aws-sdk-macie2 1.48.0 → 1.50.0

data/lib/aws-sdk-macie2/types.rb

@@ -18,15 +18,6 @@ module Aws::Macie2
     # The masterAccount property has been deprecated and is retained only
     # for backward compatibility.
     #
-    # @note When making an API call, you may pass AcceptInvitationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         administrator_account_id: "__string",
-    #         invitation_id: "__string", # required
-    #         master_account: "__string",
-    #       }
-    #
     # @!attribute [rw] administrator_account_id
     #   @return [String]
     #
@@ -85,14 +76,6 @@ module Aws::Macie2
     # Specifies the details of an account to associate with an Amazon Macie
     # administrator account.
     #
-    # @note When making an API call, you may pass AccountDetail
-    #   data as a hash:
-    #
-    #       {
-    #         account_id: "__string", # required
-    #         email: "__string", # required
-    #       }
-    #
     # @!attribute [rw] account_id
     #   @return [String]
     #
@@ -113,8 +96,8 @@ module Aws::Macie2
     #
     # @!attribute [rw] block_public_access
     #   Provides information about the block public access settings for an
-    #   S3 bucket. These settings can apply to a bucket at the account level
-    #   or bucket level. For detailed information about each setting, see
+    #   S3 bucket. These settings can apply to a bucket at the account or
+    #   bucket level. For detailed information about each setting, see
     #   [Blocking public access to your Amazon S3 storage][1] in the *Amazon
     #   Simple Storage Service User Guide*.
     #
@@ -156,17 +139,6 @@ module Aws::Macie2
     # regular expression (regex) or an S3 object (s3WordsList). It can't
     # specify both.
     #
-    # @note When making an API call, you may pass AllowListCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         regex: "__stringMin1Max512PatternSS",
-    #         s3_words_list: {
-    #           bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
-    #           object_key: "__stringMin1Max1024PatternSS", # required
-    #         },
-    #       }
-    #
     # @!attribute [rw] regex
     #   @return [String]
     #
@@ -368,13 +340,6 @@ module Aws::Macie2
     # Specifies one or more custom data identifiers to retrieve information
     # about.
     #
-    # @note When making an API call, you may pass BatchGetCustomDataIdentifiersRequest
-    #   data as a hash:
-    #
-    #       {
-    #         ids: ["__string"],
-    #       }
-    #
     # @!attribute [rw] ids
     #   @return [Array<String>]
     #
@@ -404,10 +369,10 @@ module Aws::Macie2
     end
 
     # Provides information about the block public access settings for an S3
-    # bucket. These settings can apply to a bucket at the account level or
-    # bucket level. For detailed information about each setting, see
-    # [Blocking public access to your Amazon S3 storage][1] in the *Amazon
-    # Simple Storage Service User Guide*.
+    # bucket. These settings can apply to a bucket at the account or bucket
+    # level. For detailed information about each setting, see [Blocking
+    # public access to your Amazon S3 storage][1] in the *Amazon Simple
+    # Storage Service User Guide*.
     #
     #
     #
@@ -548,19 +513,6 @@ module Aws::Macie2
     # Specifies the operator to use in a property-based condition that
     # filters the results of a query for information about S3 buckets.
     #
-    # @note When making an API call, you may pass BucketCriteriaAdditionalProperties
-    #   data as a hash:
-    #
-    #       {
-    #         eq: ["__string"],
-    #         gt: 1,
-    #         gte: 1,
-    #         lt: 1,
-    #         lte: 1,
-    #         neq: ["__string"],
-    #         prefix: "__string",
-    #       }
-    #
     # @!attribute [rw] eq
     #   @return [Array<String>]
     #
@@ -606,8 +558,8 @@ module Aws::Macie2
     #
     # @!attribute [rw] block_public_access
     #   Provides information about the block public access settings for an
-    #   S3 bucket. These settings can apply to a bucket at the account level
-    #   or bucket level. For detailed information about each setting, see
+    #   S3 bucket. These settings can apply to a bucket at the account or
+    #   bucket level. For detailed information about each setting, see
     #   [Blocking public access to your Amazon S3 storage][1] in the *Amazon
     #   Simple Storage Service User Guide*.
     #
@@ -633,12 +585,12 @@ module Aws::Macie2
 
     # Provides statistical data and other information about an S3 bucket
     # that Amazon Macie monitors and analyzes for your account. If an error
-    # occurs when Macie attempts to retrieve and process information about
-    # the bucket or the bucket's objects, the value for the versioning
-    # property is false and the value for most other properties is null.
-    # Exceptions are accountId, bucketArn, bucketCreatedAt, bucketName,
-    # lastUpdated, and region. To identify the cause of the error, refer to
-    # the errorCode and errorMessage values.
+    # occurs when Macie attempts to retrieve and process metadata from
+    # Amazon S3 for the bucket and the bucket's objects, the value for the
+    # versioning property is false and the value for most other properties
+    # is null. Key exceptions are accountId, bucketArn, bucketCreatedAt,
+    # bucketName, lastUpdated, and region. To identify the cause of the
+    # error, refer to the errorCode and errorMessage values.
     #
     # @!attribute [rw] account_id
     #   @return [String]
@@ -663,8 +615,8 @@ module Aws::Macie2
     #
     # @!attribute [rw] error_code
     #   The error code for an error that prevented Amazon Macie from
-    #   retrieving and processing information about an S3 bucket and the
-    #   bucket's objects.
+    #   retrieving and processing metadata from Amazon S3 for an S3 bucket
+    #   and the bucket's objects.
     #   @return [String]
     #
     # @!attribute [rw] error_message
@@ -676,6 +628,9 @@ module Aws::Macie2
     #   of the job that ran most recently.
     #   @return [Types::JobDetails]
     #
+    # @!attribute [rw] last_automated_discovery_time
+    #   @return [Time]
+    #
     # @!attribute [rw] last_updated
     #   @return [Time]
     #
@@ -702,6 +657,9 @@ module Aws::Macie2
     #   Amazon Web Services accounts and, if so, which accounts.
     #   @return [Types::ReplicationDetails]
     #
+    # @!attribute [rw] sensitivity_score
+    #   @return [Integer]
+    #
     # @!attribute [rw] server_side_encryption
     #   Provides information about the default server-side encryption
     #   settings for an S3 bucket. For detailed information about these
@@ -731,10 +689,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @!attribute [rw] unclassifiable_object_size_in_bytes
@@ -742,10 +700,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @!attribute [rw] versioning
@@ -764,12 +722,14 @@ module Aws::Macie2
       :error_code,
       :error_message,
       :job_details,
+      :last_automated_discovery_time,
       :last_updated,
       :object_count,
       :object_count_by_encryption_type,
       :public_access,
       :region,
       :replication_details,
+      :sensitivity_score,
       :server_side_encryption,
       :shared_access,
       :size_in_bytes,
@@ -869,14 +829,6 @@ module Aws::Macie2
     # Specifies criteria for sorting the results of a query for information
     # about S3 buckets.
     #
-    # @note When making an API call, you may pass BucketSortCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         attribute_name: "__string",
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] attribute_name
     #   @return [String]
     #
@@ -892,6 +844,62 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides aggregated statistical data for sensitive data discovery
+    # metrics that apply to S3 buckets, grouped by bucket sensitivity score
+    # (sensitivityScore). If automated sensitive data discovery is currently
+    # disabled for your account, the value for each metric is 0.
+    #
+    # @!attribute [rw] classification_error
+    #   Provides aggregated statistical data for sensitive data discovery
+    #   metrics that apply to S3 buckets. Each field contains aggregated
+    #   data for all the buckets that have a sensitivity score
+    #   (sensitivityScore) of a specified value or within a specified range
+    #   (BucketStatisticsBySensitivity). If automated sensitive data
+    #   discovery is currently disabled for your account, the value for each
+    #   field is 0.
+    #   @return [Types::SensitivityAggregations]
+    #
+    # @!attribute [rw] not_classified
+    #   Provides aggregated statistical data for sensitive data discovery
+    #   metrics that apply to S3 buckets. Each field contains aggregated
+    #   data for all the buckets that have a sensitivity score
+    #   (sensitivityScore) of a specified value or within a specified range
+    #   (BucketStatisticsBySensitivity). If automated sensitive data
+    #   discovery is currently disabled for your account, the value for each
+    #   field is 0.
+    #   @return [Types::SensitivityAggregations]
+    #
+    # @!attribute [rw] not_sensitive
+    #   Provides aggregated statistical data for sensitive data discovery
+    #   metrics that apply to S3 buckets. Each field contains aggregated
+    #   data for all the buckets that have a sensitivity score
+    #   (sensitivityScore) of a specified value or within a specified range
+    #   (BucketStatisticsBySensitivity). If automated sensitive data
+    #   discovery is currently disabled for your account, the value for each
+    #   field is 0.
+    #   @return [Types::SensitivityAggregations]
+    #
+    # @!attribute [rw] sensitive
+    #   Provides aggregated statistical data for sensitive data discovery
+    #   metrics that apply to S3 buckets. Each field contains aggregated
+    #   data for all the buckets that have a sensitivity score
+    #   (sensitivityScore) of a specified value or within a specified range
+    #   (BucketStatisticsBySensitivity). If automated sensitive data
+    #   discovery is currently disabled for your account, the value for each
+    #   field is 0.
+    #   @return [Types::SensitivityAggregations]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/BucketStatisticsBySensitivity AWS API Documentation
+    #
+    class BucketStatisticsBySensitivity < Struct.new(
+      :classification_error,
+      :not_classified,
+      :not_sensitive,
+      :sensitive)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies the location of an occurrence of sensitive data in a
     # Microsoft Excel workbook, CSV file, or TSV file.
     #
@@ -932,7 +940,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] origin_type
     #   Specifies how Amazon Macie found the sensitive data that produced a
-    #   finding. The only possible value is:
+    #   finding. Possible values are:
     #   @return [String]
     #
     # @!attribute [rw] result
@@ -954,19 +962,8 @@ module Aws::Macie2
     end
 
