aws-sdk-iot 1.54.0 → 1.59.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -232,6 +232,21 @@ module Aws::IoT
232
232
  # state_machine_name: "StateMachineName", # required
233
233
  # role_arn: "AwsArn", # required
234
234
  # },
235
+ # timestream: {
236
+ # role_arn: "AwsArn", # required
237
+ # database_name: "TimestreamDatabaseName", # required
238
+ # table_name: "TimestreamTableName", # required
239
+ # dimensions: [ # required
240
+ # {
241
+ # name: "TimestreamDimensionName", # required
242
+ # value: "TimestreamDimensionValue", # required
243
+ # },
244
+ # ],
245
+ # timestamp: {
246
+ # value: "TimestreamTimestampValue", # required
247
+ # unit: "TimestreamTimestampUnit", # required
248
+ # },
249
+ # },
235
250
  # http: {
236
251
  # url: "Url", # required
237
252
  # confirmation_url: "Url",
@@ -326,6 +341,16 @@ module Aws::IoT
326
341
  # Starts execution of a Step Functions state machine.
327
342
  # @return [Types::StepFunctionsAction]
328
343
  #
344
+ # @!attribute [rw] timestream
345
+ # The Timestream rule action writes attributes (measures) from an MQTT
346
+ # message into an Amazon Timestream table. For more information, see
347
+ # the [Timestream][1] topic rule action documentation.
348
+ #
349
+ #
350
+ #
351
+ # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html
352
+ # @return [Types::TimestreamAction]
353
+ #
329
354
  # @!attribute [rw] http
330
355
  # Send data to an HTTPS endpoint.
331
356
  # @return [Types::HttpAction]
@@ -349,6 +374,7 @@ module Aws::IoT
349
374
  :iot_events,
350
375
  :iot_site_wise,
351
376
  :step_functions,
377
+ :timestream,
352
378
  :http)
353
379
  SENSITIVE = []
354
380
  include Aws::Structure
@@ -899,6 +925,11 @@ module Aws::IoT
899
925
  # check.
900
926
  # @return [Integer]
901
927
  #
928
+ # @!attribute [rw] suppressed_non_compliant_resources_count
929
+ # Describes how many of the non-compliant resources created during the
930
+ # evaluation of an audit check were marked as suppressed.
931
+ # @return [Integer]
932
+ #
902
933
  # @!attribute [rw] error_code
903
934
  # The code of any error encountered when this check is performed
904
935
  # during this audit. One of "INSUFFICIENT\_PERMISSIONS" or
@@ -915,6 +946,7 @@ module Aws::IoT
915
946
  :check_compliant,
916
947
  :total_resources_count,
917
948
  :non_compliant_resources_count,
949
+ :suppressed_non_compliant_resources_count,
918
950
  :error_code,
919
951
  :message)
920
952
  SENSITIVE = []
@@ -964,6 +996,11 @@ module Aws::IoT
964
996
  # A code that indicates the reason that the resource was noncompliant.
965
997
  # @return [String]
966
998
  #
999
+ # @!attribute [rw] is_suppressed
1000
+ # Indicates whether the audit finding was suppressed or not during
1001
+ # reporting.
1002
+ # @return [Boolean]
1003
+ #
967
1004
  class AuditFinding < Struct.new(
968
1005
  :finding_id,
969
1006
  :task_id,
@@ -974,7 +1011,8 @@ module Aws::IoT
974
1011
  :non_compliant_resource,
975
1012
  :related_resources,
976
1013
  :reason_for_non_compliance,
977
- :reason_for_non_compliance_code)
1014
+ :reason_for_non_compliance_code,
1015
+ :is_suppressed)
978
1016
  SENSITIVE = []
979
1017
  include Aws::Structure
980
1018
  end
@@ -1133,6 +1171,43 @@ module Aws::IoT
1133
1171
  include Aws::Structure
1134
1172
  end
1135
1173
 
1174
+ # Filters out specific findings of a Device Defender audit.
1175
+ #
1176
+ # @!attribute [rw] check_name
1177
+ # An audit check name. Checks must be enabled for your account. (Use
1178
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
1179
+ # including those that are enabled or use
1180
+ # `UpdateAccountAuditConfiguration` to select which checks are
1181
+ # enabled.)
1182
+ # @return [String]
1183
+ #
1184
+ # @!attribute [rw] resource_identifier
1185
+ # Information that identifies the noncompliant resource.
1186
+ # @return [Types::ResourceIdentifier]
1187
+ #
1188
+ # @!attribute [rw] expiration_date
1189
+ # The expiration date (epoch timestamp in seconds) that you want the
1190
+ # suppression to adhere to.
1191
+ # @return [Time]
1192
+ #
1193
+ # @!attribute [rw] suppress_indefinitely
1194
+ # Indicates whether a suppression should exist indefinitely or not.
1195
+ # @return [Boolean]
1196
+ #
1197
+ # @!attribute [rw] description
1198
+ # The description of the audit suppression.
