@aws-sdk/client-accessanalyzer 3.454.0 → 3.458.0

package/dist-types/AccessAnalyzerClient.d.ts

@@ -10,6 +10,8 @@ import { Client as __Client, DefaultsMode as __DefaultsMode, SmithyConfiguration
 import { BodyLengthCalculator as __BodyLengthCalculator, CheckOptionalClientConfig as __CheckOptionalClientConfig, ChecksumConstructor as __ChecksumConstructor, Decoder as __Decoder, Encoder as __Encoder, HashConstructor as __HashConstructor, HttpHandlerOptions as __HttpHandlerOptions, Logger as __Logger, Provider as __Provider, Provider, StreamCollector as __StreamCollector, UrlParser as __UrlParser, UserAgent as __UserAgent } from "@smithy/types";
 import { ApplyArchiveRuleCommandInput, ApplyArchiveRuleCommandOutput } from "./commands/ApplyArchiveRuleCommand";
 import { CancelPolicyGenerationCommandInput, CancelPolicyGenerationCommandOutput } from "./commands/CancelPolicyGenerationCommand";
+import { CheckAccessNotGrantedCommandInput, CheckAccessNotGrantedCommandOutput } from "./commands/CheckAccessNotGrantedCommand";
+import { CheckNoNewAccessCommandInput, CheckNoNewAccessCommandOutput } from "./commands/CheckNoNewAccessCommand";
 import { CreateAccessPreviewCommandInput, CreateAccessPreviewCommandOutput } from "./commands/CreateAccessPreviewCommand";
 import { CreateAnalyzerCommandInput, CreateAnalyzerCommandOutput } from "./commands/CreateAnalyzerCommand";
 import { CreateArchiveRuleCommandInput, CreateArchiveRuleCommandOutput } from "./commands/CreateArchiveRuleCommand";
@@ -20,6 +22,7 @@ import { GetAnalyzedResourceCommandInput, GetAnalyzedResourceCommandOutput } fro
 import { GetAnalyzerCommandInput, GetAnalyzerCommandOutput } from "./commands/GetAnalyzerCommand";
 import { GetArchiveRuleCommandInput, GetArchiveRuleCommandOutput } from "./commands/GetArchiveRuleCommand";
 import { GetFindingCommandInput, GetFindingCommandOutput } from "./commands/GetFindingCommand";
+import { GetFindingV2CommandInput, GetFindingV2CommandOutput } from "./commands/GetFindingV2Command";
 import { GetGeneratedPolicyCommandInput, GetGeneratedPolicyCommandOutput } from "./commands/GetGeneratedPolicyCommand";
 import { ListAccessPreviewFindingsCommandInput, ListAccessPreviewFindingsCommandOutput } from "./commands/ListAccessPreviewFindingsCommand";
 import { ListAccessPreviewsCommandInput, ListAccessPreviewsCommandOutput } from "./commands/ListAccessPreviewsCommand";
@@ -27,6 +30,7 @@ import { ListAnalyzedResourcesCommandInput, ListAnalyzedResourcesCommandOutput }
 import { ListAnalyzersCommandInput, ListAnalyzersCommandOutput } from "./commands/ListAnalyzersCommand";
 import { ListArchiveRulesCommandInput, ListArchiveRulesCommandOutput } from "./commands/ListArchiveRulesCommand";
 import { ListFindingsCommandInput, ListFindingsCommandOutput } from "./commands/ListFindingsCommand";
+import { ListFindingsV2CommandInput, ListFindingsV2CommandOutput } from "./commands/ListFindingsV2Command";
 import { ListPolicyGenerationsCommandInput, ListPolicyGenerationsCommandOutput } from "./commands/ListPolicyGenerationsCommand";
 import { ListTagsForResourceCommandInput, ListTagsForResourceCommandOutput } from "./commands/ListTagsForResourceCommand";
 import { StartPolicyGenerationCommandInput, StartPolicyGenerationCommandOutput } from "./commands/StartPolicyGenerationCommand";
@@ -42,11 +46,11 @@ export { __Client };
 /**
  * @public
  */
