aws-sdk-macie2 1.40.0 → 1.61.0

data/lib/aws-sdk-macie2/client.rb

@@ -27,7 +27,11 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
-require 'aws-sdk-core/plugins/signature_v4.rb'
+require 'aws-sdk-core/plugins/checksum_algorithm.rb'
+require 'aws-sdk-core/plugins/request_compression.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
+require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/rest_json.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:macie2)
@@ -73,8 +77,13 @@ module Aws::Macie2
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
-    add_plugin(Aws::Plugins::SignatureV4)
+    add_plugin(Aws::Plugins::ChecksumAlgorithm)
+    add_plugin(Aws::Plugins::RequestCompression)
+    add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
+    add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::RestJson)
+    add_plugin(Aws::Macie2::Plugins::Endpoints)
 
     # @overload initialize(options)
     #   @param [Hash] options
@@ -175,10 +184,18 @@ module Aws::Macie2
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
     #
+    #   @option options [Boolean] :disable_request_compression (false)
+    #     When set to 'true' the request body will not be compressed
+    #     for supported operations.
+    #
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
@@ -199,6 +216,10 @@ module Aws::Macie2
     #   @option options [Boolean] :endpoint_discovery (false)
     #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
+    #   @option options [Boolean] :ignore_configured_endpoint_urls
+    #     Setting to true disables use of endpoint URLs provided via environment
+    #     variables and the shared configuration file.
+    #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
     #
@@ -219,6 +240,11 @@ module Aws::Macie2
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Integer] :request_min_compression_size_bytes (10240)
+    #     The minimum size in bytes that triggers compression for request
+    #     bodies. The value must be non-negative integer value between 0
+    #     and 10485780 bytes inclusive.
+    #
     #   @option options [Proc] :retry_backoff
     #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
     #     This option is only used in the `legacy` retry mode.
@@ -264,6 +290,11 @@ module Aws::Macie2
     #       in the future.
     #
     #
+    #   @option options [String] :sdk_ua_app_id
+    #     A unique and opaque application ID that is appended to the
+    #     User-Agent header as app/<sdk_ua_app_id>. It should have a
+    #     maximum length of 50.
+    #
     #   @option options [String] :secret_access_key
     #
     #   @option options [String] :session_token
@@ -277,6 +308,19 @@ module Aws::Macie2
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::TokenProvider] :token_provider
+    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     following classes:
+    #
+    #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+    #       tokens.
+    #
+    #     * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+    #     will be used to search for tokens configured for your profile in shared configuration files.
+    #
     #   @option options [Boolean] :use_dualstack_endpoint
     #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
     #     will be used if available.
@@ -290,6 +334,9 @@ module Aws::Macie2
     #     When `true`, request parameters are validated before
     #     sending the request.
     #
+    #   @option options [Aws::Macie2::EndpointProvider] :endpoint_provider
+    #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::Macie2::EndpointParameters`
+    #
     #   @option options [URI::HTTP,String] :http_proxy A proxy to send
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
@@ -297,7 +344,7 @@ module Aws::Macie2
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -313,6 +360,9 @@ module Aws::Macie2
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -402,8 +452,66 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Creates and defines the settings for an allow list.
+    #
+    # @option params [required, String] :client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @option params [required, Types::AllowListCriteria] :criteria
+    #   Specifies the criteria for an allow list. The criteria must specify a
+    #   regular expression (regex) or an S3 object (s3WordsList). It can't
+    #   specify both.
+    #
+    # @option params [String] :description
+    #
+    # @option params [required, String] :name
+    #
+    # @option params [Hash<String,String>] :tags
+    #   A string-to-string map of key-value pairs that specifies the tags
+    #   (keys and values) for an Amazon Macie resource.
+    #
+    # @return [Types::CreateAllowListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateAllowListResponse#arn #arn} => String
+    #   * {Types::CreateAllowListResponse#id #id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_allow_list({
+    #     client_token: "__string", # required
+    #     criteria: { # required
+    #       regex: "__stringMin1Max512PatternSS",
+    #       s3_words_list: {
+    #         bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #         object_key: "__stringMin1Max1024PatternSS", # required
+    #       },
+    #     },
+    #     description: "__stringMin1Max512PatternSS",
+    #     name: "__stringMin1Max128Pattern", # required
+    #     tags: {
+    #       "__string" => "__string",
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.arn #=> String
+    #   resp.id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateAllowList AWS API Documentation
+    #
+    # @overload create_allow_list(params = {})
+    # @param [Hash] params ({})
+    def create_allow_list(params = {}, options = {})
+      req = build_request(:create_allow_list, params)
+      req.send_request(options)
+    end
+
     # Creates and defines the settings for a classification job.
     #
+    # @option params [Array<String>] :allow_list_ids
+    #
     # @option params [required, String] :client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.**
@@ -441,8 +549,7 @@ module Aws::Macie2
     #
     # @option params [Hash<String,String>] :tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #
     # @return [Types::CreateClassificationJobResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -452,40 +559,33 @@ module Aws::Macie2
     # @example Request syntax with placeholder values
     #
     #   resp = client.create_classification_job({
+    #     allow_list_ids: ["__string"],
     #     client_token: "__string", # required
     #     custom_data_identifier_ids: ["__string"],
     #     description: "__string",
     #     initial_run: false,
     #     job_type: "ONE_TIME", # required, accepts ONE_TIME, SCHEDULED
     #     managed_data_identifier_ids: ["__string"],
-    #     managed_data_identifier_selector: "ALL", # accepts ALL, EXCLUDE, INCLUDE, NONE
+    #     managed_data_identifier_selector: "ALL", # accepts ALL, EXCLUDE, INCLUDE, NONE, RECOMMENDED
     #     name: "__string", # required
     #     s3_job_definition: { # required
-    #       bucket_definitions: [
-    #         {
-    #           account_id: "__string", # required
-    #           buckets: ["__string"], # required
-    #         },
-    #       ],
-    #       scoping: {
+    #       bucket_criteria: {
     #         excludes: {
     #           and: [
     #             {
-    #               simple_scope_term: {
+    #               simple_criterion: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
+    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
     #                 values: ["__string"],
     #               },
-    #               tag_scope_term: {
+    #               tag_criterion: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "__string",
     #                 tag_values: [
     #                   {
     #                     key: "__string",
     #                     value: "__string",
     #                   },
     #                 ],
-    #                 target: "S3_OBJECT", # accepts S3_OBJECT
     #               },
     #             },
     #           ],
@@ -493,43 +593,49 @@ module Aws::Macie2
     #         includes: {
     #           and: [
     #             {
-    #               simple_scope_term: {
+    #               simple_criterion: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
+    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
     #                 values: ["__string"],
     #               },
-    #               tag_scope_term: {
+    #               tag_criterion: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "__string",
     #                 tag_values: [
     #                   {
     #                     key: "__string",
     #                     value: "__string",
     #                   },
     #                 ],
-    #                 target: "S3_OBJECT", # accepts S3_OBJECT
     #               },
     #             },
     #           ],
     #         },
     #       },
-    #       bucket_criteria: {
+    #       bucket_definitions: [
+    #         {
+    #           account_id: "__string", # required
+    #           buckets: ["__string"], # required
+    #         },
+    #       ],
+    #       scoping: {
     #         excludes: {
     #           and: [
     #             {
-    #               simple_criterion: {
+    #               simple_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
     #                 values: ["__string"],
     #               },
-    #               tag_criterion: {
+    #               tag_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 key: "__string",
     #                 tag_values: [
     #                   {
     #                     key: "__string",
     #                     value: "__string",
     #                   },
     #                 ],
+    #                 target: "S3_OBJECT", # accepts S3_OBJECT
     #               },
     #             },
     #           ],
@@ -537,19 +643,21 @@ module Aws::Macie2
     #         includes: {
     #           and: [
     #             {
-    #               simple_criterion: {
+    #               simple_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
+    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
     #                 values: ["__string"],
     #               },
-    #               tag_criterion: {
+    #               tag_scope_term: {
     #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
+    #                 key: "__string",
     #                 tag_values: [
     #                   {
     #                     key: "__string",
     #                     value: "__string",
     #                   },
     #                 ],
+    #                 target: "S3_OBJECT", # accepts S3_OBJECT
     #               },
     #             },
     #           ],
@@ -601,9 +709,9 @@ module Aws::Macie2
     #
     # @option params [Integer] :maximum_match_distance
     #
-    # @option params [String] :name
+    # @option params [required, String] :name
     #
-    # @option params [String] :regex
+    # @option params [required, String] :regex
     #
     # @option params [Array<Types::SeverityLevel>] :severity_levels
     #   The severity to assign to findings that the custom data identifier
@@ -623,8 +731,7 @@ module Aws::Macie2
     #
     # @option params [Hash<String,String>] :tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #
     # @return [Types::CreateCustomDataIdentifierResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -638,8 +745,8 @@ module Aws::Macie2