1199
+ # @return [String]
1200
+ #
1201
+ class AuditSuppression < Struct.new(
1202
+ :check_name,
1203
+ :resource_identifier,
1204
+ :expiration_date,
1205
+ :suppress_indefinitely,
1206
+ :description)
1207
+ SENSITIVE = []
1208
+ include Aws::Structure
1209
+ end
1210
+
1136
1211
  # The audits that were performed.
1137
1212
  #
1138
1213
  # @!attribute [rw] task_id
@@ -2416,6 +2491,74 @@ module Aws::IoT
2416
2491
  include Aws::Structure
2417
2492
  end
2418
2493
 
2494
+ # @note When making an API call, you may pass CreateAuditSuppressionRequest
2495
+ # data as a hash:
2496
+ #
2497
+ # {
2498
+ # check_name: "AuditCheckName", # required
2499
+ # resource_identifier: { # required
2500
+ # device_certificate_id: "CertificateId",
2501
+ # ca_certificate_id: "CertificateId",
2502
+ # cognito_identity_pool_id: "CognitoIdentityPoolId",
2503
+ # client_id: "ClientId",
2504
+ # policy_version_identifier: {
2505
+ # policy_name: "PolicyName",
2506
+ # policy_version_id: "PolicyVersionId",
2507
+ # },
2508
+ # account: "AwsAccountId",
2509
+ # iam_role_arn: "RoleArn",
2510
+ # role_alias_arn: "RoleAliasArn",
2511
+ # },
2512
+ # expiration_date: Time.now,
2513
+ # suppress_indefinitely: false,
2514
+ # description: "AuditDescription",
2515
+ # client_request_token: "ClientRequestToken", # required
2516
+ # }
2517
+ #
2518
+ # @!attribute [rw] check_name
2519
+ # An audit check name. Checks must be enabled for your account. (Use
2520
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
2521
+ # including those that are enabled or use
2522
+ # `UpdateAccountAuditConfiguration` to select which checks are
2523
+ # enabled.)
2524
+ # @return [String]
2525
+ #
2526
+ # @!attribute [rw] resource_identifier
2527
+ # Information that identifies the noncompliant resource.
2528
+ # @return [Types::ResourceIdentifier]
2529
+ #
2530
+ # @!attribute [rw] expiration_date
2531
+ # The epoch timestamp in seconds at which this suppression expires.
2532
+ # @return [Time]
2533
+ #
2534
+ # @!attribute [rw] suppress_indefinitely
2535
+ # Indicates whether a suppression should exist indefinitely or not.
2536
+ # @return [Boolean]
2537
+ #
2538
+ # @!attribute [rw] description
2539
+ # The description of the audit suppression.
2540
+ # @return [String]
2541
+ #
2542
+ # @!attribute [rw] client_request_token
2543
+ # The epoch timestamp in seconds at which this suppression expires.
2544
+ #
2545
+ # **A suitable default value is auto-generated.** You should normally
2546
+ # not need to pass this option.
2547
+ # @return [String]
2548
+ #
2549
+ class CreateAuditSuppressionRequest < Struct.new(
2550
+ :check_name,
2551
+ :resource_identifier,
2552
+ :expiration_date,
2553
+ :suppress_indefinitely,
2554
+ :description,
2555
+ :client_request_token)
2556
+ SENSITIVE = []
2557
+ include Aws::Structure
2558
+ end
2559
+
2560
+ class CreateAuditSuppressionResponse < Aws::EmptyStructure; end
2561
+
2419
2562
  # @note When making an API call, you may pass CreateAuthorizerRequest
2420
2563
  # data as a hash:
2421
2564
  #
@@ -3918,12 +4061,12 @@ module Aws::IoT
3918
4061
  # @return [Hash<String,Types::AlertTarget>]
3919
4062
  #
3920
4063
  # @!attribute [rw] additional_metrics_to_retain
4064
+ # *Please use CreateSecurityProfileRequest$additionalMetricsToRetainV2
4065
+ # instead.*
4066
+ #
3921
4067
  # A list of metrics whose data is retained (stored). By default, data
3922
4068
  # is retained for any metric used in the profile's `behaviors`, but
3923
4069
  # it is also retained for any metric specified here.
3924
- #
3925
- # **Note:** This API field is deprecated. Please use
3926
- # CreateSecurityProfileRequest$additionalMetricsToRetainV2 instead.
