aws-sdk-qbusiness 1.40.0 → 1.41.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dfeed7c9efa6b6dc980073f888177c89e89527343f6bc56674f3c7ba70d18767
-  data.tar.gz: af2d565e5503dfef81aa0b9ad19687e4f12ccacc8c8bf6a93b405f589621b415
+  metadata.gz: 20848fc0aeec463799e9453fcba6ba06e5ec38b47bcb5904e39b4e34cef0a85b
+  data.tar.gz: 4216cee2bd35e80ad2c42fe3e6aa5cfa00bf8801db6166cc4d7deb7ed8f5889f
 SHA512:
-  metadata.gz: ecc576fecfe9b62925b7838efc764d22477e954141a09531abf67b6c1572bc20610c320cdab1a49db6b10b078df6e3044ff07a382421920660b1250fcdaa0f62
-  data.tar.gz: 772c4127d63c7dd6d91efce2beff021a288fa4070c7e35130383caa93b46e27db895f0e9665601ceed43a93844db68e3d6a2776daa4d5037fa1443055b6c13cb
+  metadata.gz: d7ad62eb53d413785571f4107b9a4812239e488b6e1b04a3ce52ffdd6653a0f6681070c45d8177b155ac8786246cf16b7b289a0d89f7df1a94de94dabe648672
+  data.tar.gz: f0a28fb6eb4aca880e40fa18396d5fc1eafe70949e5dde09e6f5d295715c0bf6988b4cae9942f741d57a9d9ae048b260601ebc84de4b48cb52ee05bb6ebc2444

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.41.0 (2025-06-26)
+------------------
+
+* Feature - Added support for App level authentication for QBusiness DataAccessor using AWS IAM Identity center Trusted Token issuer
+
 1.40.0 (2025-06-02)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.40.0
+1.41.0

data/lib/aws-sdk-qbusiness/async_client.rb

@@ -673,7 +673,7 @@ module Aws::QBusiness
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-qbusiness'
-      context[:gem_version] = '1.40.0'
+      context[:gem_version] = '1.41.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-qbusiness/client.rb