     # Specifies where to store data classification results, and the
-    # encryption settings to use when storing results in that location.
-    # Currently, you can store classification results only in an S3 bucket.
-    #
-    # @note When making an API call, you may pass ClassificationExportConfiguration
-    #   data as a hash:
-    #
-    #       {
-    #         s3_destination: {
-    #           bucket_name: "__string", # required
-    #           key_prefix: "__string",
-    #           kms_key_arn: "__string", # required
-    #         },
-    #       }
+    # encryption settings to use when storing results in that location. The
+    # location must be an S3 bucket.
     #
     # @!attribute [rw] s3_destination
     #   Specifies an S3 bucket to store data classification results in, and
@@ -1039,6 +1036,27 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides information about the classification scope for an Amazon
+    # Macie account. Macie uses the scope's settings when it performs
+    # automated sensitive data discovery for the account.
+    #
+    # @!attribute [rw] id
+    #   The unique identifier the classification scope.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the classification scope.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ClassificationScopeSummary AWS API Documentation
+    #
+    class ClassificationScopeSummary < Struct.new(
+      :id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about an error that occurred due to a versioning
     # conflict for a specified resource.
     #
@@ -1058,25 +1076,6 @@ module Aws::Macie2
     # a regular expression that Macie can't compile or an S3 object that
     # Macie can't retrieve or parse, an error occurs.
     #
-    # @note When making an API call, you may pass CreateAllowListRequest
-    #   data as a hash:
-    #
-    #       {
-    #         client_token: "__string", # required
-    #         criteria: { # required
-    #           regex: "__stringMin1Max512PatternSS",
-    #           s3_words_list: {
-    #             bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
-    #             object_key: "__stringMin1Max1024PatternSS", # required
-    #           },
-    #         },
-    #         description: "__stringMin1Max512PatternSS",
-    #         name: "__stringMin1Max128Pattern", # required
-    #         tags: {
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -1135,131 +1134,6 @@ module Aws::Macie2
     # sensitive data findings and discovery results for data privacy and
     # protection audits or investigations.
     #
-    # @note When making an API call, you may pass CreateClassificationJobRequest
-    #   data as a hash:
-    #
-    #       {
-    #         allow_list_ids: ["__string"],
-    #         client_token: "__string", # required
-    #         custom_data_identifier_ids: ["__string"],
-    #         description: "__string",
-    #         initial_run: false,
-    #         job_type: "ONE_TIME", # required, accepts ONE_TIME, SCHEDULED
-    #         managed_data_identifier_ids: ["__string"],
-    #         managed_data_identifier_selector: "ALL", # accepts ALL, EXCLUDE, INCLUDE, NONE
-    #         name: "__string", # required
-    #         s3_job_definition: { # required
-    #           bucket_definitions: [
-    #             {
-    #               account_id: "__string", # required
-    #               buckets: ["__string"], # required
-    #             },
-    #           ],
-    #           scoping: {
-    #             excludes: {
-    #               and: [
-    #                 {
-    #                   simple_scope_term: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                     values: ["__string"],
-    #                   },
-    #                   tag_scope_term: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "__string",
-    #                     tag_values: [
-    #                       {
-    #                         key: "__string",
-    #                         value: "__string",
-    #                       },
-    #                     ],
-    #                     target: "S3_OBJECT", # accepts S3_OBJECT
-    #                   },
-    #                 },
-    #               ],
-    #             },
-    #             includes: {
-    #               and: [
-    #                 {
-    #                   simple_scope_term: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                     values: ["__string"],
-    #                   },
-    #                   tag_scope_term: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "__string",
-    #                     tag_values: [
-    #                       {
-    #                         key: "__string",
-    #                         value: "__string",
-    #                       },
-    #                     ],
-    #                     target: "S3_OBJECT", # accepts S3_OBJECT
-    #                   },
-    #                 },
-    #               ],
-    #             },
-    #           },
-    #           bucket_criteria: {
-    #             excludes: {
-    #               and: [
-    #                 {
-    #                   simple_criterion: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                     values: ["__string"],
-    #                   },
-    #                   tag_criterion: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     tag_values: [
-    #                       {
-    #                         key: "__string",
-    #                         value: "__string",
-    #                       },
-    #                     ],
-    #                   },
-    #                 },
-    #               ],
-    #             },
-    #             includes: {
-    #               and: [
-    #                 {
-    #                   simple_criterion: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                     values: ["__string"],
-    #                   },
-    #                   tag_criterion: {
-    #                     comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                     tag_values: [
-    #                       {
-    #                         key: "__string",
-    #                         value: "__string",
-    #                       },
-    #                     ],
-    #                   },
-    #                 },
-    #               ],
-    #             },
-    #           },
-    #         },
-    #         sampling_percentage: 1,
-    #         schedule_frequency: {
-    #           daily_schedule: {
-    #           },
-    #           monthly_schedule: {
-    #             day_of_month: 1,
-    #           },
-    #           weekly_schedule: {
-    #             day_of_week: "SUNDAY", # accepts SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
-    #           },
-    #         },
-    #         tags: {
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] allow_list_ids
     #   @return [Array<String>]
     #
@@ -1358,28 +1232,6 @@ module Aws::Macie2
     # sensitive data findings and discovery results for data privacy and
     # protection audits or investigations.
     #
-    # @note When making an API call, you may pass CreateCustomDataIdentifierRequest
-    #   data as a hash:
-    #
-    #       {
-    #         client_token: "__string",
-    #         description: "__string",
-    #         ignore_words: ["__string"],
-    #         keywords: ["__string"],
-    #         maximum_match_distance: 1,
-    #         name: "__string", # required
-    #         regex: "__string", # required
-    #         severity_levels: [
-    #           {
-    #             occurrences_threshold: 1, # required
-    #             severity: "LOW", # required, accepts LOW, MEDIUM, HIGH
-    #           },
-    #         ],
-    #         tags: {
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -1457,36 +1309,9 @@ module Aws::Macie2
 
     # Specifies the criteria and other settings for a new findings filter.
     #
-    # @note When making an API call, you may pass CreateFindingsFilterRequest
-    #   data as a hash:
-    #
-    #       {
-    #         action: "ARCHIVE", # required, accepts ARCHIVE, NOOP
-    #         client_token: "__string",
-    #         description: "__string",
-    #         finding_criteria: { # required
-    #           criterion: {
-    #             "__string" => {
-    #               eq: ["__string"],
-    #               eq_exact_match: ["__string"],
-    #               gt: 1,
-    #               gte: 1,
-    #               lt: 1,
-    #               lte: 1,
-    #               neq: ["__string"],
-    #             },
-    #           },
-    #         },
-    #         name: "__string", # required
-    #         position: 1,
-    #         tags: {
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria,
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria,
     #   set this value to ARCHIVE. Valid values are:
     #   @return [String]
     #
@@ -1553,15 +1378,6 @@ module Aws::Macie2
     # notification on the recipient's console. You can optionally notify
     # the recipient by also sending the invitation as an email message.
     #
-    # @note When making an API call, you may pass CreateInvitationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account_ids: ["__string"], # required
-    #         disable_email_notification: false,
-    #         message: "__string",
-    #       }
-    #
     # @!attribute [rw] account_ids
     #   @return [Array<String>]
     #
@@ -1598,19 +1414,6 @@ module Aws::Macie2
     # Specifies an Amazon Web Services account to associate with an Amazon
     # Macie administrator account.
     #
-    # @note When making an API call, you may pass CreateMemberRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account: { # required
-    #           account_id: "__string", # required
-    #           email: "__string", # required
-    #         },
-    #         tags: {
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] account
     #   Specifies the details of an account to associate with an Amazon
     #   Macie administrator account.
@@ -1646,13 +1449,6 @@ module Aws::Macie2
 
     # Specifies the types of sample findings to create.
     #
-    # @note When making an API call, you may pass CreateSampleFindingsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_types: ["SensitiveData:S3Object/Multiple"], # accepts SensitiveData:S3Object/Multiple, SensitiveData:S3Object/Financial, SensitiveData:S3Object/Personal, SensitiveData:S3Object/Credentials, SensitiveData:S3Object/CustomIdentifier, Policy:IAMUser/S3BucketPublic, Policy:IAMUser/S3BucketSharedExternally, Policy:IAMUser/S3BucketReplicatedExternally, Policy:IAMUser/S3BucketEncryptionDisabled, Policy:IAMUser/S3BlockPublicAccessDisabled
-    #       }
-    #
     # @!attribute [rw] finding_types
     #   @return [Array<String>]
     #
@@ -1672,30 +1468,6 @@ module Aws::Macie2
     # criteria for including or excluding S3 buckets from a classification
     # job.
     #
-    # @note When making an API call, you may pass CriteriaBlockForJob
-    #   data as a hash:
-    #
-    #       {
-    #         and: [
-    #           {
-    #             simple_criterion: {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #               values: ["__string"],
-    #             },
-    #             tag_criterion: {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               tag_values: [
-    #                 {
-    #                   key: "__string",
-    #                   value: "__string",
-    #                 },
-    #               ],
-    #             },
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] and
     #   @return [Array<Types::CriteriaForJob>]
     #
@@ -1710,26 +1482,6 @@ module Aws::Macie2
     # Specifies a property- or tag-based condition that defines criteria for
     # including or excluding S3 buckets from a classification job.
     #
-    # @note When making an API call, you may pass CriteriaForJob
-    #   data as a hash:
-    #
-    #       {
-    #         simple_criterion: {
-    #           comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #           key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #           values: ["__string"],
-    #         },
-    #         tag_criterion: {
-    #           comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #           tag_values: [
-    #             {
-    #               key: "__string",
-    #               value: "__string",
-    #             },
-    #           ],
-    #         },
-    #       }
-    #
     # @!attribute [rw] simple_criterion
     #   Specifies a property-based condition that determines whether an S3
     #   bucket is included or excluded from a classification job.
@@ -1758,19 +1510,6 @@ module Aws::Macie2
     #
     # [1]: https://docs.aws.amazon.com/macie/latest/user/findings-filter-basics.html
     #
-    # @note When making an API call, you may pass CriterionAdditionalProperties
-    #   data as a hash:
-    #
-    #       {
-    #         eq: ["__string"],
-    #         eq_exact_match: ["__string"],
-    #         gt: 1,
-    #         gte: 1,
-    #         lt: 1,
-    #         lte: 1,
-    #         neq: ["__string"],
-    #       }
-    #
     # @!attribute [rw] eq
     #   @return [Array<String>]
     #
@@ -1899,13 +1638,6 @@ module Aws::Macie2
     # Specifies one or more accounts that sent Amazon Macie membership
     # invitations to decline.
     #
-    # @note When making an API call, you may pass DeclineInvitationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account_ids: ["__string"], # required
-    #       }
-    #
     # @!attribute [rw] account_ids
     #   @return [Array<String>]
     #
@@ -1957,14 +1689,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeleteAllowListRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #         ignore_job_checks: "__string",
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -1984,13 +1708,6 @@ module Aws::Macie2
     #
     class DeleteAllowListResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteCustomDataIdentifierRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -2006,13 +1723,6 @@ module Aws::Macie2
     #
     class DeleteCustomDataIdentifierResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DeleteFindingsFilterRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -2031,13 +1741,6 @@ module Aws::Macie2
     # Specifies one or more accounts that sent Amazon Macie membership
     # invitations to delete.
     #
-    # @note When making an API call, you may pass DeleteInvitationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         account_ids: ["__string"], # required
-    #       }
-    #
     # @!attribute [rw] account_ids
     #   @return [Array<String>]
     #
@@ -2063,13 +1766,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DeleteMemberRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -2089,29 +1785,6 @@ module Aws::Macie2
     # of a query for statistical data and other information about S3
     # buckets.
     #
-    # @note When making an API call, you may pass DescribeBucketsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         criteria: {
-    #           "__string" => {
-    #             eq: ["__string"],
-    #             gt: 1,
-    #             gte: 1,
-    #             lt: 1,
-    #             lte: 1,
-    #             neq: ["__string"],
-    #             prefix: "__string",
-    #           },
-    #         },
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         sort_criteria: {
-    #           attribute_name: "__string",
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] criteria
     #   Specifies, as a map, one or more property-based conditions that
     #   filter the results of a query for information about S3 buckets.
@@ -2158,13 +1831,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DescribeClassificationJobRequest
-    #   data as a hash:
-    #
-    #       {
-    #         job_id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] job_id
     #   @return [String]
     #
@@ -2341,6 +2007,46 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides information about a type of sensitive data that Amazon Macie
+    # found in an S3 bucket while performing automated sensitive data
+    # discovery for the bucket. The information also specifies the custom
+    # data identifier or managed data identifier that detected the data.
+    # This information is available only if automated sensitive data
+    # discovery is currently enabled for your account.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] count
+    #   @return [Integer]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] suppressed
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] type
+    #   The type of data identifier that detected a specific type of
+    #   sensitive data in an S3 bucket. Possible values are:
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/Detection AWS API Documentation
+    #
+    class Detection < Struct.new(
+      :arn,
+      :count,
+      :id,
+      :name,
+      :suppressed,
+      :type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @api private
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/DisableMacieRequest AWS API Documentation
@@ -2351,13 +2057,6 @@ module Aws::Macie2
     #
     class DisableMacieResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DisableOrganizationAdminAccountRequest
-    #   data as a hash:
-    #
-    #       {
-    #         admin_account_id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] admin_account_id
     #   @return [String]
     #
@@ -2393,13 +2092,6 @@ module Aws::Macie2
     #
     class DisassociateFromMasterAccountResponse < Aws::EmptyStructure; end
 