3927
4070
  # @return [Array<String>]
3928
4071
  #
3929
4072
  # @!attribute [rw] additional_metrics_to_retain_v2
@@ -4411,6 +4554,21 @@ module Aws::IoT
4411
4554
  # state_machine_name: "StateMachineName", # required
4412
4555
  # role_arn: "AwsArn", # required
4413
4556
  # },
4557
+ # timestream: {
4558
+ # role_arn: "AwsArn", # required
4559
+ # database_name: "TimestreamDatabaseName", # required
4560
+ # table_name: "TimestreamTableName", # required
4561
+ # dimensions: [ # required
4562
+ # {
4563
+ # name: "TimestreamDimensionName", # required
4564
+ # value: "TimestreamDimensionValue", # required
4565
+ # },
4566
+ # ],
4567
+ # timestamp: {
4568
+ # value: "TimestreamTimestampValue", # required
4569
+ # unit: "TimestreamTimestampUnit", # required
4570
+ # },
4571
+ # },
4414
4572
  # http: {
4415
4573
  # url: "Url", # required
4416
4574
  # confirmation_url: "Url",
@@ -4555,6 +4713,21 @@ module Aws::IoT
4555
4713
  # state_machine_name: "StateMachineName", # required
4556
4714
  # role_arn: "AwsArn", # required
4557
4715
  # },
4716
+ # timestream: {
4717
+ # role_arn: "AwsArn", # required
4718
+ # database_name: "TimestreamDatabaseName", # required
4719
+ # table_name: "TimestreamTableName", # required
4720
+ # dimensions: [ # required
4721
+ # {
4722
+ # name: "TimestreamDimensionName", # required
4723
+ # value: "TimestreamDimensionValue", # required
4724
+ # },
4725
+ # ],
4726
+ # timestamp: {
4727
+ # value: "TimestreamTimestampValue", # required
4728
+ # unit: "TimestreamTimestampUnit", # required
4729
+ # },
4730
+ # },
4558
4731
  # http: {
4559
4732
  # url: "Url", # required
4560
4733
  # confirmation_url: "Url",
@@ -4669,6 +4842,47 @@ module Aws::IoT
4669
4842
 
4670
4843
  class DeleteAccountAuditConfigurationResponse < Aws::EmptyStructure; end
4671
4844
 
4845
+ # @note When making an API call, you may pass DeleteAuditSuppressionRequest
4846
+ # data as a hash:
4847
+ #
4848
+ # {
4849
+ # check_name: "AuditCheckName", # required
4850
+ # resource_identifier: { # required
4851
+ # device_certificate_id: "CertificateId",
4852
+ # ca_certificate_id: "CertificateId",
4853
+ # cognito_identity_pool_id: "CognitoIdentityPoolId",
4854
+ # client_id: "ClientId",
4855
+ # policy_version_identifier: {
4856
+ # policy_name: "PolicyName",
4857
+ # policy_version_id: "PolicyVersionId",
4858
+ # },
4859
+ # account: "AwsAccountId",
4860
+ # iam_role_arn: "RoleArn",
4861
+ # role_alias_arn: "RoleAliasArn",
4862
+ # },
4863
+ # }
4864
+ #
4865
+ # @!attribute [rw] check_name
4866
+ # An audit check name. Checks must be enabled for your account. (Use
4867
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
4868
+ # including those that are enabled or use
4869
+ # `UpdateAccountAuditConfiguration` to select which checks are
4870
+ # enabled.)
4871
+ # @return [String]
4872
+ #
4873
+ # @!attribute [rw] resource_identifier
4874
+ # Information that identifies the noncompliant resource.
4875
+ # @return [Types::ResourceIdentifier]
4876
+ #
4877
+ class DeleteAuditSuppressionRequest < Struct.new(
4878
+ :check_name,
4879
+ :resource_identifier)
4880
+ SENSITIVE = []
4881
+ include Aws::Structure
4882
+ end
4883
+
4884
+ class DeleteAuditSuppressionResponse < Aws::EmptyStructure; end
4885
+
4672
4886
  # @note When making an API call, you may pass DeleteAuthorizerRequest
4673
4887
  # data as a hash:
4674
4888
  #
@@ -5479,6 +5693,79 @@ module Aws::IoT
5479
5693
  include Aws::Structure
5480
5694
  end
5481
5695
 
5696
+ # @note When making an API call, you may pass DescribeAuditSuppressionRequest
5697
+ # data as a hash:
5698
+ #
5699
+ # {
5700
+ # check_name: "AuditCheckName", # required
5701
+ # resource_identifier: { # required
5702
+ # device_certificate_id: "CertificateId",
5703
+ # ca_certificate_id: "CertificateId",
5704
+ # cognito_identity_pool_id: "CognitoIdentityPoolId",
5705
+ # client_id: "ClientId",
5706
+ # policy_version_identifier: {
5707
+ # policy_name: "PolicyName",
5708
+ # policy_version_id: "PolicyVersionId",
5709
+ # },
5710
+ # account: "AwsAccountId",
5711
+ # iam_role_arn: "RoleArn",
5712
+ # role_alias_arn: "RoleAliasArn",
5713
+ # },
5714
+ # }
5715
+ #
5716
+ # @!attribute [rw] check_name
5717
+ # An audit check name. Checks must be enabled for your account. (Use
5718
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
5719
+ # including those that are enabled or use
5720
+ # `UpdateAccountAuditConfiguration` to select which checks are
5721
+ # enabled.)
5722
+ # @return [String]
5723
+ #
5724
+ # @!attribute [rw] resource_identifier
5725
+ # Information that identifies the noncompliant resource.
5726
+ # @return [Types::ResourceIdentifier]
5727
+ #
5728
+ class DescribeAuditSuppressionRequest < Struct.new(
5729
+ :check_name,
5730
+ :resource_identifier)
5731
+ SENSITIVE = []
5732
+ include Aws::Structure
5733
+ end
5734
+
5735
+ # @!attribute [rw] check_name
5736
+ # An audit check name. Checks must be enabled for your account. (Use
5737
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
5738
+ # including those that are enabled or use
5739
+ # `UpdateAccountAuditConfiguration` to select which checks are
5740
+ # enabled.)
5741
+ # @return [String]
5742
+ #
5743
+ # @!attribute [rw] resource_identifier
5744
+ # Information that identifies the noncompliant resource.
5745
+ # @return [Types::ResourceIdentifier]
5746
+ #
5747
+ # @!attribute [rw] expiration_date
5748
+ # The epoch timestamp in seconds at which this suppression expires.
5749
+ # @return [Time]
5750
+ #
5751
+ # @!attribute [rw] suppress_indefinitely
5752
+ # Indicates whether a suppression should exist indefinitely or not.
5753
+ # @return [Boolean]
5754
+ #
5755
+ # @!attribute [rw] description
5756
+ # The description of the audit suppression.