@@ -497,6 +497,11 @@ module Aws::QBusiness
     #   The list of Amazon Q Business actions that the ISV is allowed to
     #   perform.
     #
+    # @option params [Array<Types::PermissionCondition>] :conditions
+    #   The conditions that restrict when the permission is effective. These
+    #   conditions can be used to limit the permission based on specific
+    #   attributes of the request.
+    #
     # @option params [required, String] :principal
     #   The Amazon Resource Name of the IAM role for the ISV that is being
     #   granted permission.
@@ -511,6 +516,13 @@ module Aws::QBusiness
     #     application_id: "ApplicationId", # required
     #     statement_id: "StatementId", # required
     #     actions: ["QIamAction"], # required
+    #     conditions: [
+    #       {
+    #         condition_operator: "StringEquals", # required, accepts StringEquals
+    #         condition_key: "PermissionConditionKey", # required
+    #         condition_values: ["PermissionConditionValue"], # required
+    #       },
+    #     ],
     #     principal: "PrincipalRoleArn", # required
     #   })
     #
@@ -1379,6 +1391,11 @@ module Aws::QBusiness
     # @option params [required, String] :display_name
     #   A friendly name for the data accessor.
     #
+    # @option params [Types::DataAccessorAuthenticationDetail] :authentication_detail
+    #   The authentication configuration details for the data accessor. This
+    #   specifies how the ISV will authenticate when accessing data through
+    #   this data accessor.
+    #
     # @option params [Array<Types::Tag>] :tags
     #   The tags to associate with the data accessor.
     #
@@ -1480,6 +1497,15 @@ module Aws::QBusiness
     #     ],
     #     client_token: "ClientToken",
     #     display_name: "DataAccessorName", # required
+    #     authentication_detail: {
+    #       authentication_type: "AWS_IAM_IDC_TTI", # required, accepts AWS_IAM_IDC_TTI, AWS_IAM_IDC_AUTH_CODE
+    #       authentication_configuration: {
+    #         idc_trusted_token_issuer_configuration: {
+    #           idc_trusted_token_issuer_arn: "IdcTrustedTokenIssuerArn", # required
+    #         },
+    #       },
+    #       external_ids: ["DataAccessorExternalId"],
+    #     },
     #     tags: [
     #       {
     #         key: "TagKey", # required
@@ -2810,6 +2836,7 @@ module Aws::QBusiness
     #   * {Types::GetDataAccessorResponse#idc_application_arn #idc_application_arn} => String
     #   * {Types::GetDataAccessorResponse#principal #principal} => String
     #   * {Types::GetDataAccessorResponse#action_configurations #action_configurations} => Array&lt;Types::ActionConfiguration&gt;
+    #   * {Types::GetDataAccessorResponse#authentication_detail #authentication_detail} => Types::DataAccessorAuthenticationDetail
     #   * {Types::GetDataAccessorResponse#created_at #created_at} => Time
     #   * {Types::GetDataAccessorResponse#updated_at #updated_at} => Time
     #
@@ -2877,6 +2904,10 @@ module Aws::QBusiness
     #   resp.action_configurations[0].filter_configuration.document_attribute_filter.less_than_or_equals.value.string_list_value[0] #=> String
     #   resp.action_configurations[0].filter_configuration.document_attribute_filter.less_than_or_equals.value.long_value #=> Integer
     #   resp.action_configurations[0].filter_configuration.document_attribute_filter.less_than_or_equals.value.date_value #=> Time
+    #   resp.authentication_detail.authentication_type #=> String, one of "AWS_IAM_IDC_TTI", "AWS_IAM_IDC_AUTH_CODE"
+    #   resp.authentication_detail.authentication_configuration.idc_trusted_token_issuer_configuration.idc_trusted_token_issuer_arn #=> String
+    #   resp.authentication_detail.external_ids #=> Array
+    #   resp.authentication_detail.external_ids[0] #=> String
     #   resp.created_at #=> Time
     #   resp.updated_at #=> Time
     #
@@ -3649,6 +3680,10 @@ module Aws::QBusiness
     #   resp.data_accessors[0].data_accessor_arn #=> String
     #   resp.data_accessors[0].idc_application_arn #=> String
     #   resp.data_accessors[0].principal #=> String
+    #   resp.data_accessors[0].authentication_detail.authentication_type #=> String, one of "AWS_IAM_IDC_TTI", "AWS_IAM_IDC_AUTH_CODE"
+    #   resp.data_accessors[0].authentication_detail.authentication_configuration.idc_trusted_token_issuer_configuration.idc_trusted_token_issuer_arn #=> String
+    #   resp.data_accessors[0].authentication_detail.external_ids #=> Array
+    #   resp.data_accessors[0].authentication_detail.external_ids[0] #=> String
     #   resp.data_accessors[0].created_at #=> Time
     #   resp.data_accessors[0].updated_at #=> Time
     #   resp.next_token #=> String
@@ -5116,6 +5151,11 @@ module Aws::QBusiness
     #   The updated list of action configurations specifying the allowed
     #   actions and any associated filters.
     #
+    # @option params [Types::DataAccessorAuthenticationDetail] :authentication_detail
+    #   The updated authentication configuration details for the data
+    #   accessor. This specifies how the ISV will authenticate when accessing
+    #   data through this data accessor.
+    #
     # @option params [String] :display_name
     #   The updated friendly name for the data accessor.
     #
@@ -5211,6 +5251,15 @@ module Aws::QBusiness
     #         },
     #       },
     #     ],
+    #     authentication_detail: {
+    #       authentication_type: "AWS_IAM_IDC_TTI", # required, accepts AWS_IAM_IDC_TTI, AWS_IAM_IDC_AUTH_CODE
+    #       authentication_configuration: {
+    #         idc_trusted_token_issuer_configuration: {
+    #           idc_trusted_token_issuer_arn: "IdcTrustedTokenIssuerArn", # required
+    #         },
+    #       },
+    #       external_ids: ["DataAccessorExternalId"],
+    #     },
     #     display_name: "DataAccessorName",
     #   })
     #
@@ -5824,7 +5873,7 @@ module Aws::QBusiness
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-qbusiness'
-      context[:gem_version] = '1.40.0'
+      context[:gem_version] = '1.41.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-qbusiness/client_api.rb