-    # @note When making an API call, you may pass DisassociateMemberRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -2439,15 +2131,6 @@ module Aws::Macie2
     # Enables Amazon Macie and specifies the configuration settings for a
     # Macie account.
     #
-    # @note When making an API call, you may pass EnableMacieRequest
-    #   data as a hash:
-    #
-    #       {
-    #         client_token: "__string",
-    #         finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
-    #         status: "PAUSED", # accepts PAUSED, ENABLED
-    #       }
-    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -2488,14 +2171,6 @@ module Aws::Macie2
     # this request, you must be a user of the Organizations management
     # account.
     #
-    # @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
-    #   data as a hash:
-    #
-    #       {
-    #         admin_account_id: "__string", # required
-    #         client_token: "__string",
-    #       }
-    #
     # @!attribute [rw] admin_account_id
     #   @return [String]
     #
@@ -2560,7 +2235,7 @@ module Aws::Macie2
     #   @return [Boolean]
     #
     # @!attribute [rw] category
-    #   The category of the finding. Valid values are:
+    #   The category of the finding. Possible values are:
     #   @return [String]
     #
     # @!attribute [rw] classification_details
@@ -2610,7 +2285,7 @@ module Aws::Macie2
     #
     # @!attribute [rw] type
     #   The type of finding. For details about each type, see [Types of
-    #   Amazon Macie findings][1] in the *Amazon Macie User Guide*. Valid
+    #   Amazon Macie findings][1] in the *Amazon Macie User Guide*. Possible
     #   values are:
     #
     #
@@ -2699,23 +2374,6 @@ module Aws::Macie2
     # Specifies, as a map, one or more property-based conditions that filter
     # the results of a query for findings.
     #
-    # @note When making an API call, you may pass FindingCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         criterion: {
-    #           "__string" => {
-    #             eq: ["__string"],
-    #             eq_exact_match: ["__string"],
-    #             gt: 1,
-    #             gte: 1,
-    #             lt: 1,
-    #             lte: 1,
-    #             neq: ["__string"],
-    #           },
-    #         },
-    #       }
-    #
     # @!attribute [rw] criterion
     #   Specifies a condition that defines a property, operator, and one or
     #   more values to filter the results of a query for findings. The
@@ -2740,14 +2398,6 @@ module Aws::Macie2
     # Specifies criteria for sorting the results of a query that retrieves
     # aggregated statistical data about findings.
     #
-    # @note When making an API call, you may pass FindingStatisticsSortCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         attribute_name: "groupKey", # accepts groupKey, count
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] attribute_name
     #   The grouping to sort the results by. Valid values are:
     #   @return [String]
@@ -2767,8 +2417,8 @@ module Aws::Macie2
     # Provides information about a findings filter.
     #
     # @!attribute [rw] action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria,
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria,
     #   set this value to ARCHIVE. Valid values are:
     #   @return [String]
     #
@@ -2821,13 +2471,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetAllowListRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -2892,15 +2535,56 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Specifies the account that owns the S3 buckets to retrieve aggregated
-    # statistical data for.
+    # @api private
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAutomatedDiscoveryConfigurationRequest AWS API Documentation
+    #
+    class GetAutomatedDiscoveryConfigurationRequest < Aws::EmptyStructure; end
+
+    # Provides information about the configuration settings for performing
+    # automated sensitive data discovery for an Amazon Macie account, and
+    # the status of the configuration for the account.
+    #
+    # @!attribute [rw] classification_scope_id
+    #   The unique identifier the classification scope.
+    #   @return [String]
+    #
+    # @!attribute [rw] disabled_at
+    #   Specifies a date and time in UTC and extended ISO 8601 format.
+    #   @return [Time]
+    #
+    # @!attribute [rw] first_enabled_at
+    #   Specifies a date and time in UTC and extended ISO 8601 format.
+    #   @return [Time]
+    #
+    # @!attribute [rw] last_updated_at
+    #   Specifies a date and time in UTC and extended ISO 8601 format.
+    #   @return [Time]
+    #
+    # @!attribute [rw] sensitivity_inspection_template_id
+    #   The unique identifier for the sensitivity inspection template.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The status of the automated sensitive data discovery configuration
+    #   for an Amazon Macie account. Valid values are:
+    #   @return [String]
     #
-    # @note When making an API call, you may pass GetBucketStatisticsRequest
-    #   data as a hash:
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetAutomatedDiscoveryConfigurationResponse AWS API Documentation
     #
-    #       {
-    #         account_id: "__string",
-    #       }
+    class GetAutomatedDiscoveryConfigurationResponse < Struct.new(
+      :classification_scope_id,
+      :disabled_at,
+      :first_enabled_at,
+      :last_updated_at,
+      :sensitivity_inspection_template_id,
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies the account that owns the S3 buckets to retrieve aggregated
+    # statistical data for.
     #
     # @!attribute [rw] account_id
     #   @return [String]
@@ -2949,6 +2633,13 @@ module Aws::Macie2
     #   aren't shared with other Amazon Web Services accounts.
     #   @return [Types::BucketCountBySharedAccessType]
     #
+    # @!attribute [rw] bucket_statistics_by_sensitivity
+    #   Provides aggregated statistical data for sensitive data discovery
+    #   metrics that apply to S3 buckets, grouped by bucket sensitivity
+    #   score (sensitivityScore). If automated sensitive data discovery is
+    #   currently disabled for your account, the value for each metric is 0.
+    #   @return [Types::BucketStatisticsBySensitivity]
+    #
     # @!attribute [rw] classifiable_object_count
     #   @return [Integer]
     #
@@ -2972,10 +2663,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @!attribute [rw] unclassifiable_object_size_in_bytes
@@ -2983,10 +2674,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetBucketStatisticsResponse AWS API Documentation
@@ -2997,6 +2688,7 @@ module Aws::Macie2
       :bucket_count_by_encryption_type,
       :bucket_count_by_object_encryption_requirement,
       :bucket_count_by_shared_access_type,
+      :bucket_statistics_by_sensitivity,
       :classifiable_object_count,
       :classifiable_size_in_bytes,
       :last_updated,
@@ -3021,8 +2713,7 @@ module Aws::Macie2
     # @!attribute [rw] configuration
     #   Specifies where to store data classification results, and the
     #   encryption settings to use when storing results in that location.
-    #   Currently, you can store classification results only in an S3
-    #   bucket.
+    #   The location must be an S3 bucket.
     #   @return [Types::ClassificationExportConfiguration]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetClassificationExportConfigurationResponse AWS API Documentation
@@ -3033,13 +2724,44 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetCustomDataIdentifierRequest
-    #   data as a hash:
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetClassificationScopeRequest AWS API Documentation
+    #
+    class GetClassificationScopeRequest < Struct.new(
+      :id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about the classification scope settings for an
+    # Amazon Macie account. Macie uses these settings when it performs
+    # automated sensitive data discovery for the account.
+    #
+    # @!attribute [rw] id
+    #   The unique identifier the classification scope.
+    #   @return [String]
     #
-    #       {
-    #         id: "__string", # required
-    #       }
+    # @!attribute [rw] name
+    #   The name of the classification scope.
+    #   @return [String]
+    #
+    # @!attribute [rw] s3
+    #   Specifies the S3 buckets that are excluded from automated sensitive
+    #   data discovery for an Amazon Macie account.
+    #   @return [Types::S3ClassificationScope]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetClassificationScopeResponse AWS API Documentation
     #
+    class GetClassificationScopeResponse < Struct.new(
+      :id,
+      :name,
+      :s3)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -3129,31 +2851,6 @@ module Aws::Macie2
     # the results of a query that retrieves aggregated statistical data
     # about findings.
     #
-    # @note When making an API call, you may pass GetFindingStatisticsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_criteria: {
-    #           criterion: {
-    #             "__string" => {
-    #               eq: ["__string"],
-    #               eq_exact_match: ["__string"],
-    #               gt: 1,
-    #               gte: 1,
-    #               lt: 1,
-    #               lte: 1,
-    #               neq: ["__string"],
-    #             },
-    #           },
-    #         },
-    #         group_by: "resourcesAffected.s3Bucket.name", # required, accepts resourcesAffected.s3Bucket.name, type, classificationDetails.jobId, severity.description
-    #         size: 1,
-    #         sort_criteria: {
-    #           attribute_name: "groupKey", # accepts groupKey, count
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] finding_criteria
     #   Specifies, as a map, one or more property-based conditions that
     #   filter the results of a query for findings.
@@ -3195,13 +2892,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetFindingsFilterRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -3217,8 +2907,8 @@ module Aws::Macie2
     # findings filter.
     #
     # @!attribute [rw] action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria,
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria,
     #   set this value to ARCHIVE. Valid values are:
     #   @return [String]
     #
@@ -3292,17 +2982,6 @@ module Aws::Macie2
 
     # Specifies one or more findings to retrieve.
     #
-    # @note When making an API call, you may pass GetFindingsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_ids: ["__string"], # required
-    #         sort_criteria: {
-    #           attribute_name: "__string",
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] finding_ids
     #   @return [Array<String>]
     #
@@ -3360,8 +3039,8 @@ module Aws::Macie2
     #
     class GetMacieSessionRequest < Aws::EmptyStructure; end
 
