@aws-sdk/client-accessanalyzer 3.169.0 → 3.171.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/CHANGELOG.md +16 -0
  2. package/dist-types/ts3.4/AccessAnalyzer.d.ts +480 -145
  3. package/dist-types/ts3.4/AccessAnalyzerClient.d.ts +273 -101
  4. package/dist-types/ts3.4/commands/ApplyArchiveRuleCommand.d.ts +30 -17
  5. package/dist-types/ts3.4/commands/CancelPolicyGenerationCommand.d.ts +39 -17
  6. package/dist-types/ts3.4/commands/CreateAccessPreviewCommand.d.ts +36 -17
  7. package/dist-types/ts3.4/commands/CreateAnalyzerCommand.d.ts +35 -17
  8. package/dist-types/ts3.4/commands/CreateArchiveRuleCommand.d.ts +31 -17
  9. package/dist-types/ts3.4/commands/DeleteAnalyzerCommand.d.ts +30 -17
  10. package/dist-types/ts3.4/commands/DeleteArchiveRuleCommand.d.ts +31 -17
  11. package/dist-types/ts3.4/commands/GetAccessPreviewCommand.d.ts +35 -17
  12. package/dist-types/ts3.4/commands/GetAnalyzedResourceCommand.d.ts +36 -17
  13. package/dist-types/ts3.4/commands/GetAnalyzerCommand.d.ts +32 -17
  14. package/dist-types/ts3.4/commands/GetArchiveRuleCommand.d.ts +35 -17
  15. package/dist-types/ts3.4/commands/GetFindingCommand.d.ts +32 -17
  16. package/dist-types/ts3.4/commands/GetGeneratedPolicyCommand.d.ts +36 -17
  17. package/dist-types/ts3.4/commands/ListAccessPreviewFindingsCommand.d.ts +39 -17
  18. package/dist-types/ts3.4/commands/ListAccessPreviewsCommand.d.ts +36 -17
  19. package/dist-types/ts3.4/commands/ListAnalyzedResourcesCommand.d.ts +39 -17
  20. package/dist-types/ts3.4/commands/ListAnalyzersCommand.d.ts +35 -17
  21. package/dist-types/ts3.4/commands/ListArchiveRulesCommand.d.ts +35 -17
  22. package/dist-types/ts3.4/commands/ListFindingsCommand.d.ts +32 -17
  23. package/dist-types/ts3.4/commands/ListPolicyGenerationsCommand.d.ts +39 -17
  24. package/dist-types/ts3.4/commands/ListTagsForResourceCommand.d.ts +36 -17
  25. package/dist-types/ts3.4/commands/StartPolicyGenerationCommand.d.ts +39 -17
  26. package/dist-types/ts3.4/commands/StartResourceScanCommand.d.ts +31 -17
  27. package/dist-types/ts3.4/commands/TagResourceCommand.d.ts +32 -17
  28. package/dist-types/ts3.4/commands/UntagResourceCommand.d.ts +35 -17
  29. package/dist-types/ts3.4/commands/UpdateArchiveRuleCommand.d.ts +31 -17
  30. package/dist-types/ts3.4/commands/UpdateFindingsCommand.d.ts +30 -17
  31. package/dist-types/ts3.4/commands/ValidatePolicyCommand.d.ts +35 -17
  32. package/dist-types/ts3.4/commands/index.d.ts +28 -28
  33. package/dist-types/ts3.4/endpoints.d.ts +2 -2
  34. package/dist-types/ts3.4/index.d.ts +6 -6
  35. package/dist-types/ts3.4/models/AccessAnalyzerServiceException.d.ts +7 -6
  36. package/dist-types/ts3.4/models/index.d.ts +1 -1
  37. package/dist-types/ts3.4/models/models_0.d.ts +1074 -1366
  38. package/dist-types/ts3.4/pagination/Interfaces.d.ts +7 -6
  39. package/dist-types/ts3.4/pagination/ListAccessPreviewFindingsPaginator.d.ts +11 -4
  40. package/dist-types/ts3.4/pagination/ListAccessPreviewsPaginator.d.ts +11 -4
  41. package/dist-types/ts3.4/pagination/ListAnalyzedResourcesPaginator.d.ts +11 -4
  42. package/dist-types/ts3.4/pagination/ListAnalyzersPaginator.d.ts +11 -4
  43. package/dist-types/ts3.4/pagination/ListArchiveRulesPaginator.d.ts +11 -4
  44. package/dist-types/ts3.4/pagination/ListFindingsPaginator.d.ts +11 -4
  45. package/dist-types/ts3.4/pagination/ListPolicyGenerationsPaginator.d.ts +11 -4
  46. package/dist-types/ts3.4/pagination/ValidatePolicyPaginator.d.ts +11 -4
  47. package/dist-types/ts3.4/pagination/index.d.ts +9 -9
  48. package/dist-types/ts3.4/protocols/Aws_restJson1.d.ts +341 -86
  49. package/dist-types/ts3.4/runtimeConfig.browser.d.ts +65 -38
  50. package/dist-types/ts3.4/runtimeConfig.d.ts +65 -38
  51. package/dist-types/ts3.4/runtimeConfig.native.d.ts +66 -37
  52. package/dist-types/ts3.4/runtimeConfig.shared.d.ts +10 -11
  53. package/package.json +34 -34
package/dist-types/ts3.4/models/models_0.d.ts CHANGED
@@ -1,1366 +1,1074 @@
1
- import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
2
- import { AccessAnalyzerServiceException as __BaseException } from "./AccessAnalyzerServiceException";
3
-
4
- export declare class AccessDeniedException extends __BaseException {
5
- readonly name: "AccessDeniedException";
6
- readonly $fault: "client";
7
-
8
- constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
9
- }
10
-
11
- export declare class ConflictException extends __BaseException {
12
- readonly name: "ConflictException";
13
- readonly $fault: "client";
14
-
15
- resourceId: string | undefined;
16
-
17
- resourceType: string | undefined;
18
-
19
- constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
20
- }
21
-
22
- export interface Criterion {
23
-
24
- eq?: string[];
25
-
26
- neq?: string[];
27
-
28
- contains?: string[];
29
-
30
- exists?: boolean;
31
- }
32
-
33
- export interface CreateArchiveRuleRequest {
34
-
35
- analyzerName: string | undefined;
36
-
37
- ruleName: string | undefined;
38
-
39
- filter: Record<string, Criterion> | undefined;
40
-
41
- clientToken?: string;
42
- }
43
-
44
- export declare class InternalServerException extends __BaseException {
45
- readonly name: "InternalServerException";
46
- readonly $fault: "server";
47
- $retryable: {};
48
-
49
- retryAfterSeconds?: number;
50
-
51
- constructor(opts: __ExceptionOptionType<InternalServerException, __BaseException>);
52
- }
53
-
54
- export declare class ResourceNotFoundException extends __BaseException {
55
- readonly name: "ResourceNotFoundException";
56
- readonly $fault: "client";
57
-
58
- resourceId: string | undefined;
59
-
60
- resourceType: string | undefined;
61
-
62
- constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
63
- }
64
-
65
- export declare class ServiceQuotaExceededException extends __BaseException {
66
- readonly name: "ServiceQuotaExceededException";
67
- readonly $fault: "client";
68
-
69
- resourceId: string | undefined;
70
-
71
- resourceType: string | undefined;
72
-
73
- constructor(opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>);
74
- }
75
-
76
- export declare class ThrottlingException extends __BaseException {
77
- readonly name: "ThrottlingException";
78
- readonly $fault: "client";
79
- $retryable: {
80
- throttling: boolean;
81
- };
82
-
83
- retryAfterSeconds?: number;
84
-
85
- constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
86
- }
87
-
88
- export interface ValidationExceptionField {
89
-
90
- name: string | undefined;
91
-
92
- message: string | undefined;
93
- }
94
- export declare enum ValidationExceptionReason {
95
- CANNOT_PARSE = "cannotParse",
96
- FIELD_VALIDATION_FAILED = "fieldValidationFailed",
97
- OTHER = "other",
98
- UNKNOWN_OPERATION = "unknownOperation"
99
- }
100
-
101
- export declare class ValidationException extends __BaseException {
102
- readonly name: "ValidationException";
103
- readonly $fault: "client";
104
-
105
- reason: ValidationExceptionReason | string | undefined;
106
-
107
- fieldList?: ValidationExceptionField[];
108
-
109
- constructor(opts: __ExceptionOptionType<ValidationException, __BaseException>);
110
- }
111
-
112
- export interface DeleteArchiveRuleRequest {
113
-
114
- analyzerName: string | undefined;
115
-
116
- ruleName: string | undefined;
117
-
118
- clientToken?: string;
119
- }
120
-
121
- export interface GetArchiveRuleRequest {
122
-
123
- analyzerName: string | undefined;
124
-
125
- ruleName: string | undefined;
126
- }
127
-
128
- export interface ArchiveRuleSummary {
129
-
130
- ruleName: string | undefined;
131
-
132
- filter: Record<string, Criterion> | undefined;
133
-
134
- createdAt: Date | undefined;
135
-
136
- updatedAt: Date | undefined;
137
- }
138
-
139
- export interface GetArchiveRuleResponse {
140
-
141
- archiveRule: ArchiveRuleSummary | undefined;
142
- }
143
-
144
- export interface ListArchiveRulesRequest {
145
-
146
- analyzerName: string | undefined;
147
-
148
- nextToken?: string;
149
-
150
- maxResults?: number;
151
- }
152
-
153
- export interface ListArchiveRulesResponse {
154
-
155
- archiveRules: ArchiveRuleSummary[] | undefined;
156
-
157
- nextToken?: string;
158
- }
159
-
160
- export interface UpdateArchiveRuleRequest {
161
-
162
- analyzerName: string | undefined;
163
-
164
- ruleName: string | undefined;
165
-
166
- filter: Record<string, Criterion> | undefined;
167
-
168
- clientToken?: string;
169
- }
170
-
171
- export interface InlineArchiveRule {
172
-
173
- ruleName: string | undefined;
174
-
175
- filter: Record<string, Criterion> | undefined;
176
- }
177
- export declare type Type = "ACCOUNT" | "ORGANIZATION";
178
-
179
- export interface CreateAnalyzerRequest {
180
-
181
- analyzerName: string | undefined;
182
-
183
- type: Type | string | undefined;
184
-
185
- archiveRules?: InlineArchiveRule[];
186
-
187
- tags?: Record<string, string>;
188
-
189
- clientToken?: string;
190
- }
191
-
192
- export interface CreateAnalyzerResponse {
193
-
194
- arn?: string;
195
- }
196
-
197
- export interface DeleteAnalyzerRequest {
198
-
199
- analyzerName: string | undefined;
200
-
201
- clientToken?: string;
202
- }
203
-
204
- export interface GetAnalyzerRequest {
205
-
206
- analyzerName: string | undefined;
207
- }
208
- export declare type AnalyzerStatus = "ACTIVE" | "CREATING" | "DISABLED" | "FAILED";
209
- export declare type ReasonCode = "AWS_SERVICE_ACCESS_DISABLED" | "DELEGATED_ADMINISTRATOR_DEREGISTERED" | "ORGANIZATION_DELETED" | "SERVICE_LINKED_ROLE_CREATION_FAILED";
210
-
211
- export interface StatusReason {
212
-
213
- code: ReasonCode | string | undefined;
214
- }
215
-
216
- export interface AnalyzerSummary {
217
-
218
- arn: string | undefined;
219
-
220
- name: string | undefined;
221
-
222
- type: Type | string | undefined;
223
-
224
- createdAt: Date | undefined;
225
-
226
- lastResourceAnalyzed?: string;
227
-
228
- lastResourceAnalyzedAt?: Date;
229
-
230
- tags?: Record<string, string>;
231
-
232
- status: AnalyzerStatus | string | undefined;
233
-
234
- statusReason?: StatusReason;
235
- }
236
-
237
- export interface GetAnalyzerResponse {
238
-
239
- analyzer: AnalyzerSummary | undefined;
240
- }
241
-
242
- export interface ListAnalyzersRequest {
243
-
244
- nextToken?: string;
245
-
246
- maxResults?: number;
247
-
248
- type?: Type | string;
249
- }
250
-
251