5757
+ # @return [String]
5758
+ #
5759
+ class DescribeAuditSuppressionResponse < Struct.new(
5760
+ :check_name,
5761
+ :resource_identifier,
5762
+ :expiration_date,
5763
+ :suppress_indefinitely,
5764
+ :description)
5765
+ SENSITIVE = []
5766
+ include Aws::Structure
5767
+ end
5768
+
5482
5769
  # @note When making an API call, you may pass DescribeAuditTaskRequest
5483
5770
  # data as a hash:
5484
5771
  #
@@ -5800,6 +6087,11 @@ module Aws::IoT
5800
6087
  # The type of the domain.
5801
6088
  # @return [String]
5802
6089
  #
6090
+ # @!attribute [rw] last_status_change_date
6091
+ # The date and time the domain configuration's status was last
6092
+ # changed.
6093
+ # @return [Time]
6094
+ #
5803
6095
  class DescribeDomainConfigurationResponse < Struct.new(
5804
6096
  :domain_configuration_name,
5805
6097
  :domain_configuration_arn,
@@ -5808,7 +6100,8 @@ module Aws::IoT
5808
6100
  :authorizer_config,
5809
6101
  :domain_configuration_status,
5810
6102
  :service_type,
5811
- :domain_type)
6103
+ :domain_type,
6104
+ :last_status_change_date)
5812
6105
  SENSITIVE = []
5813
6106
  include Aws::Structure
5814
6107
  end
@@ -6333,12 +6626,13 @@ module Aws::IoT
6333
6626
  # @return [Hash<String,Types::AlertTarget>]
6334
6627
  #
6335
6628
  # @!attribute [rw] additional_metrics_to_retain
6629
+ # *Please use
6630
+ # DescribeSecurityProfileResponse$additionalMetricsToRetainV2
6631
+ # instead.*
6632
+ #
6336
6633
  # A list of metrics whose data is retained (stored). By default, data
6337
6634
  # is retained for any metric used in the profile's `behaviors`, but
6338
6635
  # it is also retained for any metric specified here.
6339
- #
6340
- # **Note:** This API field is deprecated. Please use
6341
- # DescribeSecurityProfileResponse$additionalMetricsToRetainV2 instead.
6342
6636
  # @return [Array<String>]
6343
6637
  #
6344
6638
  # @!attribute [rw] additional_metrics_to_retain_v2
@@ -6756,9 +7050,11 @@ module Aws::IoT
6756
7050
  # @!attribute [rw] principal
6757
7051
  # The principal.
6758
7052
  #
6759
- # If the principal is a certificate, specify the certificate ARN. If
6760
- # the principal is an Amazon Cognito identity, specify the identity
6761
- # ID.
7053
+ # Valid principals are CertificateArn
7054
+ # (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
7055
+ # thingGroupArn
7056
+ # (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
7057
+ # CognitoId (*region*\:*id*).
6762
7058
  # @return [String]
6763
7059
  #
6764
7060
  class DetachPrincipalPolicyRequest < Struct.new(
@@ -7173,13 +7469,13 @@ module Aws::IoT
7173
7469
  #
7174
7470
  # @!attribute [rw] increment_factor
7175
7471
  # The exponential factor to increase the rate of rollout for a job.
7472
+ #
7473
+ # AWS IoT supports up to one digit after the decimal (for example,
7474
+ # 1.5, but not 1.55).
7176
7475
  # @return [Float]
7177
7476
  #
7178
7477
  # @!attribute [rw] rate_increase_criteria
7179
7478
  # The criteria to initiate the increase in rate of rollout for a job.
7180
- #
7181
- # AWS IoT supports up to one digit after the decimal (for example,
7182
- # 1.5, but not 1.55).
7183
7479
  # @return [Types::RateIncreaseCriteria]
7184
7480
  #
7185
7481
  class ExponentialRolloutRate < Struct.new(
@@ -7337,7 +7633,11 @@ module Aws::IoT
7337
7633
  # }
7338
7634
  #
7339
7635
  # @!attribute [rw] principal
7340
- # The principal.
7636
+ # The principal. Valid principals are CertificateArn
7637
+ # (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
7638
+ # thingGroupArn
7639
+ # (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
7640
+ # CognitoId (*region*\:*id*).
7341
7641
  # @return [String]
7342
7642
  #
7343
7643
  # @!attribute [rw] cognito_identity_pool_id
@@ -8784,7 +9084,12 @@ module Aws::IoT
8784
9084
  # }
8785
9085
  #
8786
9086
  # @!attribute [rw] target
8787
- # The group or principal for which the policies will be listed.
9087
+ # The group or principal for which the policies will be listed. Valid
9088
+ # principals are CertificateArn
9089
+ # (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
9090
+ # thingGroupArn
9091
+ # (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
9092
+ # CognitoId (*region*\:*id*).
8788
9093
  # @return [String]
8789
9094
  #
8790
9095
  # @!attribute [rw] recursive
@@ -8847,6 +9152,7 @@ module Aws::IoT
8847
9152
  # next_token: "NextToken",
8848
9153
  # start_time: Time.now,
8849
9154
  # end_time: Time.now,
9155
+ # list_suppressed_findings: false,
8850
9156
  # }
8851
9157
  #
8852
9158
  # @!attribute [rw] task_id
@@ -8885,6 +9191,13 @@ module Aws::IoT
8885
9191
  # not both.
8886
9192
  # @return [Time]
8887
9193
  #
9194
+ # @!attribute [rw] list_suppressed_findings
9195
+ # Boolean flag indicating whether only the suppressed findings or the
9196
+ # unsuppressed findings should be listed. If this parameter isn't
9197
+ # provided, the response will list both suppressed and unsuppressed
9198
+ # findings.
