant resources, since the bootstrap processor uses a database
+    # that can have stale evaluation results based on the last known
+    # compliance data snapshot.
+    #
+    #  </note>
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/config/latest/developerguide/config-concepts.html#aws-config-rules
+    # [2]: https://docs.aws.amazon.com/config/latest/APIReference/emAPI_PutRemediationConfigurations.html
     #
     # @option params [required, String] :config_rule_name
     #   The name of the Config rule for which you want to create remediation
@@ -5822,7 +5873,7 @@ module Aws::ConfigService
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-configservice'
-      context[:gem_version] = '1.105.0'
+      context[:gem_version] = '1.106.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-configservice/types.rb

@@ -520,6 +520,20 @@ module Aws::ConfigService
     #
     # @!attribute [rw] configuration_item_delivery_time
     #   The time when configuration changes for the resource were delivered.
+    #
+    #   <note markdown="1"> This field is optional and is not guaranteed to be present in a
+    #   configuration item (CI). If you are using daily recording, this
+    #   field will be populated. However, if you are using continuous
+    #   recording, this field will be omitted since the delivery time is
+    #   instantaneous as the CI is available right away. For more
+    #   information on daily recording and continuous recording, see
+    #   [Recording Frequency][1] in the *Config Developer Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-recording-frequency
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/BaseConfigurationItem AWS API Documentation
@@ -1380,6 +1394,20 @@ module Aws::ConfigService
     #
     # @!attribute [rw] configuration_item_delivery_time
     #   The time when configuration changes for the resource were delivered.
+    #
+    #   <note markdown="1"> This field is optional and is not guaranteed to be present in a
+    #   configuration item (CI). If you are using daily recording, this
+    #   field will be populated. However, if you are using continuous
+    #   recording, this field will be omitted since the delivery time is
+    #   instantaneous as the CI is available right away. For more
+    #   information on daily recording and continuous recording, see
+    #   [Recording Frequency][1] in the *Config Developer Guide*.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-recording-frequency
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/ConfigurationItem AWS API Documentation
@@ -2604,7 +2632,7 @@ module Aws::ConfigService
     #   The number of rule evaluation results that you want returned.
     #
     #   This parameter is required if the rule limit for your account is
-    #   more than the default of 150 rules.
+    #   more than the default of 1000 rules.
     #
     #   For information about requesting a rule limit increase, see [Config
     #   Limits][1] in the *Amazon Web Services General Reference Guide*.
@@ -3698,6 +3726,8 @@ module Aws::ConfigService
     #
     # * Asia Pacific (Melbourne)
     #
+    # * Canada West (Calgary)
+    #
     # * Europe (Spain)
     #
     # * Europe (Zurich)
@@ -5311,7 +5341,7 @@ module Aws::ConfigService
     class MaxActiveResourcesExceededException < Aws::EmptyStructure; end
 
     # Failed to add the Config rule because the account already contains the
-    # maximum number of 150 rules. Consider deleting any deactivated rules
+    # maximum number of 1000 rules. Consider deleting any deactivated rules
     # before you add new rules.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/config-2014-11-12/MaxNumberOfConfigRulesExceededException AWS API Documentation
@@ -7096,6 +7126,8 @@ module Aws::ConfigService
     #
     #   * Asia Pacific (Melbourne)
     #
+    #   * Canada West (Calgary)
+    #
     #   * Europe (Spain)
     #
     #   * Europe (Zurich)
@@ -7108,9 +7140,9 @@ module Aws::ConfigService
     #
     #    The `AWS::RDS::GlobalCluster` resource type will be recorded in all
     #   supported Config Regions where the configuration recorder is
-    #   enabled, even if `includeGlobalResourceTypes` is not set to `true`.
-    #   The `includeGlobalResourceTypes` option is a bundle which only
-    #   applies to IAM users, groups, roles, and customer managed policies.
+    #   enabled, even if `includeGlobalResourceTypes` is set`false`. The
+    #   `includeGlobalResourceTypes` option is a bundle which only applies
+    #   to IAM users, groups, roles, and customer managed policies.
     #
     #    If you do not want to record `AWS::RDS::GlobalCluster` in all
     #   enabled Regions, use one of the following recording strategies:
@@ -7125,7 +7157,31 @@ module Aws::ConfigService
     #    For more information, see [Selecting Which Resources are
     #   Recorded][1] in the *Config developer guide*.
     #
-    #   <note markdown="1"> Before you set this field to `true`, set the `allSupported` field of
+    #   **includeGlobalResourceTypes and the exclusion recording strategy**
+    #
+    #    The `includeGlobalResourceTypes` field has no impact on the
+    #   `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that
+    #   the global IAM resource types (IAM users, groups, roles, and
+    #   customer managed policies) will not be automatically added as
+    #   exclusions for `exclusionByResourceTypes` when
+    #   `includeGlobalResourceTypes` is set to `false`.
+    #
+    #    The `includeGlobalResourceTypes` field should only be used to
+    #   modify
+    #   the `AllSupported` field, as the default for the `AllSupported`
+    #   field is to record configuration changes for all supported resource
+    #   types excluding the global IAM resource types. To include the global
+    #   IAM resource types when `AllSupported` is set to `true`, make sure
+    #   to set `includeGlobalResourceTypes` to `true`.
+    #
+    #    To exclude the global IAM resource types for the
+    #   `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to
+    #   manually add them to the `resourceTypes` field of
+    #   `exclusionByResourceTypes`.
+    #
+    #   <note markdown="1"> **Required and optional fields**
+    #
+    #    Before you set this field to `true`, set the `allSupported` field of
     #   [RecordingGroup][2] to `true`. Optionally, you can set the `useOnly`
     #   field of [RecordingStrategy][3] to `ALL_SUPPORTED_RESOURCE_TYPES`.
     #
@@ -7289,6 +7345,8 @@ module Aws::ConfigService
     #
     #   * Asia Pacific (Melbourne)
     #
+    #   * Canada West (Calgary)
+    #
     #   * Europe (Spain)
     #
     #   * Europe (Zurich)
@@ -7495,6 +7553,8 @@ module Aws::ConfigService
     #
     #   * Asia Pacific (Melbourne)
     #
+    #   * Canada West (Calgary)
+    #
     #   * Europe (Spain)
     #
     #   * Europe (Zurich)
@@ -7932,7 +7992,10 @@ module Aws::ConfigService
     #
     # @!attribute [rw] evaluation_mode
     #   Filters all resource evaluations results based on an evaluation
-    #   mode. the valid value for this API is `Proactive`.
+    #   mode.
+    #
+    #   Currently, `DECTECTIVE` is not supported as a valid value. Ignore
+    #   other documentation stating otherwise.
     #   @return [String]
     #
     # @!attribute [rw] time_window
@@ -8775,8 +8838,7 @@ module Aws::ConfigService
     #   The name or Amazon Resource Name (ARN) of the SSM document to use to
     #   create a conformance pack. If you use the document name, Config
     #   checks only your account and Amazon Web Services Region for the SSM
-    #   document. If you want to use an SSM document from another Region or
-    #   account, you must provide the ARN.
+    #   document.
     #   @return [String]
     #
     # @!attribute [rw] document_version

data/lib/aws-sdk-configservice.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-configservice/customizations'
 # @!group service
 module Aws::ConfigService
 
-  GEM_VERSION = '1.105.0'
+  GEM_VERSION = '1.106.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-configservice
 version: !ruby/object:Gem::Version
-  version: 1.105.0
+  version: 1.106.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-26 00:00:00.000000000 Z
+date: 2024-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core