- export interface ListAnalyzersResponse {
252
-
253
- analyzers: AnalyzerSummary[] | undefined;
254
-
255
- nextToken?: string;
256
- }
257
-
258
- export interface ApplyArchiveRuleRequest {
259
-
260
- analyzerArn: string | undefined;
261
-
262
- ruleName: string | undefined;
263
-
264
- clientToken?: string;
265
- }
266
- export interface CancelPolicyGenerationRequest {
267
-
268
- jobId: string | undefined;
269
- }
270
- export interface CancelPolicyGenerationResponse {
271
- }
272
-
273
- export interface IamRoleConfiguration {
274
-
275
- trustPolicy?: string;
276
- }
277
-
278
- export interface KmsGrantConstraints {
279
-
280
- encryptionContextEquals?: Record<string, string>;
281
-
282
- encryptionContextSubset?: Record<string, string>;
283
- }
284
- export declare enum KmsGrantOperation {
285
- CREATE_GRANT = "CreateGrant",
286
- DECRYPT = "Decrypt",
287
- DESCRIBE_KEY = "DescribeKey",
288
- ENCRYPT = "Encrypt",
289
- GENERATE_DATA_KEY = "GenerateDataKey",
290
- GENERATE_DATA_KEY_PAIR = "GenerateDataKeyPair",
291
- GENERATE_DATA_KEY_PAIR_WITHOUT_PLAINTEXT = "GenerateDataKeyPairWithoutPlaintext",
292
- GENERATE_DATA_KEY_WITHOUT_PLAINTEXT = "GenerateDataKeyWithoutPlaintext",
293
- GET_PUBLIC_KEY = "GetPublicKey",
294
- REENCRYPT_FROM = "ReEncryptFrom",
295
- REENCRYPT_TO = "ReEncryptTo",
296
- RETIRE_GRANT = "RetireGrant",
297
- SIGN = "Sign",
298
- VERIFY = "Verify"
299
- }
300
-
301
- export interface KmsGrantConfiguration {
302
-
303
- operations: (KmsGrantOperation | string)[] | undefined;
304
-
305
- granteePrincipal: string | undefined;
306
-
307
- retiringPrincipal?: string;
308
-
309
- constraints?: KmsGrantConstraints;
310
-
311
- issuingAccount: string | undefined;
312
- }
313
-
314
- export interface KmsKeyConfiguration {
315
-
316
- keyPolicies?: Record<string, string>;
317
-
318
- grants?: KmsGrantConfiguration[];
319
- }
320
-
321
- export interface InternetConfiguration {
322
- }
323
-
324
- export interface VpcConfiguration {
325
-
326
- vpcId: string | undefined;
327
- }
328
-
329
- export declare type NetworkOriginConfiguration = NetworkOriginConfiguration.InternetConfigurationMember | NetworkOriginConfiguration.VpcConfigurationMember | NetworkOriginConfiguration.$UnknownMember;
330
- export declare namespace NetworkOriginConfiguration {
331
-
332
- interface VpcConfigurationMember {
333
- vpcConfiguration: VpcConfiguration;
334
- internetConfiguration?: never;
335
- $unknown?: never;
336
- }
337
-
338
- interface InternetConfigurationMember {
339
- vpcConfiguration?: never;
340
- internetConfiguration: InternetConfiguration;
341
- $unknown?: never;
342
- }
343
- interface $UnknownMember {
344
- vpcConfiguration?: never;
345
- internetConfiguration?: never;
346
- $unknown: [
347
- string,
348
- any
349
- ];
350
- }
351
- interface Visitor<T> {
352
- vpcConfiguration: (value: VpcConfiguration) => T;
353
- internetConfiguration: (value: InternetConfiguration) => T;
354
- _: (name: string, value: any) => T;
355
- }
356
- const visit: <T>(value: NetworkOriginConfiguration, visitor: Visitor<T>) => T;
357
- }
358
-
359
- export interface S3PublicAccessBlockConfiguration {
360
-
361
- ignorePublicAcls: boolean | undefined;
362
-
363
- restrictPublicBuckets: boolean | undefined;
364
- }
365
-
366
- export interface S3AccessPointConfiguration {
367
-
368
- accessPointPolicy?: string;
369
-
370
- publicAccessBlock?: S3PublicAccessBlockConfiguration;
371
-
372
- networkOrigin?: NetworkOriginConfiguration;
373
- }
374
-
375
- export declare type AclGrantee = AclGrantee.IdMember | AclGrantee.UriMember | AclGrantee.$UnknownMember;
376
- export declare namespace AclGrantee {
377
-
378
- interface IdMember {
379
- id: string;
380
- uri?: never;
381
- $unknown?: never;
382
- }
383
-
384
- interface UriMember {
385
- id?: never;
386
- uri: string;
387
- $unknown?: never;
388
- }
389
- interface $UnknownMember {
390
- id?: never;
391
- uri?: never;
392
- $unknown: [
393
- string,
394
- any
395
- ];
396
- }
397
- interface Visitor<T> {
398
- id: (value: string) => T;
399
- uri: (value: string) => T;
400
- _: (name: string, value: any) => T;
401
- }
402
- const visit: <T>(value: AclGrantee, visitor: Visitor<T>) => T;
403
- }
404
- export declare enum AclPermission {
405
- FULL_CONTROL = "FULL_CONTROL",
406
- READ = "READ",
407
- READ_ACP = "READ_ACP",
408
- WRITE = "WRITE",
409
- WRITE_ACP = "WRITE_ACP"
410
- }
411
-
412
- export interface S3BucketAclGrantConfiguration {
413
-
414
- permission: AclPermission | string | undefined;
415
-
416
- grantee: AclGrantee | undefined;
417
- }
418
-
419
- export interface S3BucketConfiguration {
420
-
421
- bucketPolicy?: string;
422
-
423
- bucketAclGrants?: S3BucketAclGrantConfiguration[];
424
-
425
- bucketPublicAccessBlock?: S3PublicAccessBlockConfiguration;
426
-
427
- accessPoints?: Record<string, S3AccessPointConfiguration>;
428
- }
429
-
430
- export interface SecretsManagerSecretConfiguration {
431
-
432
- kmsKeyId?: string;
433
-
434
- secretPolicy?: string;
435
- }
436
-
437
- export interface SqsQueueConfiguration {
438
-
439
- queuePolicy?: string;
440
- }
441
-
442
- export declare type Configuration = Configuration.IamRoleMember | Configuration.KmsKeyMember | Configuration.S3BucketMember | Configuration.SecretsManagerSecretMember | Configuration.SqsQueueMember | Configuration.$UnknownMember;
443
- export declare namespace Configuration {
444
-
445
- interface IamRoleMember {
446
- iamRole: IamRoleConfiguration;
447
- kmsKey?: never;
448
- secretsManagerSecret?: never;
449
- s3Bucket?: never;
450
- sqsQueue?: never;
451
- $unknown?: never;
452
- }
453
-
454
- interface KmsKeyMember {
455
- iamRole?: never;
456
- kmsKey: KmsKeyConfiguration;
457
- secretsManagerSecret?: never;
458
- s3Bucket?: never;
459
- sqsQueue?: never;
460
- $unknown?: never;
461
- }
462
-
463
- interface SecretsManagerSecretMember {
464
- iamRole?: never;
465
- kmsKey?: never;
466
- secretsManagerSecret: SecretsManagerSecretConfiguration;
467
- s3Bucket?: never;
468
- sqsQueue?: never;
469
- $unknown?: never;
470
- }
471
-
472
- interface S3BucketMember {
473
- iamRole?: never;
474
- kmsKey?: never;
475
- secretsManagerSecret?: never;
476
- s3Bucket: S3BucketConfiguration;
477
- sqsQueue?: never;
478
- $unknown?: never;
479
- }
480
-
481
- interface SqsQueueMember {
482
- iamRole?: never;
483
- kmsKey?: never;
484
- secretsManagerSecret?: never;
485
- s3Bucket?: never;
486
- sqsQueue: SqsQueueConfiguration;
487
- $unknown?: never;
488
- }
489
- interface $UnknownMember {
490
- iamRole?: never;
491
- kmsKey?: never;
492
- secretsManagerSecret?: never;
493
- s3Bucket?: never;
494
- sqsQueue?: never;
495
- $unknown: [
496
- string,
497
- any
498
- ];
499
- }
500
- interface Visitor<T> {
501
- iamRole: (value: IamRoleConfiguration) => T;
502
- kmsKey: (value: KmsKeyConfiguration) => T;
503
- secretsManagerSecret: (value: SecretsManagerSecretConfiguration) => T;
504
- s3Bucket: (value: S3BucketConfiguration) => T;
505
- sqsQueue: (value: SqsQueueConfiguration) => T;
506
- _: (name: string, value: any) => T;
507
- }
508
- const visit: <T>(value: Configuration, visitor: Visitor<T>) => T;
509
- }
510
- export interface CreateAccessPreviewRequest {
511
-
512
- analyzerArn: string | undefined;
513
-
514
- configurations: Record<string, Configuration> | undefined;
515
-
516
- clientToken?: string;
517
- }
518
- export interface CreateAccessPreviewResponse {
519
-
520
- id: string | undefined;
521
- }
522
- export interface GetAccessPreviewRequest {
523
-
524
- accessPreviewId: string | undefined;
525
-
526
- analyzerArn: string | undefined;
527
- }
528
- export declare enum AccessPreviewStatus {
529
- COMPLETED = "COMPLETED",
530
- CREATING = "CREATING",
531
- FAILED = "FAILED"
532
- }
533
- export declare enum AccessPreviewStatusReasonCode {
534
- INTERNAL_ERROR = "INTERNAL_ERROR",
535
- INVALID_CONFIGURATION = "INVALID_CONFIGURATION"
536
- }
537
-
538
- export interface AccessPreviewStatusReason {
539
-
540
- code: AccessPreviewStatusReasonCode | string | undefined;
541
- }
542
-
543
- export interface AccessPreview {
544
-
545
- id: string | undefined;
546
-
547
- analyzerArn: string | undefined;
548
-
549
- configurations: Record<string, Configuration> | undefined;
550
-
551
- createdAt: Date | undefined;
552
-
553
- status: AccessPreviewStatus | string | undefined;
554
-
555
- statusReason?: AccessPreviewStatusReason;
556
- }
557
- export interface GetAccessPreviewResponse {
558
-
559
- accessPreview: AccessPreview | undefined;
560
- }
561
-
562
- export interface GetAnalyzedResourceRequest {
563
-
564
- analyzerArn: string | undefined;
565
-
566
- resourceArn: string | undefined;
567
- }
568
- export declare type ResourceType = "AWS::IAM::Role" | "AWS::KMS::Key" | "AWS::Lambda::Function" | "AWS::Lambda::LayerVersion" | "AWS::S3::Bucket" | "AWS::SQS::Queue" | "AWS::SecretsManager::Secret";
569
- export declare type FindingStatus = "ACTIVE" | "ARCHIVED" | "RESOLVED";
570
-
571
- export interface AnalyzedResource {
572
-
573
- resourceArn: string | undefined;
574
-
575
- resourceType: ResourceType | string | undefined;
576
-
577
- createdAt: Date | undefined;
578
-
579
- analyzedAt: Date | undefined;
580
-
581
- updatedAt: Date | undefined;
582
-
583
- isPublic: boolean | undefined;
584
-
585
- actions?: string[];
586
-
587
- sharedVia?: string[];
588
-
589
- status?: FindingStatus | string;
590
-
591
- resourceOwnerAccount: string | undefined;
592
-
593
- error?: string;
594
- }
595
-
596
- export interface GetAnalyzedResourceResponse {
597
-
598
- resource?: AnalyzedResource;
599
- }
600
-
601
- export interface GetFindingRequest {
602
-
603
- analyzerArn: string | undefined;
604
-
605
- id: string | undefined;
606
- }
607
-
608
- export interface FindingSourceDetail {
609
-
610
- accessPointArn?: string;
611
- }
612
- export declare type FindingSourceType = "BUCKET_ACL" | "POLICY" | "S3_ACCESS_POINT";
613
-
614
- export interface FindingSource {
615
-
616
- type: FindingSourceType | string | undefined;
617
-
618
- detail?: FindingSourceDetail;
619
- }
620
-
621
- export interface Finding {
622
-
623
- id: string | undefined;
624
-
625
- principal?: Record<string, string>;
626
-
627
- action?: string[];
628
-
629
- resource?: string;
630
-
631
- isPublic?: boolean;
632
-
633
- resourceType: ResourceType | string | undefined;