-    # Provides information about the current status and configuration
-    # settings for an Amazon Macie account.
+    # Provides information about the status and configuration settings for
+    # an Amazon Macie account.
     #
     # @!attribute [rw] created_at
     #   @return [Time]
@@ -3423,13 +3102,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetMemberRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -3491,6 +3163,52 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetResourceProfileRequest AWS API Documentation
+    #
+    class GetResourceProfileRequest < Struct.new(
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a query that retrieved sensitive data
+    # discovery statistics and the sensitivity score for an S3 bucket that
+    # Amazon Macie monitors and analyzes for your account. This data is
+    # available only if automated sensitive data discovery is currently
+    # enabled for your account.
+    #
+    # @!attribute [rw] profile_updated_at
+    #   @return [Time]
+    #
+    # @!attribute [rw] sensitivity_score
+    #   @return [Integer]
+    #
+    # @!attribute [rw] sensitivity_score_overridden
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] statistics
+    #   Provides statistical data for sensitive data discovery metrics that
+    #   apply to an S3 bucket that Amazon Macie monitors and analyzes for
+    #   your account. The statistics capture the results of automated
+    #   sensitive data discovery activities that Macie has performed for the
+    #   bucket. The data is available only if automated sensitive data
+    #   discovery is currently enabled for your account.
+    #   @return [Types::ResourceStatistics]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetResourceProfileResponse AWS API Documentation
+    #
+    class GetResourceProfileResponse < Struct.new(
+      :profile_updated_at,
+      :sensitivity_score,
+      :sensitivity_score_overridden,
+      :statistics)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @api private
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetRevealConfigurationRequest AWS API Documentation
@@ -3518,13 +3236,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetSensitiveDataOccurrencesAvailabilityRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] finding_id
     #   @return [String]
     #
@@ -3557,13 +3268,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetSensitiveDataOccurrencesRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_id: "__string", # required
-    #       }
-    #
     # @!attribute [rw] finding_id
     #   @return [String]
     #
@@ -3601,30 +3305,74 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitivityInspectionTemplateRequest AWS API Documentation
+    #
+    class GetSensitivityInspectionTemplateRequest < Struct.new(
+      :id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about the settings for the sensitivity inspection
+    # template for an Amazon Macie account. Macie uses the template's
+    # settings when it performs automated sensitive data discovery for the
+    # account.
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] excludes
+    #   Specifies managed data identifiers to exclude (not use) when
+    #   performing automated sensitive data discovery for an Amazon Macie
+    #   account. For information about the managed data identifiers that
+    #   Amazon Macie currently provides, see [Using managed data
+    #   identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #   @return [Types::SensitivityInspectionTemplateExcludes]
+    #
+    # @!attribute [rw] includes
+    #   Specifies the allow lists, custom data identifiers, and managed data
+    #   identifiers to include (use) when performing automated sensitive
+    #   data discovery for an Amazon Macie account. The configuration must
+    #   specify at least one custom data identifier or managed data
+    #   identifier. For information about the managed data identifiers that
+    #   Amazon Macie currently provides, see [Using managed data
+    #   identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #   @return [Types::SensitivityInspectionTemplateIncludes]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] sensitivity_inspection_template_id
+    #   The unique identifier for the sensitivity inspection template.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/GetSensitivityInspectionTemplateResponse AWS API Documentation
+    #
+    class GetSensitivityInspectionTemplateResponse < Struct.new(
+      :description,
+      :excludes,
+      :includes,
+      :name,
+      :sensitivity_inspection_template_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies criteria for filtering, sorting, and paginating the results
     # of a query for quotas and aggregated usage data for one or more Amazon
     # Macie accounts.
     #
-    # @note When making an API call, you may pass GetUsageStatisticsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         filter_by: [
-    #           {
-    #             comparator: "GT", # accepts GT, GTE, LT, LTE, EQ, NE, CONTAINS
-    #             key: "accountId", # accepts accountId, serviceLimit, freeTrialStartDate, total
-    #             values: ["__string"],
-    #           },
-    #         ],
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         sort_by: {
-    #           key: "accountId", # accepts accountId, total, serviceLimitValue, freeTrialStartDate
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #         time_range: "MONTH_TO_DATE", # accepts MONTH_TO_DATE, PAST_30_DAYS
-    #       }
-    #
     # @!attribute [rw] filter_by
     #   @return [Array<Types::UsageStatisticsFilter>]
     #
@@ -3680,13 +3428,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetUsageTotalsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         time_range: "__string",
-    #       }
-    #
     # @!attribute [rw] time_range
     #   @return [String]
     #
@@ -3944,20 +3685,6 @@ module Aws::Macie2
 
     # Specifies the recurrence pattern for running a classification job.
     #
-    # @note When making an API call, you may pass JobScheduleFrequency
-    #   data as a hash:
-    #
-    #       {
-    #         daily_schedule: {
-    #         },
-    #         monthly_schedule: {
-    #           day_of_month: 1,
-    #         },
-    #         weekly_schedule: {
-    #           day_of_week: "SUNDAY", # accepts SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
-    #         },
-    #       }
-    #
     # @!attribute [rw] daily_schedule
     #   Specifies that a classification job runs once a day, every day. This
     #   is an empty object.
@@ -3988,28 +3715,6 @@ module Aws::Macie2
     # JobScopeTerm object can contain only one simpleScopeTerm object or one
     # tagScopeTerm object.
     #
-    # @note When making an API call, you may pass JobScopeTerm
-    #   data as a hash:
-    #
-    #       {
-    #         simple_scope_term: {
-    #           comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #           key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #           values: ["__string"],
-    #         },
-    #         tag_scope_term: {
-    #           comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #           key: "__string",
-    #           tag_values: [
-    #             {
-    #               key: "__string",
-    #               value: "__string",
-    #             },
-    #           ],
-    #           target: "S3_OBJECT", # accepts S3_OBJECT
-    #         },
-    #       }
-    #
     # @!attribute [rw] simple_scope_term
     #   Specifies a property-based condition that determines whether an S3
     #   object is included or excluded from a classification job.
@@ -4033,32 +3738,6 @@ module Aws::Macie2
     # criteria for including or excluding S3 objects from a classification
     # job.
     #
-    # @note When making an API call, you may pass JobScopingBlock
-    #   data as a hash:
-    #
-    #       {
-    #         and: [
-    #           {
-    #             simple_scope_term: {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #               values: ["__string"],
-    #             },
-    #             tag_scope_term: {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               key: "__string",
-    #               tag_values: [
-    #                 {
-    #                   key: "__string",
-    #                   value: "__string",
-    #                 },
-    #               ],
-    #               target: "S3_OBJECT", # accepts S3_OBJECT
-    #             },
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] and
     #   @return [Array<Types::JobScopeTerm>]
     #
@@ -4073,6 +3752,12 @@ module Aws::Macie2
     # Provides information about a classification job, including the current
     # status of the job.
     #
+    # @!attribute [rw] bucket_criteria
+    #   Specifies property- and tag-based conditions that define criteria
+    #   for including or excluding S3 buckets from a classification job.
+    #   Exclude conditions take precedence over include conditions.
+    #   @return [Types::S3BucketCriteriaForJob]
+    #
     # @!attribute [rw] bucket_definitions
     #   @return [Array<Types::S3BucketDefinitionForJob>]
     #
@@ -4115,15 +3800,10 @@ module Aws::Macie2
     #   status of RUNNING.
     #   @return [Types::UserPausedDetails]
     #
-    # @!attribute [rw] bucket_criteria
-    #   Specifies property- and tag-based conditions that define criteria
-    #   for including or excluding S3 buckets from a classification job.
-    #   Exclude conditions take precedence over include conditions.
-    #   @return [Types::S3BucketCriteriaForJob]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/JobSummary AWS API Documentation
     #
     class JobSummary < Struct.new(
+      :bucket_criteria,
       :bucket_definitions,
       :created_at,
       :job_id,
@@ -4131,8 +3811,7 @@ module Aws::Macie2
       :job_type,
       :last_run_error_status,
       :name,
-      :user_paused_details,
-      :bucket_criteria)
+      :user_paused_details)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4179,14 +3858,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListAllowListsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   @return [Integer]
     #
@@ -4222,34 +3893,6 @@ module Aws::Macie2
     # Specifies criteria for filtering, sorting, and paginating the results
     # of a request for information about classification jobs.
     #
-    # @note When making an API call, you may pass ListClassificationJobsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         filter_criteria: {
-    #           excludes: [
-    #             {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               key: "jobType", # accepts jobType, jobStatus, createdAt, name
-    #               values: ["__string"],
-    #             },
-    #           ],
-    #           includes: [
-    #             {
-    #               comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #               key: "jobType", # accepts jobType, jobStatus, createdAt, name
-    #               values: ["__string"],
-    #             },
-    #           ],
-    #         },
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         sort_criteria: {
-    #           attribute_name: "createdAt", # accepts createdAt, jobStatus, name, jobType
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] filter_criteria
     #   Specifies criteria for filtering the results of a request for
     #   information about classification jobs.
@@ -4295,16 +3938,44 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Specifies criteria for paginating the results of a request for
-    # information about custom data identifiers.
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
     #
-    # @note When making an API call, you may pass ListCustomDataIdentifiersRequest
-    #   data as a hash:
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListClassificationScopesRequest AWS API Documentation
+    #
+    class ListClassificationScopesRequest < Struct.new(
+      :name,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request for information about the
+    # classification scope for an Amazon Macie account. Macie uses the
+    # scope's settings when it performs automated sensitive data discovery
+    # for the account.
     #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #       }
+    # @!attribute [rw] classification_scopes
+    #   @return [Array<Types::ClassificationScopeSummary>]
+    #
+    # @!attribute [rw] next_token
+    #   Specifies which page of results to return in a paginated response.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListClassificationScopesResponse AWS API Documentation
+    #
+    class ListClassificationScopesResponse < Struct.new(
+      :classification_scopes,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies criteria for paginating the results of a request for
+    # information about custom data identifiers.
     #
     # @!attribute [rw] max_results
     #   @return [Integer]
@@ -4339,14 +4010,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListFindingsFiltersRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   @return [Integer]
     #
@@ -4382,31 +4045,6 @@ module Aws::Macie2
     # Specifies criteria for filtering, sorting, and paginating the results
     # of a request for information about findings.
     #
-    # @note When making an API call, you may pass ListFindingsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_criteria: {
-    #           criterion: {
-    #             "__string" => {
-    #               eq: ["__string"],
-    #               eq_exact_match: ["__string"],
-    #               gt: 1,
-    #               gte: 1,
-    #               lt: 1,
-    #               lte: 1,
-    #               neq: ["__string"],
-    #             },
-    #           },
-    #         },
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         sort_criteria: {
-    #           attribute_name: "__string",
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] finding_criteria
     #   Specifies, as a map, one or more property-based conditions that
     #   filter the results of a query for findings.
@@ -4452,14 +4090,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListInvitationsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   @return [Integer]
     #
@@ -4496,26 +4126,6 @@ module Aws::Macie2
     # Specifies criteria for filtering the results of a request for
     # information about classification jobs.
     #
-    # @note When making an API call, you may pass ListJobsFilterCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         excludes: [
-    #           {
-    #             comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #             key: "jobType", # accepts jobType, jobStatus, createdAt, name
-    #             values: ["__string"],
-    #           },
-    #         ],
-    #         includes: [
-    #           {
-    #             comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #             key: "jobType", # accepts jobType, jobStatus, createdAt, name
-    #             values: ["__string"],
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] excludes
     #   @return [Array<Types::ListJobsFilterTerm>]
     #
@@ -4535,15 +4145,6 @@ module Aws::Macie2
     # information about classification jobs. Each condition consists of a
     # property, an operator, and one or more values.
     #
-    # @note When making an API call, you may pass ListJobsFilterTerm
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #         key: "jobType", # accepts jobType, jobStatus, createdAt, name
-    #         values: ["__string"],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition. Depending on the type of
     #   condition, possible values are:
@@ -4569,14 +4170,6 @@ module Aws::Macie2
     # Specifies criteria for sorting the results of a request for
     # information about classification jobs.
     #
-    # @note When making an API call, you may pass ListJobsSortCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         attribute_name: "createdAt", # accepts createdAt, jobStatus, name, jobType
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] attribute_name
     #   The property to sort the results by. Valid values are:
     #   @return [String]
@@ -4596,13 +4189,6 @@ module Aws::Macie2
     # Specifies criteria for paginating the results of a request for
     # information about managed data identifiers.
     #
-    # @note When making an API call, you may pass ListManagedDataIdentifiersRequest
-    #   data as a hash:
-    #
-    #       {
-    #         next_token: "__string",
-    #       }
-    #
     # @!attribute [rw] next_token
     #   @return [String]
     #
@@ -4632,15 +4218,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListMembersRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         only_associated: "__string",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   @return [Integer]
     #
@@ -4678,14 +4255,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
-    #   data as a hash:
-    #
-    #       {
-    #         max_results: 1,
-    #         next_token: "__string",
-    #       }
-    #
     # @!attribute [rw] max_results
     #   @return [Integer]
     #
@@ -4719,13 +4288,117 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass ListTagsForResourceRequest
-    #   data as a hash:
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @!attribute [rw] resource_arn
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileArtifactsRequest AWS API Documentation
+    #
+    class ListResourceProfileArtifactsRequest < Struct.new(
+      :next_token,
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request for information about the S3 objects
+    # that Amazon Macie selected for analysis while performing automated
+    # sensitive data discovery for an S3 bucket. This information is
+    # available only if automated sensitive data discovery is currently
+    # enabled for your account.
     #
-    #       {
-    #         resource_arn: "__string", # required
-    #       }
+    # @!attribute [rw] artifacts
+    #   @return [Array<Types::ResourceProfileArtifact>]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileArtifactsResponse AWS API Documentation
+    #
+    class ListResourceProfileArtifactsResponse < Struct.new(
+      :artifacts,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] max_results
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
     #
+    # @!attribute [rw] resource_arn
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileDetectionsRequest AWS API Documentation
+    #
+    class ListResourceProfileDetectionsRequest < Struct.new(
+      :max_results,
+      :next_token,
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request for information about the types and
+    # amount of sensitive data that Amazon Macie found in an S3 bucket while
+    # performing automated sensitive data discovery for the bucket. This
+    # information is available only if automated sensitive data discovery is
+    # currently enabled for your account.
+    #
+    # @!attribute [rw] detections
+    #   @return [Array<Types::Detection>]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListResourceProfileDetectionsResponse AWS API Documentation
+    #
+    class ListResourceProfileDetectionsResponse < Struct.new(
+      :detections,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] max_results
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListSensitivityInspectionTemplatesRequest AWS API Documentation
+    #
+    class ListSensitivityInspectionTemplatesRequest < Struct.new(
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides the results of a request for information about the
+    # sensitivity inspection template for an Amazon Macie account. Macie
+    # uses the template's settings when it performs automated sensitive
+    # data discovery for the account.
+    #
+    # @!attribute [rw] next_token
+    #   @return [String]
+    #
+    # @!attribute [rw] sensitivity_inspection_templates
+    #   @return [Array<Types::SensitivityInspectionTemplatesEntry>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ListSensitivityInspectionTemplatesResponse AWS API Documentation
+    #
+    class ListSensitivityInspectionTemplatesResponse < Struct.new(
+      :next_token,
+      :sensitivity_inspection_templates)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] resource_arn
     #   @return [String]
     #
@@ -4784,7 +4457,7 @@ module Aws::Macie2
     # that Amazon Macie monitors and analyzes for your account. If an error
     # occurs when Macie attempts to retrieve and process information about
     # the bucket or the bucket's objects, the value for most of these
-    # properties is null. Exceptions are accountId and bucketName. To
+    # properties is null. Key exceptions are accountId and bucketName. To
     # identify the cause of the error, refer to the errorCode and
     # errorMessage values.
     #
@@ -4802,8 +4475,8 @@ module Aws::Macie2
     #
     # @!attribute [rw] error_code
     #   The error code for an error that prevented Amazon Macie from
-    #   retrieving and processing information about an S3 bucket and the
-    #   bucket's objects.
+    #   retrieving and processing metadata from Amazon S3 for an S3 bucket
+    #   and the bucket's objects.
     #   @return [String]
     #
     # @!attribute [rw] error_message
@@ -4815,6 +4488,9 @@ module Aws::Macie2
     #   of the job that ran most recently.
     #   @return [Types::JobDetails]
     #
+    # @!attribute [rw] last_automated_discovery_time
+    #   @return [Time]
+    #
     # @!attribute [rw] object_count
     #   @return [Integer]
     #
@@ -4824,6 +4500,9 @@ module Aws::Macie2
     #   client-side encryption, or aren't encrypted.
     #   @return [Types::ObjectCountByEncryptionType]
     #
+    # @!attribute [rw] sensitivity_score
+    #   @return [Integer]
+    #
     # @!attribute [rw] size_in_bytes
     #   @return [Integer]
     #
@@ -4835,10 +4514,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @!attribute [rw] unclassifiable_object_size_in_bytes
@@ -4846,10 +4525,10 @@ module Aws::Macie2
     #   number of objects that Amazon Macie can't analyze in one or more S3
     #   buckets. In a BucketMetadata or MatchingBucket object, this data is
     #   for a specific bucket. In a GetBucketStatisticsResponse object, this
-    #   data is aggregated for the buckets in the query results. If
-    #   versioning is enabled for a bucket, total storage size values are
-    #   based on the size of the latest version of each applicable object in
-    #   the bucket.
+    #   data is aggregated for all the buckets in the query results. If
+    #   versioning is enabled for a bucket, storage size values are based on
+    #   the size of the latest version of each applicable object in the
+    #   bucket.
     #   @return [Types::ObjectLevelStatistics]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/MatchingBucket AWS API Documentation
@@ -4862,8 +4541,10 @@ module Aws::Macie2
       :error_code,
       :error_message,
       :job_details,
+      :last_automated_discovery_time,
       :object_count,
       :object_count_by_encryption_type,
+      :sensitivity_score,
       :size_in_bytes,
       :size_in_bytes_compressed,
       :unclassifiable_object_count,
@@ -4881,9 +4562,9 @@ module Aws::Macie2
     #   that Amazon Macie monitors and analyzes for your account. If an
     #   error occurs when Macie attempts to retrieve and process information
     #   about the bucket or the bucket's objects, the value for most of
-    #   these properties is null. Exceptions are accountId and bucketName.
-    #   To identify the cause of the error, refer to the errorCode and
-    #   errorMessage values.
+    #   these properties is null. Key exceptions are accountId and
+    #   bucketName. To identify the cause of the error, refer to the
+    #   errorCode and errorMessage values.
     #   @return [Types::MatchingBucket]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/MatchingResource AWS API Documentation
@@ -4947,13 +4628,6 @@ module Aws::Macie2
     # Specifies a monthly recurrence pattern for running a classification
     # job.
     #
-    # @note When making an API call, you may pass MonthlySchedule
-    #   data as a hash:
-    #
-    #       {
-    #         day_of_month: 1,
-    #       }
-    #
     # @!attribute [rw] day_of_month
     #   @return [Integer]
     #
@@ -5000,9 +4674,9 @@ module Aws::Macie2
     # of objects that Amazon Macie can't analyze in one or more S3 buckets.
     # In a BucketMetadata or MatchingBucket object, this data is for a
     # specific bucket. In a GetBucketStatisticsResponse object, this data is
-    # aggregated for the buckets in the query results. If versioning is
-    # enabled for a bucket, total storage size values are based on the size
-    # of the latest version of each applicable object in the bucket.
+    # aggregated for all the buckets in the query results. If versioning is
+    # enabled for a bucket, storage size values are based on the size of the
+    # latest version of each applicable object in the bucket.
     #
     # @!attribute [rw] file_type
     #   @return [Integer]
@@ -5113,26 +4787,11 @@ module Aws::Macie2
 