     #     ignore_words: ["__string"],
     #     keywords: ["__string"],
     #     maximum_match_distance: 1,
-    #     name: "__string",
-    #     regex: "__string",
+    #     name: "__string", # required
+    #     regex: "__string", # required
     #     severity_levels: [
     #       {
     #         occurrences_threshold: 1, # required
@@ -668,8 +775,8 @@ module Aws::Macie2
     # filter.
     #
     # @option params [required, String] :action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria, set
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria, set
     #   this value to ARCHIVE. Valid values are:
     #
     # @option params [String] :client_token
@@ -688,8 +795,7 @@ module Aws::Macie2
     #
     # @option params [Hash<String,String>] :tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #
     # @return [Types::CreateFindingsFilterResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -780,8 +886,7 @@ module Aws::Macie2
     #
     # @option params [Hash<String,String>] :tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #
     # @return [Types::CreateMemberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -821,7 +926,7 @@ module Aws::Macie2
     # @example Request syntax with placeholder values
     #
     #   resp = client.create_sample_findings({
-    #     finding_types: ["SensitiveData:S3Object/Multiple"], # accepts SensitiveData:S3Object/Multiple, SensitiveData:S3Object/Financial, SensitiveData:S3Object/Personal, SensitiveData:S3Object/Credentials, SensitiveData:S3Object/CustomIdentifier, Policy:IAMUser/S3BucketPublic, Policy:IAMUser/S3BucketSharedExternally, Policy:IAMUser/S3BucketReplicatedExternally, Policy:IAMUser/S3BucketEncryptionDisabled, Policy:IAMUser/S3BlockPublicAccessDisabled
+    #     finding_types: ["SensitiveData:S3Object/Multiple"], # accepts SensitiveData:S3Object/Multiple, SensitiveData:S3Object/Financial, SensitiveData:S3Object/Personal, SensitiveData:S3Object/Credentials, SensitiveData:S3Object/CustomIdentifier, Policy:IAMUser/S3BucketPublic, Policy:IAMUser/S3BucketSharedExternally, Policy:IAMUser/S3BucketReplicatedExternally, Policy:IAMUser/S3BucketEncryptionDisabled, Policy:IAMUser/S3BlockPublicAccessDisabled, Policy:IAMUser/S3BucketSharedWithCloudFront
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateSampleFindings AWS API Documentation
@@ -864,6 +969,30 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Deletes an allow list.
+    #
+    # @option params [required, String] :id
+    #
+    # @option params [String] :ignore_job_checks
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_allow_list({
+    #     id: "__string", # required
+    #     ignore_job_checks: "__string",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DeleteAllowList AWS API Documentation
+    #
+    # @overload delete_allow_list(params = {})
+    # @param [Hash] params ({})
+    def delete_allow_list(params = {}, options = {})
+      req = build_request(:delete_allow_list, params)
+      req.send_request(options)
+    end
+
     # Soft deletes a custom data identifier.
     #
     # @option params [required, String] :id
@@ -960,7 +1089,8 @@ module Aws::Macie2
     end
 
     # Retrieves (queries) statistical data and other information about one
-    # or more S3 buckets that Amazon Macie monitors and analyzes.
+    # or more S3 buckets that Amazon Macie monitors and analyzes for an
+    # account.
     #
     # @option params [Hash<String,Types::BucketCriteriaAdditionalProperties>] :criteria
     #   Specifies, as a map, one or more property-based conditions that filter
@@ -1019,6 +1149,7 @@ module Aws::Macie2
     #   resp.buckets[0].job_details.is_monitored_by_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
     #   resp.buckets[0].job_details.last_job_id #=> String
     #   resp.buckets[0].job_details.last_job_run_time #=> Time
+    #   resp.buckets[0].last_automated_discovery_time #=> Time
     #   resp.buckets[0].last_updated #=> Time
     #   resp.buckets[0].object_count #=> Integer
     #   resp.buckets[0].object_count_by_encryption_type.customer_managed #=> Integer
@@ -1044,6 +1175,7 @@ module Aws::Macie2
     #   resp.buckets[0].replication_details.replicated_externally #=> Boolean
     #   resp.buckets[0].replication_details.replication_accounts #=> Array
     #   resp.buckets[0].replication_details.replication_accounts[0] #=> String
+    #   resp.buckets[0].sensitivity_score #=> Integer
     #   resp.buckets[0].server_side_encryption.kms_master_key_id #=> String
     #   resp.buckets[0].server_side_encryption.type #=> String, one of "NONE", "AES256", "aws:kms"
     #   resp.buckets[0].shared_access #=> String, one of "EXTERNAL", "INTERNAL", "NOT_SHARED", "UNKNOWN"
@@ -1076,6 +1208,7 @@ module Aws::Macie2
     #
     # @return [Types::DescribeClassificationJobResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
+    #   * {Types::DescribeClassificationJobResponse#allow_list_ids #allow_list_ids} => Array&lt;String&gt;
     #   * {Types::DescribeClassificationJobResponse#client_token #client_token} => String
     #   * {Types::DescribeClassificationJobResponse#created_at #created_at} => Time
     #   * {Types::DescribeClassificationJobResponse#custom_data_identifier_ids #custom_data_identifier_ids} => Array&lt;String&gt;
@@ -1105,6 +1238,8 @@ module Aws::Macie2
     #
     # @example Response structure
     #
+    #   resp.allow_list_ids #=> Array
+    #   resp.allow_list_ids[0] #=> String
     #   resp.client_token #=> String
     #   resp.created_at #=> Time
     #   resp.custom_data_identifier_ids #=> Array
@@ -1119,8 +1254,26 @@ module Aws::Macie2
     #   resp.last_run_time #=> Time
     #   resp.managed_data_identifier_ids #=> Array
     #   resp.managed_data_identifier_ids[0] #=> String
-    #   resp.managed_data_identifier_selector #=> String, one of "ALL", "EXCLUDE", "INCLUDE", "NONE"
+    #   resp.managed_data_identifier_selector #=> String, one of "ALL", "EXCLUDE", "INCLUDE", "NONE", "RECOMMENDED"
     #   resp.name #=> String
+    #   resp.s3_job_definition.bucket_criteria.excludes.and #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
+    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
     #   resp.s3_job_definition.bucket_definitions #=> Array
     #   resp.s3_job_definition.bucket_definitions[0].account_id #=> String
     #   resp.s3_job_definition.bucket_definitions[0].buckets #=> Array
@@ -1147,24 +1300,6 @@ module Aws::Macie2
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].key #=> String
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.tag_values[0].value #=> String
     #   resp.s3_job_definition.scoping.includes.and[0].tag_scope_term.target #=> String, one of "S3_OBJECT"
-    #   resp.s3_job_definition.bucket_criteria.excludes.and #=> Array
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values #=> Array
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].simple_criterion.values[0] #=> String
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values #=> Array
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].key #=> String
-    #   resp.s3_job_definition.bucket_criteria.excludes.and[0].tag_criterion.tag_values[0].value #=> String
-    #   resp.s3_job_definition.bucket_criteria.includes.and #=> Array
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values #=> Array
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].simple_criterion.values[0] #=> String
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
-    #   resp.s3_job_definition.bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
     #   resp.sampling_percentage #=> Integer
     #   resp.schedule_frequency.monthly_schedule.day_of_month #=> Integer
     #   resp.schedule_frequency.weekly_schedule.day_of_week #=> String, one of "SUNDAY", "MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY"
@@ -1306,9 +1441,9 @@ module Aws::Macie2
     # @option params [String] :finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to Security
-    #   Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events).
