@aws-sdk/client-accessanalyzer 3.43.0 → 3.44.0

package/CHANGELOG.md

@@ -3,6 +3,17 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [3.44.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.43.0...v3.44.0) (2021-12-02)
+
+
+### Features
+
+* **clients:** update clients as of 2021/11/30 ([#3077](https://github.com/aws/aws-sdk-js-v3/issues/3077)) ([2bdba30](https://github.com/aws/aws-sdk-js-v3/commit/2bdba30963e550728ba2903d57daa1e666a29d71))
+
+
+
+
+
 # [3.43.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.42.0...v3.43.0) (2021-11-29)
 
 **Note:** Version bump only for package @aws-sdk/client-accessanalyzer

package/dist-cjs/models/models_0.js

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CreateAccessPreviewResponse = exports.CreateAccessPreviewRequest = exports.Configuration = exports.SqsQueueConfiguration = exports.SecretsManagerSecretConfiguration = exports.S3BucketConfiguration = exports.S3BucketAclGrantConfiguration = exports.AclPermission = exports.AclGrantee = exports.S3AccessPointConfiguration = exports.S3PublicAccessBlockConfiguration = exports.NetworkOriginConfiguration = exports.VpcConfiguration = exports.InternetConfiguration = exports.KmsKeyConfiguration = exports.KmsGrantConfiguration = exports.KmsGrantOperation = exports.KmsGrantConstraints = exports.IamRoleConfiguration = exports.CancelPolicyGenerationResponse = exports.CancelPolicyGenerationRequest = exports.ApplyArchiveRuleRequest = exports.ListAnalyzersResponse = exports.ListAnalyzersRequest = exports.GetAnalyzerResponse = exports.AnalyzerSummary = exports.StatusReason = exports.GetAnalyzerRequest = exports.DeleteAnalyzerRequest = exports.CreateAnalyzerResponse = exports.CreateAnalyzerRequest = exports.InlineArchiveRule = exports.UpdateArchiveRuleRequest = exports.ListArchiveRulesResponse = exports.ListArchiveRulesRequest = exports.GetArchiveRuleResponse = exports.ArchiveRuleSummary = exports.GetArchiveRuleRequest = exports.DeleteArchiveRuleRequest = exports.ValidationException = exports.ValidationExceptionReason = exports.ValidationExceptionField = exports.ThrottlingException = exports.ServiceQuotaExceededException = exports.ResourceNotFoundException = exports.InternalServerException = exports.CreateArchiveRuleRequest = exports.Criterion = exports.ConflictException = exports.AccessDeniedException = void 0;
 exports.StartResourceScanRequest = exports.StartPolicyGenerationResponse = exports.StartPolicyGenerationRequest = exports.PolicyGenerationDetails = exports.CloudTrailDetails = exports.Trail = exports.ListTagsForResourceResponse = exports.ListTagsForResourceRequest = exports.ListPolicyGenerationsResponse = exports.PolicyGeneration = exports.ListPolicyGenerationsRequest = exports.ListFindingsResponse = exports.FindingSummary = exports.ListFindingsRequest = exports.SortCriteria = exports.ListAnalyzedResourcesResponse = exports.AnalyzedResourceSummary = exports.ListAnalyzedResourcesRequest = exports.ListAccessPreviewsResponse = exports.AccessPreviewSummary = exports.ListAccessPreviewsRequest = exports.ListAccessPreviewFindingsResponse = exports.AccessPreviewFinding = exports.FindingChangeType = exports.ListAccessPreviewFindingsRequest = exports.GetGeneratedPolicyResponse = exports.JobDetails = exports.JobStatus = exports.JobError = exports.JobErrorCode = exports.GeneratedPolicyResult = exports.GeneratedPolicyProperties = exports.CloudTrailProperties = exports.TrailProperties = exports.GeneratedPolicy = exports.GetGeneratedPolicyRequest = exports.GetFindingResponse = exports.Finding = exports.FindingSource = exports.FindingSourceDetail = exports.GetFindingRequest = exports.GetAnalyzedResourceResponse = exports.AnalyzedResource = exports.GetAnalyzedResourceRequest = exports.GetAccessPreviewResponse = exports.AccessPreview = exports.AccessPreviewStatusReason = exports.AccessPreviewStatusReasonCode = exports.AccessPreviewStatus = exports.GetAccessPreviewRequest = void 0;
-exports.ValidatePolicyResponse = exports.ValidatePolicyFinding = exports.Location = exports.Span = exports.Position = exports.PathElement = exports.Substring = exports.ValidatePolicyFindingType = exports.ValidatePolicyRequest = exports.PolicyType = exports.Locale = exports.UpdateFindingsRequest = exports.UntagResourceResponse = exports.UntagResourceRequest = exports.TagResourceResponse = exports.TagResourceRequest = void 0;
+exports.ValidatePolicyResponse = exports.ValidatePolicyFinding = exports.Location = exports.Span = exports.Position = exports.PathElement = exports.Substring = exports.ValidatePolicyFindingType = exports.ValidatePolicyRequest = exports.ValidatePolicyResourceType = exports.PolicyType = exports.Locale = exports.UpdateFindingsRequest = exports.UntagResourceResponse = exports.UntagResourceRequest = exports.TagResourceResponse = exports.TagResourceRequest = void 0;
 var AccessDeniedException;
 (function (AccessDeniedException) {
     AccessDeniedException.filterSensitiveLog = (obj) => ({
@@ -739,6 +739,13 @@ var PolicyType;
     PolicyType["RESOURCE_POLICY"] = "RESOURCE_POLICY";
     PolicyType["SERVICE_CONTROL_POLICY"] = "SERVICE_CONTROL_POLICY";
 })(PolicyType = exports.PolicyType || (exports.PolicyType = {}));
+var ValidatePolicyResourceType;
+(function (ValidatePolicyResourceType) {
+    ValidatePolicyResourceType["S3_ACCESS_POINT"] = "AWS::S3::AccessPoint";
+    ValidatePolicyResourceType["S3_BUCKET"] = "AWS::S3::Bucket";
+    ValidatePolicyResourceType["S3_MULTI_REGION_ACCESS_POINT"] = "AWS::S3::MultiRegionAccessPoint";
+    ValidatePolicyResourceType["S3_OBJECT_LAMBDA_ACCESS_POINT"] = "AWS::S3ObjectLambda::AccessPoint";
+})(ValidatePolicyResourceType = exports.ValidatePolicyResourceType || (exports.ValidatePolicyResourceType = {}));
 var ValidatePolicyRequest;
 (function (ValidatePolicyRequest) {
     ValidatePolicyRequest.filterSensitiveLog = (obj) => ({

