aws-sdk-macie2 1.44.0 → 1.47.0

data/lib/aws-sdk-macie2/types.rb

@@ -152,6 +152,92 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Specifies the criteria for an allow list. The criteria must specify a
+    # regular expression (regex) or an S3 object (s3WordsList). It can't
+    # specify both.
+    #
+    # @note When making an API call, you may pass AllowListCriteria
+    #   data as a hash:
+    #
+    #       {
+    #         regex: "__stringMin1Max512PatternSS",
+    #         s3_words_list: {
+    #           bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #           object_key: "__stringMin1Max1024PatternSS", # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] regex
+    #   @return [String]
+    #
+    # @!attribute [rw] s3_words_list
+    #   Provides information about an S3 object that lists specific text to
+    #   ignore.
+    #   @return [Types::S3WordsList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/AllowListCriteria AWS API Documentation
+    #
+    class AllowListCriteria < Struct.new(
+      :regex,
+      :s3_words_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about the current status of an allow list, which
+    # indicates whether Amazon Macie can access and use the list's
+    # criteria.
+    #
+    # @!attribute [rw] code
+    #   Indicates the current status of an allow list. Depending on the type
+    #   of criteria that the list specifies, possible values are:
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/AllowListStatus AWS API Documentation
+    #
+    class AllowListStatus < Struct.new(
+      :code,
+      :description)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides a subset of information about an allow list.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] created_at
+    #   @return [Time]
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] updated_at
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/AllowListSummary AWS API Documentation
+    #
+    class AllowListSummary < Struct.new(
+      :arn,
+      :created_at,
+      :description,
+      :id,
+      :name,
+      :updated_at)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about an API operation that an entity invoked for
     # an affected resource.
     #
@@ -832,8 +918,8 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Provides information about a sensitive data finding, including the
-    # classification job that produced the finding.
+    # Provides information about a sensitive data finding and the details of
+    # the finding.
     #
     # @!attribute [rw] detailed_results_location
     #   @return [String]
@@ -844,6 +930,11 @@ module Aws::Macie2
     # @!attribute [rw] job_id
     #   @return [String]
     #
+    # @!attribute [rw] origin_type
+    #   Specifies how Amazon Macie found the sensitive data that produced a
+    #   finding. The only possible value is:
+    #   @return [String]
+    #
     # @!attribute [rw] result
     #   Provides the details of a sensitive data finding, including the
     #   types, number of occurrences, and locations of the sensitive data
@@ -856,6 +947,7 @@ module Aws::Macie2
       :detailed_results_location,
       :job_arn,
       :job_id,
+      :origin_type,
       :result)
       SENSITIVE = []
       include Aws::Structure
@@ -961,6 +1053,82 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Specifies the settings for an allow list. When Amazon Macie processes
+    # the request, Macie tests the list's criteria. If the criteria specify
+    # a regular expression that Macie can't compile or an S3 object that
+    # Macie can't retrieve or parse, an error occurs.
+    #
+    # @note When making an API call, you may pass CreateAllowListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         client_token: "__string", # required
+    #         criteria: { # required
+    #           regex: "__stringMin1Max512PatternSS",
+    #           s3_words_list: {
+    #             bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #             object_key: "__stringMin1Max1024PatternSS", # required
+    #           },
+    #         },
+    #         description: "__stringMin1Max512PatternSS",
+    #         name: "__stringMin1Max128Pattern", # required
+    #         tags: {
+    #           "__string" => "__string",
+    #         },
+    #       }
+    #
+    # @!attribute [rw] client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @!attribute [rw] criteria
+    #   Specifies the criteria for an allow list. The criteria must specify
+    #   a regular expression (regex) or an S3 object (s3WordsList). It
+    #   can't specify both.
+    #   @return [Types::AllowListCriteria]
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   A string-to-string map of key-value pairs that specifies the tags
+    #   (keys and values) for an Amazon Macie resource.