@@ -156,7 +156,13 @@ module Aws::QBusiness
     CustomizationConfiguration = Shapes::StructureShape.new(name: 'CustomizationConfiguration')
     DataAccessor = Shapes::StructureShape.new(name: 'DataAccessor')
     DataAccessorArn = Shapes::StringShape.new(name: 'DataAccessorArn')
+    DataAccessorAuthenticationConfiguration = Shapes::UnionShape.new(name: 'DataAccessorAuthenticationConfiguration')
+    DataAccessorAuthenticationDetail = Shapes::StructureShape.new(name: 'DataAccessorAuthenticationDetail')
+    DataAccessorAuthenticationType = Shapes::StringShape.new(name: 'DataAccessorAuthenticationType')
+    DataAccessorExternalId = Shapes::StringShape.new(name: 'DataAccessorExternalId')
+    DataAccessorExternalIds = Shapes::ListShape.new(name: 'DataAccessorExternalIds')
     DataAccessorId = Shapes::StringShape.new(name: 'DataAccessorId')
+    DataAccessorIdcTrustedTokenIssuerConfiguration = Shapes::StructureShape.new(name: 'DataAccessorIdcTrustedTokenIssuerConfiguration')
     DataAccessorName = Shapes::StringShape.new(name: 'DataAccessorName')
     DataAccessors = Shapes::ListShape.new(name: 'DataAccessors')
     DataSource = Shapes::StructureShape.new(name: 'DataSource')
@@ -289,6 +295,7 @@ module Aws::QBusiness
     IAMIdentityProviderArn = Shapes::StringShape.new(name: 'IAMIdentityProviderArn')
     IdcApplicationArn = Shapes::StringShape.new(name: 'IdcApplicationArn')
     IdcAuthConfiguration = Shapes::StructureShape.new(name: 'IdcAuthConfiguration')
+    IdcTrustedTokenIssuerArn = Shapes::StringShape.new(name: 'IdcTrustedTokenIssuerArn')
     IdentityProviderConfiguration = Shapes::UnionShape.new(name: 'IdentityProviderConfiguration')
     IdentityType = Shapes::StringShape.new(name: 'IdentityType')
     ImageExtractionConfiguration = Shapes::StructureShape.new(name: 'ImageExtractionConfiguration')
@@ -406,6 +413,12 @@ module Aws::QBusiness
     OrchestrationControl = Shapes::StringShape.new(name: 'OrchestrationControl')
     Origin = Shapes::StringShape.new(name: 'Origin')
     Payload = Shapes::StringShape.new(name: 'Payload')
+    PermissionCondition = Shapes::StructureShape.new(name: 'PermissionCondition')
+    PermissionConditionKey = Shapes::StringShape.new(name: 'PermissionConditionKey')
+    PermissionConditionOperator = Shapes::StringShape.new(name: 'PermissionConditionOperator')
+    PermissionConditionValue = Shapes::StringShape.new(name: 'PermissionConditionValue')
+    PermissionConditionValues = Shapes::ListShape.new(name: 'PermissionConditionValues')
+    PermissionConditions = Shapes::ListShape.new(name: 'PermissionConditions')
     PersonalizationConfiguration = Shapes::StructureShape.new(name: 'PersonalizationConfiguration')
     PersonalizationControlMode = Shapes::StringShape.new(name: 'PersonalizationControlMode')
     Plugin = Shapes::StructureShape.new(name: 'Plugin')
@@ -683,6 +696,7 @@ module Aws::QBusiness
     AssociatePermissionRequest.add_member(:application_id, Shapes::ShapeRef.new(shape: ApplicationId, required: true, location: "uri", location_name: "applicationId"))
     AssociatePermissionRequest.add_member(:statement_id, Shapes::ShapeRef.new(shape: StatementId, required: true, location_name: "statementId"))
     AssociatePermissionRequest.add_member(:actions, Shapes::ShapeRef.new(shape: QIamActions, required: true, location_name: "actions"))
+    AssociatePermissionRequest.add_member(:conditions, Shapes::ShapeRef.new(shape: PermissionConditions, location_name: "conditions"))
     AssociatePermissionRequest.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalRoleArn, required: true, location_name: "principal"))
     AssociatePermissionRequest.struct_class = Types::AssociatePermissionRequest
 