634
-
635
- condition: Record<string, string> | undefined;
636
-
637
- createdAt: Date | undefined;
638
-
639
- analyzedAt: Date | undefined;
640
-
641
- updatedAt: Date | undefined;
642
-
643
- status: FindingStatus | string | undefined;
644
-
645
- resourceOwnerAccount: string | undefined;
646
-
647
- error?: string;
648
-
649
- sources?: FindingSource[];
650
- }
651
-
652
- export interface GetFindingResponse {
653
-
654
- finding?: Finding;
655
- }
656
- export interface GetGeneratedPolicyRequest {
657
-
658
- jobId: string | undefined;
659
-
660
- includeResourcePlaceholders?: boolean;
661
-
662
- includeServiceLevelTemplate?: boolean;
663
- }
664
-
665
- export interface GeneratedPolicy {
666
-
667
- policy: string | undefined;
668
- }
669
-
670
- export interface TrailProperties {
671
-
672
- cloudTrailArn: string | undefined;
673
-
674
- regions?: string[];
675
-
676
- allRegions?: boolean;
677
- }
678
-
679
- export interface CloudTrailProperties {
680
-
681
- trailProperties: TrailProperties[] | undefined;
682
-
683
- startTime: Date | undefined;
684
-
685
- endTime: Date | undefined;
686
- }
687
-
688
- export interface GeneratedPolicyProperties {
689
-
690
- isComplete?: boolean;
691
-
692
- principalArn: string | undefined;
693
-
694
- cloudTrailProperties?: CloudTrailProperties;
695
- }
696
-
697
- export interface GeneratedPolicyResult {
698
-
699
- properties: GeneratedPolicyProperties | undefined;
700
-
701
- generatedPolicies?: GeneratedPolicy[];
702
- }
703
- export declare enum JobErrorCode {
704
- AUTHORIZATION_ERROR = "AUTHORIZATION_ERROR",
705
- RESOURCE_NOT_FOUND_ERROR = "RESOURCE_NOT_FOUND_ERROR",
706
- SERVICE_ERROR = "SERVICE_ERROR",
707
- SERVICE_QUOTA_EXCEEDED_ERROR = "SERVICE_QUOTA_EXCEEDED_ERROR"
708
- }
709
-
710
- export interface JobError {
711
-
712
- code: JobErrorCode | string | undefined;
713
-
714
- message: string | undefined;
715
- }
716
- export declare enum JobStatus {
717
- CANCELED = "CANCELED",
718
- FAILED = "FAILED",
719
- IN_PROGRESS = "IN_PROGRESS",
720
- SUCCEEDED = "SUCCEEDED"
721
- }
722
-
723
- export interface JobDetails {
724
-
725
- jobId: string | undefined;
726
-
727
- status: JobStatus | string | undefined;
728
-
729
- startedOn: Date | undefined;
730
-
731
- completedOn?: Date;
732
-
733
- jobError?: JobError;
734
- }
735
- export interface GetGeneratedPolicyResponse {
736
-
737
- jobDetails: JobDetails | undefined;
738
-
739
- generatedPolicyResult: GeneratedPolicyResult | undefined;
740
- }
741
- export interface ListAccessPreviewFindingsRequest {
742
-
743
- accessPreviewId: string | undefined;
744
-
745
- analyzerArn: string | undefined;
746
-
747
- filter?: Record<string, Criterion>;
748
-
749
- nextToken?: string;
750
-
751
- maxResults?: number;
752
- }
753
- export declare enum FindingChangeType {
754
- CHANGED = "CHANGED",
755
- NEW = "NEW",
756
- UNCHANGED = "UNCHANGED"
757
- }
758
-
759
- export interface AccessPreviewFinding {
760
-
761
- id: string | undefined;
762
-
763
- existingFindingId?: string;
764
-
765
- existingFindingStatus?: FindingStatus | string;
766
-
767
- principal?: Record<string, string>;
768
-
769
- action?: string[];
770
-
771
- condition?: Record<string, string>;
772
-
773
- resource?: string;
774
-
775
- isPublic?: boolean;
776
-
777
- resourceType: ResourceType | string | undefined;
778
-
779
- createdAt: Date | undefined;
780
-
781
- changeType: FindingChangeType | string | undefined;
782
-
783
- status: FindingStatus | string | undefined;
784
-
785
- resourceOwnerAccount: string | undefined;
786
-
787
- error?: string;
788
-
789
- sources?: FindingSource[];
790
- }
791
- export interface ListAccessPreviewFindingsResponse {
792
-
793
- findings: AccessPreviewFinding[] | undefined;
794
-
795
- nextToken?: string;
796
- }
797
- export interface ListAccessPreviewsRequest {
798
-
799
- analyzerArn: string | undefined;
800
-
801
- nextToken?: string;
802
-
803
- maxResults?: number;
804
- }
805
-
806
- export interface AccessPreviewSummary {
807
-
808
- id: string | undefined;
809
-
810
- analyzerArn: string | undefined;
811
-
812
- createdAt: Date | undefined;
813
-
814
- status: AccessPreviewStatus | string | undefined;
815
-
816
- statusReason?: AccessPreviewStatusReason;
817
- }
818
- export interface ListAccessPreviewsResponse {
819
-
820
- accessPreviews: AccessPreviewSummary[] | undefined;
821
-
822
- nextToken?: string;
823
- }
824
-
825
- export interface ListAnalyzedResourcesRequest {
826
-
827
- analyzerArn: string | undefined;
828
-
829
- resourceType?: ResourceType | string;
830
-
831
- nextToken?: string;
832
-
833
- maxResults?: number;
834
- }
835
-
836
- export interface AnalyzedResourceSummary {
837
-
838
- resourceArn: string | undefined;
839
-
840
- resourceOwnerAccount: string | undefined;
841
-
842
- resourceType: ResourceType | string | undefined;
843
- }
844
-
845
- export interface ListAnalyzedResourcesResponse {
846
-
847
- analyzedResources: AnalyzedResourceSummary[] | undefined;
848
-
849
- nextToken?: string;
850
- }
851
- export declare type OrderBy = "ASC" | "DESC";
852
-
853
- export interface SortCriteria {
854
-
855
- attributeName?: string;
856
-
857
- orderBy?: OrderBy | string;
858
- }
859
-
860
- export interface ListFindingsRequest {
861
-
862
- analyzerArn: string | undefined;
863
-
864
- filter?: Record<string, Criterion>;
865
-
866
- sort?: SortCriteria;
867
-
868
- nextToken?: string;
869
-
870
- maxResults?: number;
871
- }
872
-
873
- export interface FindingSummary {
874
-
875
- id: string | undefined;
876
-
877
- principal?: Record<string, string>;
878
-
879
- action?: string[];
880
-
881
- resource?: string;
882
-
883
- isPublic?: boolean;
884
-
885
- resourceType: ResourceType | string | undefined;
886
-
887
- condition: Record<string, string> | undefined;
888
-
889
- createdAt: Date | undefined;
890
-
891
- analyzedAt: Date | undefined;
892
-
893
- updatedAt: Date | undefined;
894
-
895
- status: FindingStatus | string | undefined;
896
-
897
- resourceOwnerAccount: string | undefined;
898
-
899
- error?: string;
900
-
901
- sources?: FindingSource[];
902
- }
903
-
904
- export interface ListFindingsResponse {
905
-
906
- findings: FindingSummary[] | undefined;
907
-
908
- nextToken?: string;
909
- }
910
- export interface ListPolicyGenerationsRequest {
911
-
912
- principalArn?: string;
913
-
914
- maxResults?: number;
915
-
916
- nextToken?: string;
917
- }
918
-
919
- export interface PolicyGeneration {
920
-
921
- jobId: string | undefined;
922
-
923
- principalArn: string | undefined;
924
-
925
- status: JobStatus | string | undefined;
926
-
927
- startedOn: Date | undefined;
928
-
929
- completedOn?: Date;
930
- }
931
- export interface ListPolicyGenerationsResponse {
932
-
933
- policyGenerations: PolicyGeneration[] | undefined;
934
-
935
- nextToken?: string;
936
- }
937
-
938
- export interface ListTagsForResourceRequest {
939
-
940
- resourceArn: string | undefined;
941
- }
942
-
943
- export interface ListTagsForResourceResponse {
944
-
945
- tags?: Record<string, string>;
946
- }
947
-
948
- export interface Trail {
949
-
950
- cloudTrailArn: string | undefined;
951
-
952
- regions?: string[];
953
-
954
- allRegions?: boolean;
955
- }
956
-
957
- export interface CloudTrailDetails {
958
-
959
- trails: Trail[] | undefined;
960
-
961
- accessRole: string | undefined;
962
-
963
- startTime: Date | undefined;
964
-
965
- endTime?: Date;
966
- }
967
-
968
- export interface PolicyGenerationDetails {
969
-
970
- principalArn: string | undefined;
971
- }
972
- export interface StartPolicyGenerationRequest {
973
-
974
- policyGenerationDetails: PolicyGenerationDetails | undefined;
975
-
976
- cloudTrailDetails?: CloudTrailDetails;
977
-
978
- clientToken?: string;
979
- }
980
- export interface StartPolicyGenerationResponse {
981
-
982
- jobId: string | undefined;
983
- }
984
-
985
- export interface StartResourceScanRequest {
986
-
987
- analyzerArn: string | undefined;
988
-
989
- resourceArn: string | undefined;
990
- }
991
-
992
- export interface TagResourceRequest {
993
-
994
- resourceArn: string | undefined;
995
-
996
- tags: Record<string, string> | undefined;
997
- }
998
-
999
- export interface TagResourceResponse {
1000
- }
1001
-
1002
- export interface UntagResourceRequest {
1003
-
1004
- resourceArn: string | undefined;
1005
-
1006
- tagKeys: string[] | undefined;
1007
- }
1008
-
1009
- export interface UntagResourceResponse {
1010
- }
1011
- export declare type FindingStatusUpdate = "ACTIVE" | "ARCHIVED";
1012
-
1013
- export interface UpdateFindingsRequest {
1014
-
1015
- analyzerArn: string | undefined;
1016
-
1017
- status: FindingStatusUpdate | string | undefined;
1018
-
1019
- ids?: string[];
1020
-
1021
- resourceArn?: string;
1022
-
1023
- clientToken?: string;
1024
- }
1025
- export declare enum Locale {
1026
- DE = "DE",
1027
- EN = "EN",
1028
- ES = "ES",
1029
- FR = "FR",
1030
- IT = "IT",
1031
- JA = "JA",
1032
- KO = "KO",
1033
- PT_BR = "PT_BR",
1034
- ZH_CN = "ZH_CN",
1035
- ZH_TW = "ZH_TW"
1036
- }
1037
- export declare enum PolicyType {
1038
- IDENTITY_POLICY = "IDENTITY_POLICY",
1039
- RESOURCE_POLICY = "RESOURCE_POLICY",
1040
- SERVICE_CONTROL_POLICY = "SERVICE_CONTROL_POLICY"
1041
- }
1042
- export declare enum ValidatePolicyResourceType {
1043
- S3_ACCESS_POINT = "AWS::S3::AccessPoint",
1044
- S3_BUCKET = "AWS::S3::Bucket",
1045
- S3_MULTI_REGION_ACCESS_POINT = "AWS::S3::MultiRegionAccessPoint",
1046
- S3_OBJECT_LAMBDA_ACCESS_POINT = "AWS::S3ObjectLambda::AccessPoint"
1047
- }
1048
- export interface ValidatePolicyRequest {
1049
-
1050
- locale?: Locale | string;
1051
-
1052
- maxResults?: number;
1053
-
1054
- nextToken?: string;
1055
-
1056
- policyDocument: string | undefined;
1057
-
1058
- policyType: PolicyType | string | undefined;
1059
-
1060
- validatePolicyResourceType?: ValidatePolicyResourceType | string;
1061
- }
1062
- export declare enum ValidatePolicyFindingType {
1063
- ERROR = "ERROR",
1064
- SECURITY_WARNING = "SECURITY_WARNING",
1065
- SUGGESTION = "SUGGESTION",
1066
- WARNING = "WARNING"
1067
- }
1068
-
1069
- export interface Substring {
1070
-
1071
- start: number | undefined;
1072
-
1073
- length: number | undefined;
1074
- }
1075
-
1076
