aws-sdk-macie2 1.25.0 → 1.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1fd8b848a270fe36584d51fb7fdfbe74282e1d1282555424a7743533e4aa5fdf
-  data.tar.gz: 67e1694bd9d04a9c8dd8aae1c053f3065d6662e02dd2b0abeea9a26713ddc71d
+  metadata.gz: 232bc446a0243796309d19bf5aafdfad40b74d68b4ff0ebe1b50415be479fefd
+  data.tar.gz: 7785e1080209e283b6085aba928d4bd9f4a44488f05888a2b278198ce625df39
 SHA512:
-  metadata.gz: 9bbe56eef2cf88122e08ee3d512953656db5f066aee2bc4184ddcf38a85343a6f468a1d899740989a178ab0c45e81982aab6600e887e09471cf66150183bcc19
-  data.tar.gz: 1bf0c9717f89b213c32e078192352686aa4c764748d001cc4dcca47dd2ec94458f7dc105339939c02b6288596be4d46afdf0ea00f43a71209a2d5956c7193b06
+  metadata.gz: 64f7b9f13447bae91c958b92a1058994df8211522f1a7fc2da58a07adcbb76ff2e32dd7b14bfb0dc27fdb66ccc22d15881c1a659b0525049c1215e17fa7bc83b
+  data.tar.gz: 8dc82698448743d22d131b796be529a4ec80a5b1b555e99060b2f1e7b32bfebf904696eb73ffd4b14035454753b1b554d2732c742219792d6447584bcc514ef4

data/CHANGELOG.md

@@ -1,6 +1,31 @@
 Unreleased Changes
 ------------------
 
+1.30.0 (2021-07-06)
+------------------
+
+* Feature - Sensitive data findings in Amazon Macie now include enhanced location data for JSON and JSON Lines files
+
+1.29.0 (2021-06-08)
+------------------
+
+* Feature - This release of the Amazon Macie API introduces stricter validation of S3 object criteria for classification jobs.
+
+1.28.0 (2021-05-14)
+------------------
+
+* Feature - This release of the Amazon Macie API adds support for defining run-time, S3 bucket criteria for classification jobs. It also adds resources for querying data about AWS resources that Macie monitors.
+
+1.27.0 (2021-04-29)
+------------------
+
+* Feature - The Amazon Macie API now provides S3 bucket metadata that indicates whether a bucket policy requires server-side encryption of objects when objects are uploaded to the bucket.
+
+1.26.0 (2021-03-22)
+------------------
+
+* Feature - This release of the Amazon Macie API adds support for publishing sensitive data findings to AWS Security Hub and specifying which categories of findings to publish to Security Hub.
+
 1.25.0 (2021-03-10)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.25.0
+1.30.0

data/lib/aws-sdk-macie2.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-macie2/customizations'
 # @!group service
 module Aws::Macie2
 
-  GEM_VERSION = '1.25.0'
+  GEM_VERSION = '1.30.0'
 