@@ -977,6 +991,7 @@ module Aws::QBusiness
     CreateDataAccessorRequest.add_member(:action_configurations, Shapes::ShapeRef.new(shape: ActionConfigurationList, required: true, location_name: "actionConfigurations"))
     CreateDataAccessorRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken" => true}))
     CreateDataAccessorRequest.add_member(:display_name, Shapes::ShapeRef.new(shape: DataAccessorName, required: true, location_name: "displayName"))
+    CreateDataAccessorRequest.add_member(:authentication_detail, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationDetail, location_name: "authenticationDetail"))
     CreateDataAccessorRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
     CreateDataAccessorRequest.struct_class = Types::CreateDataAccessorRequest
 
@@ -1103,10 +1118,27 @@ module Aws::QBusiness
     DataAccessor.add_member(:data_accessor_arn, Shapes::ShapeRef.new(shape: DataAccessorArn, location_name: "dataAccessorArn"))
     DataAccessor.add_member(:idc_application_arn, Shapes::ShapeRef.new(shape: IdcApplicationArn, location_name: "idcApplicationArn"))
     DataAccessor.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalRoleArn, location_name: "principal"))
+    DataAccessor.add_member(:authentication_detail, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationDetail, location_name: "authenticationDetail"))
     DataAccessor.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
     DataAccessor.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "updatedAt"))
     DataAccessor.struct_class = Types::DataAccessor
 
+    DataAccessorAuthenticationConfiguration.add_member(:idc_trusted_token_issuer_configuration, Shapes::ShapeRef.new(shape: DataAccessorIdcTrustedTokenIssuerConfiguration, location_name: "idcTrustedTokenIssuerConfiguration"))
+    DataAccessorAuthenticationConfiguration.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
+    DataAccessorAuthenticationConfiguration.add_member_subclass(:idc_trusted_token_issuer_configuration, Types::DataAccessorAuthenticationConfiguration::IdcTrustedTokenIssuerConfiguration)
+    DataAccessorAuthenticationConfiguration.add_member_subclass(:unknown, Types::DataAccessorAuthenticationConfiguration::Unknown)
+    DataAccessorAuthenticationConfiguration.struct_class = Types::DataAccessorAuthenticationConfiguration
+
+    DataAccessorAuthenticationDetail.add_member(:authentication_type, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationType, required: true, location_name: "authenticationType"))
+    DataAccessorAuthenticationDetail.add_member(:authentication_configuration, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationConfiguration, location_name: "authenticationConfiguration"))
+    DataAccessorAuthenticationDetail.add_member(:external_ids, Shapes::ShapeRef.new(shape: DataAccessorExternalIds, location_name: "externalIds"))
+    DataAccessorAuthenticationDetail.struct_class = Types::DataAccessorAuthenticationDetail
+
+    DataAccessorExternalIds.member = Shapes::ShapeRef.new(shape: DataAccessorExternalId)
+
+    DataAccessorIdcTrustedTokenIssuerConfiguration.add_member(:idc_trusted_token_issuer_arn, Shapes::ShapeRef.new(shape: IdcTrustedTokenIssuerArn, required: true, location_name: "idcTrustedTokenIssuerArn"))
+    DataAccessorIdcTrustedTokenIssuerConfiguration.struct_class = Types::DataAccessorIdcTrustedTokenIssuerConfiguration
+
     DataAccessors.member = Shapes::ShapeRef.new(shape: DataAccessor)
 
     DataSource.add_member(:display_name, Shapes::ShapeRef.new(shape: DataSourceName, location_name: "displayName"))
@@ -1429,6 +1461,7 @@ module Aws::QBusiness
     GetDataAccessorResponse.add_member(:idc_application_arn, Shapes::ShapeRef.new(shape: IdcApplicationArn, location_name: "idcApplicationArn"))
     GetDataAccessorResponse.add_member(:principal, Shapes::ShapeRef.new(shape: PrincipalRoleArn, location_name: "principal"))
     GetDataAccessorResponse.add_member(:action_configurations, Shapes::ShapeRef.new(shape: ActionConfigurationList, location_name: "actionConfigurations"))
+    GetDataAccessorResponse.add_member(:authentication_detail, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationDetail, location_name: "authenticationDetail"))
     GetDataAccessorResponse.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
     GetDataAccessorResponse.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "updatedAt"))
     GetDataAccessorResponse.struct_class = Types::GetDataAccessorResponse
@@ -1887,6 +1920,15 @@ module Aws::QBusiness
     OrchestrationConfiguration.add_member(:control, Shapes::ShapeRef.new(shape: OrchestrationControl, required: true, location_name: "control"))
     OrchestrationConfiguration.struct_class = Types::OrchestrationConfiguration
 