+    #   @return [Hash<String,String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateAllowListRequest AWS API Documentation
+    #
+    class CreateAllowListRequest < Struct.new(
+      :client_token,
+      :criteria,
+      :description,
+      :name,
+      :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about an allow list that was created in response
+    # to a request.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateAllowListResponse AWS API Documentation
+    #
+    class CreateAllowListResponse < Struct.new(
+      :arn,
+      :id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies the scope, schedule, and other settings for a classification
     # job. You can't change any settings for a classification job after you
     # create it. This helps ensure that you have an immutable history of
@@ -971,6 +1139,7 @@ module Aws::Macie2
     #   data as a hash:
     #
     #       {
+    #         allow_list_ids: ["__string"],
     #         client_token: "__string", # required
     #         custom_data_identifier_ids: ["__string"],
     #         description: "__string",
@@ -1091,6 +1260,9 @@ module Aws::Macie2
     #         },
     #       }
     #
+    # @!attribute [rw] allow_list_ids
+    #   @return [Array<String>]
+    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -1139,13 +1311,13 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateClassificationJobRequest AWS API Documentation
     #
     class CreateClassificationJobRequest < Struct.new(
+      :allow_list_ids,
       :client_token,
       :custom_data_identifier_ids,
       :description,
@@ -1250,8 +1422,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateCustomDataIdentifierRequest AWS API Documentation
@@ -1340,8 +1511,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateFindingsFilterRequest AWS API Documentation
@@ -1448,8 +1618,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/CreateMemberRequest AWS API Documentation
@@ -1788,6 +1957,33 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeleteAllowListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         id: "__string", # required
+    #         ignore_job_checks: "__string",
+    #       }
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] ignore_job_checks
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DeleteAllowListRequest AWS API Documentation
+    #
+    class DeleteAllowListRequest < Struct.new(
+      :id,
+      :ignore_job_checks)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DeleteAllowListResponse AWS API Documentation
+    #
+    class DeleteAllowListResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DeleteCustomDataIdentifierRequest
     #   data as a hash:
     #
@@ -1983,6 +2179,9 @@ module Aws::Macie2
     # Provides information about a classification job, including the current
     # configuration settings and status of the job.
     #
+    # @!attribute [rw] allow_list_ids
+    #   @return [Array<String>]
+    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -2062,8 +2261,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @!attribute [rw] user_paused_details
@@ -2080,6 +2278,7 @@ module Aws::Macie2
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DescribeClassificationJobResponse AWS API Documentation
     #
     class DescribeClassificationJobResponse < Struct.new(
+      :allow_list_ids,
       :client_token,
       :created_at,
       :custom_data_identifier_ids,
@@ -2128,6 +2327,20 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Specifies 1-10 occurrences of a specific type of sensitive data
+    # reported by a finding.
+    #
+    # @!attribute [rw] value
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DetectedDataDetails AWS API Documentation
+    #
+    class DetectedDataDetails < Struct.new(
+      :value)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @api private
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DisableMacieRequest AWS API Documentation
@@ -2243,10 +2456,9 @@ module Aws::Macie2
     # @!attribute [rw] finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to
-    #   Security Hub and Amazon EventBridge (formerly called Amazon
-    #   CloudWatch Events). For more information, see [Monitoring and
-    #   processing findings][1] in the *Amazon Macie User Guide*. Valid
-    #   values are:
+    #   Security Hub and Amazon EventBridge (formerly Amazon CloudWatch
+    #   Events). For more information, see [Monitoring and processing
+    #   findings][1] in the *Amazon Macie User Guide*. Valid values are:
     #
     #
     #
@@ -2352,8 +2564,8 @@ module Aws::Macie2
     #   @return [String]
     #
     # @!attribute [rw] classification_details
-    #   Provides information about a sensitive data finding, including the
-    #   classification job that produced the finding.
+    #   Provides information about a sensitive data finding and the details
+    #   of the finding.
