@aws-sdk/client-accessanalyzer 3.28.0 → 3.32.0

package/dist/types/models/models_0.d.ts

@@ -494,7 +494,7 @@ export declare type ReasonCode = "AWS_SERVICE_ACCESS_DISABLED" | "DELEGATED_ADMI
  * <p>Provides more details about the current status of the analyzer. For example, if the
  *          creation for the analyzer fails, a <code>Failed</code> status is returned. For an analyzer
  *          with organization as the type, this failure can be due to an issue with creating the
- *          service-linked roles required in the member accounts of the AWS organization.</p>
+ *          service-linked roles required in the member accounts of the Amazon Web Services organization.</p>
  */
 export interface StatusReason {
     /**
@@ -546,17 +546,17 @@ export interface AnalyzerSummary {
     /**
      * <p>The status of the analyzer. An <code>Active</code> analyzer successfully monitors
      *          supported resources and generates new findings. The analyzer is <code>Disabled</code> when
-     *          a user action, such as removing trusted access for AWS IAM Access Analyzer from AWS Organizations,
-     *          causes the analyzer to stop generating new findings. The status is <code>Creating</code>
-     *          when the analyzer creation is in progress and <code>Failed</code> when the analyzer
-     *          creation has failed. </p>
+     *          a user action, such as removing trusted access for Identity and Access Management Access Analyzer from Organizations, causes
+     *          the analyzer to stop generating new findings. The status is <code>Creating</code> when the
+     *          analyzer creation is in progress and <code>Failed</code> when the analyzer creation has
+     *          failed. </p>
      */
     status: AnalyzerStatus | string | undefined;
     /**
      * <p>The <code>statusReason</code> provides more details about the current status of the
      *          analyzer. For example, if the creation for the analyzer fails, a <code>Failed</code> status
      *          is returned. For an analyzer with organization as the type, this failure can be due to an
-     *          issue with creating the service-linked roles required in the member accounts of the AWS
+     *          issue with creating the service-linked roles required in the member accounts of the Amazon Web Services
      *          organization.</p>
      */
     statusReason?: StatusReason;
@@ -767,8 +767,8 @@ export interface KmsGrantConfiguration {
      */
     constraints?: KmsGrantConstraints;
     /**
-     * <p> The AWS account under which the grant was issued. The account is used to propose KMS
-     *          grants issued by accounts other than the owner of the key.</p>
+     * <p> The Amazon Web Services account under which the grant was issued. The account is used to propose
+     *          KMS grants issued by accounts other than the owner of the key.</p>
      */
     issuingAccount: string | undefined;
 }
@@ -779,21 +779,21 @@ export declare namespace KmsGrantConfiguration {
     const filterSensitiveLog: (obj: KmsGrantConfiguration) => any;
 }
 /**
- * <p>Proposed access control configuration for a KMS key. You can propose a configuration for
- *          a new KMS key or an existing KMS key that you own by specifying the key policy and KMS
- *          grant configuration. If the configuration is for an existing key and you do not specify the
- *          key policy, the access preview uses the existing policy for the key. If the access preview
- *          is for a new resource and you do not specify the key policy, then the access preview uses
- *          the default key policy. The proposed key policy cannot be an empty string. For more
- *          information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default">Default key
+ * <p>Proposed access control configuration for a KMS key. You can propose a configuration
+ *          for a new KMS key or an existing KMS key that you own by specifying the key policy and
+ *          KMS grant configuration. If the configuration is for an existing key and you do not
+ *          specify the key policy, the access preview uses the existing policy for the key. If the
+ *          access preview is for a new resource and you do not specify the key policy, then the access
+ *          preview uses the default key policy. The proposed key policy cannot be an empty string. For
+ *          more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default">Default key
  *             policy</a>. For more information about key policy limits, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html">Resource
  *             quotas</a>.</p>
  *          <p/>
  */
 export interface KmsKeyConfiguration {
     /**
-     * <p>Resource policy configuration for the KMS key. The only valid value for the name of the
-     *          key policy is <code>default</code>. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default">Default key
+     * <p>Resource policy configuration for the KMS key. The only valid value for the name of
+     *          the key policy is <code>default</code>. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default">Default key
      *             policy</a>.</p>
      */
     keyPolicies?: {
@@ -814,8 +814,8 @@ export declare namespace KmsKeyConfiguration {
     const filterSensitiveLog: (obj: KmsKeyConfiguration) => any;
 }
 /**
- * <p>This configuration sets the Amazon S3 access point network origin to
- *          <code>Internet</code>.</p>
+ * <p>This configuration sets the network origin for the Amazon S3 access point or multi-region
+ *          access point to <code>Internet</code>.</p>
  */
 export interface InternetConfiguration {
 }
@@ -826,9 +826,9 @@ export declare namespace InternetConfiguration {
     const filterSensitiveLog: (obj: InternetConfiguration) => any;
 }
 /**
- * <p> The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. For
- *          more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html">VpcConfiguration</a>.