-    #   For more information, see [Monitoring and processing findings][1] in
-    #   the *Amazon Macie User Guide*. Valid values are:
+    #   Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For
+    #   more information, see [Monitoring and processing findings][1] in the
+    #   *Amazon Macie User Guide*. Valid values are:
     #
     #
     #
@@ -1386,8 +1521,85 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Retrieves (queries) aggregated statistical data about S3 buckets that
-    # Amazon Macie monitors and analyzes.
+    # Retrieves the settings and status of an allow list.
+    #
+    # @option params [required, String] :id
+    #
+    # @return [Types::GetAllowListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetAllowListResponse#arn #arn} => String
+    #   * {Types::GetAllowListResponse#created_at #created_at} => Time
+    #   * {Types::GetAllowListResponse#criteria #criteria} => Types::AllowListCriteria
+    #   * {Types::GetAllowListResponse#description #description} => String
+    #   * {Types::GetAllowListResponse#id #id} => String
+    #   * {Types::GetAllowListResponse#name #name} => String
+    #   * {Types::GetAllowListResponse#status #status} => Types::AllowListStatus
+    #   * {Types::GetAllowListResponse#tags #tags} => Hash&lt;String,String&gt;
+    #   * {Types::GetAllowListResponse#updated_at #updated_at} => Time
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_allow_list({
+    #     id: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.arn #=> String
+    #   resp.created_at #=> Time
+    #   resp.criteria.regex #=> String
+    #   resp.criteria.s3_words_list.bucket_name #=> String
+    #   resp.criteria.s3_words_list.object_key #=> String
+    #   resp.description #=> String
+    #   resp.id #=> String
+    #   resp.name #=> String
+    #   resp.status.code #=> String, one of "OK", "S3_OBJECT_NOT_FOUND", "S3_USER_ACCESS_DENIED", "S3_OBJECT_ACCESS_DENIED", "S3_THROTTLED", "S3_OBJECT_OVERSIZE", "S3_OBJECT_EMPTY", "UNKNOWN_ERROR"
+    #   resp.status.description #=> String
+    #   resp.tags #=> Hash
+    #   resp.tags["__string"] #=> String
+    #   resp.updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAllowList AWS API Documentation
+    #
+    # @overload get_allow_list(params = {})
+    # @param [Hash] params ({})
+    def get_allow_list(params = {}, options = {})
+      req = build_request(:get_allow_list, params)
+      req.send_request(options)
+    end
+
+    # Retrieves the configuration settings and status of automated sensitive
+    # data discovery for an account.
+    #
+    # @return [Types::GetAutomatedDiscoveryConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#classification_scope_id #classification_scope_id} => String
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#disabled_at #disabled_at} => Time
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#first_enabled_at #first_enabled_at} => Time
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#last_updated_at #last_updated_at} => Time
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#sensitivity_inspection_template_id #sensitivity_inspection_template_id} => String
+    #   * {Types::GetAutomatedDiscoveryConfigurationResponse#status #status} => String
+    #
+    # @example Response structure
+    #
+    #   resp.classification_scope_id #=> String
+    #   resp.disabled_at #=> Time
+    #   resp.first_enabled_at #=> Time
+    #   resp.last_updated_at #=> Time
+    #   resp.sensitivity_inspection_template_id #=> String
+    #   resp.status #=> String, one of "ENABLED", "DISABLED"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAutomatedDiscoveryConfiguration AWS API Documentation
+    #
+    # @overload get_automated_discovery_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_automated_discovery_configuration(params = {}, options = {})
+      req = build_request(:get_automated_discovery_configuration, params)
+      req.send_request(options)
+    end
+
+    # Retrieves (queries) aggregated statistical data about all the S3
+    # buckets that Amazon Macie monitors and analyzes for an account.
     #
     # @option params [String] :account_id
     #
@@ -1398,6 +1610,7 @@ module Aws::Macie2
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_encryption_type #bucket_count_by_encryption_type} => Types::BucketCountByEncryptionType
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_object_encryption_requirement #bucket_count_by_object_encryption_requirement} => Types::BucketCountPolicyAllowsUnencryptedObjectUploads
     #   * {Types::GetBucketStatisticsResponse#bucket_count_by_shared_access_type #bucket_count_by_shared_access_type} => Types::BucketCountBySharedAccessType
+    #   * {Types::GetBucketStatisticsResponse#bucket_statistics_by_sensitivity #bucket_statistics_by_sensitivity} => Types::BucketStatisticsBySensitivity
     #   * {Types::GetBucketStatisticsResponse#classifiable_object_count #classifiable_object_count} => Integer
     #   * {Types::GetBucketStatisticsResponse#classifiable_size_in_bytes #classifiable_size_in_bytes} => Integer
     #   * {Types::GetBucketStatisticsResponse#last_updated #last_updated} => Time
@@ -1431,6 +1644,22 @@ module Aws::Macie2
     #   resp.bucket_count_by_shared_access_type.internal #=> Integer
     #   resp.bucket_count_by_shared_access_type.not_shared #=> Integer
     #   resp.bucket_count_by_shared_access_type.unknown #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.classification_error.classifiable_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.classification_error.publicly_accessible_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.classification_error.total_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.classification_error.total_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_classified.classifiable_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_classified.publicly_accessible_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_classified.total_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_classified.total_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_sensitive.classifiable_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_sensitive.publicly_accessible_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_sensitive.total_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.not_sensitive.total_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.sensitive.classifiable_size_in_bytes #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.sensitive.publicly_accessible_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.sensitive.total_count #=> Integer
+    #   resp.bucket_statistics_by_sensitivity.sensitive.total_size_in_bytes #=> Integer
     #   resp.classifiable_object_count #=> Integer
     #   resp.classifiable_size_in_bytes #=> Integer
     #   resp.last_updated #=> Time
@@ -1475,6 +1704,38 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Retrieves the classification scope settings for an account.