9199
+ # @return [Boolean]
9200
+ #
8888
9201
  class ListAuditFindingsRequest < Struct.new(
8889
9202
  :task_id,
8890
9203
  :check_name,
@@ -8892,7 +9205,8 @@ module Aws::IoT
8892
9205
  :max_results,
8893
9206
  :next_token,
8894
9207
  :start_time,
8895
- :end_time)
9208
+ :end_time,
9209
+ :list_suppressed_findings)
8896
9210
  SENSITIVE = []
8897
9211
  include Aws::Structure
8898
9212
  end
@@ -9050,6 +9364,82 @@ module Aws::IoT
9050
9364
  include Aws::Structure
9051
9365
  end
9052
9366
 
9367
+ # @note When making an API call, you may pass ListAuditSuppressionsRequest
9368
+ # data as a hash:
9369
+ #
9370
+ # {
9371
+ # check_name: "AuditCheckName",
9372
+ # resource_identifier: {
9373
+ # device_certificate_id: "CertificateId",
9374
+ # ca_certificate_id: "CertificateId",
9375
+ # cognito_identity_pool_id: "CognitoIdentityPoolId",
9376
+ # client_id: "ClientId",
9377
+ # policy_version_identifier: {
9378
+ # policy_name: "PolicyName",
9379
+ # policy_version_id: "PolicyVersionId",
9380
+ # },
9381
+ # account: "AwsAccountId",
9382
+ # iam_role_arn: "RoleArn",
9383
+ # role_alias_arn: "RoleAliasArn",
9384
+ # },
9385
+ # ascending_order: false,
9386
+ # next_token: "NextToken",
9387
+ # max_results: 1,
9388
+ # }
9389
+ #
9390
+ # @!attribute [rw] check_name
9391
+ # An audit check name. Checks must be enabled for your account. (Use
9392
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
9393
+ # including those that are enabled or use
9394
+ # `UpdateAccountAuditConfiguration` to select which checks are
9395
+ # enabled.)
9396
+ # @return [String]
9397
+ #
9398
+ # @!attribute [rw] resource_identifier
9399
+ # Information that identifies the noncompliant resource.
9400
+ # @return [Types::ResourceIdentifier]
9401
+ #
9402
+ # @!attribute [rw] ascending_order
9403
+ # Determines whether suppressions are listed in ascending order by
9404
+ # expiration date or not. If parameter isn't provided,
9405
+ # `ascendingOrder=true`.
9406
+ # @return [Boolean]
9407
+ #
9408
+ # @!attribute [rw] next_token
9409
+ # The token for the next set of results.
9410
+ # @return [String]
9411
+ #
9412
+ # @!attribute [rw] max_results
9413
+ # The maximum number of results to return at one time. The default is
9414
+ # 25.
9415
+ # @return [Integer]
9416
+ #
9417
+ class ListAuditSuppressionsRequest < Struct.new(
9418
+ :check_name,
9419
+ :resource_identifier,
9420
+ :ascending_order,
9421
+ :next_token,
9422
+ :max_results)
9423
+ SENSITIVE = []
9424
+ include Aws::Structure
9425
+ end
9426
+
9427
+ # @!attribute [rw] suppressions
9428
+ # List of audit suppressions.
9429
+ # @return [Array<Types::AuditSuppression>]
9430
+ #
9431
+ # @!attribute [rw] next_token
9432
+ # A token that can be used to retrieve the next set of results, or
9433
+ # `null` if there are no additional results.
9434
+ # @return [String]
9435
+ #
9436
+ class ListAuditSuppressionsResponse < Struct.new(
9437
+ :suppressions,
9438
+ :next_token)
9439
+ SENSITIVE = []
9440
+ include Aws::Structure
9441
+ end
9442
+
9053
9443
  # @note When making an API call, you may pass ListAuditTasksRequest
9054
9444
  # data as a hash:
9055
9445
  #
@@ -9064,7 +9454,7 @@ module Aws::IoT
9064
9454
  #
9065
9455
  # @!attribute [rw] start_time
9066
9456
  # The beginning of the time period. Audit information is retained for
9067
- # a limited time (180 days). Requesting a start time prior to what is
9457
+ # a limited time (90 days). Requesting a start time prior to what is
9068
9458
  # retained results in an "InvalidRequestException".
9069
9459
  # @return [Time]
9070
9460
  #
@@ -9959,7 +10349,11 @@ module Aws::IoT
9959
10349
  # }
9960
10350
  #
9961
10351
  # @!attribute [rw] principal
9962
- # The principal.
10352
+ # The principal. Valid principals are CertificateArn
10353
+ # (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
10354
+ # thingGroupArn
10355
+ # (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
10356
+ # CognitoId (*region*\:*id*).
9963
10357
  # @return [String]
9964
10358
  #
9965
10359
  # @!attribute [rw] marker
@@ -10580,8 +10974,8 @@ module Aws::IoT
10580
10974
  # @return [Array<Types::GroupNameAndArn>]
10581
10975
  #
10582
10976
  # @!attribute [rw] next_token
10583
- # The token used to get the next set of results, or **null** if there
10584
- # are no additional results.
10977
+ # The token used to get the next set of results. Will not be returned
10978
+ # if operation has returned all results.