- *       </p>
+ * <p>The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. VPC
+ *          configuration does not apply to multi-region access points. For more information, see
+ *             <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html">VpcConfiguration</a>. </p>
  */
 export interface VpcConfiguration {
     /**
@@ -845,8 +845,9 @@ export declare namespace VpcConfiguration {
 }
 /**
  * <p>The proposed <code>InternetConfiguration</code> or <code>VpcConfiguration</code> to
- *          apply to the Amazon S3 Access point. You can make the access point accessible from the internet,
- *          or you can specify that all requests made through that access point must originate from a
+ *          apply to the Amazon S3 access point. <code>VpcConfiguration</code> does not apply to
+ *          multi-region access points. You can make the access point accessible from the internet, or
+ *          you can specify that all requests made through that access point must originate from a
  *          specific virtual private cloud (VPC). You can specify only one type of network
  *          configuration. For more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html">Creating access
  *          points</a>.</p>
@@ -854,9 +855,9 @@ export declare namespace VpcConfiguration {
 export declare type NetworkOriginConfiguration = NetworkOriginConfiguration.InternetConfigurationMember | NetworkOriginConfiguration.VpcConfigurationMember | NetworkOriginConfiguration.$UnknownMember;
 export declare namespace NetworkOriginConfiguration {
     /**
-     * <p> The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. For
-     *          more information, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html">VpcConfiguration</a>.
-     *       </p>
+     * <p>The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. VPC
+     *          configuration does not apply to multi-region access points. For more information, see
+     *             <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html">VpcConfiguration</a>. </p>
      */
     interface VpcConfigurationMember {
         vpcConfiguration: VpcConfiguration;
@@ -864,7 +865,8 @@ export declare namespace NetworkOriginConfiguration {
         $unknown?: never;
     }
     /**
-     * <p>The configuration for the Amazon S3 access point with an <code>Internet</code> origin.</p>
+     * <p>The configuration for the Amazon S3 access point or multi-region access point with an
+     *             <code>Internet</code> origin.</p>
      */
     interface InternetConfigurationMember {
         vpcConfiguration?: never;
@@ -892,9 +894,9 @@ export declare namespace NetworkOriginConfiguration {
  *          proposed configuration is for an existing Amazon S3 bucket and the configuration is not
  *          specified, the access preview uses the existing setting. If the proposed configuration is
  *          for a new bucket and the configuration is not specified, the access preview uses
- *             <code>false</code>. If the proposed configuration is for a new access point and the
- *          access point BPA configuration is not specified, the access preview uses <code>true</code>.
- *          For more information, see <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">PublicAccessBlockConfiguration</a>. </p>
+ *             <code>false</code>. If the proposed configuration is for a new access point or
+ *          multi-region access point and the access point BPA configuration is not specified, the
+ *          access preview uses <code>true</code>. For more information, see <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html">PublicAccessBlockConfiguration</a>. </p>
  */
 export interface S3PublicAccessBlockConfiguration {
     /**
@@ -914,30 +916,32 @@ export declare namespace S3PublicAccessBlockConfiguration {
     const filterSensitiveLog: (obj: S3PublicAccessBlockConfiguration) => any;
 }
 /**
- * <p>The configuration for an Amazon S3 access point for the bucket. You can propose up to 10
- *          access points per bucket. If the proposed Amazon S3 access point configuration is for an
- *          existing bucket, the access preview uses the proposed access point configuration in place
- *          of the existing access points. To propose an access point without a policy, you can provide
- *          an empty string as the access point policy. For more information, see <a href="https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html">Creating access points</a>. For more information about access point policy limits,
+ * <p>The configuration for an Amazon S3 access point or multi-region access point for the bucket.