package/dist-cjs/protocols/Aws_restJson1.js

@@ -809,6 +809,8 @@ const serializeAws_restJson1ValidatePolicyCommand = async (input, context) => {
         ...(input.policyDocument !== undefined &&
             input.policyDocument !== null && { policyDocument: input.policyDocument }),
         ...(input.policyType !== undefined && input.policyType !== null && { policyType: input.policyType }),
+        ...(input.validatePolicyResourceType !== undefined &&
+            input.validatePolicyResourceType !== null && { validatePolicyResourceType: input.validatePolicyResourceType }),
     });
     return new protocol_http_1.HttpRequest({
         protocol,

package/dist-es/models/models_0.js

@@ -546,6 +546,13 @@ export var PolicyType;
     PolicyType["RESOURCE_POLICY"] = "RESOURCE_POLICY";
     PolicyType["SERVICE_CONTROL_POLICY"] = "SERVICE_CONTROL_POLICY";
 })(PolicyType || (PolicyType = {}));
+export var ValidatePolicyResourceType;
+(function (ValidatePolicyResourceType) {
+    ValidatePolicyResourceType["S3_ACCESS_POINT"] = "AWS::S3::AccessPoint";
+    ValidatePolicyResourceType["S3_BUCKET"] = "AWS::S3::Bucket";
+    ValidatePolicyResourceType["S3_MULTI_REGION_ACCESS_POINT"] = "AWS::S3::MultiRegionAccessPoint";
+    ValidatePolicyResourceType["S3_OBJECT_LAMBDA_ACCESS_POINT"] = "AWS::S3ObjectLambda::AccessPoint";
+})(ValidatePolicyResourceType || (ValidatePolicyResourceType = {}));
 export var ValidatePolicyRequest;
 (function (ValidatePolicyRequest) {
     ValidatePolicyRequest.filterSensitiveLog = function (obj) { return (__assign({}, obj)); };

package/dist-es/protocols/Aws_restJson1.js

@@ -854,8 +854,9 @@ export var serializeAws_restJson1ValidatePolicyCommand = function (input, contex
                 };
                 resolvedPath = "" + ((basePath === null || basePath === void 0 ? void 0 : basePath.endsWith("/")) ? basePath.slice(0, -1) : basePath || "") + "/policy/validation";
                 query = __assign(__assign({}, (input.maxResults !== undefined && { maxResults: input.maxResults.toString() })), (input.nextToken !== undefined && { nextToken: input.nextToken }));
-                body = JSON.stringify(__assign(__assign(__assign({}, (input.locale !== undefined && input.locale !== null && { locale: input.locale })), (input.policyDocument !== undefined &&
-                    input.policyDocument !== null && { policyDocument: input.policyDocument })), (input.policyType !== undefined && input.policyType !== null && { policyType: input.policyType })));
+                body = JSON.stringify(__assign(__assign(__assign(__assign({}, (input.locale !== undefined && input.locale !== null && { locale: input.locale })), (input.policyDocument !== undefined &&
+                    input.policyDocument !== null && { policyDocument: input.policyDocument })), (input.policyType !== undefined && input.policyType !== null && { policyType: input.policyType })), (input.validatePolicyResourceType !== undefined &&
+                    input.validatePolicyResourceType !== null && { validatePolicyResourceType: input.validatePolicyResourceType })));
                 return [2, new __HttpRequest({
                         protocol: protocol,
                         hostname: hostname,