- export declare type PathElement = PathElement.IndexMember | PathElement.KeyMember | PathElement.SubstringMember | PathElement.ValueMember | PathElement.$UnknownMember;
1077
- export declare namespace PathElement {
1078
-
1079
- interface IndexMember {
1080
- index: number;
1081
- key?: never;
1082
- substring?: never;
1083
- value?: never;
1084
- $unknown?: never;
1085
- }
1086
-
1087
- interface KeyMember {
1088
- index?: never;
1089
- key: string;
1090
- substring?: never;
1091
- value?: never;
1092
- $unknown?: never;
1093
- }
1094
-
1095
- interface SubstringMember {
1096
- index?: never;
1097
- key?: never;
1098
- substring: Substring;
1099
- value?: never;
1100
- $unknown?: never;
1101
- }
1102
-
1103
- interface ValueMember {
1104
- index?: never;
1105
- key?: never;
1106
- substring?: never;
1107
- value: string;
1108
- $unknown?: never;
1109
- }
1110
- interface $UnknownMember {
1111
- index?: never;
1112
- key?: never;
1113
- substring?: never;
1114
- value?: never;
1115
- $unknown: [
1116
- string,
1117
- any
1118
- ];
1119
- }
1120
- interface Visitor<T> {
1121
- index: (value: number) => T;
1122
- key: (value: string) => T;
1123
- substring: (value: Substring) => T;
1124
- value: (value: string) => T;
1125
- _: (name: string, value: any) => T;
1126
- }
1127
- const visit: <T>(value: PathElement, visitor: Visitor<T>) => T;
1128
- }
1129
-
1130
- export interface Position {
1131
-
1132
- line: number | undefined;
1133
-
1134
- column: number | undefined;
1135
-
1136
- offset: number | undefined;
1137
- }
1138
-
1139
- export interface Span {
1140
-
1141
- start: Position | undefined;
1142
-
1143
- end: Position | undefined;
1144
- }
1145
-
1146
- export interface Location {
1147
-
1148
- path: PathElement[] | undefined;
1149
-
1150
- span: Span | undefined;
1151
- }
1152
-
1153
- export interface ValidatePolicyFinding {
1154
-
1155
- findingDetails: string | undefined;
1156
-
1157
- findingType: ValidatePolicyFindingType | string | undefined;
1158
-
1159
- issueCode: string | undefined;
1160
-
1161
- learnMoreLink: string | undefined;
1162
-
1163
- locations: Location[] | undefined;
1164
- }
1165
- export interface ValidatePolicyResponse {
1166
-
1167
- findings: ValidatePolicyFinding[] | undefined;
1168
-
1169
- nextToken?: string;
1170
- }
1171
-
1172
- export declare const CriterionFilterSensitiveLog: (obj: Criterion) => any;
1173
-
1174
- export declare const CreateArchiveRuleRequestFilterSensitiveLog: (obj: CreateArchiveRuleRequest) => any;
1175
-
1176
- export declare const ValidationExceptionFieldFilterSensitiveLog: (obj: ValidationExceptionField) => any;
1177
-
1178
- export declare const DeleteArchiveRuleRequestFilterSensitiveLog: (obj: DeleteArchiveRuleRequest) => any;
1179
-
1180
- export declare const GetArchiveRuleRequestFilterSensitiveLog: (obj: GetArchiveRuleRequest) => any;
1181
-
1182
- export declare const ArchiveRuleSummaryFilterSensitiveLog: (obj: ArchiveRuleSummary) => any;
1183
-
1184
- export declare const GetArchiveRuleResponseFilterSensitiveLog: (obj: GetArchiveRuleResponse) => any;
1185
-
1186
- export declare const ListArchiveRulesRequestFilterSensitiveLog: (obj: ListArchiveRulesRequest) => any;
1187
-
1188
- export declare const ListArchiveRulesResponseFilterSensitiveLog: (obj: ListArchiveRulesResponse) => any;
1189
-
1190
- export declare const UpdateArchiveRuleRequestFilterSensitiveLog: (obj: UpdateArchiveRuleRequest) => any;
1191
-
1192
- export declare const InlineArchiveRuleFilterSensitiveLog: (obj: InlineArchiveRule) => any;
1193
-
1194
- export declare const CreateAnalyzerRequestFilterSensitiveLog: (obj: CreateAnalyzerRequest) => any;
1195
-
1196
- export declare const CreateAnalyzerResponseFilterSensitiveLog: (obj: CreateAnalyzerResponse) => any;
1197
-
1198
- export declare const DeleteAnalyzerRequestFilterSensitiveLog: (obj: DeleteAnalyzerRequest) => any;
1199
-
1200
- export declare const GetAnalyzerRequestFilterSensitiveLog: (obj: GetAnalyzerRequest) => any;
1201
-
1202
- export declare const StatusReasonFilterSensitiveLog: (obj: StatusReason) => any;
1203
-
1204
- export declare const AnalyzerSummaryFilterSensitiveLog: (obj: AnalyzerSummary) => any;
1205
-
1206
- export declare const GetAnalyzerResponseFilterSensitiveLog: (obj: GetAnalyzerResponse) => any;
1207
-
1208
- export declare const ListAnalyzersRequestFilterSensitiveLog: (obj: ListAnalyzersRequest) => any;
1209
-
1210
- export declare const ListAnalyzersResponseFilterSensitiveLog: (obj: ListAnalyzersResponse) => any;
1211
-
1212
- export declare const ApplyArchiveRuleRequestFilterSensitiveLog: (obj: ApplyArchiveRuleRequest) => any;
1213
-
1214
- export declare const CancelPolicyGenerationRequestFilterSensitiveLog: (obj: CancelPolicyGenerationRequest) => any;
1215
-
1216
- export declare const CancelPolicyGenerationResponseFilterSensitiveLog: (obj: CancelPolicyGenerationResponse) => any;
1217
-
1218
- export declare const IamRoleConfigurationFilterSensitiveLog: (obj: IamRoleConfiguration) => any;
1219
-
1220
- export declare const KmsGrantConstraintsFilterSensitiveLog: (obj: KmsGrantConstraints) => any;
1221
-
1222
- export declare const KmsGrantConfigurationFilterSensitiveLog: (obj: KmsGrantConfiguration) => any;
1223
-
1224
- export declare const KmsKeyConfigurationFilterSensitiveLog: (obj: KmsKeyConfiguration) => any;
1225
-
1226
- export declare const InternetConfigurationFilterSensitiveLog: (obj: InternetConfiguration) => any;
1227
-
1228
- export declare const VpcConfigurationFilterSensitiveLog: (obj: VpcConfiguration) => any;
1229
-
1230
- export declare const NetworkOriginConfigurationFilterSensitiveLog: (obj: NetworkOriginConfiguration) => any;
1231
-
1232
- export declare const S3PublicAccessBlockConfigurationFilterSensitiveLog: (obj: S3PublicAccessBlockConfiguration) => any;
1233
-
1234
- export declare const S3AccessPointConfigurationFilterSensitiveLog: (obj: S3AccessPointConfiguration) => any;
1235
-
1236
- export declare const AclGranteeFilterSensitiveLog: (obj: AclGrantee) => any;
1237
-
1238
- export declare const S3BucketAclGrantConfigurationFilterSensitiveLog: (obj: S3BucketAclGrantConfiguration) => any;
1239
-
1240
- export declare const S3BucketConfigurationFilterSensitiveLog: (obj: S3BucketConfiguration) => any;
1241
-
1242
- export declare const SecretsManagerSecretConfigurationFilterSensitiveLog: (obj: SecretsManagerSecretConfiguration) => any;
1243
-
1244
- export declare const SqsQueueConfigurationFilterSensitiveLog: (obj: SqsQueueConfiguration) => any;
1245
-
1246
- export declare const ConfigurationFilterSensitiveLog: (obj: Configuration) => any;
1247
-
1248
- export declare const CreateAccessPreviewRequestFilterSensitiveLog: (obj: CreateAccessPreviewRequest) => any;
1249
-
1250
- export declare const CreateAccessPreviewResponseFilterSensitiveLog: (obj: CreateAccessPreviewResponse) => any;
1251
-
1252
- export declare const GetAccessPreviewRequestFilterSensitiveLog: (obj: GetAccessPreviewRequest) => any;
1253
-
1254
- export declare const AccessPreviewStatusReasonFilterSensitiveLog: (obj: AccessPreviewStatusReason) => any;
1255
-
1256
- export declare const AccessPreviewFilterSensitiveLog: (obj: AccessPreview) => any;
1257
-
1258
- export declare const GetAccessPreviewResponseFilterSensitiveLog: (obj: GetAccessPreviewResponse) => any;
1259
-
1260
- export declare const GetAnalyzedResourceRequestFilterSensitiveLog: (obj: GetAnalyzedResourceRequest) => any;
1261
-
1262
- export declare const AnalyzedResourceFilterSensitiveLog: (obj: AnalyzedResource) => any;
1263
-
1264
- export declare const GetAnalyzedResourceResponseFilterSensitiveLog: (obj: GetAnalyzedResourceResponse) => any;
1265
-
1266
- export declare const GetFindingRequestFilterSensitiveLog: (obj: GetFindingRequest) => any;
1267
-
1268
- export declare const FindingSourceDetailFilterSensitiveLog: (obj: FindingSourceDetail) => any;
1269
-
1270
- export declare const FindingSourceFilterSensitiveLog: (obj: FindingSource) => any;
1271
-
1272
- export declare const FindingFilterSensitiveLog: (obj: Finding) => any;
1273
-
1274
- export declare const GetFindingResponseFilterSensitiveLog: (obj: GetFindingResponse) => any;
1275
-
1276
- export declare const GetGeneratedPolicyRequestFilterSensitiveLog: (obj: GetGeneratedPolicyRequest) => any;
1277
-
1278
- export declare const GeneratedPolicyFilterSensitiveLog: (obj: GeneratedPolicy) => any;
1279
-
1280
- export declare const TrailPropertiesFilterSensitiveLog: (obj: TrailProperties) => any;
1281
-
1282
- export declare const CloudTrailPropertiesFilterSensitiveLog: (obj: CloudTrailProperties) => any;
1283
-
1284
- export declare const GeneratedPolicyPropertiesFilterSensitiveLog: (obj: GeneratedPolicyProperties) => any;
1285
-
1286
- export declare const GeneratedPolicyResultFilterSensitiveLog: (obj: GeneratedPolicyResult) => any;
1287
-
1288
- export declare const JobErrorFilterSensitiveLog: (obj: JobError) => any;
1289
-
1290
- export declare const JobDetailsFilterSensitiveLog: (obj: JobDetails) => any;
1291
-
1292
- export declare const GetGeneratedPolicyResponseFilterSensitiveLog: (obj: GetGeneratedPolicyResponse) => any;
1293
-
1294
- export declare const ListAccessPreviewFindingsRequestFilterSensitiveLog: (obj: ListAccessPreviewFindingsRequest) => any;
1295
-
1296
- export declare const AccessPreviewFindingFilterSensitiveLog: (obj: AccessPreviewFinding) => any;
1297
-
1298
- export declare const ListAccessPreviewFindingsResponseFilterSensitiveLog: (obj: ListAccessPreviewFindingsResponse) => any;
1299
-
1300
- export declare const ListAccessPreviewsRequestFilterSensitiveLog: (obj: ListAccessPreviewsRequest) => any;
1301
-
1302
- export declare const AccessPreviewSummaryFilterSensitiveLog: (obj: AccessPreviewSummary) => any;
1303
-
1304
- export declare const ListAccessPreviewsResponseFilterSensitiveLog: (obj: ListAccessPreviewsResponse) => any;
1305
-
1306
- export declare const ListAnalyzedResourcesRequestFilterSensitiveLog: (obj: ListAnalyzedResourcesRequest) => any;
1307
-
1308
- export declare const AnalyzedResourceSummaryFilterSensitiveLog: (obj: AnalyzedResourceSummary) => any;
1309
-
1310
- export declare const ListAnalyzedResourcesResponseFilterSensitiveLog: (obj: ListAnalyzedResourcesResponse) => any;
1311
-
1312
- export declare const SortCriteriaFilterSensitiveLog: (obj: SortCriteria) => any;
1313
-
1314