-export type ServiceInputTypes = ApplyArchiveRuleCommandInput | CancelPolicyGenerationCommandInput | CreateAccessPreviewCommandInput | CreateAnalyzerCommandInput | CreateArchiveRuleCommandInput | DeleteAnalyzerCommandInput | DeleteArchiveRuleCommandInput | GetAccessPreviewCommandInput | GetAnalyzedResourceCommandInput | GetAnalyzerCommandInput | GetArchiveRuleCommandInput | GetFindingCommandInput | GetGeneratedPolicyCommandInput | ListAccessPreviewFindingsCommandInput | ListAccessPreviewsCommandInput | ListAnalyzedResourcesCommandInput | ListAnalyzersCommandInput | ListArchiveRulesCommandInput | ListFindingsCommandInput | ListPolicyGenerationsCommandInput | ListTagsForResourceCommandInput | StartPolicyGenerationCommandInput | StartResourceScanCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateArchiveRuleCommandInput | UpdateFindingsCommandInput | ValidatePolicyCommandInput;
+export type ServiceInputTypes = ApplyArchiveRuleCommandInput | CancelPolicyGenerationCommandInput | CheckAccessNotGrantedCommandInput | CheckNoNewAccessCommandInput | CreateAccessPreviewCommandInput | CreateAnalyzerCommandInput | CreateArchiveRuleCommandInput | DeleteAnalyzerCommandInput | DeleteArchiveRuleCommandInput | GetAccessPreviewCommandInput | GetAnalyzedResourceCommandInput | GetAnalyzerCommandInput | GetArchiveRuleCommandInput | GetFindingCommandInput | GetFindingV2CommandInput | GetGeneratedPolicyCommandInput | ListAccessPreviewFindingsCommandInput | ListAccessPreviewsCommandInput | ListAnalyzedResourcesCommandInput | ListAnalyzersCommandInput | ListArchiveRulesCommandInput | ListFindingsCommandInput | ListFindingsV2CommandInput | ListPolicyGenerationsCommandInput | ListTagsForResourceCommandInput | StartPolicyGenerationCommandInput | StartResourceScanCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateArchiveRuleCommandInput | UpdateFindingsCommandInput | ValidatePolicyCommandInput;
 /**
  * @public
  */
-export type ServiceOutputTypes = ApplyArchiveRuleCommandOutput | CancelPolicyGenerationCommandOutput | CreateAccessPreviewCommandOutput | CreateAnalyzerCommandOutput | CreateArchiveRuleCommandOutput | DeleteAnalyzerCommandOutput | DeleteArchiveRuleCommandOutput | GetAccessPreviewCommandOutput | GetAnalyzedResourceCommandOutput | GetAnalyzerCommandOutput | GetArchiveRuleCommandOutput | GetFindingCommandOutput | GetGeneratedPolicyCommandOutput | ListAccessPreviewFindingsCommandOutput | ListAccessPreviewsCommandOutput | ListAnalyzedResourcesCommandOutput | ListAnalyzersCommandOutput | ListArchiveRulesCommandOutput | ListFindingsCommandOutput | ListPolicyGenerationsCommandOutput | ListTagsForResourceCommandOutput | StartPolicyGenerationCommandOutput | StartResourceScanCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateArchiveRuleCommandOutput | UpdateFindingsCommandOutput | ValidatePolicyCommandOutput;
+export type ServiceOutputTypes = ApplyArchiveRuleCommandOutput | CancelPolicyGenerationCommandOutput | CheckAccessNotGrantedCommandOutput | CheckNoNewAccessCommandOutput | CreateAccessPreviewCommandOutput | CreateAnalyzerCommandOutput | CreateArchiveRuleCommandOutput | DeleteAnalyzerCommandOutput | DeleteArchiveRuleCommandOutput | GetAccessPreviewCommandOutput | GetAnalyzedResourceCommandOutput | GetAnalyzerCommandOutput | GetArchiveRuleCommandOutput | GetFindingCommandOutput | GetFindingV2CommandOutput | GetGeneratedPolicyCommandOutput | ListAccessPreviewFindingsCommandOutput | ListAccessPreviewsCommandOutput | ListAnalyzedResourcesCommandOutput | ListAnalyzersCommandOutput | ListArchiveRulesCommandOutput | ListFindingsCommandOutput | ListFindingsV2CommandOutput | ListPolicyGenerationsCommandOutput | ListTagsForResourceCommandOutput | StartPolicyGenerationCommandOutput | StartResourceScanCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateArchiveRuleCommandOutput | UpdateFindingsCommandOutput | ValidatePolicyCommandOutput;