     # Specifies where to store data classification results, and the
     # encryption settings to use when storing results in that location.
-    # Currently, you can store classification results only in an S3 bucket.
-    #
-    # @note When making an API call, you may pass PutClassificationExportConfigurationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         configuration: { # required
-    #           s3_destination: {
-    #             bucket_name: "__string", # required
-    #             key_prefix: "__string",
-    #             kms_key_arn: "__string", # required
-    #           },
-    #         },
-    #       }
     #
     # @!attribute [rw] configuration
     #   Specifies where to store data classification results, and the
     #   encryption settings to use when storing results in that location.
-    #   Currently, you can store classification results only in an S3
-    #   bucket.
+    #   The location must be an S3 bucket.
     #   @return [Types::ClassificationExportConfiguration]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/PutClassificationExportConfigurationRequest AWS API Documentation
@@ -5149,8 +4808,7 @@ module Aws::Macie2
     # @!attribute [rw] configuration
     #   Specifies where to store data classification results, and the
     #   encryption settings to use when storing results in that location.
-    #   Currently, you can store classification results only in an S3
-    #   bucket.
+    #   The location must be an S3 bucket.
     #   @return [Types::ClassificationExportConfiguration]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/PutClassificationExportConfigurationResponse AWS API Documentation
@@ -5164,17 +4822,6 @@ module Aws::Macie2
     # Specifies configuration settings for publishing findings to Security
     # Hub automatically.
     #
-    # @note When making an API call, you may pass PutFindingsPublicationConfigurationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         client_token: "__string",
-    #         security_hub_configuration: {
-    #           publish_classification_findings: false, # required
-    #           publish_policy_findings: false, # required
-    #         },
-    #       }
-    #
     # @!attribute [rw] client_token
     #   **A suitable default value is auto-generated.** You should normally
     #   not need to pass this option.
@@ -5282,6 +4929,81 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides information about an S3 object that Amazon Macie selected for
+    # analysis while performing automated sensitive data discovery for an S3
+    # bucket, and the status and results of the analysis. This information
+    # is available only if automated sensitive data discovery is currently
+    # enabled for your account.
+    #
+    # @!attribute [rw] arn
+    #   @return [String]
+    #
+    # @!attribute [rw] classification_result_status
+    #   @return [String]
+    #
+    # @!attribute [rw] sensitive
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ResourceProfileArtifact AWS API Documentation
+    #
+    class ResourceProfileArtifact < Struct.new(
+      :arn,
+      :classification_result_status,
+      :sensitive)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides statistical data for sensitive data discovery metrics that
+    # apply to an S3 bucket that Amazon Macie monitors and analyzes for your
+    # account. The statistics capture the results of automated sensitive
+    # data discovery activities that Macie has performed for the bucket. The
+    # data is available only if automated sensitive data discovery is
+    # currently enabled for your account.
+    #
+    # @!attribute [rw] total_bytes_classified
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_detections
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_detections_suppressed
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_classified
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_sensitive
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_skipped
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_skipped_invalid_encryption
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_skipped_invalid_kms
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_items_skipped_permission_denied
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/ResourceStatistics AWS API Documentation
+    #
+    class ResourceStatistics < Struct.new(
+      :total_bytes_classified,
+      :total_detections,
+      :total_detections_suppressed,
+      :total_items_classified,
+      :total_items_sensitive,
+      :total_items_skipped,
+      :total_items_skipped_invalid_encryption,
+      :total_items_skipped_invalid_kms,
+      :total_items_skipped_permission_denied)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about the resources that a finding applies to.
     #
     # @!attribute [rw] s3_bucket
@@ -5308,14 +5030,6 @@ module Aws::Macie2
     # Management Service (KMS) key. Otherwise, an error occurs. Macie uses
     # the specified key to encrypt the sensitive data that you retrieve.
     #
-    # @note When making an API call, you may pass RevealConfiguration
-    #   data as a hash:
-    #
-    #       {
-    #         kms_key_id: "__stringMin1Max2048",
-    #         status: "ENABLED", # required, accepts ENABLED, DISABLED
-    #       }
-    #
     # @!attribute [rw] kms_key_id
     #   @return [String]
     #
@@ -5387,52 +5101,6 @@ module Aws::Macie2
     # including or excluding S3 buckets from a classification job. Exclude
     # conditions take precedence over include conditions.
     #
-    # @note When making an API call, you may pass S3BucketCriteriaForJob
-    #   data as a hash:
-    #
-    #       {
-    #         excludes: {
-    #           and: [
-    #             {
-    #               simple_criterion: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                 values: ["__string"],
-    #               },
-    #               tag_criterion: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #               },
-    #             },
-    #           ],
-    #         },
-    #         includes: {
-    #           and: [
-    #             {
-    #               simple_criterion: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                 values: ["__string"],
-    #               },
-    #               tag_criterion: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #               },
-    #             },
-    #           ],
-    #         },
-    #       }
-    #
     # @!attribute [rw] excludes
     #   Specifies one or more property- and tag-based conditions that define
     #   criteria for including or excluding S3 buckets from a classification
@@ -5458,14 +5126,6 @@ module Aws::Macie2
     # classification job to analyze, and one or more specific buckets to
     # analyze for that account.
     #
-    # @note When making an API call, you may pass S3BucketDefinitionForJob
-    #   data as a hash:
-    #
-    #       {
-    #         account_id: "__string", # required
-    #         buckets: ["__string"], # required
-    #       }
-    #
     # @!attribute [rw] account_id
     #   @return [String]
     #
@@ -5499,17 +5159,75 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Specifies an S3 bucket to store data classification results in, and
-    # the encryption settings to use when storing results in that bucket.
+    # Specifies the S3 buckets that are excluded from automated sensitive
+    # data discovery for an Amazon Macie account.
+    #
+    # @!attribute [rw] excludes
+    #   Specifies the names of the S3 buckets that are excluded from
+    #   automated sensitive data discovery.
+    #   @return [Types::S3ClassificationScopeExclusion]
     #
-    # @note When making an API call, you may pass S3Destination
-    #   data as a hash:
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3ClassificationScope AWS API Documentation
+    #
+    class S3ClassificationScope < Struct.new(
+      :excludes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies the names of the S3 buckets that are excluded from automated
+    # sensitive data discovery.
+    #
+    # @!attribute [rw] bucket_names
+    #   @return [Array<String>]
     #
-    #       {
-    #         bucket_name: "__string", # required
-    #         key_prefix: "__string",
-    #         kms_key_arn: "__string", # required
-    #       }
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3ClassificationScopeExclusion AWS API Documentation
+    #
+    class S3ClassificationScopeExclusion < Struct.new(
+      :bucket_names)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies S3 buckets to add or remove from the exclusion list defined
+    # by the classification scope for an Amazon Macie account.
+    #
+    # @!attribute [rw] bucket_names
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] operation
+    #   Specifies how to apply changes to the S3 bucket exclusion list
+    #   defined by the classification scope for an Amazon Macie account.
+    #   Valid values are:
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3ClassificationScopeExclusionUpdate AWS API Documentation
+    #
+    class S3ClassificationScopeExclusionUpdate < Struct.new(
+      :bucket_names,
+      :operation)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies changes to the list of S3 buckets that are excluded from
+    # automated sensitive data discovery for an Amazon Macie account.
+    #
+    # @!attribute [rw] excludes
+    #   Specifies S3 buckets to add or remove from the exclusion list
+    #   defined by the classification scope for an Amazon Macie account.
+    #   @return [Types::S3ClassificationScopeExclusionUpdate]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3ClassificationScopeUpdate AWS API Documentation
+    #
+    class S3ClassificationScopeUpdate < Struct.new(
+      :excludes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies an S3 bucket to store data classification results in, and
+    # the encryption settings to use when storing results in that bucket.
     #
     # @!attribute [rw] bucket_name
     #   @return [String]
@@ -5538,105 +5256,11 @@ module Aws::Macie2
     # objects in any buckets that match the specified criteria each time the
     # job starts to run.
     #
-    # @note When making an API call, you may pass S3JobDefinition
-    #   data as a hash:
-    #
-    #       {
-    #         bucket_definitions: [
-    #           {
-    #             account_id: "__string", # required
-    #             buckets: ["__string"], # required
-    #           },
-    #         ],
-    #         scoping: {
-    #           excludes: {
-    #             and: [
-    #               {
-    #                 simple_scope_term: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_scope_term: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "__string",
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                   target: "S3_OBJECT", # accepts S3_OBJECT
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #           includes: {
-    #             and: [
-    #               {
-    #                 simple_scope_term: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_scope_term: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "__string",
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                   target: "S3_OBJECT", # accepts S3_OBJECT
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #         },
-    #         bucket_criteria: {
-    #           excludes: {
-    #             and: [
-    #               {
-    #                 simple_criterion: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_criterion: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #           includes: {
-    #             and: [
-    #               {
-    #                 simple_criterion: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_criterion: {
-    #                   comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #         },
-    #       }
+    # @!attribute [rw] bucket_criteria
+    #   Specifies property- and tag-based conditions that define criteria
+    #   for including or excluding S3 buckets from a classification job.
+    #   Exclude conditions take precedence over include conditions.
+    #   @return [Types::S3BucketCriteriaForJob]
     #
     # @!attribute [rw] bucket_definitions
     #   @return [Array<Types::S3BucketDefinitionForJob>]
@@ -5647,18 +5271,12 @@ module Aws::Macie2
     #   job. Exclude conditions take precedence over include conditions.
     #   @return [Types::Scoping]
     #
-    # @!attribute [rw] bucket_criteria
-    #   Specifies property- and tag-based conditions that define criteria
-    #   for including or excluding S3 buckets from a classification job.
-    #   Exclude conditions take precedence over include conditions.
-    #   @return [Types::S3BucketCriteriaForJob]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/S3JobDefinition AWS API Documentation
     #
     class S3JobDefinition < Struct.new(
+      :bucket_criteria,
       :bucket_definitions,
-      :scoping,
-      :bucket_criteria)
+      :scoping)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5729,14 +5347,6 @@ module Aws::Macie2
     # Provides information about an S3 object that lists specific text to
     # ignore.
     #
-    # @note When making an API call, you may pass S3WordsList
-    #   data as a hash:
-    #
-    #       {
-    #         bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
-    #         object_key: "__stringMin1Max1024PatternSS", # required
-    #       }
-    #
     # @!attribute [rw] bucket_name
     #   @return [String]
     #
@@ -5756,56 +5366,6 @@ module Aws::Macie2
     # criteria for including or excluding S3 objects from a classification
     # job. Exclude conditions take precedence over include conditions.
     #
-    # @note When making an API call, you may pass Scoping
-    #   data as a hash:
-    #
-    #       {
-    #         excludes: {
-    #           and: [
-    #             {
-    #               simple_scope_term: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                 values: ["__string"],
-    #               },
-    #               tag_scope_term: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "__string",
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #                 target: "S3_OBJECT", # accepts S3_OBJECT
-    #               },
-    #             },
-    #           ],
-    #         },
-    #         includes: {
-    #           and: [
-    #             {
-    #               simple_scope_term: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #                 values: ["__string"],
-    #               },
-    #               tag_scope_term: {
-    #                 comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #                 key: "__string",
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #                 target: "S3_OBJECT", # accepts S3_OBJECT
-    #               },
-    #             },
-    #           ],
-    #         },
-    #       }
-    #
     # @!attribute [rw] excludes
     #   Specifies one or more property- and tag-based conditions that define
     #   criteria for including or excluding S3 objects from a classification
@@ -5831,52 +5391,6 @@ module Aws::Macie2
     # criteria for including or excluding S3 buckets from the query results.
     # Exclude conditions take precedence over include conditions.
     #
-    # @note When making an API call, you may pass SearchResourcesBucketCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         excludes: {
-    #           and: [
-    #             {
-    #               simple_criterion: {
-    #                 comparator: "EQ", # accepts EQ, NE
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                 values: ["__string"],
-    #               },
-    #               tag_criterion: {
-    #                 comparator: "EQ", # accepts EQ, NE
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #               },
-    #             },
-    #           ],
-    #         },
-    #         includes: {
-    #           and: [
-    #             {
-    #               simple_criterion: {
-    #                 comparator: "EQ", # accepts EQ, NE
-    #                 key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                 values: ["__string"],
-    #               },
-    #               tag_criterion: {
-    #                 comparator: "EQ", # accepts EQ, NE
-    #                 tag_values: [
-    #                   {
-    #                     key: "__string",
-    #                     value: "__string",
-    #                   },
-    #                 ],
-    #               },
-    #             },
-    #           ],
-    #         },
-    #       }
-    #
     # @!attribute [rw] excludes
     #   Specifies property- and tag-based conditions that define filter
     #   criteria for including or excluding Amazon Web Services resources
@@ -5901,26 +5415,6 @@ module Aws::Macie2
     # Specifies a property- or tag-based filter condition for including or
     # excluding Amazon Web Services resources from the query results.
     #
-    # @note When making an API call, you may pass SearchResourcesCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         simple_criterion: {
-    #           comparator: "EQ", # accepts EQ, NE
-    #           key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #           values: ["__string"],
-    #         },
-    #         tag_criterion: {
-    #           comparator: "EQ", # accepts EQ, NE
-    #           tag_values: [
-    #             {
-    #               key: "__string",
-    #               value: "__string",
-    #             },
-    #           ],
-    #         },
-    #       }
-    #
     # @!attribute [rw] simple_criterion
     #   Specifies a property-based filter condition that determines which
     #   Amazon Web Services resources are included or excluded from the
@@ -5946,30 +5440,6 @@ module Aws::Macie2
     # criteria for including or excluding Amazon Web Services resources from
     # the query results.
     #
-    # @note When making an API call, you may pass SearchResourcesCriteriaBlock
-    #   data as a hash:
-    #
-    #       {
-    #         and: [
-    #           {
-    #             simple_criterion: {
-    #               comparator: "EQ", # accepts EQ, NE
-    #               key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #               values: ["__string"],
-    #             },
-    #             tag_criterion: {
-    #               comparator: "EQ", # accepts EQ, NE
-    #               tag_values: [
-    #                 {
-    #                   key: "__string",
-    #                   value: "__string",
-    #                 },
-    #               ],
-    #             },
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] and
     #   @return [Array<Types::SearchResourcesCriteria>]
     #
@@ -5985,60 +5455,6 @@ module Aws::Macie2
     # of a query for statistical data and other information about Amazon Web
     # Services resources that Amazon Macie monitors and analyzes.
     #
-    # @note When making an API call, you may pass SearchResourcesRequest
-    #   data as a hash:
-    #
-    #       {
-    #         bucket_criteria: {
-    #           excludes: {
-    #             and: [
-    #               {
-    #                 simple_criterion: {
-    #                   comparator: "EQ", # accepts EQ, NE
-    #                   key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_criterion: {
-    #                   comparator: "EQ", # accepts EQ, NE
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #           includes: {
-    #             and: [
-    #               {
-    #                 simple_criterion: {
-    #                   comparator: "EQ", # accepts EQ, NE
-    #                   key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #                   values: ["__string"],
-    #                 },
-    #                 tag_criterion: {
-    #                   comparator: "EQ", # accepts EQ, NE
-    #                   tag_values: [
-    #                     {
-    #                       key: "__string",
-    #                       value: "__string",
-    #                     },
-    #                   ],
-    #                 },
-    #               },
-    #             ],
-    #           },
-    #         },
-    #         max_results: 1,
-    #         next_token: "__string",
-    #         sort_criteria: {
-    #           attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, RESOURCE_NAME, S3_CLASSIFIABLE_OBJECT_COUNT, S3_CLASSIFIABLE_SIZE_IN_BYTES
-    #           order_by: "ASC", # accepts ASC, DESC
-    #         },
-    #       }
-    #
     # @!attribute [rw] bucket_criteria
     #   Specifies property- and tag-based conditions that define filter
     #   criteria for including or excluding S3 buckets from the query
@@ -6091,15 +5507,6 @@ module Aws::Macie2
     # Amazon Web Services resources are included or excluded from the query
     # results.
     #
-    # @note When making an API call, you may pass SearchResourcesSimpleCriterion
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, NE
-    #         key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #         values: ["__string"],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition that filters the results of a
     #   query. Valid values are:
@@ -6127,14 +5534,6 @@ module Aws::Macie2
     # about Amazon Web Services resources that Amazon Macie monitors and
     # analyzes.
     #
-    # @note When making an API call, you may pass SearchResourcesSortCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, RESOURCE_NAME, S3_CLASSIFIABLE_OBJECT_COUNT, S3_CLASSIFIABLE_SIZE_IN_BYTES
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] attribute_name
     #   The property to sort the query results by. Valid values are:
     #   @return [String]
@@ -6155,19 +5554,6 @@ module Aws::Macie2
     # Web Services resources are included or excluded from the query
     # results.
     #
-    # @note When making an API call, you may pass SearchResourcesTagCriterion
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, NE
-    #         tag_values: [
-    #           {
-    #             key: "__string",
-    #             value: "__string",
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition that filters the results of a
     #   query. Valid values are:
@@ -6190,14 +5576,6 @@ module Aws::Macie2
     # values are case sensitive. Also, Amazon Macie doesn't support use of
     # partial values or wildcard characters in tag-based filter conditions.
     #
-    # @note When making an API call, you may pass SearchResourcesTagCriterionPair
-    #   data as a hash:
-    #
-    #       {
-    #         key: "__string",
-    #         value: "__string",
-    #       }
-    #
     # @!attribute [rw] key
     #   @return [String]
     #
@@ -6222,14 +5600,6 @@ module Aws::Macie2
     #
     # [1]: https://docs.aws.amazon.com/macie/latest/user/securityhub-integration.html
     #
-    # @note When making an API call, you may pass SecurityHubConfiguration
-    #   data as a hash:
-    #
-    #       {
-    #         publish_classification_findings: false, # required
-    #         publish_policy_findings: false, # required
-    #       }
-    #
     # @!attribute [rw] publish_classification_findings
     #   @return [Boolean]
     #
@@ -6275,12 +5645,113 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Provides aggregated statistical data for sensitive data discovery
+    # metrics that apply to S3 buckets. Each field contains aggregated data
+    # for all the buckets that have a sensitivity score (sensitivityScore)
+    # of a specified value or within a specified range
+    # (BucketStatisticsBySensitivity). If automated sensitive data discovery
+    # is currently disabled for your account, the value for each field is 0.
+    #
+    # @!attribute [rw] classifiable_size_in_bytes
+    #   @return [Integer]
+    #
+    # @!attribute [rw] publicly_accessible_count
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_count
+    #   @return [Integer]
+    #
+    # @!attribute [rw] total_size_in_bytes
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SensitivityAggregations AWS API Documentation
+    #
+    class SensitivityAggregations < Struct.new(
+      :classifiable_size_in_bytes,
+      :publicly_accessible_count,
+      :total_count,
+      :total_size_in_bytes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies managed data identifiers to exclude (not use) when
+    # performing automated sensitive data discovery for an Amazon Macie
+    # account. For information about the managed data identifiers that
+    # Amazon Macie currently provides, see [Using managed data
+    # identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #
+    # @!attribute [rw] managed_data_identifier_ids
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SensitivityInspectionTemplateExcludes AWS API Documentation
+    #
+    class SensitivityInspectionTemplateExcludes < Struct.new(
+      :managed_data_identifier_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies the allow lists, custom data identifiers, and managed data
+    # identifiers to include (use) when performing automated sensitive data
+    # discovery for an Amazon Macie account. The configuration must specify
+    # at least one custom data identifier or managed data identifier. For
+    # information about the managed data identifiers that Amazon Macie
+    # currently provides, see [Using managed data identifiers][1] in the
+    # *Amazon Macie User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #
+    # @!attribute [rw] allow_list_ids
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] custom_data_identifier_ids
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] managed_data_identifier_ids
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SensitivityInspectionTemplateIncludes AWS API Documentation
+    #
+    class SensitivityInspectionTemplateIncludes < Struct.new(
+      :allow_list_ids,
+      :custom_data_identifier_ids,
+      :managed_data_identifier_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Provides information about the sensitivity inspection template for an
+    # Amazon Macie account. Macie uses the template's settings when it
+    # performs automated sensitive data discovery for the account.
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SensitivityInspectionTemplatesEntry AWS API Documentation
+    #
+    class SensitivityInspectionTemplatesEntry < Struct.new(
+      :id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Provides information about the server-side encryption settings for an
     # S3 bucket or S3 object.
     #
     # @!attribute [rw] encryption_type
     #   The type of server-side encryption that's used to encrypt an S3
-    #   object or objects in an S3 bucket. Valid values are:
+    #   object or objects in an S3 bucket. Possible values are:
     #   @return [String]
     #
     # @!attribute [rw] kms_master_key_id
@@ -6425,14 +5896,6 @@ module Aws::Macie2
     # the findings, based on the number of occurrences of text that matches
     # the custom data identifier's detection criteria.
     #
-    # @note When making an API call, you may pass SeverityLevel
-    #   data as a hash:
-    #
-    #       {
-    #         occurrences_threshold: 1, # required
-    #         severity: "LOW", # required, accepts LOW, MEDIUM, HIGH
-    #       }
-    #
     # @!attribute [rw] occurrences_threshold
     #   @return [Integer]
     #
@@ -6453,15 +5916,6 @@ module Aws::Macie2
     # Specifies a property-based condition that determines whether an S3
     # bucket is included or excluded from a classification job.
     #
-    # @note When making an API call, you may pass SimpleCriterionForJob
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #         key: "ACCOUNT_ID", # accepts ACCOUNT_ID, S3_BUCKET_NAME, S3_BUCKET_EFFECTIVE_PERMISSION, S3_BUCKET_SHARED_ACCESS
-    #         values: ["__string"],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition. Depending on the type of
     #   condition, possible values are:
@@ -6489,15 +5943,6 @@ module Aws::Macie2
     # Specifies a property-based condition that determines whether an S3
     # object is included or excluded from a classification job.
     #
-    # @note When making an API call, you may pass SimpleScopeTerm
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #         key: "OBJECT_EXTENSION", # accepts OBJECT_EXTENSION, OBJECT_LAST_MODIFIED_DATE, OBJECT_SIZE, OBJECT_KEY
-    #         values: ["__string"],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition. Depending on the type of
     #   condition, possible values are:
@@ -6524,14 +5969,6 @@ module Aws::Macie2
 