- export declare const ListFindingsRequestFilterSensitiveLog: (obj: ListFindingsRequest) => any;
1315
-
1316
- export declare const FindingSummaryFilterSensitiveLog: (obj: FindingSummary) => any;
1317
-
1318
- export declare const ListFindingsResponseFilterSensitiveLog: (obj: ListFindingsResponse) => any;
1319
-
1320
- export declare const ListPolicyGenerationsRequestFilterSensitiveLog: (obj: ListPolicyGenerationsRequest) => any;
1321
-
1322
- export declare const PolicyGenerationFilterSensitiveLog: (obj: PolicyGeneration) => any;
1323
-
1324
- export declare const ListPolicyGenerationsResponseFilterSensitiveLog: (obj: ListPolicyGenerationsResponse) => any;
1325
-
1326
- export declare const ListTagsForResourceRequestFilterSensitiveLog: (obj: ListTagsForResourceRequest) => any;
1327
-
1328
- export declare const ListTagsForResourceResponseFilterSensitiveLog: (obj: ListTagsForResourceResponse) => any;
1329
-
1330
- export declare const TrailFilterSensitiveLog: (obj: Trail) => any;
1331
-
1332
- export declare const CloudTrailDetailsFilterSensitiveLog: (obj: CloudTrailDetails) => any;
1333
-
1334
- export declare const PolicyGenerationDetailsFilterSensitiveLog: (obj: PolicyGenerationDetails) => any;
1335
-
1336
- export declare const StartPolicyGenerationRequestFilterSensitiveLog: (obj: StartPolicyGenerationRequest) => any;
1337
-
1338
- export declare const StartPolicyGenerationResponseFilterSensitiveLog: (obj: StartPolicyGenerationResponse) => any;
1339
-
1340
- export declare const StartResourceScanRequestFilterSensitiveLog: (obj: StartResourceScanRequest) => any;
1341
-
1342
- export declare const TagResourceRequestFilterSensitiveLog: (obj: TagResourceRequest) => any;
1343
-
1344
- export declare const TagResourceResponseFilterSensitiveLog: (obj: TagResourceResponse) => any;
1345
-
1346
- export declare const UntagResourceRequestFilterSensitiveLog: (obj: UntagResourceRequest) => any;
1347
-
1348
- export declare const UntagResourceResponseFilterSensitiveLog: (obj: UntagResourceResponse) => any;
1349
-
1350
- export declare const UpdateFindingsRequestFilterSensitiveLog: (obj: UpdateFindingsRequest) => any;
1351
-
1352
- export declare const ValidatePolicyRequestFilterSensitiveLog: (obj: ValidatePolicyRequest) => any;
1353
-
1354
- export declare const SubstringFilterSensitiveLog: (obj: Substring) => any;
1355
-
1356
- export declare const PathElementFilterSensitiveLog: (obj: PathElement) => any;
1357
-
1358
- export declare const PositionFilterSensitiveLog: (obj: Position) => any;
1359
-
1360
- export declare const SpanFilterSensitiveLog: (obj: Span) => any;
1361
-
1362
- export declare const LocationFilterSensitiveLog: (obj: Location) => any;
1363
-
1364
- export declare const ValidatePolicyFindingFilterSensitiveLog: (obj: ValidatePolicyFinding) => any;
1365
-
1366
- export declare const ValidatePolicyResponseFilterSensitiveLog: (obj: ValidatePolicyResponse) => any;
1
+ import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
2
+ import { AccessAnalyzerServiceException as __BaseException } from "./AccessAnalyzerServiceException";
3
+ export declare class AccessDeniedException extends __BaseException {
4
+ readonly name: "AccessDeniedException";
5
+ readonly $fault: "client";
6
+ constructor(
7
+ opts: __ExceptionOptionType<AccessDeniedException, __BaseException>
8
+ );
9
+ }
10
+ export declare class ConflictException extends __BaseException {
11
+ readonly name: "ConflictException";
12
+ readonly $fault: "client";
13
+ resourceId: string | undefined;
14
+ resourceType: string | undefined;
15
+ constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
16
+ }
17
+ export interface Criterion {
18
+ eq?: string[];
19
+ neq?: string[];
20
+ contains?: string[];
21
+ exists?: boolean;
22
+ }
23
+ export interface CreateArchiveRuleRequest {
24
+ analyzerName: string | undefined;
25
+ ruleName: string | undefined;
26
+ filter: Record<string, Criterion> | undefined;
27
+ clientToken?: string;
28
+ }
29
+ export declare class InternalServerException extends __BaseException {
30
+ readonly name: "InternalServerException";
31
+ readonly $fault: "server";
32
+ $retryable: {};
33
+ retryAfterSeconds?: number;
34
+ constructor(
35
+ opts: __ExceptionOptionType<InternalServerException, __BaseException>
36
+ );
37
+ }
38
+ export declare class ResourceNotFoundException extends __BaseException {
39
+ readonly name: "ResourceNotFoundException";
40
+ readonly $fault: "client";
41
+ resourceId: string | undefined;
42
+ resourceType: string | undefined;
43
+ constructor(
44
+ opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>
45
+ );
46
+ }
47
+ export declare class ServiceQuotaExceededException extends __BaseException {
48
+ readonly name: "ServiceQuotaExceededException";
49
+ readonly $fault: "client";
50
+ resourceId: string | undefined;
51
+ resourceType: string | undefined;
52
+ constructor(
53
+ opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>
54
+ );
55
+ }
56
+ export declare class ThrottlingException extends __BaseException {
57
+ readonly name: "ThrottlingException";
58
+ readonly $fault: "client";
59
+ $retryable: {
60
+ throttling: boolean;
61
+ };
62
+ retryAfterSeconds?: number;
63
+ constructor(
64
+ opts: __ExceptionOptionType<ThrottlingException, __BaseException>
65
+ );
66
+ }
67
+ export interface ValidationExceptionField {
68
+ name: string | undefined;
69
+ message: string | undefined;
70
+ }
71
+ export declare enum ValidationExceptionReason {
72
+ CANNOT_PARSE = "cannotParse",
73
+ FIELD_VALIDATION_FAILED = "fieldValidationFailed",
74
+ OTHER = "other",
75
+ UNKNOWN_OPERATION = "unknownOperation",
76
+ }
77
+ export declare class ValidationException extends __BaseException {
78
+ readonly name: "ValidationException";
79
+ readonly $fault: "client";
80
+ reason: ValidationExceptionReason | string | undefined;
81
+ fieldList?: ValidationExceptionField[];
82
+ constructor(
83
+ opts: __ExceptionOptionType<ValidationException, __BaseException>
84
+ );
85
+ }
86
+ export interface DeleteArchiveRuleRequest {
87
+ analyzerName: string | undefined;
88
+ ruleName: string | undefined;
89
+ clientToken?: string;
90
+ }
91
+ export interface GetArchiveRuleRequest {
92
+ analyzerName: string | undefined;
93
+ ruleName: string | undefined;
94
+ }
95
+ export interface ArchiveRuleSummary {
96
+ ruleName: string | undefined;
97
+ filter: Record<string, Criterion> | undefined;
98
+ createdAt: Date | undefined;
99
+ updatedAt: Date | undefined;
100
+ }
101
+ export interface GetArchiveRuleResponse {
102
+ archiveRule: ArchiveRuleSummary | undefined;
103
+ }
104
+ export interface ListArchiveRulesRequest {
105
+ analyzerName: string | undefined;
106
+ nextToken?: string;
107
+ maxResults?: number;
108
+ }
109
+ export interface ListArchiveRulesResponse {
110
+ archiveRules: ArchiveRuleSummary[] | undefined;
111
+ nextToken?: string;
112
+ }
113
+ export interface UpdateArchiveRuleRequest {
114
+ analyzerName: string | undefined;
115
+ ruleName: string | undefined;
116
+ filter: Record<string, Criterion> | undefined;
117
+ clientToken?: string;
118
+ }
119
+ export interface InlineArchiveRule {
120
+ ruleName: string | undefined;
121
+ filter: Record<string, Criterion> | undefined;
122
+ }
123
+ export declare type Type = "ACCOUNT" | "ORGANIZATION";
124
+ export interface CreateAnalyzerRequest {
125
+ analyzerName: string | undefined;
126
+ type: Type | string | undefined;
127
+ archiveRules?: InlineArchiveRule[];
128
+ tags?: Record<string, string>;
129
+ clientToken?: string;
130
+ }
131
+ export interface CreateAnalyzerResponse {
132
+ arn?: string;
133
+ }
134
+ export interface DeleteAnalyzerRequest {
135
+ analyzerName: string | undefined;
136
+ clientToken?: string;
137
+ }
138
+ export interface GetAnalyzerRequest {
139
+ analyzerName: string | undefined;
140
+ }
141
+ export declare type AnalyzerStatus =
142
+ | "ACTIVE"
143
+ | "CREATING"
144
+ | "DISABLED"
145
+ | "FAILED";
146
+ export declare type ReasonCode =
147
+ | "AWS_SERVICE_ACCESS_DISABLED"
148
+ | "DELEGATED_ADMINISTRATOR_DEREGISTERED"
149
+ | "ORGANIZATION_DELETED"
150
+ | "SERVICE_LINKED_ROLE_CREATION_FAILED";
151
+ export interface StatusReason {
152
+ code: ReasonCode | string | undefined;
153
+ }
154
+ export interface AnalyzerSummary {
155
+ arn: string | undefined;
156
+ name: string | undefined;
157
+ type: Type | string | undefined;
158
+ createdAt: Date | undefined;
159
+ lastResourceAnalyzed?: string;
160
+ lastResourceAnalyzedAt?: Date;
161
+ tags?: Record<string, string>;
162
+ status: AnalyzerStatus | string | undefined;
163
+ statusReason?: StatusReason;
164
+ }
165
+ export interface GetAnalyzerResponse {
166
+ analyzer: AnalyzerSummary | undefined;
167
+ }
168
+ export interface ListAnalyzersRequest {
169
+ nextToken?: string;
170
+ maxResults?: number;
171
+ type?: Type | string;
172
+ }
173
+ export interface ListAnalyzersResponse {
174
+ analyzers: AnalyzerSummary[] | undefined;
175
+ nextToken?: string;
176
+ }
177
+ export interface ApplyArchiveRuleRequest {
178
+ analyzerArn: string | undefined;
179
+ ruleName: string | undefined;
180
+ clientToken?: string;
181
+ }
182
+ export interface CancelPolicyGenerationRequest {
183
+ jobId: string | undefined;
184
+ }
185
+ export interface CancelPolicyGenerationResponse {}
186
+ export interface IamRoleConfiguration {
187
+ trustPolicy?: string;
188
+ }
189
+ export interface KmsGrantConstraints {
190
+ encryptionContextEquals?: Record<string, string>;
191
+ encryptionContextSubset?: Record<string, string>;
192
+ }
193
+ export declare enum KmsGrantOperation {
194
+ CREATE_GRANT = "CreateGrant",
195
+ DECRYPT = "Decrypt",
196
+ DESCRIBE_KEY = "DescribeKey",
197
+ ENCRYPT = "Encrypt",
198
+ GENERATE_DATA_KEY = "GenerateDataKey",
199
+ GENERATE_DATA_KEY_PAIR = "GenerateDataKeyPair",
200
+ GENERATE_DATA_KEY_PAIR_WITHOUT_PLAINTEXT = "GenerateDataKeyPairWithoutPlaintext",
201
+ GENERATE_DATA_KEY_WITHOUT_PLAINTEXT = "GenerateDataKeyWithoutPlaintext",
202
+ GET_PUBLIC_KEY = "GetPublicKey",
203
+ REENCRYPT_FROM = "ReEncryptFrom",
204
+ REENCRYPT_TO = "ReEncryptTo",
205
+ RETIRE_GRANT = "RetireGrant",
206
+ SIGN = "Sign",
207
+ VERIFY = "Verify",
208
+ }
209
+ export interface KmsGrantConfiguration {
210
+ operations: (KmsGrantOperation | string)[] | undefined;
211
+ granteePrincipal: string | undefined;
212
+ retiringPrincipal?: string;