+ *          You can propose up to 10 access points or multi-region access points per bucket. If the
+ *          proposed Amazon S3 access point configuration is for an existing bucket, the access preview uses
+ *          the proposed access point configuration in place of the existing access points. To propose
+ *          an access point without a policy, you can provide an empty string as the access point
+ *          policy. For more information, see <a href="https://docs.aws.amazon.com/https:/docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html">Creating access points</a>. For more information about access point policy limits,
  *          see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html">Access points
  *             restrictions and limitations</a>.</p>
  */
 export interface S3AccessPointConfiguration {
     /**
-     * <p>The access point policy.</p>
+     * <p>The access point or multi-region access point policy.</p>
      */
     accessPointPolicy?: string;
     /**
-     * <p>The proposed <code>S3PublicAccessBlock</code> configuration to apply to this Amazon S3 Access
-     *          Point.</p>
+     * <p>The proposed <code>S3PublicAccessBlock</code> configuration to apply to this Amazon S3 access
+     *          point or multi-region access point.</p>
      */
     publicAccessBlock?: S3PublicAccessBlockConfiguration;
     /**
      * <p>The proposed <code>Internet</code> and <code>VpcConfiguration</code> to apply to this
-     *          Amazon S3 access point. If the access preview is for a new resource and neither is specified,
-     *          the access preview uses <code>Internet</code> for the network origin. If the access preview
-     *          is for an existing resource and neither is specified, the access preview uses the exiting
-     *          network origin.</p>
+     *          Amazon S3 access point. <code>VpcConfiguration</code> does not apply to multi-region access
+     *          points. If the access preview is for a new resource and neither is specified, the access
+     *          preview uses <code>Internet</code> for the network origin. If the access preview is for an
+     *          existing resource and neither is specified, the access preview uses the exiting network
+     *          origin.</p>
      */
     networkOrigin?: NetworkOriginConfiguration;
 }
@@ -954,7 +958,7 @@ export declare namespace S3AccessPointConfiguration {
 export declare type AclGrantee = AclGrantee.IdMember | AclGrantee.UriMember | AclGrantee.$UnknownMember;
 export declare namespace AclGrantee {
     /**
-     * <p>The value specified is the canonical user ID of an AWS account.</p>
+     * <p>The value specified is the canonical user ID of an Amazon Web Services account.</p>
      */
     interface IdMember {
         id: string;
@@ -1016,13 +1020,13 @@ export declare namespace S3BucketAclGrantConfiguration {
 /**
  * <p>Proposed access control configuration for an Amazon S3 bucket. You can propose a
  *          configuration for a new Amazon S3 bucket or an existing Amazon S3 bucket that you own by specifying
- *          the Amazon S3 bucket policy, bucket ACLs, bucket BPA settings, and Amazon S3 access points attached
- *          to the bucket. If the configuration is for an existing Amazon S3 bucket and you do not specify
- *          the Amazon S3 bucket policy, the access preview uses the existing policy attached to the bucket.
- *          If the access preview is for a new resource and you do not specify the Amazon S3 bucket policy,
- *          the access preview assumes a bucket without a policy. To propose deletion of an existing
- *          bucket policy, you can specify an empty string. For more information about bucket policy
- *          limits, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html">Bucket Policy
+ *          the Amazon S3 bucket policy, bucket ACLs, bucket BPA settings, Amazon S3 access points, and
+ *          multi-region access points attached to the bucket. If the configuration is for an existing
+ *          Amazon S3 bucket and you do not specify the Amazon S3 bucket policy, the access preview uses the
+ *          existing policy attached to the bucket. If the access preview is for a new resource and you
+ *          do not specify the Amazon S3 bucket policy, the access preview assumes a bucket without a
+ *          policy. To propose deletion of an existing bucket policy, you can specify an empty string.
+ *          For more information about bucket policy limits, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html">Bucket Policy
  *          Examples</a>.</p>
  */
 export interface S3BucketConfiguration {
@@ -1042,7 +1046,8 @@ export interface S3BucketConfiguration {
      */
     bucketPublicAccessBlock?: S3PublicAccessBlockConfiguration;
     /**
-     * <p>The configuration of Amazon S3 access points for the bucket.</p>
+     * <p>The configuration of Amazon S3 access points or multi-region access points for the bucket.