+    PermissionCondition.add_member(:condition_operator, Shapes::ShapeRef.new(shape: PermissionConditionOperator, required: true, location_name: "conditionOperator"))
+    PermissionCondition.add_member(:condition_key, Shapes::ShapeRef.new(shape: PermissionConditionKey, required: true, location_name: "conditionKey"))
+    PermissionCondition.add_member(:condition_values, Shapes::ShapeRef.new(shape: PermissionConditionValues, required: true, location_name: "conditionValues"))
+    PermissionCondition.struct_class = Types::PermissionCondition
+
+    PermissionConditionValues.member = Shapes::ShapeRef.new(shape: PermissionConditionValue)
+
+    PermissionConditions.member = Shapes::ShapeRef.new(shape: PermissionCondition)
+
     PersonalizationConfiguration.add_member(:personalization_control_mode, Shapes::ShapeRef.new(shape: PersonalizationControlMode, required: true, location_name: "personalizationControlMode"))
     PersonalizationConfiguration.struct_class = Types::PersonalizationConfiguration
 
@@ -2209,6 +2251,7 @@ module Aws::QBusiness
     UpdateDataAccessorRequest.add_member(:application_id, Shapes::ShapeRef.new(shape: ApplicationId, required: true, location: "uri", location_name: "applicationId"))
     UpdateDataAccessorRequest.add_member(:data_accessor_id, Shapes::ShapeRef.new(shape: DataAccessorId, required: true, location: "uri", location_name: "dataAccessorId"))
     UpdateDataAccessorRequest.add_member(:action_configurations, Shapes::ShapeRef.new(shape: ActionConfigurationList, required: true, location_name: "actionConfigurations"))
+    UpdateDataAccessorRequest.add_member(:authentication_detail, Shapes::ShapeRef.new(shape: DataAccessorAuthenticationDetail, location_name: "authenticationDetail"))
     UpdateDataAccessorRequest.add_member(:display_name, Shapes::ShapeRef.new(shape: DataAccessorName, location_name: "displayName"))
     UpdateDataAccessorRequest.struct_class = Types::UpdateDataAccessorRequest
 

data/lib/aws-sdk-qbusiness/types.rb

@@ -548,6 +548,12 @@ module Aws::QBusiness
     #   perform.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] conditions
+    #   The conditions that restrict when the permission is effective. These
+    #   conditions can be used to limit the permission based on specific
+    #   attributes of the request.
+    #   @return [Array<Types::PermissionCondition>]
+    #
     # @!attribute [rw] principal
     #   The Amazon Resource Name of the IAM role for the ISV that is being
     #   granted permission.
@@ -559,6 +565,7 @@ module Aws::QBusiness
       :application_id,
       :statement_id,
       :actions,
+      :conditions,
       :principal)
       SENSITIVE = []
       include Aws::Structure
@@ -1978,6 +1985,12 @@ module Aws::QBusiness
     #   A friendly name for the data accessor.
     #   @return [String]
     #
+    # @!attribute [rw] authentication_detail
+    #   The authentication configuration details for the data accessor. This
+    #   specifies how the ISV will authenticate when accessing data through
+    #   this data accessor.
+    #   @return [Types::DataAccessorAuthenticationDetail]
+    #
     # @!attribute [rw] tags
     #   The tags to associate with the data accessor.
     #   @return [Array<Types::Tag>]
@@ -1990,6 +2003,7 @@ module Aws::QBusiness
       :action_configurations,
       :client_token,
       :display_name,
+      :authentication_detail,
       :tags)
       SENSITIVE = [:display_name]
       include Aws::Structure
@@ -2715,6 +2729,12 @@ module Aws::QBusiness
     #   associated with this data accessor.
     #   @return [String]
     #
+    # @!attribute [rw] authentication_detail
+    #   The authentication configuration details for the data accessor. This
+    #   specifies how the ISV authenticates when accessing data through this
+    #   data accessor.
+    #   @return [Types::DataAccessorAuthenticationDetail]
+    #
     # @!attribute [rw] created_at
     #   The timestamp when the data accessor was created.
     #   @return [Time]
@@ -2731,12 +2751,95 @@ module Aws::QBusiness
       :data_accessor_arn,
       :idc_application_arn,
       :principal,
+      :authentication_detail,
       :created_at,
       :updated_at)
       SENSITIVE = [:display_name]
       include Aws::Structure
     end
 