+    #
+    # @option params [required, String] :id
+    #
+    # @return [Types::GetClassificationScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetClassificationScopeResponse#id #id} => String
+    #   * {Types::GetClassificationScopeResponse#name #name} => String
+    #   * {Types::GetClassificationScopeResponse#s3 #s3} => Types::S3ClassificationScope
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_classification_scope({
+    #     id: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.id #=> String
+    #   resp.name #=> String
+    #   resp.s3.excludes.bucket_names #=> Array
+    #   resp.s3.excludes.bucket_names[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetClassificationScope AWS API Documentation
+    #
+    # @overload get_classification_scope(params = {})
+    # @param [Hash] params ({})
+    def get_classification_scope(params = {}, options = {})
+      req = build_request(:get_classification_scope, params)
+      req.send_request(options)
+    end
+
     # Retrieves the criteria and other settings for a custom data
     # identifier.
     #
@@ -1617,6 +1878,7 @@ module Aws::Macie2
     #   resp.findings[0].classification_details.detailed_results_location #=> String
     #   resp.findings[0].classification_details.job_arn #=> String
     #   resp.findings[0].classification_details.job_id #=> String
+    #   resp.findings[0].classification_details.origin_type #=> String, one of "SENSITIVE_DATA_DISCOVERY_JOB", "AUTOMATED_SENSITIVE_DATA_DISCOVERY"
     #   resp.findings[0].classification_details.result.additional_occurrences #=> Boolean
     #   resp.findings[0].classification_details.result.custom_data_identifiers.detections #=> Array
     #   resp.findings[0].classification_details.result.custom_data_identifiers.detections[0].arn #=> String
@@ -1770,7 +2032,7 @@ module Aws::Macie2
     #   resp.findings[0].resources_affected.s3_object.server_side_encryption.encryption_type #=> String, one of "NONE", "AES256", "aws:kms", "UNKNOWN"
     #   resp.findings[0].resources_affected.s3_object.server_side_encryption.kms_master_key_id #=> String
     #   resp.findings[0].resources_affected.s3_object.size #=> Integer
-    #   resp.findings[0].resources_affected.s3_object.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "ONEZONE_IA", "GLACIER"
+    #   resp.findings[0].resources_affected.s3_object.storage_class #=> String, one of "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "ONEZONE_IA", "GLACIER", "GLACIER_IR", "OUTPOSTS"
     #   resp.findings[0].resources_affected.s3_object.tags #=> Array
     #   resp.findings[0].resources_affected.s3_object.tags[0].key #=> String
     #   resp.findings[0].resources_affected.s3_object.tags[0].value #=> String
@@ -1780,7 +2042,7 @@ module Aws::Macie2
     #   resp.findings[0].severity.description #=> String, one of "Low", "Medium", "High"
     #   resp.findings[0].severity.score #=> Integer
     #   resp.findings[0].title #=> String
-    #   resp.findings[0].type #=> String, one of "SensitiveData:S3Object/Multiple", "SensitiveData:S3Object/Financial", "SensitiveData:S3Object/Personal", "SensitiveData:S3Object/Credentials", "SensitiveData:S3Object/CustomIdentifier", "Policy:IAMUser/S3BucketPublic", "Policy:IAMUser/S3BucketSharedExternally", "Policy:IAMUser/S3BucketReplicatedExternally", "Policy:IAMUser/S3BucketEncryptionDisabled", "Policy:IAMUser/S3BlockPublicAccessDisabled"
+    #   resp.findings[0].type #=> String, one of "SensitiveData:S3Object/Multiple", "SensitiveData:S3Object/Financial", "SensitiveData:S3Object/Personal", "SensitiveData:S3Object/Credentials", "SensitiveData:S3Object/CustomIdentifier", "Policy:IAMUser/S3BucketPublic", "Policy:IAMUser/S3BucketSharedExternally", "Policy:IAMUser/S3BucketReplicatedExternally", "Policy:IAMUser/S3BucketEncryptionDisabled", "Policy:IAMUser/S3BlockPublicAccessDisabled", "Policy:IAMUser/S3BucketSharedWithCloudFront"
     #   resp.findings[0].updated_at #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetFindings AWS API Documentation
@@ -1885,8 +2147,8 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Retrieves the current status and configuration settings for an Amazon
-    # Macie account.
+    # Retrieves the status and configuration settings for an Amazon Macie
+    # account.
     #
     # @return [Types::GetMacieSessionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1984,36 +2246,210 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Retrieves (queries) quotas and aggregated usage data for one or more
-    # accounts.
+    # Retrieves (queries) sensitive data discovery statistics and the
+    # sensitivity score for an S3 bucket.
     #
-    # @option params [Array<Types::UsageStatisticsFilter>] :filter_by
+    # @option params [required, String] :resource_arn
     #
-    # @option params [Integer] :max_results
+    # @return [Types::GetResourceProfileResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
-    # @option params [String] :next_token
+    #   * {Types::GetResourceProfileResponse#profile_updated_at #profile_updated_at} => Time
+    #   * {Types::GetResourceProfileResponse#sensitivity_score #sensitivity_score} => Integer
+    #   * {Types::GetResourceProfileResponse#sensitivity_score_overridden #sensitivity_score_overridden} => Boolean
+    #   * {Types::GetResourceProfileResponse#statistics #statistics} => Types::ResourceStatistics
     #
-    # @option params [Types::UsageStatisticsSortBy] :sort_by
-    #   Specifies criteria for sorting the results of a query for Amazon Macie
-    #   account quotas and usage data.
+    # @example Request syntax with placeholder values
     #
-    # @option params [String] :time_range
-    #   An inclusive time period that Amazon Macie usage data applies to.
-    #   Possible values are:
+    #   resp = client.get_resource_profile({
+    #     resource_arn: "__string", # required
+    #   })
     #
-    # @return [Types::GetUsageStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    # @example Response structure
     #
-    #   * {Types::GetUsageStatisticsResponse#next_token #next_token} => String
-    #   * {Types::GetUsageStatisticsResponse#records #records} => Array&lt;Types::UsageRecord&gt;
-    #   * {Types::GetUsageStatisticsResponse#time_range #time_range} => String
+    #   resp.profile_updated_at #=> Time
+    #   resp.sensitivity_score #=> Integer
+    #   resp.sensitivity_score_overridden #=> Boolean
+    #   resp.statistics.total_bytes_classified #=> Integer
+    #   resp.statistics.total_detections #=> Integer
+    #   resp.statistics.total_detections_suppressed #=> Integer
+    #   resp.statistics.total_items_classified #=> Integer
+    #   resp.statistics.total_items_sensitive #=> Integer
+    #   resp.statistics.total_items_skipped #=> Integer
+    #   resp.statistics.total_items_skipped_invalid_encryption #=> Integer
+    #   resp.statistics.total_items_skipped_invalid_kms #=> Integer
+    #   resp.statistics.total_items_skipped_permission_denied #=> Integer
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetResourceProfile AWS API Documentation
+    #
+    # @overload get_resource_profile(params = {})
+    # @param [Hash] params ({})
+    def get_resource_profile(params = {}, options = {})
+      req = build_request(:get_resource_profile, params)
+      req.send_request(options)
+    end
+
+    # Retrieves the status and configuration settings for retrieving
+    # occurrences of sensitive data reported by findings.
     #
-    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    # @return [Types::GetRevealConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetRevealConfigurationResponse#configuration #configuration} => Types::RevealConfiguration
+    #
+    # @example Response structure
+    #
+    #   resp.configuration.kms_key_id #=> String
+    #   resp.configuration.status #=> String, one of "ENABLED", "DISABLED"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetRevealConfiguration AWS API Documentation
+    #
+    # @overload get_reveal_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_reveal_configuration(params = {}, options = {})
+      req = build_request(:get_reveal_configuration, params)
+      req.send_request(options)
+    end
+
+    # Retrieves occurrences of sensitive data reported by a finding.
+    #
+    # @option params [required, String] :finding_id
+    #
+    # @return [Types::GetSensitiveDataOccurrencesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetSensitiveDataOccurrencesResponse#error #error} => String
+    #   * {Types::GetSensitiveDataOccurrencesResponse#sensitive_data_occurrences #sensitive_data_occurrences} => Hash&lt;String,Array&lt;Types::DetectedDataDetails&gt;&gt;
+    #   * {Types::GetSensitiveDataOccurrencesResponse#status #status} => String
     #
     # @example Request syntax with placeholder values
     #
-    #   resp = client.get_usage_statistics({
-    #     filter_by: [
-    #       {
+    #   resp = client.get_sensitive_data_occurrences({
+    #     finding_id: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.error #=> String
+    #   resp.sensitive_data_occurrences #=> Hash
+    #   resp.sensitive_data_occurrences["__string"] #=> Array
+    #   resp.sensitive_data_occurrences["__string"][0].value #=> String
+    #   resp.status #=> String, one of "SUCCESS", "PROCESSING", "ERROR"
+    #
+    #
+    # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
+    #
+    #   * finding_revealed
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrences AWS API Documentation
+    #
+    # @overload get_sensitive_data_occurrences(params = {})
+    # @param [Hash] params ({})
+    def get_sensitive_data_occurrences(params = {}, options = {})
+      req = build_request(:get_sensitive_data_occurrences, params)
+      req.send_request(options)
+    end
+
+    # Checks whether occurrences of sensitive data can be retrieved for a
+    # finding.