+     *          You can propose up to 10 new access points per bucket.</p>
      */
     accessPoints?: {
         [key: string]: S3AccessPointConfiguration;
@@ -1062,15 +1067,15 @@ export declare namespace S3BucketConfiguration {
  *          existing policy for the secret. If the access preview is for a new resource and you do not
  *          specify the policy, the access preview assumes a secret without a policy. To propose
  *          deletion of an existing policy, you can specify an empty string. If the proposed
- *          configuration is for a new secret and you do not specify the KMS key ID, the access preview
- *          uses the default CMK of the AWS account. If you specify an empty string for the KMS key
- *          ID, the access preview uses the default CMK of the AWS account. For more information
- *          about secret policy limits, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html">Quotas for AWS Secrets
- *             Manager.</a>.</p>
+ *          configuration is for a new secret and you do not specify the KMS key ID, the access
+ *          preview uses the default CMK of the Amazon Web Services account. If you specify an empty string for the
+ *          KMS key ID, the access preview uses the default CMK of the Amazon Web Services account. For more
+ *          information about secret policy limits, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html">Quotas for
+ *             Secrets Manager.</a>.</p>
  */
 export interface SecretsManagerSecretConfiguration {
     /**
-     * <p>The proposed ARN, key ID, or alias of the AWS KMS customer master key (CMK).</p>
+     * <p>The proposed ARN, key ID, or alias of the KMS customer master key (CMK).</p>
      */
     kmsKeyId?: string;
     /**
@@ -1085,19 +1090,19 @@ export declare namespace SecretsManagerSecretConfiguration {
     const filterSensitiveLog: (obj: SecretsManagerSecretConfiguration) => any;
 }
 /**
- * <p>The proposed access control configuration for an SQS queue. You can propose a
- *          configuration for a new SQS queue or an existing SQS queue that you own by specifying the
- *          SQS policy. If the configuration is for an existing SQS queue and you do not specify the
- *          SQS policy, the access preview uses the existing SQS policy for the queue. If the access
- *          preview is for a new resource and you do not specify the policy, the access preview assumes
- *          an SQS queue without a policy. To propose deletion of an existing SQS queue policy, you can
- *          specify an empty string for the SQS policy. For more information about SQS policy limits,
- *          see <a href="https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html">Quotas related
+ * <p>The proposed access control configuration for an Amazon SQS queue. You can propose a
+ *          configuration for a new Amazon SQS queue or an existing Amazon SQS queue that you own by specifying
+ *          the Amazon SQS policy. If the configuration is for an existing Amazon SQS queue and you do not
+ *          specify the Amazon SQS policy, the access preview uses the existing Amazon SQS policy for the queue.
+ *          If the access preview is for a new resource and you do not specify the policy, the access
+ *          preview assumes an Amazon SQS queue without a policy. To propose deletion of an existing Amazon SQS
+ *          queue policy, you can specify an empty string for the Amazon SQS policy. For more information
+ *          about Amazon SQS policy limits, see <a href="https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html">Quotas related
  *             to policies</a>.</p>
  */
 export interface SqsQueueConfiguration {
     /**
-     * <p> The proposed resource policy for the SQS queue. </p>
+     * <p> The proposed resource policy for the Amazon SQS queue. </p>
      */
     queuePolicy?: string;
 }
@@ -1158,7 +1163,7 @@ export declare namespace Configuration {
         $unknown?: never;
     }
     /**
-     * <p>The access control configuration is for an SQS queue. </p>
+     * <p>The access control configuration is for an Amazon SQS queue. </p>
      */
     interface SqsQueueMember {
         iamRole?: never;
@@ -1407,7 +1412,7 @@ export interface AnalyzedResource {
      */
     status?: FindingStatus | string;