     #   @return [Types::ClassificationDetails]
     #
     # @!attribute [rw] count
@@ -2571,8 +2783,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/FindingsFilterListItem AWS API Documentation
@@ -2610,6 +2821,77 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetAllowListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         id: "__string", # required
+    #       }
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAllowListRequest AWS API Documentation
+    #
+    class GetAllowListRequest < Struct.new(
+      :id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about the settings and status of an allow list.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] created_at
+    #   @return [Time]
+    #
+    # @!attribute [rw] criteria
+    #   Specifies the criteria for an allow list. The criteria must specify
+    #   a regular expression (regex) or an S3 object (s3WordsList). It
+    #   can't specify both.
+    #   @return [Types::AllowListCriteria]
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   Provides information about the current status of an allow list,
+    #   which indicates whether Amazon Macie can access and use the list's
+    #   criteria.
+    #   @return [Types::AllowListStatus]
+    #
+    # @!attribute [rw] tags
+    #   A string-to-string map of key-value pairs that specifies the tags
+    #   (keys and values) for an Amazon Macie resource.
+    #   @return [Hash<String,String>]
+    #
+    # @!attribute [rw] updated_at
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAllowListResponse AWS API Documentation
+    #
+    class GetAllowListResponse < Struct.new(
+      :arn,
+      :created_at,
+      :criteria,
+      :description,
+      :id,
+      :name,
+      :status,
+      :tags,
+      :updated_at)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies the account that owns the S3 buckets to retrieve aggregated
     # statistical data for.
     #
@@ -2821,8 +3103,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetCustomDataIdentifierResponse AWS API Documentation
@@ -2963,8 +3244,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetFindingsFilterResponse AWS API Documentation
@@ -3089,10 +3369,9 @@ module Aws::Macie2
     # @!attribute [rw] finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to
-    #   Security Hub and Amazon EventBridge (formerly called Amazon
-    #   CloudWatch Events). For more information, see [Monitoring and
-    #   processing findings][1] in the *Amazon Macie User Guide*. Valid
-    #   values are:
+    #   Security Hub and Amazon EventBridge (formerly Amazon CloudWatch
+    #   Events). For more information, see [Monitoring and processing
+    #   findings][1] in the *Amazon Macie User Guide*. Valid values are:
     #
     #
     #
@@ -3190,8 +3469,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @!attribute [rw] updated_at
@@ -3213,6 +3491,116 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @api private
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetRevealConfigurationRequest AWS API Documentation
+    #
+    class GetRevealConfigurationRequest < Aws::EmptyStructure; end
+
+    # Provides information about the configuration settings for retrieving
+    # occurrences of sensitive data reported by findings, and the status of
+    # the configuration for an Amazon Macie account.
+    #
+    # @!attribute [rw] configuration
+    #   Specifies the configuration settings for retrieving occurrences of
+    #   sensitive data reported by findings, and the status of the
+    #   configuration for an Amazon Macie account. When you enable the
+    #   configuration for the first time, your request must specify an Key
+    #   Management Service (KMS) key. Otherwise, an error occurs. Macie uses
+    #   the specified key to encrypt the sensitive data that you retrieve.
+    #   @return [Types::RevealConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetRevealConfigurationResponse AWS API Documentation
+    #
+    class GetRevealConfigurationResponse < Struct.new(
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetSensitiveDataOccurrencesAvailabilityRequest
+    #   data as a hash:
+    #
+    #       {
+    #         finding_id: "__string", # required
+    #       }
+    #
+    # @!attribute [rw] finding_id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrencesAvailabilityRequest AWS API Documentation
+    #
+    class GetSensitiveDataOccurrencesAvailabilityRequest < Struct.new(
+      :finding_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about whether occurrences of sensitive data can
+    # be retrieved for a finding and, if not, why the data can't be
+    # retrieved.