     # Specifies criteria for sorting the results of a request for findings.
     #
-    # @note When making an API call, you may pass SortCriteria
-    #   data as a hash:
-    #
-    #       {
-    #         attribute_name: "__string",
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] attribute_name
     #   @return [String]
     #
@@ -6564,21 +6001,29 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # Specifies a tag-based condition that determines whether an S3 bucket
-    # is included or excluded from a classification job.
+    # Specifies a custom data identifier or managed data identifier that
+    # detected a type of sensitive data to start excluding or including in
+    # an S3 bucket's sensitivity score.
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The type of data identifier that detected a specific type of
+    #   sensitive data in an S3 bucket. Possible values are:
+    #   @return [String]
     #
-    # @note When making an API call, you may pass TagCriterionForJob
-    #   data as a hash:
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/SuppressDataIdentifier AWS API Documentation
     #
-    #       {
-    #         comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #         tag_values: [
-    #           {
-    #             key: "__string",
-    #             value: "__string",
-    #           },
-    #         ],
-    #       }
+    class SuppressDataIdentifier < Struct.new(
+      :id,
+      :type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies a tag-based condition that determines whether an S3 bucket
+    # is included or excluded from a classification job.
     #
     # @!attribute [rw] comparator
     #   The operator to use in a condition. Depending on the type of
@@ -6603,14 +6048,6 @@ module Aws::Macie2
     # are case sensitive. Also, Amazon Macie doesn't support use of partial
     # values or wildcard characters in tag-based conditions.
     #
-    # @note When making an API call, you may pass TagCriterionPairForJob
-    #   data as a hash:
-    #
-    #       {
-    #         key: "__string",
-    #         value: "__string",
-    #       }
-    #
     # @!attribute [rw] key
     #   @return [String]
     #
@@ -6629,16 +6066,6 @@ module Aws::Macie2
     # Specifies the tags (keys and values) to associate with an Amazon Macie
     # resource.
     #
-    # @note When making an API call, you may pass TagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "__string", # required
-    #         tags: { # required
-    #           "__string" => "__string",
-    #         },
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   @return [String]
     #
@@ -6666,21 +6093,6 @@ module Aws::Macie2
     # Specifies a tag-based condition that determines whether an S3 object
     # is included or excluded from a classification job.
     #
-    # @note When making an API call, you may pass TagScopeTerm
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "EQ", # accepts EQ, GT, GTE, LT, LTE, NE, CONTAINS, STARTS_WITH
-    #         key: "__string",
-    #         tag_values: [
-    #           {
-    #             key: "__string",
-    #             value: "__string",
-    #           },
-    #         ],
-    #         target: "S3_OBJECT", # accepts S3_OBJECT
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition. Depending on the type of
     #   condition, possible values are:
@@ -6714,14 +6126,6 @@ module Aws::Macie2
     # Also, Amazon Macie doesn't support use of partial values or wildcard
     # characters in tag-based conditions.
     #
-    # @note When making an API call, you may pass TagValuePair
-    #   data as a hash:
-    #
-    #       {
-    #         key: "__string",
-    #         value: "__string",
-    #       }
-    #
     # @!attribute [rw] key
     #   @return [String]
     #
@@ -6739,17 +6143,6 @@ module Aws::Macie2
 