     /**
-     * <p>The AWS account ID that owns the resource.</p>
+     * <p>The Amazon Web Services account ID that owns the resource.</p>
      */
     resourceOwnerAccount: string | undefined;
     /**
@@ -1426,8 +1431,8 @@ export declare namespace AnalyzedResource {
  */
 export interface GetAnalyzedResourceResponse {
     /**
-     * <p>An <code>AnalyzedResource</code> object that contains information that Access Analyzer found
-     *          when it analyzed the resource.</p>
+     * <p>An <code>AnalyzedResource</code> object that contains information that IAM Access Analyzer
+     *          found when it analyzed the resource.</p>
      */
     resource?: AnalyzedResource;
 }
@@ -1463,7 +1468,8 @@ export declare namespace GetFindingRequest {
  */
 export interface FindingSourceDetail {
     /**
-     * <p>The ARN of the access point that generated the finding.</p>
+     * <p>The ARN of the access point that generated the finding. The ARN format depends on
+     *          whether the ARN represents an access point or a multi-region access point.</p>
      */
     accessPointArn?: string;
 }
@@ -1550,7 +1556,7 @@ export interface Finding {
      */
     status: FindingStatus | string | undefined;
     /**
-     * <p>The AWS account ID that owns the resource.</p>
+     * <p>The Amazon Web Services account ID that owns the resource.</p>
      */
     resourceOwnerAccount: string | undefined;
     /**
@@ -1603,8 +1609,8 @@ export interface GetGeneratedPolicyRequest {
     /**
      * <p>The level of detail that you want to generate. You can specify whether to generate
      *          service-level policies. </p>
-     *          <p>Access Analyzer uses <code>iam:servicelastaccessed</code> to identify services that have been
-     *          used recently to create this service-level template.</p>
+     *          <p>IAM Access Analyzer uses <code>iam:servicelastaccessed</code> to identify services that have
+     *          been used recently to create this service-level template.</p>
      */
     includeServiceLevelTemplate?: boolean;
 }
@@ -1645,7 +1651,7 @@ export interface TrailProperties {
     regions?: string[];
     /**
      * <p>Possible values are <code>true</code> or <code>false</code>. If set to
-     *          <code>true</code>, Access Analyzer retrieves CloudTrail data from all regions to analyze and
+     *          <code>true</code>, IAM Access Analyzer retrieves CloudTrail data from all regions to analyze and
      *          generate a policy.</p>
      */
     allRegions?: boolean;
@@ -1666,12 +1672,12 @@ export interface CloudTrailProperties {
      */
     trailProperties: TrailProperties[] | undefined;
     /**
-     * <p>The start of the time range for which Access Analyzer reviews your CloudTrail events. Events
+     * <p>The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events
      *          with a timestamp before this time are not considered to generate a policy.</p>
      */
     startTime: Date | undefined;
     /**
-     * <p>The end of the time range for which Access Analyzer reviews your CloudTrail events. Events with
+     * <p>The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with
      *          a timestamp after this time are not considered to generate a policy. If this is not
      *          included in the request, the default value is the current time.</p>
      */
@@ -1688,9 +1694,9 @@ export declare namespace CloudTrailProperties {
  */
 export interface GeneratedPolicyProperties {
     /**
-     * <p>This value is set to <code>true</code> if the generated policy contains all possible actions for a
-     *          service that Access Analyzer identified from the CloudTrail trail that you specified, and
-     *          <code>false</code> otherwise.</p>
+     * <p>This value is set to <code>true</code> if the generated policy contains all possible
+     *          actions for a service that IAM Access Analyzer identified from the CloudTrail trail that you specified,
+     *          and <code>false</code> otherwise.</p>
      */
     isComplete?: boolean;
     /**
@@ -1785,7 +1791,7 @@ export interface JobDetails {
      */
     completedOn?: Date;
     /**
-     * <p>Contains the details about the policy generation error.</p>
+     * <p>The job error for the policy generation request.</p>