+    #
+    # @!attribute [rw] code
+    #   Specifies whether occurrences of sensitive data can be retrieved for
+    #   a finding. Possible values are:
+    #   @return [String]
+    #
+    # @!attribute [rw] reasons
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrencesAvailabilityResponse AWS API Documentation
+    #
+    class GetSensitiveDataOccurrencesAvailabilityResponse < Struct.new(
+      :code,
+      :reasons)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetSensitiveDataOccurrencesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         finding_id: "__string", # required
+    #       }
+    #
+    # @!attribute [rw] finding_id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrencesRequest AWS API Documentation
+    #
+    class GetSensitiveDataOccurrencesRequest < Struct.new(
+      :finding_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request to retrieve occurrences of sensitive
+    # data reported by a finding.
+    #
+    # @!attribute [rw] error
+    #   @return [String]
+    #
+    # @!attribute [rw] sensitive_data_occurrences
+    #   Specifies a type of sensitive data reported by a finding and
+    #   provides occurrences of the specified type of sensitive data.
+    #   @return [Hash<String,Array<Types::DetectedDataDetails>>]
+    #
+    # @!attribute [rw] status
+    #   The status of a request to retrieve occurrences of sensitive data
+    #   reported by a finding. Possible values are:
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitiveDataOccurrencesResponse AWS API Documentation
+    #
+    class GetSensitiveDataOccurrencesResponse < Struct.new(
+      :error,
+      :sensitive_data_occurrences,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies criteria for filtering, sorting, and paginating the results
     # of a query for quotas and aggregated usage data for one or more Amazon
     # Macie accounts.
@@ -3791,6 +4179,46 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListAllowListsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         max_results: 1,
+    #         next_token: "__string",
+    #       }
+    #
+    # @!attribute [rw] max_results
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListAllowListsRequest AWS API Documentation
+    #
+    class ListAllowListsRequest < Struct.new(
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request for information about allow lists.
+    #
+    # @!attribute [rw] allow_lists
+    #   @return [Array<Types::AllowListSummary>]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListAllowListsResponse AWS API Documentation
+    #
+    class ListAllowListsResponse < Struct.new(
+      :allow_lists,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies criteria for filtering, sorting, and paginating the results
     # of a request for information about classification jobs.
     #
@@ -4117,7 +4545,8 @@ module Aws::Macie2
     #       }
     #
     # @!attribute [rw] comparator
-    #   The operator to use in a condition. Valid values are:
+    #   The operator to use in a condition. Depending on the type of
+    #   condition, possible values are:
     #   @return [String]
     #
     # @!attribute [rw] key
@@ -4309,13 +4738,11 @@ module Aws::Macie2
     end
 
     # Provides information about the tags (keys and values) that are
-    # associated with a classification job, custom data identifier, findings
-    # filter, or member account.
+    # associated with an Amazon Macie resource.
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListTagsForResourceResponse AWS API Documentation
@@ -4495,8 +4922,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @!attribute [rw] updated_at
@@ -4607,9 +5033,13 @@ module Aws::Macie2
     #   @return [Array<Types::Cell>]
     #
     # @!attribute [rw] line_ranges
+    #   Specifies the locations of occurrences of sensitive data in a
+    #   non-binary text file.
     #   @return [Array<Types::Range>]
     #
     # @!attribute [rw] offset_ranges
+    #   Specifies the locations of occurrences of sensitive data in a
+    #   non-binary text file.
     #   @return [Array<Types::Range>]
     #
     # @!attribute [rw] pages
@@ -4618,6 +5048,8 @@ module Aws::Macie2
     #   @return [Array<Types::Page>]
     #
     # @!attribute [rw] records
+    #   Specifies the locations of occurrences of sensitive data in an
+    #   Apache Avro object container or a structured data file.
     #   @return [Array<Types::Record>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/Occurrences AWS API Documentation
@@ -4869,6 +5301,38 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Specifies the configuration settings for retrieving occurrences of
+    # sensitive data reported by findings, and the status of the
+    # configuration for an Amazon Macie account. When you enable the
+    # configuration for the first time, your request must specify an Key
+    # Management Service (KMS) key. Otherwise, an error occurs. Macie uses
+    # the specified key to encrypt the sensitive data that you retrieve.