     # Specifies the detection criteria of a custom data identifier to test.
     #
-    # @note When making an API call, you may pass TestCustomDataIdentifierRequest
-    #   data as a hash:
-    #
-    #       {
-    #         ignore_words: ["__string"],
-    #         keywords: ["__string"],
-    #         maximum_match_distance: 1,
-    #         regex: "__string", # required
-    #         sample_text: "__string", # required
-    #       }
-    #
     # @!attribute [rw] ignore_words
     #   @return [Array<String>]
     #
@@ -6841,14 +6234,6 @@ module Aws::Macie2
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass UntagResourceRequest
-    #   data as a hash:
-    #
-    #       {
-    #         resource_arn: "__string", # required
-    #         tag_keys: ["__string"], # required
-    #       }
-    #
     # @!attribute [rw] resource_arn
     #   @return [String]
     #
@@ -6877,22 +6262,6 @@ module Aws::Macie2
     # can't compile or an S3 object that Macie can't retrieve or parse, an
     # error occurs.
     #
-    # @note When making an API call, you may pass UpdateAllowListRequest
-    #   data as a hash:
-    #
-    #       {
-    #         criteria: { # required
-    #           regex: "__stringMin1Max512PatternSS",
-    #           s3_words_list: {
-    #             bucket_name: "__stringMin3Max255PatternAZaZ093255", # required
-    #             object_key: "__stringMin1Max1024PatternSS", # required
-    #           },
-    #         },
-    #         description: "__stringMin1Max512PatternSS",
-    #         id: "__string", # required
-    #         name: "__stringMin1Max128Pattern", # required
-    #       }
-    #
     # @!attribute [rw] criteria
     #   Specifies the criteria for an allow list. The criteria must specify
     #   a regular expression (regex) or an S3 object (s3WordsList). It
@@ -6937,6 +6306,26 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Enables or disables automated sensitive data discovery for an Amazon
+    # Macie account.
+    #
+    # @!attribute [rw] status
+    #   The status of the automated sensitive data discovery configuration
+    #   for an Amazon Macie account. Valid values are:
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAutomatedDiscoveryConfigurationRequest AWS API Documentation
+    #
+    class UpdateAutomatedDiscoveryConfigurationRequest < Struct.new(
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateAutomatedDiscoveryConfigurationResponse AWS API Documentation
+    #
+    class UpdateAutomatedDiscoveryConfigurationResponse < Aws::EmptyStructure; end
+
     # Changes the status of a classification job. For more information about
     # pausing, resuming, or cancelling jobs, see [Managing sensitive data
     # discovery jobs][1] in the *Amazon Macie User Guide*.
@@ -6945,14 +6334,6 @@ module Aws::Macie2
     #
     # [1]: https://docs.aws.amazon.com/macie/latest/user/discovery-jobs-manage.html
     #
-    # @note When making an API call, you may pass UpdateClassificationJobRequest
-    #   data as a hash:
-    #
-    #       {
-    #         job_id: "__string", # required
-    #         job_status: "RUNNING", # required, accepts RUNNING, PAUSED, CANCELLED, COMPLETE, IDLE, USER_PAUSED
-    #       }
-    #
     # @!attribute [rw] job_id
     #   @return [String]
     #
@@ -6973,39 +6354,46 @@ module Aws::Macie2
     #
     class UpdateClassificationJobResponse < Aws::EmptyStructure; end
 