      */
     jobError?: JobError;
 }
@@ -1860,7 +1866,8 @@ export interface AccessPreviewFinding {
      */
     id: string | undefined;
     /**
-     * <p>The existing ID of the finding in Access Analyzer, provided only for existing findings.</p>
+     * <p>The existing ID of the finding in IAM Access Analyzer, provided only for existing
+     *          findings.</p>
      */
     existingFindingId?: string;
     /**
@@ -1904,7 +1911,7 @@ export interface AccessPreviewFinding {
     createdAt: Date | undefined;
     /**
      * <p>Provides context on how the access preview finding compares to existing access
-     *          identified in Access Analyzer.</p>
+     *          identified in IAM Access Analyzer.</p>
      *          <ul>
      *             <li>
      *                <p>
@@ -1935,7 +1942,7 @@ export interface AccessPreviewFinding {
      */
     status: FindingStatus | string | undefined;
     /**
-     * <p>The AWS account ID that owns the resource. For most AWS resources, the owning
+     * <p>The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning
      *          account is the account in which the resource was created.</p>
      */
     resourceOwnerAccount: string | undefined;
@@ -2094,7 +2101,7 @@ export interface AnalyzedResourceSummary {
      */
     resourceArn: string | undefined;
     /**
-     * <p>The AWS account ID that owns the resource.</p>
+     * <p>The Amazon Web Services account ID that owns the resource.</p>
      */
     resourceOwnerAccount: string | undefined;
     /**
@@ -2237,7 +2244,7 @@ export interface FindingSummary {
      */
     status: FindingStatus | string | undefined;
     /**
-     * <p>The AWS account ID that owns the resource.</p>
+     * <p>The Amazon Web Services account ID that owns the resource.</p>
      */
     resourceOwnerAccount: string | undefined;
     /**
@@ -2396,7 +2403,7 @@ export interface Trail {
     regions?: string[];
     /**
      * <p>Possible values are <code>true</code> or <code>false</code>. If set to
-     *          <code>true</code>, Access Analyzer retrieves CloudTrail data from all regions to analyze and
+     *          <code>true</code>, IAM Access Analyzer retrieves CloudTrail data from all regions to analyze and
      *          generate a policy.</p>
      */
     allRegions?: boolean;
@@ -2416,17 +2423,17 @@ export interface CloudTrailDetails {
      */
     trails: Trail[] | undefined;
     /**
-     * <p>The ARN of the service role that Access Analyzer uses to access your CloudTrail trail and
+     * <p>The ARN of the service role that IAM Access Analyzer uses to access your CloudTrail trail and
      *          service last accessed information.</p>
      */
     accessRole: string | undefined;
     /**
-     * <p>The start of the time range for which Access Analyzer reviews your CloudTrail events. Events
+     * <p>The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events
      *          with a timestamp before this time are not considered to generate a policy.</p>
      */
     startTime: Date | undefined;
     /**
-     * <p>The end of the time range for which Access Analyzer reviews your CloudTrail events. Events with
+     * <p>The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with
      *          a timestamp after this time are not considered to generate a policy. If this is not
      *          included in the request, the default value is the current time.</p>
      */
@@ -2471,7 +2478,7 @@ export interface StartPolicyGenerationRequest {
      *          request, if the original request completes successfully, the subsequent retries with the
      *          same client token return the result from the original successful request and they have no
      *          additional effect.</p>
-     *          <p>If you do not specify a client token, one is automatically generated by the AWS
+     *          <p>If you do not specify a client token, one is automatically generated by the Amazon Web Services
      *          SDK.</p>
      */
     clientToken?: string;
@@ -2652,12 +2659,12 @@ export interface ValidatePolicyRequest {
     /**
      * <p>The type of policy to validate. Identity policies grant permissions to IAM principals.
      *          Identity policies include managed and inline policies for IAM roles, users, and groups.