 /**
  * @public
  */
@@ -180,15 +184,30 @@ export interface AccessAnalyzerClientResolvedConfig extends AccessAnalyzerClient
 }
 /**
  * @public
- * <p>Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to
- *          identify any policies that grant access to an external principal. It does this by using
- *          logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An
- *          external principal can be another Amazon Web Services account, a root user, an IAM user or role, a
- *          federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to
- *          preview and validate public and cross-account access to your resources before deploying
- *          permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can
- *          call programmatically. For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the <b>IAM User Guide</b>.</p>
- *          <p>To start using IAM Access Analyzer, you first need to create an analyzer.</p>
+ * <p>Identity and Access Management Access Analyzer helps you to set, verify, and refine your IAM policies by providing
+ *          a suite of capabilities. Its features include findings for external and unused access,
+ *          basic and custom policy checks for validating policies, and policy generation to generate
+ *          fine-grained policies. To start using IAM Access Analyzer to identify external or unused access,
+ *          you first need to create an analyzer.</p>
+ *          <p>
+ *             <b>External access analyzers</b> help identify potential risks
+ *          of accessing resources by enabling you to identify any resource policies that grant access
+ *          to an external principal. It does this by using logic-based reasoning to analyze
+ *          resource-based policies in your Amazon Web Services environment. An external principal can be another
+ *          Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an
+ *          anonymous user. You can also use IAM Access Analyzer to preview public and cross-account access
+ *          to your resources before deploying permissions changes.</p>
+ *          <p>
+ *             <b>Unused access analyzers</b> help identify potential
+ *          identity access risks by enabling you to identify unused IAM roles, unused access keys,
+ *          unused console passwords, and IAM principals with unused service and action-level
+ *          permissions.</p>
+ *          <p>Beyond findings, IAM Access Analyzer provides basic and custom policy checks to validate IAM
+ *          policies before deploying permissions changes. You can use policy generation to refine
+ *          permissions by attaching a policy generated using access activity logged in CloudTrail logs. </p>
+ *          <p>This guide describes the IAM Access Analyzer operations that you can call programmatically.
+ *          For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the
+ *             <b>IAM User Guide</b>.</p>
  */
 export declare class AccessAnalyzerClient extends __Client<__HttpHandlerOptions, ServiceInputTypes, ServiceOutputTypes, AccessAnalyzerClientResolvedConfig> {
     /**