+    # A union type that contains the specific authentication configuration
+    # based on the authentication type selected.
+    #
+    # @note DataAccessorAuthenticationConfiguration is a union - when making an API calls you must set exactly one of the members.
+    #
+    # @note DataAccessorAuthenticationConfiguration is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of DataAccessorAuthenticationConfiguration corresponding to the set member.
+    #
+    # @!attribute [rw] idc_trusted_token_issuer_configuration
+    #   Configuration for IAM Identity Center Trusted Token Issuer (TTI)
+    #   authentication used when the authentication type is
+    #   `AWS_IAM_IDC_TTI`.
+    #   @return [Types::DataAccessorIdcTrustedTokenIssuerConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/DataAccessorAuthenticationConfiguration AWS API Documentation
+    #
+    class DataAccessorAuthenticationConfiguration < Struct.new(
+      :idc_trusted_token_issuer_configuration,
+      :unknown)
+      SENSITIVE = []
+      include Aws::Structure
+      include Aws::Structure::Union
+
+      class IdcTrustedTokenIssuerConfiguration < DataAccessorAuthenticationConfiguration; end
+      class Unknown < DataAccessorAuthenticationConfiguration; end
+    end
+
+    # Contains the authentication configuration details for a data accessor.
+    # This structure defines how the ISV authenticates when accessing data
+    # through the data accessor.
+    #
+    # @!attribute [rw] authentication_type
+    #   The type of authentication to use for the data accessor. This
+    #   determines how the ISV authenticates when accessing data. You can
+    #   use one of two authentication types:
+    #
+    #   * `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center
+    #     Trusted Token Issuer (TTI). This authentication type allows the
+    #     ISV to use a trusted token issuer to generate tokens for accessing
+    #     the data.
+    #
+    #   * `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center
+    #     authorization code flow. This authentication type uses the
+    #     standard OAuth 2.0 authorization code flow for authentication.
+    #   @return [String]
+    #
+    # @!attribute [rw] authentication_configuration
+    #   The specific authentication configuration based on the
+    #   authentication type.
+    #   @return [Types::DataAccessorAuthenticationConfiguration]
+    #
+    # @!attribute [rw] external_ids
+    #   A list of external identifiers associated with this authentication
+    #   configuration. These are used to correlate the data accessor with
+    #   external systems.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/DataAccessorAuthenticationDetail AWS API Documentation
+    #
+    class DataAccessorAuthenticationDetail < Struct.new(
+      :authentication_type,
+      :authentication_configuration,
+      :external_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Configuration details for IAM Identity Center Trusted Token Issuer
+    # (TTI) authentication.
+    #
+    # @!attribute [rw] idc_trusted_token_issuer_arn
+    #   The Amazon Resource Name (ARN) of the IAM Identity Center Trusted
+    #   Token Issuer that will be used for authentication.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/DataAccessorIdcTrustedTokenIssuerConfiguration AWS API Documentation
+    #
+    class DataAccessorIdcTrustedTokenIssuerConfiguration < Struct.new(
+      :idc_trusted_token_issuer_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # A data source in an Amazon Q Business application.
     #
     # @!attribute [rw] display_name
@@ -4248,6 +4351,12 @@ module Aws::QBusiness
     #   any associated filters.
     #   @return [Array<Types::ActionConfiguration>]
     #
+    # @!attribute [rw] authentication_detail
+    #   The authentication configuration details for the data accessor. This
+    #   specifies how the ISV authenticates when accessing data through this
+    #   data accessor.
+    #   @return [Types::DataAccessorAuthenticationDetail]
+    #
     # @!attribute [rw] created_at
     #   The timestamp when the data accessor was created.
     #   @return [Time]
@@ -4266,6 +4375,7 @@ module Aws::QBusiness
       :idc_application_arn,
       :principal,
       :action_configurations,
+      :authentication_detail,
       :created_at,
       :updated_at)
       SENSITIVE = [:display_name]
@@ -5071,7 +5181,7 @@ module Aws::QBusiness
     #   @return [Types::DocumentAttributeCondition]
     #
     # @!attribute [rw] lambda_arn
-    #   The Amazon Resource Name (ARN) of the Lambda function sduring
+    #   The Amazon Resource Name (ARN) of the Lambda function during
     #   ingestion. For more information, see [Using Lambda functions for
     #   Amazon Q Business document enrichment][1].
     #
@@ -6606,6 +6716,35 @@ module Aws::QBusiness
       include Aws::Structure
     end
 