-     *          They also include service-control policies (SCPs) that are attached to an AWS
+     *          They also include service-control policies (SCPs) that are attached to an Amazon Web Services
      *          organization, organizational unit (OU), or an account.</p>
-     *          <p>Resource policies grant permissions on AWS resources. Resource policies include trust
-     *          policies for IAM roles and bucket policies for S3 buckets. You can provide a generic input
-     *          such as identity policy or resource policy or a specific input such as managed policy or S3
-     *          bucket policy. </p>
+     *          <p>Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust
+     *          policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic
+     *          input such as identity policy or resource policy or a specific input such as managed policy
+     *          or Amazon S3 bucket policy. </p>
      */
     policyType: PolicyType | string | undefined;
 }
@@ -2863,7 +2870,7 @@ export declare namespace ValidatePolicyFinding {
 }
 export interface ValidatePolicyResponse {
     /**
-     * <p>The list of findings in a policy returned by Access Analyzer based on its suite of policy
+     * <p>The list of findings in a policy returned by IAM Access Analyzer based on its suite of policy
      *          checks.</p>
      */
     findings: ValidatePolicyFinding[] | undefined;

package/dist/types/ts3.4/AccessAnalyzer.d.ts

@@ -29,15 +29,15 @@ import { UpdateFindingsCommandInput, UpdateFindingsCommandOutput } from "./comma
 import { ValidatePolicyCommandInput, ValidatePolicyCommandOutput } from "./commands/ValidatePolicyCommand";
 import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types";
 /**
- * <p>AWS IAM Access Analyzer helps identify potential resource-access risks by enabling you to identify
- *          any policies that grant access to an external principal. It does this by using logic-based
- *          reasoning to analyze resource-based policies in your AWS environment. An external
- *          principal can be another AWS account, a root user, an IAM user or role, a federated
- *          user, an AWS service, or an anonymous user. You can also use Access Analyzer to preview and
- *          validate public and cross-account access to your resources before deploying permissions
- *          changes. This guide describes the AWS IAM Access Analyzer operations that you can call
- *          programmatically. For general information about Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">AWS IAM Access Analyzer</a> in the <b>IAM User Guide</b>.</p>
- *          <p>To start using Access Analyzer, you first need to create an analyzer.</p>
+ * <p>Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to
+ *          identify any policies that grant access to an external principal. It does this by using
+ *          logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An
+ *          external principal can be another Amazon Web Services account, a root user, an IAM user or role, a
+ *          federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to
+ *          preview and validate public and cross-account access to your resources before deploying
+ *          permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can
+ *          call programmatically. For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the <b>IAM User Guide</b>.</p>
+ *          <p>To start using IAM Access Analyzer, you first need to create an analyzer.</p>
  */
 export declare class AccessAnalyzer extends AccessAnalyzerClient {
     /**
@@ -54,8 +54,8 @@ export declare class AccessAnalyzer extends AccessAnalyzerClient {
     cancelPolicyGeneration(args: CancelPolicyGenerationCommandInput, cb: (err: any, data?: CancelPolicyGenerationCommandOutput) => void): void;
     cancelPolicyGeneration(args: CancelPolicyGenerationCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: CancelPolicyGenerationCommandOutput) => void): void;
     /**
-     * <p>Creates an access preview that allows you to preview Access Analyzer findings for your resource
-     *          before deploying resource permissions.</p>
+     * <p>Creates an access preview that allows you to preview IAM Access Analyzer findings for your
+     *          resource before deploying resource permissions.</p>
      */
     createAccessPreview(args: CreateAccessPreviewCommandInput, options?: __HttpHandlerOptions): Promise<CreateAccessPreviewCommandOutput>;
     createAccessPreview(args: CreateAccessPreviewCommandInput, cb: (err: any, data?: CreateAccessPreviewCommandOutput) => void): void;
@@ -69,16 +69,15 @@ export declare class AccessAnalyzer extends AccessAnalyzerClient {
     /**
      * <p>Creates an archive rule for the specified analyzer. Archive rules automatically archive
      *          new findings that meet the criteria you define when you create the rule.</p>
-     *          <p>To learn about filter keys that you can use to create an archive rule, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">Access Analyzer filter keys</a> in the <b>IAM User
-     *          Guide</b>.</p>
+     *          <p>To learn about filter keys that you can use to create an archive rule, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">IAM Access Analyzer filter keys</a> in the <b>IAM User Guide</b>.</p>
      */
     createArchiveRule(args: CreateArchiveRuleCommandInput, options?: __HttpHandlerOptions): Promise<CreateArchiveRuleCommandOutput>;
     createArchiveRule(args: CreateArchiveRuleCommandInput, cb: (err: any, data?: CreateArchiveRuleCommandOutput) => void): void;
     createArchiveRule(args: CreateArchiveRuleCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: CreateArchiveRuleCommandOutput) => void): void;