package/dist-types/commands/CheckAccessNotGrantedCommand.d.ts

@@ -0,0 +1,107 @@
+import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
+import { Command as $Command } from "@smithy/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
+import { AccessAnalyzerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../AccessAnalyzerClient";
+import { CheckAccessNotGrantedRequest, CheckAccessNotGrantedResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link CheckAccessNotGrantedCommand}.
+ */
+export interface CheckAccessNotGrantedCommandInput extends CheckAccessNotGrantedRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link CheckAccessNotGrantedCommand}.
+ */
+export interface CheckAccessNotGrantedCommandOutput extends CheckAccessNotGrantedResponse, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>Checks whether the specified access isn't allowed by a policy.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { AccessAnalyzerClient, CheckAccessNotGrantedCommand } from "@aws-sdk/client-accessanalyzer"; // ES Modules import
+ * // const { AccessAnalyzerClient, CheckAccessNotGrantedCommand } = require("@aws-sdk/client-accessanalyzer"); // CommonJS import
+ * const client = new AccessAnalyzerClient(config);
+ * const input = { // CheckAccessNotGrantedRequest
+ *   policyDocument: "STRING_VALUE", // required
+ *   access: [ // AccessList // required
+ *     { // Access
+ *       actions: [ // ActionsList // required
+ *         "STRING_VALUE",
+ *       ],
+ *     },
+ *   ],
+ *   policyType: "STRING_VALUE", // required
+ * };
+ * const command = new CheckAccessNotGrantedCommand(input);
+ * const response = await client.send(command);
+ * // { // CheckAccessNotGrantedResponse
+ * //   result: "STRING_VALUE",
+ * //   message: "STRING_VALUE",
+ * //   reasons: [ // ReasonSummaryList
+ * //     { // ReasonSummary
+ * //       description: "STRING_VALUE",
+ * //       statementIndex: Number("int"),
+ * //       statementId: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * // };
+ *
+ * ```
+ *
+ * @param CheckAccessNotGrantedCommandInput - {@link CheckAccessNotGrantedCommandInput}
+ * @returns {@link CheckAccessNotGrantedCommandOutput}
+ * @see {@link CheckAccessNotGrantedCommandInput} for command's `input` shape.
+ * @see {@link CheckAccessNotGrantedCommandOutput} for command's `response` shape.
+ * @see {@link AccessAnalyzerClientResolvedConfig | config} for AccessAnalyzerClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Internal server error.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The specified parameter is invalid.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>Throttling limit exceeded error.</p>
+ *
+ * @throws {@link UnprocessableEntityException} (client fault)
+ *  <p>The specified entity could not be processed.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>Validation exception error.</p>
+ *
+ * @throws {@link AccessAnalyzerServiceException}
+ * <p>Base exception class for all service exceptions from AccessAnalyzer service.</p>
+ *
+ */
+export declare class CheckAccessNotGrantedCommand extends $Command<CheckAccessNotGrantedCommandInput, CheckAccessNotGrantedCommandOutput, AccessAnalyzerClientResolvedConfig> {
+    readonly input: CheckAccessNotGrantedCommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: CheckAccessNotGrantedCommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: AccessAnalyzerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CheckAccessNotGrantedCommandInput, CheckAccessNotGrantedCommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/CheckNoNewAccessCommand.d.ts