10585
10979
  # @return [String]
10586
10980
  #
10587
10981
  class ListThingGroupsResponse < Struct.new(
@@ -10761,8 +11155,8 @@ module Aws::IoT
10761
11155
  # @return [Array<Types::ThingTypeDefinition>]
10762
11156
  #
10763
11157
  # @!attribute [rw] next_token
10764
- # The token for the next set of results, or **null** if there are no
10765
- # additional results.
11158
+ # The token for the next set of results. Will not be returned if
11159
+ # operation has returned all results.
10766
11160
  # @return [String]
10767
11161
  #
10768
11162
  class ListThingTypesResponse < Struct.new(
@@ -10806,8 +11200,8 @@ module Aws::IoT
10806
11200
  # @return [Array<String>]
10807
11201
  #
10808
11202
  # @!attribute [rw] next_token
10809
- # The token used to get the next set of results, or **null** if there
10810
- # are no additional results.
11203
+ # The token used to get the next set of results. Will not be returned
11204
+ # if operation has returned all results.
10811
11205
  # @return [String]
10812
11206
  #
10813
11207
  class ListThingsInBillingGroupResponse < Struct.new(
@@ -10919,8 +11313,8 @@ module Aws::IoT
10919
11313
  # @return [Array<Types::ThingAttribute>]
10920
11314
  #
10921
11315
  # @!attribute [rw] next_token
10922
- # The token used to get the next set of results, or **null** if there
10923
- # are no additional results.
11316
+ # The token used to get the next set of results. Will not be returned
11317
+ # if operation has returned all results.
10924
11318
  # @return [String]
10925
11319
  #
10926
11320
  class ListThingsResponse < Struct.new(
@@ -12617,6 +13011,21 @@ module Aws::IoT
12617
13011
  # state_machine_name: "StateMachineName", # required
12618
13012
  # role_arn: "AwsArn", # required
12619
13013
  # },
13014
+ # timestream: {
13015
+ # role_arn: "AwsArn", # required
13016
+ # database_name: "TimestreamDatabaseName", # required
13017
+ # table_name: "TimestreamTableName", # required
13018
+ # dimensions: [ # required
13019
+ # {
13020
+ # name: "TimestreamDimensionName", # required
13021
+ # value: "TimestreamDimensionValue", # required
13022
+ # },
13023
+ # ],
13024
+ # timestamp: {
13025
+ # value: "TimestreamTimestampValue", # required
13026
+ # unit: "TimestreamTimestampUnit", # required
13027
+ # },
13028
+ # },
12620
13029
  # http: {
12621
13030
  # url: "Url", # required
12622
13031
  # confirmation_url: "Url",
@@ -12761,6 +13170,21 @@ module Aws::IoT
12761
13170
  # state_machine_name: "StateMachineName", # required
12762
13171
  # role_arn: "AwsArn", # required
12763
13172
  # },
13173
+ # timestream: {
13174
+ # role_arn: "AwsArn", # required
13175
+ # database_name: "TimestreamDatabaseName", # required
13176
+ # table_name: "TimestreamTableName", # required
13177
+ # dimensions: [ # required
13178
+ # {
13179
+ # name: "TimestreamDimensionName", # required
13180
+ # value: "TimestreamDimensionValue", # required
13181
+ # },
13182
+ # ],
13183
+ # timestamp: {
13184
+ # value: "TimestreamTimestampValue", # required
13185
+ # unit: "TimestreamTimestampUnit", # required
13186
+ # },
13187
+ # },
12764
13188
  # http: {
12765
13189
  # url: "Url", # required
12766
13190
  # confirmation_url: "Url",
@@ -14181,7 +14605,11 @@ module Aws::IoT
14181
14605
  # }
14182
14606
  #
14183
14607
  # @!attribute [rw] principal
14184
- # The principal.
14608
+ # The principal. Valid principals are CertificateArn
14609
+ # (arn:aws:iot:*region*\:*accountId*\:cert/*certificateId*),
14610
+ # thingGroupArn
14611
+ # (arn:aws:iot:*region*\:*accountId*\:thinggroup/*groupName*) and
14612
+ # CognitoId (*region*\:*id*).
14185
14613
  # @return [String]
14186
14614
  #
14187
14615
  # @!attribute [rw] cognito_identity_pool_id
@@ -14736,6 +15164,136 @@ module Aws::IoT
14736
15164
  include Aws::Structure
14737
15165
  end
14738
15166
 
15167
+ # The Timestream rule action writes attributes (measures) from an MQTT
15168
+ # message into an Amazon Timestream table. For more information, see the
15169
+ # [Timestream][1] topic rule action documentation.
15170
+ #
15171
+ #
15172
+ #
15173
+ # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/timestream-rule-action.html
15174
+ #
15175
+ # @note When making an API call, you may pass TimestreamAction
15176
+ # data as a hash:
15177
+ #
15178
+ # {
15179
+ # role_arn: "AwsArn", # required
15180
+ # database_name: "TimestreamDatabaseName", # required
15181
+ # table_name: "TimestreamTableName", # required
15182
+ # dimensions: [ # required
15183
+ # {
15184
+ # name: "TimestreamDimensionName", # required
15185
+ # value: "TimestreamDimensionValue", # required
15186
+ # },
15187
+ # ],
15188
+ # timestamp: {
15189
+ # value: "TimestreamTimestampValue", # required
15190
+ # unit: "TimestreamTimestampUnit", # required
15191
+ # },
15192
+ # }
15193
+ #
15194
+ # @!attribute [rw] role_arn
15195
+ # The ARN of the role that grants permission to write to the Amazon
15196
+ # Timestream database table.