package/dist-types/models/models_0.d.ts

@@ -1068,14 +1068,14 @@ export declare namespace S3BucketConfiguration {
  *          specify the policy, the access preview assumes a secret without a policy. To propose
  *          deletion of an existing policy, you can specify an empty string. If the proposed
  *          configuration is for a new secret and you do not specify the KMS key ID, the access
- *          preview uses the default CMK of the Amazon Web Services account. If you specify an empty string for the
- *          KMS key ID, the access preview uses the default CMK of the Amazon Web Services account. For more
- *          information about secret policy limits, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html">Quotas for
+ *          preview uses the Amazon Web Services managed key <code>aws/secretsmanager</code>. If you specify an empty
+ *          string for the KMS key ID, the access preview uses the Amazon Web Services managed key of the Amazon Web Services
+ *          account. For more information about secret policy limits, see <a href="https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html">Quotas for
  *             Secrets Manager.</a>.</p>
  */
 export interface SecretsManagerSecretConfiguration {
     /**
-     * <p>The proposed ARN, key ID, or alias of the KMS customer master key (CMK).</p>
+     * <p>The proposed ARN, key ID, or alias of the KMS key.</p>
      */
     kmsKeyId?: string;
     /**
@@ -2639,6 +2639,12 @@ export declare enum PolicyType {
     RESOURCE_POLICY = "RESOURCE_POLICY",
     SERVICE_CONTROL_POLICY = "SERVICE_CONTROL_POLICY"
 }
+export declare enum ValidatePolicyResourceType {
+    S3_ACCESS_POINT = "AWS::S3::AccessPoint",
+    S3_BUCKET = "AWS::S3::Bucket",
+    S3_MULTI_REGION_ACCESS_POINT = "AWS::S3::MultiRegionAccessPoint",
+    S3_OBJECT_LAMBDA_ACCESS_POINT = "AWS::S3ObjectLambda::AccessPoint"
+}
 export interface ValidatePolicyRequest {
     /**
      * <p>The locale to use for localizing the findings.</p>
@@ -2667,6 +2673,17 @@ export interface ValidatePolicyRequest {
      *          or Amazon S3 bucket policy. </p>
      */
     policyType: PolicyType | string | undefined;
+    /**
+     * <p>The type of resource to attach to your resource policy. Specify a value for the policy
+     *          validation resource type only if the policy type is <code>RESOURCE_POLICY</code>. For
+     *          example, to validate a resource policy to attach to an Amazon S3 bucket, you can choose
+     *             <code>AWS::S3::Bucket</code> for the policy validation resource type.</p>
+     *          <p>For resource types not supported as valid values, IAM Access Analyzer runs policy checks that
+     *          apply to all resource policies. For example, to validate a resource policy to attach to a
+     *          KMS key, do not specify a value for the policy validation resource type and IAM Access Analyzer
+     *          will run policy checks that apply to all resource policies.</p>
+     */
+    validatePolicyResourceType?: ValidatePolicyResourceType | string;
 }
 export declare namespace ValidatePolicyRequest {
     /**

package/dist-types/ts3.4/models/models_0.d.ts

@@ -1457,6 +1457,12 @@ export declare enum PolicyType {
     RESOURCE_POLICY = "RESOURCE_POLICY",
     SERVICE_CONTROL_POLICY = "SERVICE_CONTROL_POLICY"
 }
+export declare enum ValidatePolicyResourceType {
+    S3_ACCESS_POINT = "AWS::S3::AccessPoint",
+    S3_BUCKET = "AWS::S3::Bucket",
+    S3_MULTI_REGION_ACCESS_POINT = "AWS::S3::MultiRegionAccessPoint",
+    S3_OBJECT_LAMBDA_ACCESS_POINT = "AWS::S3ObjectLambda::AccessPoint"
+}
 export interface ValidatePolicyRequest {
     
     locale?: Locale | string;
@@ -1468,6 +1474,8 @@ export interface ValidatePolicyRequest {
     policyDocument: string | undefined;
     
     policyType: PolicyType | string | undefined;
+    
+    validatePolicyResourceType?: ValidatePolicyResourceType | string;
 }
 export declare namespace ValidatePolicyRequest {
     

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-accessanalyzer",
   "description": "AWS SDK for JavaScript Accessanalyzer Client for Node.js, Browser and React Native",
-  "version": "3.43.0",
+  "version": "3.44.0",
   "scripts": {
     "build": "yarn build:cjs && yarn build:es && yarn build:types",
     "build:cjs": "tsc -p tsconfig.json",