@@ -0,0 +1,106 @@
+import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
+import { Command as $Command } from "@smithy/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
+import { AccessAnalyzerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../AccessAnalyzerClient";
+import { CheckNoNewAccessRequest, CheckNoNewAccessResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link CheckNoNewAccessCommand}.
+ */
+export interface CheckNoNewAccessCommandInput extends CheckNoNewAccessRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link CheckNoNewAccessCommand}.
+ */
+export interface CheckNoNewAccessCommandOutput extends CheckNoNewAccessResponse, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>Checks whether new access is allowed for an updated policy when compared to the existing
+ *          policy.</p>
+ *          <p>You can find examples for reference policies and learn how to set up and run a custom
+ *          policy check for new access in the <a href="https://github.com/aws-samples/iam-access-analyzer-custom-policy-check-samples">IAM Access Analyzer custom policy checks samples</a> repository on GitHub. The reference
+ *          policies in this repository are meant to be passed to the
+ *             <code>existingPolicyDocument</code> request parameter.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { AccessAnalyzerClient, CheckNoNewAccessCommand } from "@aws-sdk/client-accessanalyzer"; // ES Modules import
+ * // const { AccessAnalyzerClient, CheckNoNewAccessCommand } = require("@aws-sdk/client-accessanalyzer"); // CommonJS import
+ * const client = new AccessAnalyzerClient(config);
+ * const input = { // CheckNoNewAccessRequest
+ *   newPolicyDocument: "STRING_VALUE", // required
+ *   existingPolicyDocument: "STRING_VALUE", // required
+ *   policyType: "STRING_VALUE", // required
+ * };
+ * const command = new CheckNoNewAccessCommand(input);
+ * const response = await client.send(command);
+ * // { // CheckNoNewAccessResponse
+ * //   result: "STRING_VALUE",
+ * //   message: "STRING_VALUE",
+ * //   reasons: [ // ReasonSummaryList
+ * //     { // ReasonSummary
+ * //       description: "STRING_VALUE",
+ * //       statementIndex: Number("int"),
+ * //       statementId: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * // };
+ *
+ * ```
+ *
+ * @param CheckNoNewAccessCommandInput - {@link CheckNoNewAccessCommandInput}
+ * @returns {@link CheckNoNewAccessCommandOutput}
+ * @see {@link CheckNoNewAccessCommandInput} for command's `input` shape.
+ * @see {@link CheckNoNewAccessCommandOutput} for command's `response` shape.
+ * @see {@link AccessAnalyzerClientResolvedConfig | config} for AccessAnalyzerClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Internal server error.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The specified parameter is invalid.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>Throttling limit exceeded error.</p>
+ *
+ * @throws {@link UnprocessableEntityException} (client fault)
+ *  <p>The specified entity could not be processed.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>Validation exception error.</p>
+ *
+ * @throws {@link AccessAnalyzerServiceException}
+ * <p>Base exception class for all service exceptions from AccessAnalyzer service.</p>
+ *
+ */
+export declare class CheckNoNewAccessCommand extends $Command<CheckNoNewAccessCommandInput, CheckNoNewAccessCommandOutput, AccessAnalyzerClientResolvedConfig> {
+    readonly input: CheckNoNewAccessCommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: CheckNoNewAccessCommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: AccessAnalyzerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CheckNoNewAccessCommandInput, CheckNoNewAccessCommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/CreateAnalyzerCommand.d.ts