 end

data/lib/aws-sdk-macie2/client.rb

@@ -410,7 +410,12 @@ module Aws::Macie2
     #
     # @option params [required, Types::S3JobDefinition] :s3_job_definition
     #   Specifies which S3 buckets contain the objects that a classification
-    #   job analyzes, and the scope of that analysis.
+    #   job analyzes, and the scope of that analysis. The bucket specification
+    #   can be static (bucketDefinitions) or dynamic (bucketCriteria). If
+    #   it's static, the job analyzes objects in the same predefined set of
+    #   buckets each time the job runs. If it's dynamic, the job analyzes
+    #   objects in any buckets that match the specified criteria each time the
+    #   job starts to run.
     #
     # @option params [Integer] :sampling_percentage
     #
@@ -449,7 +454,7 @@ module Aws::Macie2
     #             {
     #               simple_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "BUCKET_CREATION_DATE", # accepts BUCKET_CREATION_DATE, OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, TAG, OBJECT_KEY
+    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
     #                 values: ["__string"],
     #               },
     #               tag_scope_term: {
@@ -471,7 +476,7 @@ module Aws::Macie2
     #             {
     #               simple_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "BUCKET_CREATION_DATE", # accepts BUCKET_CREATION_DATE, OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, TAG, OBJECT_KEY
+    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
     #                 values: ["__string"],
     #               },
     #               tag_scope_term: {
@@ -489,6 +494,48 @@ module Aws::Macie2
     #           ],
     #         },
     #       },
+    #       bucket_criteria: {
+    #         excludes: {
+    #           and: [
+    #             {
+    #               simple_criterion: {
+    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #                 values: ["__string"],
+    #               },
+    #               tag_criterion: {
+    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 tag_values: [
+    #                   {
+    #                     key: "__string",
+    #                     value: "__string",
+    #                   },
+    #                 ],
+    #               },
+    #             },
+    #           ],
+    #         },
+    #         includes: {
+    #           and: [
+    #             {
+    #               simple_criterion: {
+    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #                 values: ["__string"],
+    #               },
+    #               tag_criterion: {
+    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 tag_values: [
+    #                   {
+    #                     key: "__string",
+    #                     value: "__string",
+    #                   },
+    #                 ],
+    #               },
+    #             },
+    #           ],
+    #         },
+    #       },
     #     },
     #     sampling_percentage: 1,
     #     schedule_frequency: {
@@ -687,7 +734,7 @@ module Aws::Macie2
     # Associates an account with an Amazon Macie administrator account.
     #
     # @option params [required, Types::AccountDetail] :account
-    #   Specifies details for an account to associate with an Amazon Macie
+    #   Specifies the details of an account to associate with an Amazon Macie
     #   administrator account.
     #
     # @option params [Hash<String,String>] :tags
@@ -919,6 +966,7 @@ module Aws::Macie2
     #
     #   resp.buckets #=> Array
     #   resp.buckets[0].account_id #=> String
+    #   resp.buckets[0].allows_unencrypted_object_uploads #=> String, one of "TRUE", "FALSE", "UNKNOWN"
     #   resp.buckets[0].bucket_arn #=> String
     #   resp.buckets[0].bucket_created_at #=> Time
     #   resp.buckets[0].bucket_name #=> String
@@ -934,6 +982,7 @@ module Aws::Macie2
     #   resp.buckets[0].object_count_by_encryption_type.kms_managed #=> Integer
     #   resp.buckets[0].object_count_by_encryption_type.s3_managed #=> Integer
     #   resp.buckets[0].object_count_by_encryption_type.unencrypted #=> Integer
+    #   resp.buckets[0].object_count_by_encryption_type.unknown #=> Integer
     #   resp.buckets[0].public_access.effective_permission #=> String, one of "PUBLIC", "NOT_PUBLIC", "UNKNOWN"
     #   resp.buckets[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_acls #=> Boolean
     #   resp.buckets[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_policy #=> Boolean
@@ -1030,7 +1079,7 @@ module Aws::Macie2
     #   resp.s3_job_definition.bucket_definitions[0].buckets[0] #=> String
     #   resp.s3_job_definition.scoping.excludes.and #=> Array
     #   resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.key #=> String, one of "BUCKET_CREATION_DATE", "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "TAG", "OBJECT_KEY"
+    #   resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.key #=> String, one of "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "OBJECT_KEY"
     #   resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.values #=> Array
     #   resp.s3_job_definition.scoping.excludes.and[0].simple_scope_term.values[0] #=> String
     #   resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
@@ -1041,7 +1090,7 @@ module Aws::Macie2
     #   resp.s3_job_definition.scoping.excludes.and[0].tag_scope_term.target #=> String, one of "S3_OBJECT"
     #   resp.s3_job_definition.scoping.includes.and #=> Array
     #   resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.key #=> String, one of "BUCKET_CREATION_DATE", "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "TAG", "OBJECT_KEY"
+    #   resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.key #=> String, one of "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "OBJECT_KEY"
     #   resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.values #=> Array
     #   resp.s3_job_definition.scoping.includes.and[0].simple_scope_term.values[0] #=> String
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
@@ -1050,6 +1099,24 @@ module Aws::Macie2
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].key #=> String
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].value #=> String
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.target #=> String, one of "S3_OBJECT"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
     #   resp.sampling_percentage #=> Integer
     #   resp.schedule_frequency.monthly_schedule.day_of_month #=> Integer
     #   resp.schedule_frequency.weekly_schedule.day_of_week #=> String, one of "SUNDAY", "MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY"
@@ -1070,8 +1137,8 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Retrieves the Amazon Macie configuration settings for an AWS
-    # organization.
+    # Retrieves the Amazon Macie configuration settings for an Amazon Web
+    # Services organization.
     #
     # @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1107,7 +1174,7 @@ module Aws::Macie2
     end
 