+    #
+    # @option params [required, String] :finding_id
+    #
+    # @return [Types::GetSensitiveDataOccurrencesAvailabilityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetSensitiveDataOccurrencesAvailabilityResponse#code #code} => String
+    #   * {Types::GetSensitiveDataOccurrencesAvailabilityResponse#reasons #reasons} => Array&lt;String&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_sensitive_data_occurrences_availability({
+    #     finding_id: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.code #=> String, one of "AVAILABLE", "UNAVAILABLE"
+    #   resp.reasons #=> Array
+    #   resp.reasons[0] #=> String, one of "OBJECT_EXCEEDS_SIZE_QUOTA", "UNSUPPORTED_OBJECT_TYPE", "UNSUPPORTED_FINDING_TYPE", "INVALID_CLASSIFICATION_RESULT", "OBJECT_UNAVAILABLE"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrencesAvailability AWS API Documentation
+    #
+    # @overload get_sensitive_data_occurrences_availability(params = {})
+    # @param [Hash] params ({})
+    def get_sensitive_data_occurrences_availability(params = {}, options = {})
+      req = build_request(:get_sensitive_data_occurrences_availability, params)
+      req.send_request(options)
+    end
+
+    # Retrieves the settings for the sensitivity inspection template for an
+    # account.
+    #
+    # @option params [required, String] :id
+    #
+    # @return [Types::GetSensitivityInspectionTemplateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetSensitivityInspectionTemplateResponse#description #description} => String
+    #   * {Types::GetSensitivityInspectionTemplateResponse#excludes #excludes} => Types::SensitivityInspectionTemplateExcludes
+    #   * {Types::GetSensitivityInspectionTemplateResponse#includes #includes} => Types::SensitivityInspectionTemplateIncludes
+    #   * {Types::GetSensitivityInspectionTemplateResponse#name #name} => String
+    #   * {Types::GetSensitivityInspectionTemplateResponse#sensitivity_inspection_template_id #sensitivity_inspection_template_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_sensitivity_inspection_template({
+    #     id: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.description #=> String
+    #   resp.excludes.managed_data_identifier_ids #=> Array
+    #   resp.excludes.managed_data_identifier_ids[0] #=> String
+    #   resp.includes.allow_list_ids #=> Array
+    #   resp.includes.allow_list_ids[0] #=> String
+    #   resp.includes.custom_data_identifier_ids #=> Array
+    #   resp.includes.custom_data_identifier_ids[0] #=> String
+    #   resp.includes.managed_data_identifier_ids #=> Array
+    #   resp.includes.managed_data_identifier_ids[0] #=> String
+    #   resp.name #=> String
+    #   resp.sensitivity_inspection_template_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitivityInspectionTemplate AWS API Documentation
+    #
+    # @overload get_sensitivity_inspection_template(params = {})
+    # @param [Hash] params ({})
+    def get_sensitivity_inspection_template(params = {}, options = {})
+      req = build_request(:get_sensitivity_inspection_template, params)
+      req.send_request(options)
+    end
+
+    # Retrieves (queries) quotas and aggregated usage data for one or more
+    # accounts.
+    #
+    # @option params [Array<Types::UsageStatisticsFilter>] :filter_by
+    #
+    # @option params [Integer] :max_results
+    #
+    # @option params [String] :next_token
+    #
+    # @option params [Types::UsageStatisticsSortBy] :sort_by
+    #   Specifies criteria for sorting the results of a query for Amazon Macie
+    #   account quotas and usage data.
+    #
+    # @option params [String] :time_range
+    #   An inclusive time period that Amazon Macie usage data applies to.
+    #   Possible values are:
+    #
+    # @return [Types::GetUsageStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetUsageStatisticsResponse#next_token #next_token} => String
+    #   * {Types::GetUsageStatisticsResponse#records #records} => Array&lt;Types::UsageRecord&gt;
+    #   * {Types::GetUsageStatisticsResponse#time_range #time_range} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_usage_statistics({
+    #     filter_by: [
+    #       {
     #         comparator: "GT", # accepts GT, GTE, LT, LTE, EQ, NE, CONTAINS
     #         key: "accountId", # accepts accountId, serviceLimit, freeTrialStartDate, total
     #         values: ["__string"],
@@ -2033,6 +2469,7 @@ module Aws::Macie2
     #   resp.next_token #=> String
     #   resp.records #=> Array
     #   resp.records[0].account_id #=> String
+    #   resp.records[0].automated_discovery_free_trial_start_date #=> Time
     #   resp.records[0].free_trial_start_date #=> Time
     #   resp.records[0].usage #=> Array
     #   resp.records[0].usage[0].currency #=> String, one of "USD"
@@ -2040,7 +2477,7 @@ module Aws::Macie2
     #   resp.records[0].usage[0].service_limit.is_service_limited #=> Boolean
     #   resp.records[0].usage[0].service_limit.unit #=> String, one of "TERABYTES"
     #   resp.records[0].usage[0].service_limit.value #=> Integer
-    #   resp.records[0].usage[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY"
+    #   resp.records[0].usage[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY", "AUTOMATED_SENSITIVE_DATA_DISCOVERY", "AUTOMATED_OBJECT_MONITORING"
     #   resp.time_range #=> String, one of "MONTH_TO_DATE", "PAST_30_DAYS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetUsageStatistics AWS API Documentation
@@ -2073,7 +2510,7 @@ module Aws::Macie2
     #   resp.usage_totals #=> Array
     #   resp.usage_totals[0].currency #=> String, one of "USD"
     #   resp.usage_totals[0].estimated_cost #=> String
-    #   resp.usage_totals[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY"
+    #   resp.usage_totals[0].type #=> String, one of "DATA_INVENTORY_EVALUATION", "SENSITIVE_DATA_DISCOVERY", "AUTOMATED_SENSITIVE_DATA_DISCOVERY", "AUTOMATED_OBJECT_MONITORING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetUsageTotals AWS API Documentation
     #
@@ -2084,6 +2521,47 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Retrieves a subset of information about all the allow lists for an
+    # account.