15197
+ # @return [String]
15198
+ #
15199
+ # @!attribute [rw] database_name
15200
+ # The name of an Amazon Timestream database.
15201
+ # @return [String]
15202
+ #
15203
+ # @!attribute [rw] table_name
15204
+ # The name of the database table into which to write the measure
15205
+ # records.
15206
+ # @return [String]
15207
+ #
15208
+ # @!attribute [rw] dimensions
15209
+ # Metadata attributes of the time series that are written in each
15210
+ # measure record.
15211
+ # @return [Array<Types::TimestreamDimension>]
15212
+ #
15213
+ # @!attribute [rw] timestamp
15214
+ # Specifies an application-defined value to replace the default value
15215
+ # assigned to the Timestream record's timestamp in the `time` column.
15216
+ #
15217
+ # You can use this property to specify the value and the precision of
15218
+ # the Timestream record's timestamp. You can specify a value from the
15219
+ # message payload or a value computed by a substitution template.
15220
+ #
15221
+ # If omitted, the topic rule action assigns the timestamp, in
15222
+ # milliseconds, at the time it processed the rule.
15223
+ # @return [Types::TimestreamTimestamp]
15224
+ #
15225
+ class TimestreamAction < Struct.new(
15226
+ :role_arn,
15227
+ :database_name,
15228
+ :table_name,
15229
+ :dimensions,
15230
+ :timestamp)
15231
+ SENSITIVE = []
15232
+ include Aws::Structure
15233
+ end
15234
+
15235
+ # Metadata attributes of the time series that are written in each
15236
+ # measure record.
15237
+ #
15238
+ # @note When making an API call, you may pass TimestreamDimension
15239
+ # data as a hash:
15240
+ #
15241
+ # {
15242
+ # name: "TimestreamDimensionName", # required
15243
+ # value: "TimestreamDimensionValue", # required
15244
+ # }
15245
+ #
15246
+ # @!attribute [rw] name
15247
+ # The metadata dimension name. This is the name of the column in the
15248
+ # Amazon Timestream database table record.
15249
+ #
15250
+ # Dimensions cannot be named: `measure_name`, `measure_value`, or
15251
+ # `time`. These names are reserved. Dimension names cannot start with
15252
+ # `ts_` or `measure_value` and they cannot contain the colon (`:`)
15253
+ # character.
15254
+ # @return [String]
15255
+ #
15256
+ # @!attribute [rw] value
15257
+ # The value to write in this column of the database record.
15258
+ # @return [String]
15259
+ #
15260
+ class TimestreamDimension < Struct.new(
15261
+ :name,
15262
+ :value)
15263
+ SENSITIVE = []
15264
+ include Aws::Structure
15265
+ end
15266
+
15267
+ # Describes how to interpret an application-defined timestamp value from
15268
+ # an MQTT message payload and the precision of that value.
15269
+ #
15270
+ # @note When making an API call, you may pass TimestreamTimestamp
15271
+ # data as a hash:
15272
+ #
15273
+ # {
15274
+ # value: "TimestreamTimestampValue", # required
15275
+ # unit: "TimestreamTimestampUnit", # required
15276
+ # }
15277
+ #
15278
+ # @!attribute [rw] value
15279
+ # An expression that returns a long epoch time value.
15280
+ # @return [String]
15281
+ #
15282
+ # @!attribute [rw] unit
15283
+ # The precision of the timestamp value that results from the
15284
+ # expression described in `value`.
15285
+ #
15286
+ # Valid values: `SECONDS` \| `MILLISECONDS` \| `MICROSECONDS` \|
15287
+ # `NANOSECONDS`. The default is `MILLISECONDS`.
15288
+ # @return [String]
15289
+ #
15290
+ class TimestreamTimestamp < Struct.new(
15291
+ :value,
15292
+ :unit)
15293
+ SENSITIVE = []