     # Disables an account as the delegated Amazon Macie administrator
-    # account for an AWS organization.
+    # account for an Amazon Web Services organization.
     #
     # @option params [required, String] :admin_account_id
     #
@@ -1190,9 +1257,14 @@ module Aws::Macie2
     #
     # @option params [String] :finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
-    #   findings for an account. This includes publishing updates to AWS
-    #   Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch
-    #   Events). Valid values are:
+    #   findings for an account. This includes publishing updates to Security
+    #   Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events).
+    #   For more information, see [Monitoring and processing findings][1] in
+    #   the *Amazon Macie User Guide*. Valid values are:
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/findings-monitor.html
     #
     # @option params [String] :status
     #   The status of an Amazon Macie account. Valid values are:
@@ -1217,7 +1289,7 @@ module Aws::Macie2
     end
 
     # Designates an account as the delegated Amazon Macie administrator
-    # account for an AWS organization.
+    # account for an Amazon Web Services organization.
     #
     # @option params [required, String] :admin_account_id
     #
@@ -1276,6 +1348,7 @@ module Aws::Macie2
     #   * {Types::GetBucketStatisticsResponse#bucket_count #bucket_count} => Integer
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_effective_permission #bucket_count_by_effective_permission} => Types::BucketCountByEffectivePermission
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_encryption_type #bucket_count_by_encryption_type} => Types::BucketCountByEncryptionType
+    #   * {Types::GetBucketStatisticsResponse#bucket_count_by_object_encryption_requirement #bucket_count_by_object_encryption_requirement} => Types::BucketCountPolicyAllowsUnencryptedObjectUploads
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_shared_access_type #bucket_count_by_shared_access_type} => Types::BucketCountBySharedAccessType
     #   * {Types::GetBucketStatisticsResponse#classifiable_object_count #classifiable_object_count} => Integer
     #   * {Types::GetBucketStatisticsResponse#classifiable_size_in_bytes #classifiable_size_in_bytes} => Integer
@@ -1302,6 +1375,10 @@ module Aws::Macie2
     #   resp.bucket_count_by_encryption_type.kms_managed #=> Integer
     #   resp.bucket_count_by_encryption_type.s3_managed #=> Integer
     #   resp.bucket_count_by_encryption_type.unencrypted #=> Integer
+    #   resp.bucket_count_by_encryption_type.unknown #=> Integer
+    #   resp.bucket_count_by_object_encryption_requirement.allows_unencrypted_object_uploads #=> Integer
+    #   resp.bucket_count_by_object_encryption_requirement.denies_unencrypted_object_uploads #=> Integer
+    #   resp.bucket_count_by_object_encryption_requirement.unknown #=> Integer
     #   resp.bucket_count_by_shared_access_type.external #=> Integer
     #   resp.bucket_count_by_shared_access_type.internal #=> Integer
     #   resp.bucket_count_by_shared_access_type.not_shared #=> Integer
@@ -1607,6 +1684,7 @@ module Aws::Macie2
     #   resp.findings[0].policy_details.actor.user_identity.root.principal_id #=> String
     #   resp.findings[0].policy_details.actor.user_identity.type #=> String, one of "AssumedRole", "IAMUser", "FederatedUser", "Root", "AWSAccount", "AWSService"
     #   resp.findings[0].region #=> String
+    #   resp.findings[0].resources_affected.s3_bucket.allows_unencrypted_object_uploads #=> String, one of "TRUE", "FALSE", "UNKNOWN"
     #   resp.findings[0].resources_affected.s3_bucket.arn #=> String
     #   resp.findings[0].resources_affected.s3_bucket.created_at #=> Time
     #   resp.findings[0].resources_affected.s3_bucket.default_server_side_encryption.encryption_type #=> String, one of "NONE", "AES256", "aws:kms", "UNKNOWN"
@@ -1714,6 +1792,27 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Retrieves the configuration settings for publishing findings to
+    # Security Hub.
+    #
+    # @return [Types::GetFindingsPublicationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetFindingsPublicationConfigurationResponse#security_hub_configuration #security_hub_configuration} => Types::SecurityHubConfiguration
+    #
+    # @example Response structure
+    #
+    #   resp.security_hub_configuration.publish_classification_findings #=> Boolean
+    #   resp.security_hub_configuration.publish_policy_findings #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetFindingsPublicationConfiguration AWS API Documentation
+    #
+    # @overload get_findings_publication_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_findings_publication_configuration(params = {}, options = {})
+      req = build_request(:get_findings_publication_configuration, params)
+      req.send_request(options)
+    end
+
     # Retrieves the count of Amazon Macie membership invitations that were
     # received by an account.
     #
@@ -1998,6 +2097,24 @@ module Aws::Macie2
     #   resp.items[0].user_paused_details.job_expires_at #=> Time
     #   resp.items[0].user_paused_details.job_imminent_expiration_health_event_arn #=> String
     #   resp.items[0].user_paused_details.job_paused_at #=> Time
+    #   resp.items[0].bucket_criteria.excludes.and #=> Array
+    #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
+    #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
+    #   resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.items[0].bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
+    #   resp.items[0].bucket_criteria.includes.and #=> Array
+    #   resp.items[0].bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.items[0].bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.items[0].bucket_criteria.includes.and[0].simple_criterion.values #=> Array
+    #   resp.items[0].bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
+    #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListClassificationJobs AWS API Documentation
@@ -2237,7 +2354,7 @@ module Aws::Macie2
     end
 