+    #
+    # @note When making an API call, you may pass RevealConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         kms_key_id: "__stringMin1Max2048",
+    #         status: "ENABLED", # required, accepts ENABLED, DISABLED
+    #       }
+    #
+    # @!attribute [rw] kms_key_id
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The status of the configuration for retrieving occurrences of
+    #   sensitive data reported by findings. Valid values are:
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/RevealConfiguration AWS API Documentation
+    #
+    class RevealConfiguration < Struct.new(
+      :kms_key_id,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about the S3 bucket that a finding applies to.
     #
     # @!attribute [rw] allows_unencrypted_object_uploads
@@ -5262,6 +5726,32 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides information about an S3 object that lists specific text to
+    # ignore.
+    #
+    # @note When making an API call, you may pass S3WordsList
+    #   data as a hash:
+    #
+    #       {
+    #         bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #         object_key: "__stringMin1Max1024PatternSS", # required
+    #       }
+    #
+    # @!attribute [rw] bucket_name
+    #   @return [String]
+    #
+    # @!attribute [rw] object_key
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3WordsList AWS API Documentation
+    #
+    class S3WordsList < Struct.new(
+      :bucket_name,
+      :object_key)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies one or more property- and tag-based conditions that define
     # criteria for including or excluding S3 objects from a classification
     # job. Exclude conditions take precedence over include conditions.
@@ -5973,7 +6463,8 @@ module Aws::Macie2
     #       }
     #
     # @!attribute [rw] comparator
-    #   The operator to use in a condition. Valid values are:
+    #   The operator to use in a condition. Depending on the type of
+    #   condition, possible values are:
     #   @return [String]
     #
     # @!attribute [rw] key
@@ -6008,7 +6499,8 @@ module Aws::Macie2
     #       }
     #
     # @!attribute [rw] comparator
-    #   The operator to use in a condition. Valid values are:
+    #   The operator to use in a condition. Depending on the type of
+    #   condition, possible values are:
     #   @return [String]
     #
     # @!attribute [rw] key
@@ -6089,7 +6581,8 @@ module Aws::Macie2
     #       }
     #
     # @!attribute [rw] comparator
-    #   The operator to use in a condition. Valid values are:
+    #   The operator to use in a condition. Depending on the type of
+    #   condition, possible values are:
     #   @return [String]
     #
     # @!attribute [rw] tag_values
@@ -6133,9 +6626,8 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Specifies the tags (keys and values) to associate with a
-    # classification job, custom data identifier, findings filter, or member
-    # account.
+    # Specifies the tags (keys and values) to associate with an Amazon Macie
+    # resource.
     #
     # @note When making an API call, you may pass TagResourceRequest
     #   data as a hash:
@@ -6152,8 +6644,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] tags
     #   A string-to-string map of key-value pairs that specifies the tags
-    #   (keys and values) for a classification job, custom data identifier,
-    #   findings filter, or member account.
+    #   (keys and values) for an Amazon Macie resource.
     #   @return [Hash<String,String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/TagResourceRequest AWS API Documentation
@@ -6165,7 +6656,8 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # The request succeeded. The specified tags were added to the resource.
+    # The request succeeded. The specified tags were added or updated for
+    # the resource.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/TagResourceResponse AWS API Documentation
     #
@@ -6190,7 +6682,8 @@ module Aws::Macie2
     #       }
     #
     # @!attribute [rw] comparator
-    #   The operator to use in a condition. Valid values are:
+    #   The operator to use in a condition. Depending on the type of
+    #   condition, possible values are:
     #   @return [String]
     #
     # @!attribute [rw] key
@@ -6311,6 +6804,20 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides information about an error that occurred due to an
+    # unprocessable entity.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UnprocessableEntityException AWS API Documentation
+    #
+    class UnprocessableEntityException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about an account-related request that hasn't
     # been processed.
     #
@@ -6364,6 +6871,72 @@ module Aws::Macie2
     #
     class UntagResourceResponse < Aws::EmptyStructure; end
 
+    # Changes the settings for an allow list. If you change the list's
+    # criteria, Amazon Macie tests the new criteria when it processes your
+    # request. If the criteria specify a regular expression that Macie
+    # can't compile or an S3 object that Macie can't retrieve or parse, an
+    # error occurs.