15294
+ include Aws::Structure
15295
+ end
15296
+
14739
15297
  # Specifies the TLS context to use for the test authorizer request.
14740
15298
  #
14741
15299
  # @note When making an API call, you may pass TlsContext
@@ -15101,6 +15659,21 @@ module Aws::IoT
15101
15659
  # state_machine_name: "StateMachineName", # required
15102
15660
  # role_arn: "AwsArn", # required
15103
15661
  # },
15662
+ # timestream: {
15663
+ # role_arn: "AwsArn", # required
15664
+ # database_name: "TimestreamDatabaseName", # required
15665
+ # table_name: "TimestreamTableName", # required
15666
+ # dimensions: [ # required
15667
+ # {
15668
+ # name: "TimestreamDimensionName", # required
15669
+ # value: "TimestreamDimensionValue", # required
15670
+ # },
15671
+ # ],
15672
+ # timestamp: {
15673
+ # value: "TimestreamTimestampValue", # required
15674
+ # unit: "TimestreamTimestampUnit", # required
15675
+ # },
15676
+ # },
15104
15677
  # http: {
15105
15678
  # url: "Url", # required
15106
15679
  # confirmation_url: "Url",
@@ -15245,6 +15818,21 @@ module Aws::IoT
15245
15818
  # state_machine_name: "StateMachineName", # required
15246
15819
  # role_arn: "AwsArn", # required
15247
15820
  # },
15821
+ # timestream: {
15822
+ # role_arn: "AwsArn", # required
15823
+ # database_name: "TimestreamDatabaseName", # required
15824
+ # table_name: "TimestreamTableName", # required
15825
+ # dimensions: [ # required
15826
+ # {
15827
+ # name: "TimestreamDimensionName", # required
15828
+ # value: "TimestreamDimensionValue", # required
15829
+ # },
15830
+ # ],
15831
+ # timestamp: {
15832
+ # value: "TimestreamTimestampValue", # required
15833
+ # unit: "TimestreamTimestampUnit", # required
15834
+ # },
15835
+ # },
15248
15836
  # http: {
15249
15837
  # url: "Url", # required
15250
15838
  # confirmation_url: "Url",
@@ -15271,7 +15859,7 @@ module Aws::IoT
15271
15859
  #
15272
15860
  #
15273
15861
  #
15274
- # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference
15862
+ # [1]: https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html
15275
15863
  # @return [String]
15276
15864
  #
15277
15865
  # @!attribute [rw] description
@@ -15500,6 +16088,66 @@ module Aws::IoT
15500
16088
 
15501
16089
  class UpdateAccountAuditConfigurationResponse < Aws::EmptyStructure; end
15502
16090
 
16091
+ # @note When making an API call, you may pass UpdateAuditSuppressionRequest
16092
+ # data as a hash:
16093
+ #
16094
+ # {
16095
+ # check_name: "AuditCheckName", # required
16096
+ # resource_identifier: { # required
16097
+ # device_certificate_id: "CertificateId",
16098
+ # ca_certificate_id: "CertificateId",
16099
+ # cognito_identity_pool_id: "CognitoIdentityPoolId",
16100
+ # client_id: "ClientId",
16101
+ # policy_version_identifier: {
16102
+ # policy_name: "PolicyName",
16103
+ # policy_version_id: "PolicyVersionId",
16104
+ # },
16105
+ # account: "AwsAccountId",
16106
+ # iam_role_arn: "RoleArn",
16107
+ # role_alias_arn: "RoleAliasArn",
16108
+ # },
16109
+ # expiration_date: Time.now,
16110
+ # suppress_indefinitely: false,
16111
+ # description: "AuditDescription",
16112
+ # }
16113
+ #
16114
+ # @!attribute [rw] check_name
16115
+ # An audit check name. Checks must be enabled for your account. (Use
16116
+ # `DescribeAccountAuditConfiguration` to see the list of all checks,
16117
+ # including those that are enabled or use
16118
+ # `UpdateAccountAuditConfiguration` to select which checks are
16119
+ # enabled.)
16120
+ # @return [String]
16121
+ #
16122
+ # @!attribute [rw] resource_identifier
16123
+ # Information that identifies the noncompliant resource.
16124
+ # @return [Types::ResourceIdentifier]
16125
+ #
16126
+ # @!attribute [rw] expiration_date
16127
+ # The expiration date (epoch timestamp in seconds) that you want the
16128
+ # suppression to adhere to.
16129
+ # @return [Time]
16130
+ #
16131
+ # @!attribute [rw] suppress_indefinitely
16132
+ # Indicates whether a suppression should exist indefinitely or not.
16133
+ # @return [Boolean]
16134
+ #
16135
+ # @!attribute [rw] description
16136
+ # The description of the audit suppression.
16137
+ # @return [String]
16138
+ #
16139
+ class UpdateAuditSuppressionRequest < Struct.new(
16140
+ :check_name,
16141
+ :resource_identifier,
16142
+ :expiration_date,
16143
+ :suppress_indefinitely,
16144
+ :description)
16145
+ SENSITIVE = []
16146
+ include Aws::Structure
16147
+ end
16148
+
16149
+ class UpdateAuditSuppressionResponse < Aws::EmptyStructure; end
16150
+
15503
16151
  # @note When making an API call, you may pass UpdateAuthorizerRequest
15504
16152
  # data as a hash:
15505
16153
  #
@@ -16378,12 +17026,12 @@ module Aws::IoT
16378
17026
  # @return [Hash<String,Types::AlertTarget>]
16379
17027
  #
16380
17028
  # @!attribute [rw] additional_metrics_to_retain
17029
+ # *Please use UpdateSecurityProfileRequest$additionalMetricsToRetainV2
17030
+ # instead.*
17031
+ #
16381
17032
  # A list of metrics whose data is retained (stored). By default, data
16382
17033
  # is retained for any metric used in the profile's `behaviors`, but
16383
17034
  # it is also retained for any metric specified here.
16384
- #
16385
- # **Note:** This API field is deprecated. Please use
16386
- # UpdateSecurityProfileRequest$additionalMetricsToRetainV2 instead.
16387
17035
  # @return [Array<String>]
16388
17036
  #
16389
17037
  # @!attribute [rw] additional_metrics_to_retain_v2
@@ -16454,12 +17102,12 @@ module Aws::IoT
16454
17102
  # @return [Hash<String,Types::AlertTarget>]
16455
17103
  #
16456
17104
  # @!attribute [rw] additional_metrics_to_retain
17105
+ # *Please use
17106
+ # UpdateSecurityProfileResponse$additionalMetricsToRetainV2 instead.*
17107
+ #
16457
17108
  # A list of metrics whose data is retained (stored). By default, data
16458
17109
  # is retained for any metric used in the security profile's
16459
17110
  # `behaviors`, but it is also retained for any metric specified here.
16460
- #
16461
- # **Note:** This API field is deprecated. Please use
16462
- # UpdateSecurityProfileResponse$additionalMetricsToRetainV2 instead.
16463
17111
  # @return [Array<String>]
16464
17112
  #
16465
17113
  # @!attribute [rw] additional_metrics_to_retain_v2