+    #
+    # @option params [Integer] :max_results
+    #
+    # @option params [String] :next_token
+    #
+    # @return [Types::ListAllowListsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListAllowListsResponse#allow_lists #allow_lists} => Array&lt;Types::AllowListSummary&gt;
+    #   * {Types::ListAllowListsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_allow_lists({
+    #     max_results: 1,
+    #     next_token: "__string",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.allow_lists #=> Array
+    #   resp.allow_lists[0].arn #=> String
+    #   resp.allow_lists[0].created_at #=> Time
+    #   resp.allow_lists[0].description #=> String
+    #   resp.allow_lists[0].id #=> String
+    #   resp.allow_lists[0].name #=> String
+    #   resp.allow_lists[0].updated_at #=> Time
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListAllowLists AWS API Documentation
+    #
+    # @overload list_allow_lists(params = {})
+    # @param [Hash] params ({})
+    def list_allow_lists(params = {}, options = {})
+      req = build_request(:list_allow_lists, params)
+      req.send_request(options)
+    end
+
     # Retrieves a subset of information about one or more classification
     # jobs.
     #
@@ -2136,19 +2614,6 @@ module Aws::Macie2
     # @example Response structure
     #
     #   resp.items #=> Array
-    #   resp.items[0].bucket_definitions #=> Array
-    #   resp.items[0].bucket_definitions[0].account_id #=> String
-    #   resp.items[0].bucket_definitions[0].buckets #=> Array
-    #   resp.items[0].bucket_definitions[0].buckets[0] #=> String
-    #   resp.items[0].created_at #=> Time
-    #   resp.items[0].job_id #=> String
-    #   resp.items[0].job_status #=> String, one of "RUNNING", "PAUSED", "CANCELLED", "COMPLETE", "IDLE", "USER_PAUSED"
-    #   resp.items[0].job_type #=> String, one of "ONE_TIME", "SCHEDULED"
-    #   resp.items[0].last_run_error_status.code #=> String, one of "NONE", "ERROR"
-    #   resp.items[0].name #=> String
-    #   resp.items[0].user_paused_details.job_expires_at #=> Time
-    #   resp.items[0].user_paused_details.job_imminent_expiration_health_event_arn #=> String
-    #   resp.items[0].user_paused_details.job_paused_at #=> Time
     #   resp.items[0].bucket_criteria.excludes.and #=> Array
     #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.comparator #=> String, one of "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH"
     #   resp.items[0].bucket_criteria.excludes.and[0].simple_criterion.key #=> String, one of "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS"
@@ -2167,6 +2632,19 @@ module Aws::Macie2
     #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values #=> Array
     #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].key #=> String
     #   resp.items[0].bucket_criteria.includes.and[0].tag_criterion.tag_values[0].value #=> String
+    #   resp.items[0].bucket_definitions #=> Array
+    #   resp.items[0].bucket_definitions[0].account_id #=> String
+    #   resp.items[0].bucket_definitions[0].buckets #=> Array
+    #   resp.items[0].bucket_definitions[0].buckets[0] #=> String
+    #   resp.items[0].created_at #=> Time
+    #   resp.items[0].job_id #=> String
+    #   resp.items[0].job_status #=> String, one of "RUNNING", "PAUSED", "CANCELLED", "COMPLETE", "IDLE", "USER_PAUSED"
+    #   resp.items[0].job_type #=> String, one of "ONE_TIME", "SCHEDULED"
+    #   resp.items[0].last_run_error_status.code #=> String, one of "NONE", "ERROR"
+    #   resp.items[0].name #=> String
+    #   resp.items[0].user_paused_details.job_expires_at #=> Time
+    #   resp.items[0].user_paused_details.job_imminent_expiration_health_event_arn #=> String
+    #   resp.items[0].user_paused_details.job_paused_at #=> Time
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListClassificationJobs AWS API Documentation
@@ -2178,6 +2656,43 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Retrieves a subset of information about the classification scope for
+    # an account.
+    #
+    # @option params [String] :name
+    #
+    # @option params [String] :next_token
+    #
+    # @return [Types::ListClassificationScopesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListClassificationScopesResponse#classification_scopes #classification_scopes} => Array&lt;Types::ClassificationScopeSummary&gt;
+    #   * {Types::ListClassificationScopesResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_classification_scopes({
+    #     name: "__string",
+    #     next_token: "__string",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.classification_scopes #=> Array
+    #   resp.classification_scopes[0].id #=> String
+    #   resp.classification_scopes[0].name #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListClassificationScopes AWS API Documentation
+    #
+    # @overload list_classification_scopes(params = {})
+    # @param [Hash] params ({})
+    def list_classification_scopes(params = {}, options = {})
+      req = build_request(:list_classification_scopes, params)
+      req.send_request(options)
+    end
+
     # Retrieves a subset of information about all the custom data
     # identifiers for an account.
     #
@@ -2367,6 +2882,8 @@ module Aws::Macie2
     #   * {Types::ListManagedDataIdentifiersResponse#items #items} => Array&lt;Types::ManagedDataIdentifierSummary&gt;
     #   * {Types::ListManagedDataIdentifiersResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_managed_data_identifiers({
@@ -2474,9 +2991,127 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Retrieves the tags (keys and values) that are associated with a
-    # classification job, custom data identifier, findings filter, or member
-    # account.
+    # Retrieves information about objects that were selected from an S3
+    # bucket for automated sensitive data discovery.
+    #
+    # @option params [String] :next_token
+    #
+    # @option params [required, String] :resource_arn
+    #
+    # @return [Types::ListResourceProfileArtifactsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListResourceProfileArtifactsResponse#artifacts #artifacts} => Array&lt;Types::ResourceProfileArtifact&gt;
+    #   * {Types::ListResourceProfileArtifactsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_resource_profile_artifacts({
+    #     next_token: "__string",
+    #     resource_arn: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.artifacts #=> Array
+    #   resp.artifacts[0].arn #=> String
+    #   resp.artifacts[0].classification_result_status #=> String
+    #   resp.artifacts[0].sensitive #=> Boolean
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileArtifacts AWS API Documentation
+    #
+    # @overload list_resource_profile_artifacts(params = {})
+    # @param [Hash] params ({})
+    def list_resource_profile_artifacts(params = {}, options = {})
+      req = build_request(:list_resource_profile_artifacts, params)
+      req.send_request(options)
+    end
+
+    # Retrieves information about the types and amount of sensitive data
+    # that Amazon Macie found in an S3 bucket.
+    #
+    # @option params [Integer] :max_results
+    #
+    # @option params [String] :next_token
+    #
+    # @option params [required, String] :resource_arn
+    #
+    # @return [Types::ListResourceProfileDetectionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListResourceProfileDetectionsResponse#detections #detections} => Array&lt;Types::Detection&gt;
+    #   * {Types::ListResourceProfileDetectionsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_resource_profile_detections({
+    #     max_results: 1,
+    #     next_token: "__string",
+    #     resource_arn: "__string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.detections #=> Array
+    #   resp.detections[0].arn #=> String
+    #   resp.detections[0].count #=> Integer
+    #   resp.detections[0].id #=> String
+    #   resp.detections[0].name #=> String
+    #   resp.detections[0].suppressed #=> Boolean
+    #   resp.detections[0].type #=> String, one of "CUSTOM", "MANAGED"
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileDetections AWS API Documentation
+    #
+    # @overload list_resource_profile_detections(params = {})
+    # @param [Hash] params ({})
+    def list_resource_profile_detections(params = {}, options = {})
+      req = build_request(:list_resource_profile_detections, params)
+      req.send_request(options)
+    end
+
+    # Retrieves a subset of information about the sensitivity inspection
+    # template for an account.
+    #
+    # @option params [Integer] :max_results
+    #
+    # @option params [String] :next_token
+    #
+    # @return [Types::ListSensitivityInspectionTemplatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListSensitivityInspectionTemplatesResponse#next_token #next_token} => String
+    #   * {Types::ListSensitivityInspectionTemplatesResponse#sensitivity_inspection_templates #sensitivity_inspection_templates} => Array&lt;Types::SensitivityInspectionTemplatesEntry&gt;
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_sensitivity_inspection_templates({
+    #     max_results: 1,
+    #     next_token: "__string",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.next_token #=> String
+    #   resp.sensitivity_inspection_templates #=> Array
+    #   resp.sensitivity_inspection_templates[0].id #=> String
+    #   resp.sensitivity_inspection_templates[0].name #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListSensitivityInspectionTemplates AWS API Documentation
+    #
+    # @overload list_sensitivity_inspection_templates(params = {})
+    # @param [Hash] params ({})
+    def list_sensitivity_inspection_templates(params = {}, options = {})
+      req = build_request(:list_sensitivity_inspection_templates, params)
+      req.send_request(options)
+    end
+
+    # Retrieves the tags (keys and values) that are associated with an
+    # Amazon Macie resource.