+    # Defines a condition that restricts when a permission is effective.
+    # Conditions allow you to control access based on specific attributes of
+    # the request.
+    #
+    # @!attribute [rw] condition_operator
+    #   The operator to use for the condition evaluation. This determines
+    #   how the condition values are compared.
+    #   @return [String]
+    #
+    # @!attribute [rw] condition_key
+    #   The key for the condition. This identifies the attribute that the
+    #   condition applies to.
+    #   @return [String]
+    #
+    # @!attribute [rw] condition_values
+    #   The values to compare against using the specified condition
+    #   operator.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/qbusiness-2023-11-27/PermissionCondition AWS API Documentation
+    #
+    class PermissionCondition < Struct.new(
+      :condition_operator,
+      :condition_key,
+      :condition_values)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Configuration information about chat response personalization. For
     # more information, see [Personalizing chat responses][1].
     #
@@ -8081,6 +8220,12 @@ module Aws::QBusiness
     #   actions and any associated filters.
     #   @return [Array<Types::ActionConfiguration>]
     #
+    # @!attribute [rw] authentication_detail
+    #   The updated authentication configuration details for the data
+    #   accessor. This specifies how the ISV will authenticate when
+    #   accessing data through this data accessor.
+    #   @return [Types::DataAccessorAuthenticationDetail]
+    #
     # @!attribute [rw] display_name
     #   The updated friendly name for the data accessor.
     #   @return [String]
@@ -8091,6 +8236,7 @@ module Aws::QBusiness
       :application_id,
       :data_accessor_id,
       :action_configurations,
+      :authentication_detail,
       :display_name)
       SENSITIVE = [:display_name]
       include Aws::Structure

data/lib/aws-sdk-qbusiness.rb

@@ -57,7 +57,7 @@ module Aws::QBusiness
   autoload :AsyncClient, 'aws-sdk-qbusiness/async_client'
   autoload :EventStreams, 'aws-sdk-qbusiness/event_streams'
 
-  GEM_VERSION = '1.40.0'
+  GEM_VERSION = '1.41.0'
 
 end
 

data/sig/client.rbs

@@ -89,6 +89,13 @@ module Aws
                                   application_id: ::String,
                                   statement_id: ::String,
                                   actions: Array[::String],
+                                  ?conditions: Array[
+                                    {
+                                      condition_operator: ("StringEquals"),
+                                      condition_key: ::String,
+                                      condition_values: Array[::String]
+                                    },
+                                  ],
                                   principal: ::String
                                 ) -> _AssociatePermissionResponseSuccess
                               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _AssociatePermissionResponseSuccess
@@ -534,6 +541,15 @@ module Aws
                                   ],
                                   ?client_token: ::String,
                                   display_name: ::String,
+                                  ?authentication_detail: {
+                                    authentication_type: ("AWS_IAM_IDC_TTI" | "AWS_IAM_IDC_AUTH_CODE"),
+                                    authentication_configuration: {
+                                      idc_trusted_token_issuer_configuration: {
+                                        idc_trusted_token_issuer_arn: ::String
+                                      }?
+                                    }?,
+                                    external_ids: Array[::String]?
+                                  },
                                   ?tags: Array[
                                     {
                                       key: ::String,
@@ -1028,6 +1044,7 @@ module Aws
         def idc_application_arn: () -> ::String
         def principal: () -> ::String
         def action_configurations: () -> ::Array[Types::ActionConfiguration]
+        def authentication_detail: () -> Types::DataAccessorAuthenticationDetail
         def created_at: () -> ::Time
         def updated_at: () -> ::Time
       end
@@ -1841,6 +1858,15 @@ module Aws
                                       }?
                                     },
                                   ],
+                                  ?authentication_detail: {
+                                    authentication_type: ("AWS_IAM_IDC_TTI" | "AWS_IAM_IDC_AUTH_CODE"),
+                                    authentication_configuration: {
+                                      idc_trusted_token_issuer_configuration: {
+                                        idc_trusted_token_issuer_arn: ::String
+                                      }?
+                                    }?,
+                                    external_ids: Array[::String]?
+                                  },
                                   ?display_name: ::String
                                 ) -> _UpdateDataAccessorResponseSuccess
                               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _UpdateDataAccessorResponseSuccess