@@ -56,6 +56,11 @@ export interface CreateAnalyzerCommandOutput extends CreateAnalyzerResponse, __M
  *     "<keys>": "STRING_VALUE",
  *   },
  *   clientToken: "STRING_VALUE",
+ *   configuration: { // AnalyzerConfiguration Union: only one key present
+ *     unusedAccess: { // UnusedAccessConfiguration
+ *       unusedAccessAge: Number("int"),
+ *     },
+ *   },
  * };
  * const command = new CreateAnalyzerCommand(input);
  * const response = await client.send(command);

package/dist-types/commands/GetAnalyzerCommand.d.ts

@@ -50,6 +50,11 @@ export interface GetAnalyzerCommandOutput extends GetAnalyzerResponse, __Metadat
  * //     statusReason: { // StatusReason
  * //       code: "STRING_VALUE", // required
  * //     },
+ * //     configuration: { // AnalyzerConfiguration Union: only one key present
+ * //       unusedAccess: { // UnusedAccessConfiguration
+ * //         unusedAccessAge: Number("int"),
+ * //       },
+ * //     },
  * //   },
  * // };
  *

package/dist-types/commands/GetFindingV2Command.d.ts

@@ -0,0 +1,146 @@
+import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
+import { Command as $Command } from "@smithy/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
+import { AccessAnalyzerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../AccessAnalyzerClient";
+import { GetFindingV2Request, GetFindingV2Response } from "../models/models_0";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link GetFindingV2Command}.
+ */
+export interface GetFindingV2CommandInput extends GetFindingV2Request {
+}
+/**
+ * @public
+ *
+ * The output of {@link GetFindingV2Command}.
+ */
+export interface GetFindingV2CommandOutput extends GetFindingV2Response, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>Retrieves information about the specified finding.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { AccessAnalyzerClient, GetFindingV2Command } from "@aws-sdk/client-accessanalyzer"; // ES Modules import
+ * // const { AccessAnalyzerClient, GetFindingV2Command } = require("@aws-sdk/client-accessanalyzer"); // CommonJS import
+ * const client = new AccessAnalyzerClient(config);
+ * const input = { // GetFindingV2Request
+ *   analyzerArn: "STRING_VALUE", // required
+ *   id: "STRING_VALUE", // required
+ *   maxResults: Number("int"),
+ *   nextToken: "STRING_VALUE",
+ * };
+ * const command = new GetFindingV2Command(input);
+ * const response = await client.send(command);
+ * // { // GetFindingV2Response
+ * //   analyzedAt: new Date("TIMESTAMP"), // required
+ * //   createdAt: new Date("TIMESTAMP"), // required
+ * //   error: "STRING_VALUE",
+ * //   id: "STRING_VALUE", // required
+ * //   nextToken: "STRING_VALUE",
+ * //   resource: "STRING_VALUE",
+ * //   resourceType: "STRING_VALUE", // required
+ * //   resourceOwnerAccount: "STRING_VALUE", // required
+ * //   status: "STRING_VALUE", // required
+ * //   updatedAt: new Date("TIMESTAMP"), // required
+ * //   findingDetails: [ // FindingDetailsList // required
+ * //     { // FindingDetails Union: only one key present
+ * //       externalAccessDetails: { // ExternalAccessDetails
+ * //         action: [ // ActionList
+ * //           "STRING_VALUE",
+ * //         ],
+ * //         condition: { // ConditionKeyMap // required
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //         isPublic: true || false,
+ * //         principal: { // PrincipalMap
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //         sources: [ // FindingSourceList
+ * //           { // FindingSource
+ * //             type: "STRING_VALUE", // required
+ * //             detail: { // FindingSourceDetail
+ * //               accessPointArn: "STRING_VALUE",
+ * //               accessPointAccount: "STRING_VALUE",
+ * //             },
+ * //           },
+ * //         ],
+ * //       },
+ * //       unusedPermissionDetails: { // UnusedPermissionDetails
+ * //         actions: [ // UnusedActionList
+ * //           { // UnusedAction
+ * //             action: "STRING_VALUE", // required
+ * //             lastAccessed: new Date("TIMESTAMP"),
+ * //           },
+ * //         ],
+ * //         serviceNamespace: "STRING_VALUE", // required
+ * //         lastAccessed: new Date("TIMESTAMP"),
+ * //       },
+ * //       unusedIamUserAccessKeyDetails: { // UnusedIamUserAccessKeyDetails
+ * //         accessKeyId: "STRING_VALUE", // required
+ * //         lastAccessed: new Date("TIMESTAMP"),
+ * //       },
+ * //       unusedIamRoleDetails: { // UnusedIamRoleDetails
+ * //         lastAccessed: new Date("TIMESTAMP"),
+ * //       },
+ * //       unusedIamUserPasswordDetails: { // UnusedIamUserPasswordDetails
+ * //         lastAccessed: new Date("TIMESTAMP"),
+ * //       },
+ * //     },
+ * //   ],
+ * //   findingType: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param GetFindingV2CommandInput - {@link GetFindingV2CommandInput}
+ * @returns {@link GetFindingV2CommandOutput}
+ * @see {@link GetFindingV2CommandInput} for command's `input` shape.
+ * @see {@link GetFindingV2CommandOutput} for command's `response` shape.
+ * @see {@link AccessAnalyzerClientResolvedConfig | config} for AccessAnalyzerClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Internal server error.</p>
+ *
+ * @throws {@link ResourceNotFoundException} (client fault)
+ *  <p>The specified resource could not be found.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>Throttling limit exceeded error.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>Validation exception error.</p>
+ *
+ * @throws {@link AccessAnalyzerServiceException}
+ * <p>Base exception class for all service exceptions from AccessAnalyzer service.</p>
+ *
+ */
+export declare class GetFindingV2Command extends $Command<GetFindingV2CommandInput, GetFindingV2CommandOutput, AccessAnalyzerClientResolvedConfig> {
+    readonly input: GetFindingV2CommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: GetFindingV2CommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: AccessAnalyzerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetFindingV2CommandInput, GetFindingV2CommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/ListAnalyzersCommand.d.ts

@@ -53,6 +53,11 @@ export interface ListAnalyzersCommandOutput extends ListAnalyzersResponse, __Met
  * //       statusReason: { // StatusReason
  * //         code: "STRING_VALUE", // required
  * //       },
+ * //       configuration: { // AnalyzerConfiguration Union: only one key present
+ * //         unusedAccess: { // UnusedAccessConfiguration
+ * //           unusedAccessAge: Number("int"),
+ * //         },
+ * //       },
  * //     },
  * //   ],
  * //   nextToken: "STRING_VALUE",