-    # Specifies the criteria and other settings for a findings filter.
+    # Specifies new classification scope settings for an Amazon Macie
+    # account. Macie uses these settings when it performs automated
+    # sensitive data discovery for the account. To update the settings,
+    # automated sensitive data discovery must currently be enabled for the
+    # account.
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] s3
+    #   Specifies changes to the list of S3 buckets that are excluded from
+    #   automated sensitive data discovery for an Amazon Macie account.
+    #   @return [Types::S3ClassificationScopeUpdate]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateClassificationScopeRequest AWS API Documentation
     #
-    # @note When making an API call, you may pass UpdateFindingsFilterRequest
-    #   data as a hash:
-    #
-    #       {
-    #         action: "ARCHIVE", # accepts ARCHIVE, NOOP
-    #         description: "__string",
-    #         finding_criteria: {
-    #           criterion: {
-    #             "__string" => {
-    #               eq: ["__string"],
-    #               eq_exact_match: ["__string"],
-    #               gt: 1,
-    #               gte: 1,
-    #               lt: 1,
-    #               lte: 1,
-    #               neq: ["__string"],
-    #             },
-    #           },
-    #         },
-    #         id: "__string", # required
-    #         name: "__string",
-    #         position: 1,
-    #         client_token: "__string",
-    #       }
+    class UpdateClassificationScopeRequest < Struct.new(
+      :id,
+      :s3)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateClassificationScopeResponse AWS API Documentation
+    #
+    class UpdateClassificationScopeResponse < Aws::EmptyStructure; end
+
+    # Specifies the criteria and other settings for a findings filter.
     #
     # @!attribute [rw] action
-    #   The action to perform on findings that meet the filter criteria. To
-    #   suppress (automatically archive) findings that meet the criteria,
+    #   The action to perform on findings that match the filter criteria. To
+    #   suppress (automatically archive) findings that match the criteria,
     #   set this value to ARCHIVE. Valid values are:
     #   @return [String]
     #
+    # @!attribute [rw] client_token
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
     # @!attribute [rw] description
     #   @return [String]
     #
@@ -7023,21 +6411,16 @@ module Aws::Macie2
     # @!attribute [rw] position
     #   @return [Integer]
     #
-    # @!attribute [rw] client_token
-    #   **A suitable default value is auto-generated.** You should normally
-    #   not need to pass this option.
-    #   @return [String]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateFindingsFilterRequest AWS API Documentation
     #
     class UpdateFindingsFilterRequest < Struct.new(
       :action,
+      :client_token,
       :description,
       :finding_criteria,
       :id,
       :name,
-      :position,
-      :client_token)
+      :position)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7063,14 +6446,6 @@ module Aws::Macie2
     # Changes the status or configuration settings for an Amazon Macie
     # account.
     #
-    # @note When making an API call, you may pass UpdateMacieSessionRequest
-    #   data as a hash:
-    #
-    #       {
-    #         finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
-    #         status: "PAUSED", # accepts PAUSED, ENABLED
-    #       }
-    #
     # @!attribute [rw] finding_publishing_frequency
     #   The frequency with which Amazon Macie publishes updates to policy
     #   findings for an account. This includes publishing updates to
@@ -7102,14 +6477,6 @@ module Aws::Macie2
 
     # Suspends (pauses) or re-enables Amazon Macie for a member account.
     #
-    # @note When making an API call, you may pass UpdateMemberSessionRequest
-    #   data as a hash:
-    #
-    #       {
-    #         id: "__string", # required
-    #         status: "PAUSED", # required, accepts PAUSED, ENABLED
-    #       }
-    #
     # @!attribute [rw] id
     #   @return [String]
     #
@@ -7133,13 +6500,6 @@ module Aws::Macie2
     # Specifies whether to enable Amazon Macie automatically for accounts
     # that are added to an organization in Organizations.
     #
-    # @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         auto_enable: false, # required
-    #       }
-    #
     # @!attribute [rw] auto_enable
     #   @return [Boolean]
     #
@@ -7155,20 +6515,59 @@ module Aws::Macie2
     #
     class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
 
+    # Updates the sensitivity scoring settings for an S3 bucket that Amazon
+    # Macie monitors and analyzes for your account. The settings specify
+    # whether to exclude or include occurrences of specific types of
+    # sensitive data in calculations of the bucket's sensitivity score. You
+    # can update the settings only if automated sensitive data discovery is
+    # currently enabled for your account.
+    #
+    # @!attribute [rw] resource_arn
+    #   @return [String]
+    #
+    # @!attribute [rw] suppress_data_identifiers
+    #   @return [Array<Types::SuppressDataIdentifier>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfileDetectionsRequest AWS API Documentation
+    #
+    class UpdateResourceProfileDetectionsRequest < Struct.new(
+      :resource_arn,
+      :suppress_data_identifiers)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfileDetectionsResponse AWS API Documentation
+    #
+    class UpdateResourceProfileDetectionsResponse < Aws::EmptyStructure; end
+
+    # Specifies a new sensitivity score for an S3 bucket that Amazon Macie
+    # monitors and analyzes for your account. To update the score, automated
+    # sensitive data discovery must currently be enabled for your account.
+    #
+    # @!attribute [rw] resource_arn
+    #   @return [String]
+    #
+    # @!attribute [rw] sensitivity_score_override
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfileRequest AWS API Documentation
+    #
+    class UpdateResourceProfileRequest < Struct.new(
+      :resource_arn,
+      :sensitivity_score_override)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateResourceProfileResponse AWS API Documentation
+    #
+    class UpdateResourceProfileResponse < Aws::EmptyStructure; end
+
     # Specifies the configuration settings for retrieving occurrences of
     # sensitive data reported by findings, and the status of the
     # configuration for an Amazon Macie account.
     #
-    # @note When making an API call, you may pass UpdateRevealConfigurationRequest
-    #   data as a hash:
-    #
-    #       {
-    #         configuration: { # required
-    #           kms_key_id: "__stringMin1Max2048",
-    #           status: "ENABLED", # required, accepts ENABLED, DISABLED
-    #         },
-    #       }
-    #
     # @!attribute [rw] configuration
     #   Specifies the configuration settings for retrieving occurrences of
     #   sensitive data reported by findings, and the status of the
@@ -7207,6 +6606,59 @@ module Aws::Macie2
       include Aws::Structure
     end
 
+    # Specifies settings for the sensitivity inspection template for an
+    # Amazon Macie account. Macie uses the template's settings when it
+    # performs automated sensitive data discovery for the account. To update
+    # the settings, automated sensitive data discovery must currently be
+    # enabled for the account.
+    #
+    # @!attribute [rw] description
+    #   @return [String]
+    #
+    # @!attribute [rw] excludes
+    #   Specifies managed data identifiers to exclude (not use) when
+    #   performing automated sensitive data discovery for an Amazon Macie
+    #   account. For information about the managed data identifiers that
+    #   Amazon Macie currently provides, see [Using managed data
+    #   identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #   @return [Types::SensitivityInspectionTemplateExcludes]
+    #
+    # @!attribute [rw] id
+    #   @return [String]
+    #
+    # @!attribute [rw] includes
+    #   Specifies the allow lists, custom data identifiers, and managed data
+    #   identifiers to include (use) when performing automated sensitive
+    #   data discovery for an Amazon Macie account. The configuration must
+    #   specify at least one custom data identifier or managed data
+    #   identifier. For information about the managed data identifiers that
+    #   Amazon Macie currently provides, see [Using managed data
+    #   identifiers][1] in the *Amazon Macie User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/macie/latest/user/managed-data-identifiers.html
+    #   @return [Types::SensitivityInspectionTemplateIncludes]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateSensitivityInspectionTemplateRequest AWS API Documentation
+    #
+    class UpdateSensitivityInspectionTemplateRequest < Struct.new(
+      :description,
+      :excludes,
+      :id,
+      :includes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/macie2-2020-01-01/UpdateSensitivityInspectionTemplateResponse AWS API Documentation
+    #
+    class UpdateSensitivityInspectionTemplateResponse < Aws::EmptyStructure; end
+
     # Provides data for a specific usage metric and the corresponding quota
     # for an Amazon Macie account.
     #
@@ -7243,6 +6695,9 @@ module Aws::Macie2
     # @!attribute [rw] account_id
     #   @return [String]
     #
+    # @!attribute [rw] automated_discovery_free_trial_start_date
+    #   @return [Time]
+    #
     # @!attribute [rw] free_trial_start_date
     #   @return [Time]
     #
@@ -7253,6 +6708,7 @@ module Aws::Macie2
     #
     class UsageRecord < Struct.new(
       :account_id,
+      :automated_discovery_free_trial_start_date,
       :free_trial_start_date,
       :usage)
       SENSITIVE = []
@@ -7262,15 +6718,6 @@ module Aws::Macie2
     # Specifies a condition for filtering the results of a query for quota
     # and usage data for one or more Amazon Macie accounts.
     #
-    # @note When making an API call, you may pass UsageStatisticsFilter
-    #   data as a hash:
-    #
-    #       {
-    #         comparator: "GT", # accepts GT, GTE, LT, LTE, EQ, NE, CONTAINS
-    #         key: "accountId", # accepts accountId, serviceLimit, freeTrialStartDate, total
-    #         values: ["__string"],
-    #       }
-    #
     # @!attribute [rw] comparator
     #   The operator to use in a condition that filters the results of a
     #   query for Amazon Macie account quotas and usage data. Valid values
@@ -7298,14 +6745,6 @@ module Aws::Macie2
     # Specifies criteria for sorting the results of a query for Amazon Macie
     # account quotas and usage data.
     #
-    # @note When making an API call, you may pass UsageStatisticsSortBy
-    #   data as a hash:
-    #
-    #       {
-    #         key: "accountId", # accepts accountId, total, serviceLimitValue, freeTrialStartDate
-    #         order_by: "ASC", # accepts ASC, DESC
-    #       }
-    #
     # @!attribute [rw] key
     #   The field to use to sort the results of a query for Amazon Macie
     #   account quotas and usage data. Valid values are:
@@ -7479,13 +6918,6 @@ module Aws::Macie2
     # Specifies a weekly recurrence pattern for running a classification
     # job.
     #
-    # @note When making an API call, you may pass WeeklySchedule
-    #   data as a hash:
-    #
-    #       {
-    #         day_of_week: "SUNDAY", # accepts SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
-    #       }
-    #
     # @!attribute [rw] day_of_week
     #   @return [String]
     #