     #
     # @option params [required, String] :resource_arn
     #
@@ -2509,8 +3144,8 @@ module Aws::Macie2
     #
     # @option params [required, Types::ClassificationExportConfiguration] :configuration
     #   Specifies where to store data classification results, and the
-    #   encryption settings to use when storing results in that location.
-    #   Currently, you can store classification results only in an S3 bucket.
+    #   encryption settings to use when storing results in that location. The
+    #   location must be an S3 bucket.
     #
     # @return [Types::PutClassificationExportConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2671,12 +3306,14 @@ module Aws::Macie2
     #   resp.matching_resources[0].matching_bucket.job_details.is_monitored_by_job #=> String, one of "TRUE", "FALSE", "UNKNOWN"
     #   resp.matching_resources[0].matching_bucket.job_details.last_job_id #=> String
     #   resp.matching_resources[0].matching_bucket.job_details.last_job_run_time #=> Time
+    #   resp.matching_resources[0].matching_bucket.last_automated_discovery_time #=> Time
     #   resp.matching_resources[0].matching_bucket.object_count #=> Integer
     #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.customer_managed #=> Integer
     #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.kms_managed #=> Integer
     #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.s3_managed #=> Integer
     #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unencrypted #=> Integer
     #   resp.matching_resources[0].matching_bucket.object_count_by_encryption_type.unknown #=> Integer
+    #   resp.matching_resources[0].matching_bucket.sensitivity_score #=> Integer
     #   resp.matching_resources[0].matching_bucket.size_in_bytes #=> Integer
     #   resp.matching_resources[0].matching_bucket.size_in_bytes_compressed #=> Integer
     #   resp.matching_resources[0].matching_bucket.unclassifiable_object_count.file_type #=> Integer
@@ -2697,15 +3334,13 @@ module Aws::Macie2
     end
 
     # Adds or updates one or more tags (keys and values) that are associated
-    # with a classification job, custom data identifier, findings filter, or
-    # member account.
+    # with an Amazon Macie resource.
     #
     # @option params [required, String] :resource_arn
     #
     # @option params [required, Hash<String,String>] :tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -2766,8 +3401,8 @@ module Aws::Macie2
       req.send_request(options)
     end
 
-    # Removes one or more tags (keys and values) from a classification job,
-    # custom data identifier, findings filter, or member account.
+    # Removes one or more tags (keys and values) from an Amazon Macie
+    # resource.
     #
     # @option params [required, String] :resource_arn
     #
@@ -2791,6 +3426,76 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Updates the settings for an allow list.
+    #
+    # @option params [required, Types::AllowListCriteria] :criteria
+    #   Specifies the criteria for an allow list. The criteria must specify a
+    #   regular expression (regex) or an S3 object (s3WordsList). It can't
+    #   specify both.
+    #
+    # @option params [String] :description
+    #
+    # @option params [required, String] :id
+    #
+    # @option params [required, String] :name
+    #
+    # @return [Types::UpdateAllowListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdateAllowListResponse#arn #arn} => String
+    #   * {Types::UpdateAllowListResponse#id #id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_allow_list({
+    #     criteria: { # required
+    #       regex: "__stringMin1Max512PatternSS",
+    #       s3_words_list: {
+    #         bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #         object_key: "__stringMin1Max1024PatternSS", # required
+    #       },
+    #     },
+    #     description: "__stringMin1Max512PatternSS",
+    #     id: "__string", # required
+    #     name: "__stringMin1Max128Pattern", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.arn #=> String
+    #   resp.id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAllowList AWS API Documentation
+    #
+    # @overload update_allow_list(params = {})
+    # @param [Hash] params ({})
+    def update_allow_list(params = {}, options = {})
+      req = build_request(:update_allow_list, params)
+      req.send_request(options)
+    end
+
+    # Enables or disables automated sensitive data discovery for an account.
+    #
+    # @option params [required, String] :status
+    #   The status of the automated sensitive data discovery configuration for
+    #   an Amazon Macie account. Valid values are:
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_automated_discovery_configuration({
+    #     status: "ENABLED", # required, accepts ENABLED, DISABLED
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAutomatedDiscoveryConfiguration AWS API Documentation
+    #
+    # @overload update_automated_discovery_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_automated_discovery_configuration(params = {}, options = {})
+      req = build_request(:update_automated_discovery_configuration, params)
+      req.send_request(options)
+    end
+
     # Changes the status of a classification job.
     #
     # @option params [required, String] :job_id
@@ -2816,13 +3521,48 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Updates the classification scope settings for an account.
+    #
+    # @option params [required, String] :id
+    #
+    # @option params [Types::S3ClassificationScopeUpdate] :s3
+    #   Specifies changes to the list of S3 buckets that are excluded from
+    #   automated sensitive data discovery for an Amazon Macie account.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_classification_scope({
+    #     id: "__string", # required
+    #     s3: {
+    #       excludes: { # required
+    #         bucket_names: ["S3BucketName"], # required
+    #         operation: "ADD", # required, accepts ADD, REPLACE, REMOVE
+    #       },
+    #     },
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateClassificationScope AWS API Documentation
+    #
+    # @overload update_classification_scope(params = {})
+    # @param [Hash] params ({})
+    def update_classification_scope(params = {}, options = {})
+      req = build_request(:update_classification_scope, params)
+      req.send_request(options)
+    end
+
     # Updates the criteria and other settings for a findings filter.
     #
     # @option params [String] :action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria, set
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria, set
     #   this value to ARCHIVE. Valid values are:
     #
+    # @option params [String] :client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
     # @option params [String] :description
     #
     # @option params [Types::FindingCriteria] :finding_criteria
@@ -2835,10 +3575,6 @@ module Aws::Macie2
     #
     # @option params [Integer] :position
     #
-    # @option params [String] :client_token
-    #   **A suitable default value is auto-generated.** You should normally
-    #   not need to pass this option.**
-    #
     # @return [Types::UpdateFindingsFilterResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateFindingsFilterResponse#arn #arn} => String
@@ -2848,6 +3584,7 @@ module Aws::Macie2
     #
     #   resp = client.update_findings_filter({
     #     action: "ARCHIVE", # accepts ARCHIVE, NOOP
+    #     client_token: "__string",
     #     description: "__string",
     #     finding_criteria: {
     #       criterion: {
@@ -2865,7 +3602,6 @@ module Aws::Macie2
     #     id: "__string", # required
     #     name: "__string",
     #     position: 1,
-    #     client_token: "__string",
     #   })
     #
     # @example Response structure
@@ -2888,9 +3624,9 @@ module Aws::Macie2
     # @option params [String] :finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to Security
-    #   Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events).
-    #   For more information, see [Monitoring and processing findings][1] in
-    #   the *Amazon Macie User Guide*. Valid values are:
+    #   Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For
+    #   more information, see [Monitoring and processing findings][1] in the
+    #   *Amazon Macie User Guide*. Valid values are:
     #
     #
     #
@@ -2965,6 +3701,154 @@ module Aws::Macie2
       req.send_request(options)
     end
 
+    # Updates the sensitivity score for an S3 bucket.
+    #
+    # @option params [required, String] :resource_arn
+    #
+    # @option params [Integer] :sensitivity_score_override
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_resource_profile({
+    #     resource_arn: "__string", # required
+    #     sensitivity_score_override: 1,
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfile AWS API Documentation
+    #
+    # @overload update_resource_profile(params = {})
+    # @param [Hash] params ({})
+    def update_resource_profile(params = {}, options = {})
+      req = build_request(:update_resource_profile, params)
+      req.send_request(options)
+    end
+
+    # Updates the sensitivity scoring settings for an S3 bucket.