data/sig/types.rbs

@@ -147,6 +147,7 @@ module Aws::QBusiness
       attr_accessor application_id: ::String
       attr_accessor statement_id: ::String
       attr_accessor actions: ::Array[::String]
+      attr_accessor conditions: ::Array[Types::PermissionCondition]
       attr_accessor principal: ::String
       SENSITIVE: []
     end
@@ -504,6 +505,7 @@ module Aws::QBusiness
       attr_accessor action_configurations: ::Array[Types::ActionConfiguration]
       attr_accessor client_token: ::String
       attr_accessor display_name: ::String
+      attr_accessor authentication_detail: Types::DataAccessorAuthenticationDetail
       attr_accessor tags: ::Array[Types::Tag]
       SENSITIVE: [:display_name]
     end
@@ -665,11 +667,35 @@ module Aws::QBusiness
       attr_accessor data_accessor_arn: ::String
       attr_accessor idc_application_arn: ::String
       attr_accessor principal: ::String
+      attr_accessor authentication_detail: Types::DataAccessorAuthenticationDetail
       attr_accessor created_at: ::Time
       attr_accessor updated_at: ::Time
       SENSITIVE: [:display_name]
     end
 
+    class DataAccessorAuthenticationConfiguration
+      attr_accessor idc_trusted_token_issuer_configuration: Types::DataAccessorIdcTrustedTokenIssuerConfiguration
+      attr_accessor unknown: untyped
+      SENSITIVE: []
+
+      class IdcTrustedTokenIssuerConfiguration < DataAccessorAuthenticationConfiguration
+      end
+      class Unknown < DataAccessorAuthenticationConfiguration
+      end
+    end
+
+    class DataAccessorAuthenticationDetail
+      attr_accessor authentication_type: ("AWS_IAM_IDC_TTI" | "AWS_IAM_IDC_AUTH_CODE")
+      attr_accessor authentication_configuration: Types::DataAccessorAuthenticationConfiguration
+      attr_accessor external_ids: ::Array[::String]
+      SENSITIVE: []
+    end
+
+    class DataAccessorIdcTrustedTokenIssuerConfiguration
+      attr_accessor idc_trusted_token_issuer_arn: ::String
+      SENSITIVE: []
+    end
+
     class DataSource
       attr_accessor display_name: ::String
       attr_accessor data_source_id: ::String
@@ -1081,6 +1107,7 @@ module Aws::QBusiness
       attr_accessor idc_application_arn: ::String
       attr_accessor principal: ::String
       attr_accessor action_configurations: ::Array[Types::ActionConfiguration]
+      attr_accessor authentication_detail: Types::DataAccessorAuthenticationDetail
       attr_accessor created_at: ::Time
       attr_accessor updated_at: ::Time
       SENSITIVE: [:display_name]
@@ -1694,6 +1721,13 @@ module Aws::QBusiness
       SENSITIVE: []
     end
 
+    class PermissionCondition
+      attr_accessor condition_operator: ("StringEquals")
+      attr_accessor condition_key: ::String
+      attr_accessor condition_values: ::Array[::String]
+      SENSITIVE: []
+    end
+
     class PersonalizationConfiguration
       attr_accessor personalization_control_mode: ("ENABLED" | "DISABLED")
       SENSITIVE: []
@@ -2117,6 +2151,7 @@ module Aws::QBusiness
       attr_accessor application_id: ::String
       attr_accessor data_accessor_id: ::String
       attr_accessor action_configurations: ::Array[Types::ActionConfiguration]
+      attr_accessor authentication_detail: Types::DataAccessorAuthenticationDetail
       attr_accessor display_name: ::String
       SENSITIVE: [:display_name]
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-qbusiness
 version: !ruby/object:Gem::Version
-  version: 1.40.0
+  version: 1.41.0
 platform: ruby
 authors:
 - Amazon Web Services