213
+ constraints?: KmsGrantConstraints;
214
+ issuingAccount: string | undefined;
215
+ }
216
+ export interface KmsKeyConfiguration {
217
+ keyPolicies?: Record<string, string>;
218
+ grants?: KmsGrantConfiguration[];
219
+ }
220
+ export interface InternetConfiguration {}
221
+ export interface VpcConfiguration {
222
+ vpcId: string | undefined;
223
+ }
224
+ export declare type NetworkOriginConfiguration =
225
+ | NetworkOriginConfiguration.InternetConfigurationMember
226
+ | NetworkOriginConfiguration.VpcConfigurationMember
227
+ | NetworkOriginConfiguration.$UnknownMember;
228
+ export declare namespace NetworkOriginConfiguration {
229
+ interface VpcConfigurationMember {
230
+ vpcConfiguration: VpcConfiguration;
231
+ internetConfiguration?: never;
232
+ $unknown?: never;
233
+ }
234
+ interface InternetConfigurationMember {
235
+ vpcConfiguration?: never;
236
+ internetConfiguration: InternetConfiguration;
237
+ $unknown?: never;
238
+ }
239
+ interface $UnknownMember {
240
+ vpcConfiguration?: never;
241
+ internetConfiguration?: never;
242
+ $unknown: [string, any];
243
+ }
244
+ interface Visitor<T> {
245
+ vpcConfiguration: (value: VpcConfiguration) => T;
246
+ internetConfiguration: (value: InternetConfiguration) => T;
247
+ _: (name: string, value: any) => T;
248
+ }
249
+ const visit: <T>(value: NetworkOriginConfiguration, visitor: Visitor<T>) => T;
250
+ }
251
+ export interface S3PublicAccessBlockConfiguration {
252
+ ignorePublicAcls: boolean | undefined;
253
+ restrictPublicBuckets: boolean | undefined;
254
+ }
255
+ export interface S3AccessPointConfiguration {
256
+ accessPointPolicy?: string;
257
+ publicAccessBlock?: S3PublicAccessBlockConfiguration;
258
+ networkOrigin?: NetworkOriginConfiguration;
259
+ }
260
+ export declare type AclGrantee =
261
+ | AclGrantee.IdMember
262
+ | AclGrantee.UriMember
263
+ | AclGrantee.$UnknownMember;
264
+ export declare namespace AclGrantee {
265
+ interface IdMember {
266
+ id: string;
267
+ uri?: never;
268
+ $unknown?: never;
269
+ }
270
+ interface UriMember {
271
+ id?: never;
272
+ uri: string;
273
+ $unknown?: never;
274
+ }
275
+ interface $UnknownMember {
276
+ id?: never;
277
+ uri?: never;
278
+ $unknown: [string, any];
279
+ }
280
+ interface Visitor<T> {
281
+ id: (value: string) => T;
282
+ uri: (value: string) => T;
283
+ _: (name: string, value: any) => T;
284
+ }
285
+ const visit: <T>(value: AclGrantee, visitor: Visitor<T>) => T;
286
+ }
287
+ export declare enum AclPermission {
288
+ FULL_CONTROL = "FULL_CONTROL",
289
+ READ = "READ",
290
+ READ_ACP = "READ_ACP",
291
+ WRITE = "WRITE",
292
+ WRITE_ACP = "WRITE_ACP",
293
+ }
294
+ export interface S3BucketAclGrantConfiguration {
295
+ permission: AclPermission | string | undefined;
296
+ grantee: AclGrantee | undefined;
297
+ }
298
+ export interface S3BucketConfiguration {
299
+ bucketPolicy?: string;
300
+ bucketAclGrants?: S3BucketAclGrantConfiguration[];
301
+ bucketPublicAccessBlock?: S3PublicAccessBlockConfiguration;
302
+ accessPoints?: Record<string, S3AccessPointConfiguration>;
303
+ }
304
+ export interface SecretsManagerSecretConfiguration {
305
+ kmsKeyId?: string;
306
+ secretPolicy?: string;
307
+ }
308
+ export interface SqsQueueConfiguration {
309
+ queuePolicy?: string;
310
+ }
311
+ export declare type Configuration =
312
+ | Configuration.IamRoleMember
313
+ | Configuration.KmsKeyMember
314
+ | Configuration.S3BucketMember
315
+ | Configuration.SecretsManagerSecretMember
316
+ | Configuration.SqsQueueMember
317
+ | Configuration.$UnknownMember;
318
+ export declare namespace Configuration {
319
+ interface IamRoleMember {
320
+ iamRole: IamRoleConfiguration;
321
+ kmsKey?: never;
322
+ secretsManagerSecret?: never;
323
+ s3Bucket?: never;
324
+ sqsQueue?: never;
325
+ $unknown?: never;
326
+ }
327
+ interface KmsKeyMember {
328
+ iamRole?: never;
329
+ kmsKey: KmsKeyConfiguration;
330
+ secretsManagerSecret?: never;
331
+ s3Bucket?: never;
332
+ sqsQueue?: never;
333
+ $unknown?: never;
334
+ }
335
+ interface SecretsManagerSecretMember {
336
+ iamRole?: never;
337
+ kmsKey?: never;
338
+ secretsManagerSecret: SecretsManagerSecretConfiguration;
339
+ s3Bucket?: never;
340
+ sqsQueue?: never;
341
+ $unknown?: never;
342
+ }
343
+ interface S3BucketMember {
344
+ iamRole?: never;
345
+ kmsKey?: never;
346
+ secretsManagerSecret?: never;
347
+ s3Bucket: S3BucketConfiguration;
348
+ sqsQueue?: never;
349
+ $unknown?: never;
350
+ }
351
+ interface SqsQueueMember {
352
+ iamRole?: never;
353
+ kmsKey?: never;
354
+ secretsManagerSecret?: never;
355
+ s3Bucket?: never;
356
+ sqsQueue: SqsQueueConfiguration;
357
+ $unknown?: never;
358
+ }
359
+ interface $UnknownMember {
360
+ iamRole?: never;
361
+ kmsKey?: never;
362
+ secretsManagerSecret?: never;
363
+ s3Bucket?: never;
364
+ sqsQueue?: never;
365
+ $unknown: [string, any];
366
+ }
367
+ interface Visitor<T> {
368
+ iamRole: (value: IamRoleConfiguration) => T;
369
+ kmsKey: (value: KmsKeyConfiguration) => T;
370
+ secretsManagerSecret: (value: SecretsManagerSecretConfiguration) => T;
371
+ s3Bucket: (value: S3BucketConfiguration) => T;
372
+ sqsQueue: (value: SqsQueueConfiguration) => T;
373
+ _: (name: string, value: any) => T;
374
+ }
375
+ const visit: <T>(value: Configuration, visitor: Visitor<T>) => T;
376
+ }
377
+ export interface CreateAccessPreviewRequest {
378
+ analyzerArn: string | undefined;
379
+ configurations: Record<string, Configuration> | undefined;
380
+ clientToken?: string;
381
+ }
382
+ export interface CreateAccessPreviewResponse {
383
+ id: string | undefined;
384
+ }
385
+ export interface GetAccessPreviewRequest {
386
+ accessPreviewId: string | undefined;
387
+ analyzerArn: string | undefined;
388
+ }
389
+ export declare enum AccessPreviewStatus {
390
+ COMPLETED = "COMPLETED",
391
+ CREATING = "CREATING",
392
+ FAILED = "FAILED",
393
+ }
394
+ export declare enum AccessPreviewStatusReasonCode {
395
+ INTERNAL_ERROR = "INTERNAL_ERROR",
396
+ INVALID_CONFIGURATION = "INVALID_CONFIGURATION",
397
+ }
398
+ export interface AccessPreviewStatusReason {
399
+ code: AccessPreviewStatusReasonCode | string | undefined;
400
+ }
401
+ export interface AccessPreview {
402
+ id: string | undefined;
403
+ analyzerArn: string | undefined;
404
+ configurations: Record<string, Configuration> | undefined;
405
+ createdAt: Date | undefined;
406
+ status: AccessPreviewStatus | string | undefined;
407
+ statusReason?: AccessPreviewStatusReason;
408
+ }
409
+ export interface GetAccessPreviewResponse {
410
+ accessPreview: AccessPreview | undefined;
411
+ }
412
+ export interface GetAnalyzedResourceRequest {
413
+ analyzerArn: string | undefined;
414
+ resourceArn: string | undefined;
415
+ }
416
+ export declare type ResourceType =
417
+ | "AWS::IAM::Role"
418
+ | "AWS::KMS::Key"
419
+ | "AWS::Lambda::Function"
420
+ | "AWS::Lambda::LayerVersion"
421
+ | "AWS::S3::Bucket"
422
+ | "AWS::SQS::Queue"
423
+ | "AWS::SecretsManager::Secret";
424
+ export declare type FindingStatus = "ACTIVE" | "ARCHIVED" | "RESOLVED";
425
+ export interface AnalyzedResource {
426
+ resourceArn: string | undefined;
427
+ resourceType: ResourceType | string | undefined;
428
+ createdAt: Date | undefined;
429
+ analyzedAt: Date | undefined;
430
+ updatedAt: Date | undefined;
431
+ isPublic: boolean | undefined;
432
+ actions?: string[];
433
+ sharedVia?: string[];
434
+ status?: FindingStatus | string;
435
+ resourceOwnerAccount: string | undefined;
436
+ error?: string;
437
+ }
438
+ export interface GetAnalyzedResourceResponse {
439
+ resource?: AnalyzedResource;
440
+ }
441
+ export interface GetFindingRequest {
442
+ analyzerArn: string | undefined;
443
+ id: string | undefined;
444
+ }
445
+ export interface FindingSourceDetail {
446
+ accessPointArn?: string;
447
+ }
448
+ export declare type FindingSourceType =
449
+ | "BUCKET_ACL"
450
+ | "POLICY"
451
+ | "S3_ACCESS_POINT";
452
+ export interface FindingSource {
453
+ type: FindingSourceType | string | undefined;
454
+ detail?: FindingSourceDetail;
455
+ }
456
+ export interface Finding {
457
+ id: string | undefined;
458
+ principal?: Record<string, string>;
459
+ action?: string[];
460
+ resource?: string;
461
+ isPublic?: boolean;
462
+ resourceType: ResourceType | string | undefined;
463
+ condition: Record<string, string> | undefined;
464
+ createdAt: Date | undefined;
465
+ analyzedAt: Date | undefined;
466
+ updatedAt: Date | undefined;
467
+ status: FindingStatus | string | undefined;
468
+ resourceOwnerAccount: string | undefined;
469
+ error?: string;
470
+ sources?: FindingSource[];
471
+ }
472
+ export interface GetFindingResponse {
473
+ finding?: Finding;
474
+ }
475
+ export interface GetGeneratedPolicyRequest {
476
+ jobId: string | undefined;
477
+ includeResourcePlaceholders?: boolean;
478
+ includeServiceLevelTemplate?: boolean;
479
+ }
480
+ export interface GeneratedPolicy {
481
+ policy: string | undefined;
482
+ }
483
+ export interface TrailProperties {
484
+ cloudTrailArn: string | undefined;
485
+ regions?: string[];
486
+ allRegions?: boolean;
487
+ }
488
+ export interface CloudTrailProperties {
489
+ trailProperties: TrailProperties[] | undefined;
490
+ startTime: Date | undefined;
491
+ endTime: Date | undefined;
492
+ }
493
+ export interface GeneratedPolicyProperties {
494
+ isComplete?: boolean;
495
+ principalArn: string | undefined;
496
+ cloudTrailProperties?: CloudTrailProperties;
497
+ }
498
+ export interface GeneratedPolicyResult {
499
+ properties: GeneratedPolicyProperties | undefined;
500
+ generatedPolicies?: GeneratedPolicy[];
501
+ }
502
+ export declare enum JobErrorCode {
503
+ AUTHORIZATION_ERROR = "AUTHORIZATION_ERROR",
504
+ RESOURCE_NOT_FOUND_ERROR = "RESOURCE_NOT_FOUND_ERROR",
505
+ SERVICE_ERROR = "SERVICE_ERROR",
506
+ SERVICE_QUOTA_EXCEEDED_ERROR = "SERVICE_QUOTA_EXCEEDED_ERROR",
507
+ }
508
+ export interface JobError {
509
+ code: JobErrorCode | string | undefined;
510
+ message: string | undefined;
511
+ }
512
+ export declare enum JobStatus {
513
+ CANCELED = "CANCELED",
514
+ FAILED = "FAILED",
515
+ IN_PROGRESS = "IN_PROGRESS",
516
+ SUCCEEDED = "SUCCEEDED",
517
+ }
518
+ export interface JobDetails {
519
+ jobId: string | undefined;
520
+ status: JobStatus | string | undefined;
521
+ startedOn: Date | undefined;
522