+    #
+    # @option params [required, String] :resource_arn
+    #
+    # @option params [Array<Types::SuppressDataIdentifier>] :suppress_data_identifiers
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_resource_profile_detections({
+    #     resource_arn: "__string", # required
+    #     suppress_data_identifiers: [
+    #       {
+    #         id: "__string",
+    #         type: "CUSTOM", # accepts CUSTOM, MANAGED
+    #       },
+    #     ],
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfileDetections AWS API Documentation
+    #
+    # @overload update_resource_profile_detections(params = {})
+    # @param [Hash] params ({})
+    def update_resource_profile_detections(params = {}, options = {})
+      req = build_request(:update_resource_profile_detections, params)
+      req.send_request(options)
+    end
+
+    # Updates the status and configuration settings for retrieving
+    # occurrences of sensitive data reported by findings.
+    #
+    # @option params [required, Types::RevealConfiguration] :configuration
+    #   Specifies the configuration settings for retrieving occurrences of
+    #   sensitive data reported by findings, and the status of the
+    #   configuration for an Amazon Macie account. When you enable the
+    #   configuration for the first time, your request must specify an Key
+    #   Management Service (KMS) key. Otherwise, an error occurs. Macie uses
+    #   the specified key to encrypt the sensitive data that you retrieve.
+    #
+    # @return [Types::UpdateRevealConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdateRevealConfigurationResponse#configuration #configuration} => Types::RevealConfiguration
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_reveal_configuration({
+    #     configuration: { # required
+    #       kms_key_id: "__stringMin1Max2048",
+    #       status: "ENABLED", # required, accepts ENABLED, DISABLED
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.configuration.kms_key_id #=> String
+    #   resp.configuration.status #=> String, one of "ENABLED", "DISABLED"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateRevealConfiguration AWS API Documentation
+    #
+    # @overload update_reveal_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_reveal_configuration(params = {}, options = {})
+      req = build_request(:update_reveal_configuration, params)
+      req.send_request(options)
+    end
+
+    # Updates the settings for the sensitivity inspection template for an
+    # account.
+    #
+    # @option params [String] :description
+    #
+    # @option params [Types::SensitivityInspectionTemplateExcludes] :excludes
+    #   Specifies managed data identifiers to exclude (not use) when
+    #   performing automated sensitive data discovery for an Amazon Macie
+    #   account. For information about the managed data identifiers that
+    #   Amazon Macie currently provides, see [Using managed data
+    #   identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #
+    # @option params [required, String] :id
+    #
+    # @option params [Types::SensitivityInspectionTemplateIncludes] :includes
+    #   Specifies the allow lists, custom data identifiers, and managed data
+    #   identifiers to include (use) when performing automated sensitive data
+    #   discovery for an Amazon Macie account. The configuration must specify
+    #   at least one custom data identifier or managed data identifier. For
+    #   information about the managed data identifiers that Amazon Macie
+    #   currently provides, see [Using managed data identifiers][1] in the
+    #   *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_sensitivity_inspection_template({
+    #     description: "__string",
+    #     excludes: {
+    #       managed_data_identifier_ids: ["__string"],
+    #     },
+    #     id: "__string", # required
+    #     includes: {
+    #       allow_list_ids: ["__string"],
+    #       custom_data_identifier_ids: ["__string"],
+    #       managed_data_identifier_ids: ["__string"],
+    #     },
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateSensitivityInspectionTemplate AWS API Documentation
+    #
+    # @overload update_sensitivity_inspection_template(params = {})
+    # @param [Hash] params ({})
+    def update_sensitivity_inspection_template(params = {}, options = {})
+      req = build_request(:update_sensitivity_inspection_template, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -2978,14 +3862,127 @@ module Aws::Macie2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-macie2'
-      context[:gem_version] = '1.40.0'
+      context[:gem_version] = '1.61.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 
+    # Polls an API operation until a resource enters a desired state.
+    #
+    # ## Basic Usage
+    #
+    # A waiter will call an API operation until:
+    #
+    # * It is successful
+    # * It enters a terminal state
+    # * It makes the maximum number of attempts
+    #
+    # In between attempts, the waiter will sleep.
+    #
+    #     # polls in a loop, sleeping between attempts
+    #     client.wait_until(waiter_name, params)
+    #
+    # ## Configuration
+    #
+    # You can configure the maximum number of polling attempts, and the
+    # delay (in seconds) between each polling attempt. You can pass
+    # configuration as the final arguments hash.
+    #
+    #     # poll for ~25 seconds
+    #     client.wait_until(waiter_name, params, {
+    #       max_attempts: 5,
+    #       delay: 5,
+    #     })
+    #
+    # ## Callbacks
+    #
+    # You can be notified before each polling attempt and before each
+    # delay. If you throw `:success` or `:failure` from these callbacks,
+    # it will terminate the waiter.
+    #
+    #     started_at = Time.now
+    #     client.wait_until(waiter_name, params, {
+    #
+    #       # disable max attempts
+    #       max_attempts: nil,
+    #
+    #       # poll for 1 hour, instead of a number of attempts
+    #       before_wait: -> (attempts, response) do
+    #         throw :failure if Time.now - started_at > 3600
+    #       end
+    #     })
+    #
+    # ## Handling Errors
+    #
+    # When a waiter is unsuccessful, it will raise an error.
+    # All of the failure errors extend from
+    # {Aws::Waiters::Errors::WaiterFailed}.
+    #
+    #     begin
+    #       client.wait_until(...)
+    #     rescue Aws::Waiters::Errors::WaiterFailed
+    #       # resource did not enter the desired state in time
+    #     end
+    #
+    # ## Valid Waiters
+    #
+    # The following table lists the valid waiter names, the operations they call,
+    # and the default `:delay` and `:max_attempts` values.
+    #
+    # | waiter_name      | params                                  | :delay   | :max_attempts |
+    # | ---------------- | --------------------------------------- | -------- | ------------- |
+    # | finding_revealed | {Client#get_sensitive_data_occurrences} | 2        | 60            |
+    #
+    # @raise [Errors::FailureStateError] Raised when the waiter terminates
+    #   because the waiter has entered a state that it will not transition
+    #   out of, preventing success.
+    #
+    # @raise [Errors::TooManyAttemptsError] Raised when the configured
+    #   maximum number of attempts have been made, and the waiter is not
+    #   yet successful.
+    #
+    # @raise [Errors::UnexpectedError] Raised when an error is encounted
+    #   while polling for a resource that is not expected.
+    #
+    # @raise [Errors::NoSuchWaiterError] Raised when you request to wait
+    #   for an unknown state.
+    #
+    # @return [Boolean] Returns `true` if the waiter was successful.
+    # @param [Symbol] waiter_name
+    # @param [Hash] params ({})
+    # @param [Hash] options ({})
+    # @option options [Integer] :max_attempts
+    # @option options [Integer] :delay
+    # @option options [Proc] :before_attempt
+    # @option options [Proc] :before_wait
+    def wait_until(waiter_name, params = {}, options = {})
+      w = waiter(waiter_name, options)
+      yield(w.waiter) if block_given? # deprecated
+      w.wait(params)
+    end
+
     # @api private
     # @deprecated
     def waiter_names
-      []
+      waiters.keys
+    end
+
+    private
+
+    # @param [Symbol] waiter_name
+    # @param [Hash] options ({})
+    def waiter(waiter_name, options = {})
+      waiter_class = waiters[waiter_name]
+      if waiter_class
+        waiter_class.new(options.merge(client: self))
+      else
+        raise Aws::Waiters::Errors::NoSuchWaiterError.new(waiter_name, waiters.keys)
+      end
+    end
+
+    def waiters
+      {
+        finding_revealed: Waiters::FindingRevealed
+      }
     end
 
     class << self