package/dist-types/commands/ListFindingsV2Command.d.ts

@@ -0,0 +1,123 @@
+import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
+import { Command as $Command } from "@smithy/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
+import { AccessAnalyzerClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../AccessAnalyzerClient";
+import { ListFindingsV2Request, ListFindingsV2Response } from "../models/models_0";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link ListFindingsV2Command}.
+ */
+export interface ListFindingsV2CommandInput extends ListFindingsV2Request {
+}
+/**
+ * @public
+ *
+ * The output of {@link ListFindingsV2Command}.
+ */
+export interface ListFindingsV2CommandOutput extends ListFindingsV2Response, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>Retrieves a list of findings generated by the specified analyzer.</p>
+ *          <p>To learn about filter keys that you can use to retrieve a list of findings, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html">IAM Access Analyzer filter keys</a> in the <b>IAM User Guide</b>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { AccessAnalyzerClient, ListFindingsV2Command } from "@aws-sdk/client-accessanalyzer"; // ES Modules import
+ * // const { AccessAnalyzerClient, ListFindingsV2Command } = require("@aws-sdk/client-accessanalyzer"); // CommonJS import
+ * const client = new AccessAnalyzerClient(config);
+ * const input = { // ListFindingsV2Request
+ *   analyzerArn: "STRING_VALUE", // required
+ *   filter: { // FilterCriteriaMap
+ *     "<keys>": { // Criterion
+ *       eq: [ // ValueList
+ *         "STRING_VALUE",
+ *       ],
+ *       neq: [
+ *         "STRING_VALUE",
+ *       ],
+ *       contains: [
+ *         "STRING_VALUE",
+ *       ],
+ *       exists: true || false,
+ *     },
+ *   },
+ *   maxResults: Number("int"),
+ *   nextToken: "STRING_VALUE",
+ *   sort: { // SortCriteria
+ *     attributeName: "STRING_VALUE",
+ *     orderBy: "STRING_VALUE",
+ *   },
+ * };
+ * const command = new ListFindingsV2Command(input);
+ * const response = await client.send(command);
+ * // { // ListFindingsV2Response
+ * //   findings: [ // FindingsListV2 // required
+ * //     { // FindingSummaryV2
+ * //       analyzedAt: new Date("TIMESTAMP"), // required
+ * //       createdAt: new Date("TIMESTAMP"), // required
+ * //       error: "STRING_VALUE",
+ * //       id: "STRING_VALUE", // required
+ * //       resource: "STRING_VALUE",
+ * //       resourceType: "STRING_VALUE", // required
+ * //       resourceOwnerAccount: "STRING_VALUE", // required
+ * //       status: "STRING_VALUE", // required
+ * //       updatedAt: new Date("TIMESTAMP"), // required
+ * //       findingType: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * //   nextToken: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param ListFindingsV2CommandInput - {@link ListFindingsV2CommandInput}
+ * @returns {@link ListFindingsV2CommandOutput}
+ * @see {@link ListFindingsV2CommandInput} for command's `input` shape.
+ * @see {@link ListFindingsV2CommandOutput} for command's `response` shape.
+ * @see {@link AccessAnalyzerClientResolvedConfig | config} for AccessAnalyzerClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Internal server error.</p>
+ *
+ * @throws {@link ResourceNotFoundException} (client fault)
+ *  <p>The specified resource could not be found.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>Throttling limit exceeded error.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>Validation exception error.</p>
+ *
+ * @throws {@link AccessAnalyzerServiceException}
+ * <p>Base exception class for all service exceptions from AccessAnalyzer service.</p>
+ *
+ */
+export declare class ListFindingsV2Command extends $Command<ListFindingsV2CommandInput, ListFindingsV2CommandOutput, AccessAnalyzerClientResolvedConfig> {
+    readonly input: ListFindingsV2CommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: ListFindingsV2CommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: AccessAnalyzerClientResolvedConfig, options?: __HttpHandlerOptions): Handler<ListFindingsV2CommandInput, ListFindingsV2CommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/index.d.ts

@@ -1,5 +1,7 @@
 export * from "./ApplyArchiveRuleCommand";
 export * from "./CancelPolicyGenerationCommand";
+export * from "./CheckAccessNotGrantedCommand";
+export * from "./CheckNoNewAccessCommand";
 export * from "./CreateAccessPreviewCommand";
 export * from "./CreateAnalyzerCommand";
 export * from "./CreateArchiveRuleCommand";
@@ -10,6 +12,7 @@ export * from "./GetAnalyzedResourceCommand";
 export * from "./GetAnalyzerCommand";
 export * from "./GetArchiveRuleCommand";
 export * from "./GetFindingCommand";
+export * from "./GetFindingV2Command";
 export * from "./GetGeneratedPolicyCommand";
 export * from "./ListAccessPreviewFindingsCommand";
 export * from "./ListAccessPreviewsCommand";
@@ -17,6 +20,7 @@ export * from "./ListAnalyzedResourcesCommand";
 export * from "./ListAnalyzersCommand";
 export * from "./ListArchiveRulesCommand";
 export * from "./ListFindingsCommand";
+export * from "./ListFindingsV2Command";
 export * from "./ListPolicyGenerationsCommand";
 export * from "./ListTagsForResourceCommand";
 export * from "./StartPolicyGenerationCommand";