     # Retrieves information about the delegated Amazon Macie administrator
-    # account for an AWS organization.
+    # account for an Amazon Web Services organization.
     #
     # @option params [Integer] :max_results
     #
@@ -2342,6 +2459,157 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Updates the configuration settings for publishing findings to Security
+    # Hub.
+    #
+    # @option params [String] :client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @option params [Types::SecurityHubConfiguration] :security_hub_configuration
+    #   Specifies configuration settings that determine which findings are
+    #   published to Security Hub automatically. For information about how
+    #   Macie publishes findings to Security Hub, see [Amazon Macie
+    #   integration with Security Hub][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/securityhub-integration.html
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_findings_publication_configuration({
+    #     client_token: "__string",
+    #     security_hub_configuration: {
+    #       publish_classification_findings: false, # required
+    #       publish_policy_findings: false, # required
+    #     },
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/PutFindingsPublicationConfiguration AWS API Documentation
+    #
+    # @overload put_findings_publication_configuration(params = {})
+    # @param [Hash] params ({})
+    def put_findings_publication_configuration(params = {}, options = {})
+      req = build_request(:put_findings_publication_configuration, params)
+      req.send_request(options)
+    end
+
+    # Retrieves (queries) statistical data and other information about
+    # Amazon Web Services resources that Amazon Macie monitors and analyzes.
+    #
+    # @option params [Types::SearchResourcesBucketCriteria] :bucket_criteria
+    #   Specifies property- and tag-based conditions that define filter
+    #   criteria for including or excluding S3 buckets from the query results.
+    #   Exclude conditions take precedence over include conditions.
+    #
+    # @option params [Integer] :max_results
+    #
+    # @option params [String] :next_token
+    #
+    # @option params [Types::SearchResourcesSortCriteria] :sort_criteria
+    #   Specifies criteria for sorting the results of a query for information
+    #   about Amazon Web Services resources that Amazon Macie monitors and
+    #   analyzes.
+    #
+    # @return [Types::SearchResourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::SearchResourcesResponse#matching_resources #matching_resources} => Array&lt;Types::MatchingResource&gt;
+    #   * {Types::SearchResourcesResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.search_resources({
+    #     bucket_criteria: {
+    #       excludes: {
+    #         and: [
+    #           {
+    #             simple_criterion: {
+    #               comparator: "EQ", # accepts EQ, NE
+    #               key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #               values: ["__string"],
+    #             },
+    #             tag_criterion: {
+    #               comparator: "EQ", # accepts EQ, NE
+    #               tag_values: [
+    #                 {
+    #                   key: "__string",
+    #                   value: "__string",
+    #                 },
+    #               ],
+    #             },
+    #           },
+    #         ],
+    #       },
+    #       includes: {
+    #         and: [
+    #           {
+    #             simple_criterion: {
+    #               comparator: "EQ", # accepts EQ, NE
+    #               key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #               values: ["__string"],
+    #             },
+    #             tag_criterion: {
+    #               comparator: "EQ", # accepts EQ, NE
+    #               tag_values: [
+    #                 {
+    #                   key: "__string",
+    #                   value: "__string",
+    #                 },
+    #               ],
+    #             },
+    #           },
+    #         ],
+    #       },
+    #     },
+    #     max_results: 1,
+    #     next_token: "__string",
+    #     sort_criteria: {
+    #       attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, RESOURCE_NAME, S3_CLASSIFIABLE_OBJECT_COUNT, S3_CLASSIFIABLE_SIZE_IN_BYTES
+    #       order_by: "ASC", # accepts ASC, DESC