+ completedOn?: Date;
523
+ jobError?: JobError;
524
+ }
525
+ export interface GetGeneratedPolicyResponse {
526
+ jobDetails: JobDetails | undefined;
527
+ generatedPolicyResult: GeneratedPolicyResult | undefined;
528
+ }
529
+ export interface ListAccessPreviewFindingsRequest {
530
+ accessPreviewId: string | undefined;
531
+ analyzerArn: string | undefined;
532
+ filter?: Record<string, Criterion>;
533
+ nextToken?: string;
534
+ maxResults?: number;
535
+ }
536
+ export declare enum FindingChangeType {
537
+ CHANGED = "CHANGED",
538
+ NEW = "NEW",
539
+ UNCHANGED = "UNCHANGED",
540
+ }
541
+ export interface AccessPreviewFinding {
542
+ id: string | undefined;
543
+ existingFindingId?: string;
544
+ existingFindingStatus?: FindingStatus | string;
545
+ principal?: Record<string, string>;
546
+ action?: string[];
547
+ condition?: Record<string, string>;
548
+ resource?: string;
549
+ isPublic?: boolean;
550
+ resourceType: ResourceType | string | undefined;
551
+ createdAt: Date | undefined;
552
+ changeType: FindingChangeType | string | undefined;
553
+ status: FindingStatus | string | undefined;
554
+ resourceOwnerAccount: string | undefined;
555
+ error?: string;
556
+ sources?: FindingSource[];
557
+ }
558
+ export interface ListAccessPreviewFindingsResponse {
559
+ findings: AccessPreviewFinding[] | undefined;
560
+ nextToken?: string;
561
+ }
562
+ export interface ListAccessPreviewsRequest {
563
+ analyzerArn: string | undefined;
564
+ nextToken?: string;
565
+ maxResults?: number;
566
+ }
567
+ export interface AccessPreviewSummary {
568
+ id: string | undefined;
569
+ analyzerArn: string | undefined;
570
+ createdAt: Date | undefined;
571
+ status: AccessPreviewStatus | string | undefined;
572
+ statusReason?: AccessPreviewStatusReason;
573
+ }
574
+ export interface ListAccessPreviewsResponse {
575
+ accessPreviews: AccessPreviewSummary[] | undefined;
576
+ nextToken?: string;
577
+ }
578
+ export interface ListAnalyzedResourcesRequest {
579
+ analyzerArn: string | undefined;
580
+ resourceType?: ResourceType | string;
581
+ nextToken?: string;
582
+ maxResults?: number;
583
+ }
584
+ export interface AnalyzedResourceSummary {
585
+ resourceArn: string | undefined;
586
+ resourceOwnerAccount: string | undefined;
587
+ resourceType: ResourceType | string | undefined;
588
+ }
589
+ export interface ListAnalyzedResourcesResponse {
590
+ analyzedResources: AnalyzedResourceSummary[] | undefined;
591
+ nextToken?: string;
592
+ }
593
+ export declare type OrderBy = "ASC" | "DESC";
594
+ export interface SortCriteria {
595
+ attributeName?: string;
596
+ orderBy?: OrderBy | string;
597
+ }
598
+ export interface ListFindingsRequest {
599
+ analyzerArn: string | undefined;
600
+ filter?: Record<string, Criterion>;
601
+ sort?: SortCriteria;
602
+ nextToken?: string;
603
+ maxResults?: number;
604
+ }
605
+ export interface FindingSummary {
606
+ id: string | undefined;
607
+ principal?: Record<string, string>;
608
+ action?: string[];
609
+ resource?: string;
610
+ isPublic?: boolean;
611
+ resourceType: ResourceType | string | undefined;
612
+ condition: Record<string, string> | undefined;
613
+ createdAt: Date | undefined;
614
+ analyzedAt: Date | undefined;
615
+ updatedAt: Date | undefined;
616
+ status: FindingStatus | string | undefined;
617
+ resourceOwnerAccount: string | undefined;
618
+ error?: string;
619
+ sources?: FindingSource[];
620
+ }
621
+ export interface ListFindingsResponse {
622
+ findings: FindingSummary[] | undefined;
623
+ nextToken?: string;
624
+ }
625
+ export interface ListPolicyGenerationsRequest {
626
+ principalArn?: string;
627
+ maxResults?: number;
628
+ nextToken?: string;
629
+ }
630
+ export interface PolicyGeneration {
631
+ jobId: string | undefined;
632
+ principalArn: string | undefined;
633
+ status: JobStatus | string | undefined;
634
+ startedOn: Date | undefined;
635
+ completedOn?: Date;
636
+ }
637
+ export interface ListPolicyGenerationsResponse {
638
+ policyGenerations: PolicyGeneration[] | undefined;
639
+ nextToken?: string;
640
+ }
641
+ export interface ListTagsForResourceRequest {
642
+ resourceArn: string | undefined;
643
+ }
644
+ export interface ListTagsForResourceResponse {
645
+ tags?: Record<string, string>;
646
+ }
647
+ export interface Trail {
648
+ cloudTrailArn: string | undefined;
649
+ regions?: string[];
650
+ allRegions?: boolean;
651
+ }
652
+ export interface CloudTrailDetails {
653
+ trails: Trail[] | undefined;
654
+ accessRole: string | undefined;
655
+ startTime: Date | undefined;
656
+ endTime?: Date;
657
+ }
658
+ export interface PolicyGenerationDetails {
659
+ principalArn: string | undefined;
660
+ }
661
+ export interface StartPolicyGenerationRequest {
662
+ policyGenerationDetails: PolicyGenerationDetails | undefined;
663
+ cloudTrailDetails?: CloudTrailDetails;
664
+ clientToken?: string;
665
+ }
666
+ export interface StartPolicyGenerationResponse {
667
+ jobId: string | undefined;
668
+ }
669
+ export interface StartResourceScanRequest {
670
+ analyzerArn: string | undefined;
671
+ resourceArn: string | undefined;
672
+ }
673
+ export interface TagResourceRequest {
674
+ resourceArn: string | undefined;
675
+ tags: Record<string, string> | undefined;
676
+ }
677
+ export interface TagResourceResponse {}
678
+ export interface UntagResourceRequest {
679
+ resourceArn: string | undefined;
680
+ tagKeys: string[] | undefined;
681
+ }
682
+ export interface UntagResourceResponse {}
683
+ export declare type FindingStatusUpdate = "ACTIVE" | "ARCHIVED";
684
+ export interface UpdateFindingsRequest {
685
+ analyzerArn: string | undefined;
686
+ status: FindingStatusUpdate | string | undefined;
687
+ ids?: string[];
688
+ resourceArn?: string;
689
+ clientToken?: string;
690
+ }
691
+ export declare enum Locale {
692
+ DE = "DE",
693
+ EN = "EN",
694
+ ES = "ES",
695
+ FR = "FR",
696
+ IT = "IT",
697
+ JA = "JA",
698
+ KO = "KO",
699
+ PT_BR = "PT_BR",
700
+ ZH_CN = "ZH_CN",
701
+ ZH_TW = "ZH_TW",
702
+ }
703
+ export declare enum PolicyType {
704
+ IDENTITY_POLICY = "IDENTITY_POLICY",
705
+ RESOURCE_POLICY = "RESOURCE_POLICY",
706
+ SERVICE_CONTROL_POLICY = "SERVICE_CONTROL_POLICY",
707
+ }
708
+ export declare enum ValidatePolicyResourceType {
709
+ S3_ACCESS_POINT = "AWS::S3::AccessPoint",
710
+ S3_BUCKET = "AWS::S3::Bucket",
711
+ S3_MULTI_REGION_ACCESS_POINT = "AWS::S3::MultiRegionAccessPoint",
712
+ S3_OBJECT_LAMBDA_ACCESS_POINT = "AWS::S3ObjectLambda::AccessPoint",
713
+ }
714
+ export interface ValidatePolicyRequest {
715
+ locale?: Locale | string;
716
+ maxResults?: number;
717
+ nextToken?: string;
718
+ policyDocument: string | undefined;
719
+ policyType: PolicyType | string | undefined;
720
+ validatePolicyResourceType?: ValidatePolicyResourceType | string;
721
+ }
722
+ export declare enum ValidatePolicyFindingType {
723
+ ERROR = "ERROR",
724
+ SECURITY_WARNING = "SECURITY_WARNING",
725
+ SUGGESTION = "SUGGESTION",
726
+ WARNING = "WARNING",
727
+ }
728
+ export interface Substring {
729
+ start: number | undefined;
730
+ length: number | undefined;
731
+ }
732
+ export declare type PathElement =
733
+ | PathElement.IndexMember
734
+ | PathElement.KeyMember
735
+ | PathElement.SubstringMember
736
+ | PathElement.ValueMember
737
+ | PathElement.$UnknownMember;
738
+ export declare namespace PathElement {
739
+ interface IndexMember {
740
+ index: number;
741
+ key?: never;
742
+ substring?: never;
743
+ value?: never;
744
+ $unknown?: never;
745
+ }
746
+ interface KeyMember {
747
+ index?: never;
748
+ key: string;
749
+ substring?: never;
750
+ value?: never;
751
+ $unknown?: never;
752
+ }
753
+ interface SubstringMember {
754
+ index?: never;
755
+ key?: never;
756
+ substring: Substring;
757
+ value?: never;
758
+ $unknown?: never;
759
+ }
760
+ interface ValueMember {
761
+ index?: never;
762
+ key?: never;
763
+ substring?: never;
764
+ value: string;
765
+ $unknown?: never;
766
+ }
767
+ interface $UnknownMember {
768
+ index?: never;
769
+ key?: never;
770
+ substring?: never;
771
+ value?: never;
772
+ $unknown: [string, any];
773
+ }
774
+ interface Visitor<T> {
775
+ index: (value: number) => T;
776
+ key: (value: string) => T;
777
+ substring: (value: Substring) => T;
778
+ value: (value: string) => T;
779
+ _: (name: string, value: any) => T;
780
+ }
781
+ const visit: <T>(value: PathElement, visitor: Visitor<T>) => T;
782
+ }
783
+ export interface Position {
784
+ line: number | undefined;
785
+ column: number | undefined;
786
+ offset: number | undefined;
787
+ }
788
+ export interface Span {
789
+ start: Position | undefined;
790
+ end: Position | undefined;
791
+ }
792
+ export interface Location {
793
+ path: PathElement[] | undefined;
794
+ span: Span | undefined;
795
+ }
796
+ export interface ValidatePolicyFinding {
797
+ findingDetails: string | undefined;
798
+ findingType: ValidatePolicyFindingType | string | undefined;
799
+ issueCode: string | undefined;
800
+ learnMoreLink: string | undefined;
801
+ locations: Location[] | undefined;
802
+ }
803
+ export interface ValidatePolicyResponse {
804
+ findings: ValidatePolicyFinding[] | undefined;
805
+ nextToken?: string;
806
+ }
807
+ export declare const CriterionFilterSensitiveLog: (obj: Criterion) => any;
808
+ export declare const CreateArchiveRuleRequestFilterSensitiveLog: (
809
+ obj: CreateArchiveRuleRequest
810
+ ) => any;
811
+ export declare const ValidationExceptionFieldFilterSensitiveLog: (
812
+ obj: ValidationExceptionField
813
+ ) => any;
814
+ export declare const DeleteArchiveRuleRequestFilterSensitiveLog: (
815
+ obj: DeleteArchiveRuleRequest
816
+ ) => any;
817
+ export declare const GetArchiveRuleRequestFilterSensitiveLog: (
818
+ obj: GetArchiveRuleRequest
819
+ ) => any;
820
+ export declare const ArchiveRuleSummaryFilterSensitiveLog: (
821
+ obj: ArchiveRuleSummary
822
+ ) => any;
823
+ export declare const GetArchiveRuleResponseFilterSensitiveLog: (
824
+ obj: GetArchiveRuleResponse
825
+ ) => any;
826
+ export declare const ListArchiveRulesRequestFilterSensitiveLog: (
827
+ obj: ListArchiveRulesRequest
828
+ ) => any;
829
+ export declare const ListArchiveRulesResponseFilterSensitiveLog: (
830
+ obj: ListArchiveRulesResponse
831
+ ) => any;
832
+ export declare const UpdateArchiveRuleRequestFilterSensitiveLog: (
833