+    #
+    # @note When making an API call, you may pass UpdateAllowListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         criteria: { # required
+    #           regex: "__stringMin1Max512PatternSS",
+    #           s3_words_list: {
+    #             bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
+    #             object_key: "__stringMin1Max1024PatternSS", # required
+    #           },
+    #         },
+    #         description: "__stringMin1Max512PatternSS",
+    #         id: "__string", # required
+    #         name: "__stringMin1Max128Pattern", # required
+    #       }
+    #
+    # @!attribute [rw] criteria
+    #   Specifies the criteria for an allow list. The criteria must specify
+    #   a regular expression (regex) or an S3 object (s3WordsList). It
+    #   can't specify both.
+    #   @return [Types::AllowListCriteria]
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAllowListRequest AWS API Documentation
+    #
+    class UpdateAllowListRequest < Struct.new(
+      :criteria,
+      :description,
+      :id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about an allow list whose settings were changed
+    # in response to a request.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAllowListResponse AWS API Documentation
+    #
+    class UpdateAllowListResponse < Struct.new(
+      :arn,
+      :id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Changes the status of a classification job. For more information about
     # pausing, resuming, or cancelling jobs, see [Managing sensitive data
     # discovery jobs][1] in the *Amazon Macie User Guide*.
@@ -6501,10 +7074,9 @@ module Aws::Macie2
     # @!attribute [rw] finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to
-    #   Security Hub and Amazon EventBridge (formerly called Amazon
-    #   CloudWatch Events). For more information, see [Monitoring and
-    #   processing findings][1] in the *Amazon Macie User Guide*. Valid
-    #   values are:
+    #   Security Hub and Amazon EventBridge (formerly Amazon CloudWatch
+    #   Events). For more information, see [Monitoring and processing
+    #   findings][1] in the *Amazon Macie User Guide*. Valid values are:
     #
     #
     #
@@ -6583,6 +7155,58 @@ module Aws::Macie2
     #
     class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
 
+    # Specifies the configuration settings for retrieving occurrences of
+    # sensitive data reported by findings, and the status of the
+    # configuration for an Amazon Macie account.
+    #
+    # @note When making an API call, you may pass UpdateRevealConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         configuration: { # required
+    #           kms_key_id: "__stringMin1Max2048",
+    #           status: "ENABLED", # required, accepts ENABLED, DISABLED
+    #         },
+    #       }
+    #
+    # @!attribute [rw] configuration
+    #   Specifies the configuration settings for retrieving occurrences of
+    #   sensitive data reported by findings, and the status of the
+    #   configuration for an Amazon Macie account. When you enable the
+    #   configuration for the first time, your request must specify an Key
+    #   Management Service (KMS) key. Otherwise, an error occurs. Macie uses
+    #   the specified key to encrypt the sensitive data that you retrieve.
+    #   @return [Types::RevealConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateRevealConfigurationRequest AWS API Documentation
+    #
+    class UpdateRevealConfigurationRequest < Struct.new(
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about updated configuration settings for
+    # retrieving occurrences of sensitive data reported by findings, and the
+    # status of the configuration for an Amazon Macie account.
+    #
+    # @!attribute [rw] configuration
+    #   Specifies the configuration settings for retrieving occurrences of
+    #   sensitive data reported by findings, and the status of the
+    #   configuration for an Amazon Macie account. When you enable the
+    #   configuration for the first time, your request must specify an Key
+    #   Management Service (KMS) key. Otherwise, an error occurs. Macie uses
+    #   the specified key to encrypt the sensitive data that you retrieve.
+    #   @return [Types::RevealConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateRevealConfigurationResponse AWS API Documentation
+    #
+    class UpdateRevealConfigurationResponse < Struct.new(
+      :configuration)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides data for a specific usage metric and the corresponding quota
     # for an Amazon Macie account.
     #