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.matching_resources #=> Array
+    #   resp.matching_resources[0].matching_bucket.account_id #=> String
+    #   resp.matching_resources[0].matching_bucket.bucket_name #=> String
+    #   resp.matching_resources[0].matching_bucket.classifiable_object_count #=> Integer
+    #   resp.matching_resources[0].matching_bucket.classifiable_size_in_bytes #=> Integer
+    #   resp.matching_resources[0].matching_bucket.job_details.is_defined_in_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
+    #   resp.matching_resources[0].matching_bucket.job_details.is_monitored_by_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
+    #   resp.matching_resources[0].matching_bucket.job_details.last_job_id #=> String
+    #   resp.matching_resources[0].matching_bucket.job_details.last_job_run_time #=> Time
+    #   resp.matching_resources[0].matching_bucket.object_count #=> Integer
+    #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.customer_managed #=> Integer
+    #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.kms_managed #=> Integer
+    #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.s3_managed #=> Integer
+    #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unencrypted #=> Integer
+    #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unknown #=> Integer
+    #   resp.matching_resources[0].matching_bucket.size_in_bytes #=> Integer
+    #   resp.matching_resources[0].matching_bucket.size_in_bytes_compressed #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_count.file_type #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_count.storage_class #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_count.total #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.file_type #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.storage_class #=> Integer
+    #   resp.matching_resources[0].matching_bucket.unclassifiable_object_size_in_bytes.total #=> Integer
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SearchResources AWS API Documentation
+    #
+    # @overload search_resources(params = {})
+    # @param [Hash] params ({})
+    def search_resources(params = {}, options = {})
+      req = build_request(:search_resources, params)
+      req.send_request(options)
+    end
+
     # Adds or updates one or more tags (keys and values) that are associated
     # with a classification job, custom data identifier, findings filter, or
     # member account.
@@ -2481,6 +2749,10 @@ module Aws::Macie2
     #
     # @option params [Integer] :position
     #
+    # @option params [String] :client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
     # @return [Types::UpdateFindingsFilterResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateFindingsFilterResponse#arn #arn} => String
@@ -2507,6 +2779,7 @@ module Aws::Macie2
     #     id: "__string", # required
     #     name: "__string",
     #     position: 1,
+    #     client_token: "__string",
     #   })
     #
     # @example Response structure
@@ -2528,9 +2801,14 @@ module Aws::Macie2
     #
     # @option params [String] :finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
-    #   findings for an account. This includes publishing updates to AWS
-    #   Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch
-    #   Events). Valid values are:
+    #   findings for an account. This includes publishing updates to Security
+    #   Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events).
+    #   For more information, see [Monitoring and processing findings][1] in
+    #   the *Amazon Macie User Guide*. Valid values are:
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/findings-monitor.html
     #
     # @option params [String] :status
     #   The status of an Amazon Macie account. Valid values are:
@@ -2579,8 +2857,8 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Updates the Amazon Macie configuration settings for an AWS
-    # organization.
+    # Updates the Amazon Macie configuration settings for an Amazon Web
+    # Services organization.
     #
     # @option params [required, Boolean] :auto_enable
     #
@@ -2614,7 +2892,7 @@ module Aws::Macie2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-macie2'
-      context[:gem_version] = '1.25.0'
+      context[:gem_version] = '1.30.0'
       Seahorse::Client::Request.new(handlers, context)
     end