+ obj: UpdateArchiveRuleRequest
834
+ ) => any;
835
+ export declare const InlineArchiveRuleFilterSensitiveLog: (
836
+ obj: InlineArchiveRule
837
+ ) => any;
838
+ export declare const CreateAnalyzerRequestFilterSensitiveLog: (
839
+ obj: CreateAnalyzerRequest
840
+ ) => any;
841
+ export declare const CreateAnalyzerResponseFilterSensitiveLog: (
842
+ obj: CreateAnalyzerResponse
843
+ ) => any;
844
+ export declare const DeleteAnalyzerRequestFilterSensitiveLog: (
845
+ obj: DeleteAnalyzerRequest
846
+ ) => any;
847
+ export declare const GetAnalyzerRequestFilterSensitiveLog: (
848
+ obj: GetAnalyzerRequest
849
+ ) => any;
850
+ export declare const StatusReasonFilterSensitiveLog: (obj: StatusReason) => any;
851
+ export declare const AnalyzerSummaryFilterSensitiveLog: (
852
+ obj: AnalyzerSummary
853
+ ) => any;
854
+ export declare const GetAnalyzerResponseFilterSensitiveLog: (
855
+ obj: GetAnalyzerResponse
856
+ ) => any;
857
+ export declare const ListAnalyzersRequestFilterSensitiveLog: (
858
+ obj: ListAnalyzersRequest
859
+ ) => any;
860
+ export declare const ListAnalyzersResponseFilterSensitiveLog: (
861
+ obj: ListAnalyzersResponse
862
+ ) => any;
863
+ export declare const ApplyArchiveRuleRequestFilterSensitiveLog: (
864
+ obj: ApplyArchiveRuleRequest
865
+ ) => any;
866
+ export declare const CancelPolicyGenerationRequestFilterSensitiveLog: (
867
+ obj: CancelPolicyGenerationRequest
868
+ ) => any;
869
+ export declare const CancelPolicyGenerationResponseFilterSensitiveLog: (
870
+ obj: CancelPolicyGenerationResponse
871
+ ) => any;
872
+ export declare const IamRoleConfigurationFilterSensitiveLog: (
873
+ obj: IamRoleConfiguration
874
+ ) => any;
875
+ export declare const KmsGrantConstraintsFilterSensitiveLog: (
876
+ obj: KmsGrantConstraints
877
+ ) => any;
878
+ export declare const KmsGrantConfigurationFilterSensitiveLog: (
879
+ obj: KmsGrantConfiguration
880
+ ) => any;
881
+ export declare const KmsKeyConfigurationFilterSensitiveLog: (
882
+ obj: KmsKeyConfiguration
883
+ ) => any;
884
+ export declare const InternetConfigurationFilterSensitiveLog: (
885
+ obj: InternetConfiguration
886
+ ) => any;
887
+ export declare const VpcConfigurationFilterSensitiveLog: (
888
+ obj: VpcConfiguration
889
+ ) => any;
890
+ export declare const NetworkOriginConfigurationFilterSensitiveLog: (
891
+ obj: NetworkOriginConfiguration
892
+ ) => any;
893
+ export declare const S3PublicAccessBlockConfigurationFilterSensitiveLog: (
894
+ obj: S3PublicAccessBlockConfiguration
895
+ ) => any;
896
+ export declare const S3AccessPointConfigurationFilterSensitiveLog: (
897
+ obj: S3AccessPointConfiguration
898
+ ) => any;
899
+ export declare const AclGranteeFilterSensitiveLog: (obj: AclGrantee) => any;
900
+ export declare const S3BucketAclGrantConfigurationFilterSensitiveLog: (
901
+ obj: S3BucketAclGrantConfiguration
902
+ ) => any;
903
+ export declare const S3BucketConfigurationFilterSensitiveLog: (
904
+ obj: S3BucketConfiguration
905
+ ) => any;
906
+ export declare const SecretsManagerSecretConfigurationFilterSensitiveLog: (
907
+ obj: SecretsManagerSecretConfiguration
908
+ ) => any;
909
+ export declare const SqsQueueConfigurationFilterSensitiveLog: (
910
+ obj: SqsQueueConfiguration
911
+ ) => any;
912
+ export declare const ConfigurationFilterSensitiveLog: (
913
+ obj: Configuration
914
+ ) => any;
915
+ export declare const CreateAccessPreviewRequestFilterSensitiveLog: (
916
+ obj: CreateAccessPreviewRequest
917
+ ) => any;
918
+ export declare const CreateAccessPreviewResponseFilterSensitiveLog: (
919
+ obj: CreateAccessPreviewResponse
920
+ ) => any;
921
+ export declare const GetAccessPreviewRequestFilterSensitiveLog: (
922
+ obj: GetAccessPreviewRequest
923
+ ) => any;
924
+ export declare const AccessPreviewStatusReasonFilterSensitiveLog: (
925
+ obj: AccessPreviewStatusReason
926
+ ) => any;
927
+ export declare const AccessPreviewFilterSensitiveLog: (
928
+ obj: AccessPreview
929
+ ) => any;
930
+ export declare const GetAccessPreviewResponseFilterSensitiveLog: (
931
+ obj: GetAccessPreviewResponse
932
+ ) => any;
933
+ export declare const GetAnalyzedResourceRequestFilterSensitiveLog: (
934
+ obj: GetAnalyzedResourceRequest
935
+ ) => any;
936
+ export declare const AnalyzedResourceFilterSensitiveLog: (
937
+ obj: AnalyzedResource
938
+ ) => any;
939
+ export declare const GetAnalyzedResourceResponseFilterSensitiveLog: (
940
+ obj: GetAnalyzedResourceResponse
941
+ ) => any;
942
+ export declare const GetFindingRequestFilterSensitiveLog: (
943
+ obj: GetFindingRequest
944
+ ) => any;
945
+ export declare const FindingSourceDetailFilterSensitiveLog: (
946
+ obj: FindingSourceDetail
947
+ ) => any;
948
+ export declare const FindingSourceFilterSensitiveLog: (
949
+ obj: FindingSource
950
+ ) => any;
951
+ export declare const FindingFilterSensitiveLog: (obj: Finding) => any;
952
+ export declare const GetFindingResponseFilterSensitiveLog: (
953
+ obj: GetFindingResponse
954
+ ) => any;
955
+ export declare const GetGeneratedPolicyRequestFilterSensitiveLog: (
956
+ obj: GetGeneratedPolicyRequest
957
+ ) => any;
958
+ export declare const GeneratedPolicyFilterSensitiveLog: (
959
+ obj: GeneratedPolicy
960
+ ) => any;
961
+ export declare const TrailPropertiesFilterSensitiveLog: (
962
+ obj: TrailProperties
963
+ ) => any;
964
+ export declare const CloudTrailPropertiesFilterSensitiveLog: (
965
+ obj: CloudTrailProperties
966
+ ) => any;
967
+ export declare const GeneratedPolicyPropertiesFilterSensitiveLog: (
968
+ obj: GeneratedPolicyProperties
969
+ ) => any;
970
+ export declare const GeneratedPolicyResultFilterSensitiveLog: (
971
+ obj: GeneratedPolicyResult
972
+ ) => any;
973
+ export declare const JobErrorFilterSensitiveLog: (obj: JobError) => any;
974
+ export declare const JobDetailsFilterSensitiveLog: (obj: JobDetails) => any;
975
+ export declare const GetGeneratedPolicyResponseFilterSensitiveLog: (
976
+ obj: GetGeneratedPolicyResponse
977
+ ) => any;
978
+ export declare const ListAccessPreviewFindingsRequestFilterSensitiveLog: (
979
+ obj: ListAccessPreviewFindingsRequest
980
+ ) => any;
981
+ export declare const AccessPreviewFindingFilterSensitiveLog: (
982
+ obj: AccessPreviewFinding
983
+ ) => any;
984
+ export declare const ListAccessPreviewFindingsResponseFilterSensitiveLog: (
985
+ obj: ListAccessPreviewFindingsResponse
986
+ ) => any;
987
+ export declare const ListAccessPreviewsRequestFilterSensitiveLog: (
988
+ obj: ListAccessPreviewsRequest
989
+ ) => any;
990
+ export declare const AccessPreviewSummaryFilterSensitiveLog: (
991
+ obj: AccessPreviewSummary
992
+ ) => any;
993
+ export declare const ListAccessPreviewsResponseFilterSensitiveLog: (
994
+ obj: ListAccessPreviewsResponse
995
+ ) => any;
996
+ export declare const ListAnalyzedResourcesRequestFilterSensitiveLog: (
997
+ obj: ListAnalyzedResourcesRequest
998
+ ) => any;
999
+ export declare const AnalyzedResourceSummaryFilterSensitiveLog: (
1000
+ obj: AnalyzedResourceSummary
1001
+ ) => any;
1002
+ export declare const ListAnalyzedResourcesResponseFilterSensitiveLog: (
1003
+ obj: ListAnalyzedResourcesResponse
1004
+ ) => any;
1005
+ export declare const SortCriteriaFilterSensitiveLog: (obj: SortCriteria) => any;
1006
+ export declare const ListFindingsRequestFilterSensitiveLog: (
1007
+ obj: ListFindingsRequest
1008
+ ) => any;
1009
+ export declare const FindingSummaryFilterSensitiveLog: (
1010
+ obj: FindingSummary
1011
+ ) => any;
1012
+ export declare const ListFindingsResponseFilterSensitiveLog: (
1013
+ obj: ListFindingsResponse
1014
+ ) => any;
1015
+ export declare const ListPolicyGenerationsRequestFilterSensitiveLog: (
1016
+ obj: ListPolicyGenerationsRequest
1017
+ ) => any;
1018
+ export declare const PolicyGenerationFilterSensitiveLog: (
1019
+ obj: PolicyGeneration
1020
+ ) => any;
1021
+ export declare const ListPolicyGenerationsResponseFilterSensitiveLog: (
1022
+ obj: ListPolicyGenerationsResponse
1023
+ ) => any;
1024
+ export declare const ListTagsForResourceRequestFilterSensitiveLog: (
1025
+ obj: ListTagsForResourceRequest
1026
+ ) => any;
1027
+ export declare const ListTagsForResourceResponseFilterSensitiveLog: (
1028
+ obj: ListTagsForResourceResponse
1029
+ ) => any;
1030
+ export declare const TrailFilterSensitiveLog: (obj: Trail) => any;
1031
+ export declare const CloudTrailDetailsFilterSensitiveLog: (
1032
+ obj: CloudTrailDetails
1033
+ ) => any;
1034
+ export declare const PolicyGenerationDetailsFilterSensitiveLog: (
1035
+ obj: PolicyGenerationDetails
1036
+ ) => any;
1037
+ export declare const StartPolicyGenerationRequestFilterSensitiveLog: (
1038
+ obj: StartPolicyGenerationRequest
1039
+ ) => any;
1040
+ export declare const StartPolicyGenerationResponseFilterSensitiveLog: (
1041
+ obj: StartPolicyGenerationResponse
1042
+ ) => any;
1043
+ export declare const StartResourceScanRequestFilterSensitiveLog: (
1044
+ obj: StartResourceScanRequest
1045
+ ) => any;
1046
+ export declare const TagResourceRequestFilterSensitiveLog: (
1047
+ obj: TagResourceRequest
1048
+ ) => any;
1049
+ export declare const TagResourceResponseFilterSensitiveLog: (
1050
+ obj: TagResourceResponse
1051
+ ) => any;
1052
+ export declare const UntagResourceRequestFilterSensitiveLog: (
1053
+ obj: UntagResourceRequest
1054
+ ) => any;
1055
+ export declare const UntagResourceResponseFilterSensitiveLog: (
1056
+ obj: UntagResourceResponse
1057
+ ) => any;
1058
+ export declare const UpdateFindingsRequestFilterSensitiveLog: (
1059
+ obj: UpdateFindingsRequest
1060
+ ) => any;
1061
+ export declare const ValidatePolicyRequestFilterSensitiveLog: (
1062
+ obj: ValidatePolicyRequest
1063
+ ) => any;
1064
+ export declare const SubstringFilterSensitiveLog: (obj: Substring) => any;
1065
+ export declare const PathElementFilterSensitiveLog: (obj: PathElement) => any;
1066
+ export declare const PositionFilterSensitiveLog: (obj: Position) => any;
1067
+ export declare const SpanFilterSensitiveLog: (obj: Span) => any;
1068
+ export declare const LocationFilterSensitiveLog: (obj: Location) => any;
1069
+ export declare const ValidatePolicyFindingFilterSensitiveLog: (
1070
+ obj: ValidatePolicyFinding
1071
+ ) => any;
1072
+ export declare const ValidatePolicyResponseFilterSensitiveLog: (
1073
+ obj: ValidatePolicyResponse
1074
+ ) => any;