     /**
-     * <p>Deletes the specified analyzer. When you delete an analyzer, Access Analyzer is disabled for the
-     *          account or organization in the current or specific Region. All findings that were generated
-     *          by the analyzer are deleted. You cannot undo this action.</p>
+     * <p>Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled
+     *          for the account or organization in the current or specific Region. All findings that were
+     *          generated by the analyzer are deleted. You cannot undo this action.</p>
      */
     deleteAnalyzer(args: DeleteAnalyzerCommandInput, options?: __HttpHandlerOptions): Promise<DeleteAnalyzerCommandOutput>;
     deleteAnalyzer(args: DeleteAnalyzerCommandInput, cb: (err: any, data?: DeleteAnalyzerCommandOutput) => void): void;
@@ -109,8 +108,7 @@ export declare class AccessAnalyzer extends AccessAnalyzerClient {
     getAnalyzer(args: GetAnalyzerCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetAnalyzerCommandOutput) => void): void;
     /**
      * <p>Retrieves information about an archive rule.</p>
-     *          <p>To learn about filter keys that you can use to create an archive rule, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">Access Analyzer filter keys</a> in the <b>IAM User
-     *          Guide</b>.</p>
+     *          <p>To learn about filter keys that you can use to create an archive rule, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">IAM Access Analyzer filter keys</a> in the <b>IAM User Guide</b>.</p>
      */
     getArchiveRule(args: GetArchiveRuleCommandInput, options?: __HttpHandlerOptions): Promise<GetArchiveRuleCommandOutput>;
     getArchiveRule(args: GetArchiveRuleCommandInput, cb: (err: any, data?: GetArchiveRuleCommandOutput) => void): void;
@@ -162,8 +160,7 @@ export declare class AccessAnalyzer extends AccessAnalyzerClient {
     listArchiveRules(args: ListArchiveRulesCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: ListArchiveRulesCommandOutput) => void): void;
     /**
      * <p>Retrieves a list of findings generated by the specified analyzer.</p>
-     *          <p>To learn about filter keys that you can use to retrieve a list of findings, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">Access Analyzer filter keys</a> in the <b>IAM User
-     *          Guide</b>.</p>
+     *          <p>To learn about filter keys that you can use to retrieve a list of findings, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">IAM Access Analyzer filter keys</a> in the <b>IAM User Guide</b>.</p>
      */
     listFindings(args: ListFindingsCommandInput, options?: __HttpHandlerOptions): Promise<ListFindingsCommandOutput>;
     listFindings(args: ListFindingsCommandInput, cb: (err: any, data?: ListFindingsCommandOutput) => void): void;

package/dist/types/ts3.4/AccessAnalyzerClient.d.ts

@@ -142,15 +142,15 @@ declare type AccessAnalyzerClientResolvedConfigType = __SmithyResolvedConfigurat
 export interface AccessAnalyzerClientResolvedConfig extends AccessAnalyzerClientResolvedConfigType {
 }
 /**
- * <p>AWS IAM Access Analyzer helps identify potential resource-access risks by enabling you to identify
- *          any policies that grant access to an external principal. It does this by using logic-based
- *          reasoning to analyze resource-based policies in your AWS environment. An external
- *          principal can be another AWS account, a root user, an IAM user or role, a federated
- *          user, an AWS service, or an anonymous user. You can also use Access Analyzer to preview and
- *          validate public and cross-account access to your resources before deploying permissions
- *          changes. This guide describes the AWS IAM Access Analyzer operations that you can call
- *          programmatically. For general information about Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">AWS IAM Access Analyzer</a> in the <b>IAM User Guide</b>.</p>
- *          <p>To start using Access Analyzer, you first need to create an analyzer.</p>
+ * <p>Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to
+ *          identify any policies that grant access to an external principal. It does this by using
+ *          logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An
+ *          external principal can be another Amazon Web Services account, a root user, an IAM user or role, a
+ *          federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to
+ *          preview and validate public and cross-account access to your resources before deploying
+ *          permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can
+ *          call programmatically. For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the <b>IAM User Guide</b>.</p>
+ *          <p>To start using IAM Access Analyzer, you first need to create an analyzer.</p>
  */
 export declare class AccessAnalyzerClient extends __Client<__HttpHandlerOptions, ServiceInputTypes, ServiceOutputTypes, AccessAnalyzerClientResolvedConfig> {
     /**

package/dist/types/ts3.4/commands/CreateAccessPreviewCommand.d.ts

@@ -7,8 +7,8 @@ export interface CreateAccessPreviewCommandInput extends CreateAccessPreviewRequ
 export interface CreateAccessPreviewCommandOutput extends CreateAccessPreviewResponse, __MetadataBearer {
 }
 /**
- * <p>Creates an access preview that allows you to preview Access Analyzer findings for your resource
- *          before deploying resource permissions.</p>
+ * <p>Creates an access preview that allows you to preview IAM Access Analyzer findings for your
+ *          resource before deploying resource permissions.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript