@aws-sdk/client-accessanalyzer 3.687.0 → 3.692.0

package/dist-types/ts3.4/models/models_0.d.ts

@@ -1,8 +1,8 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
 import { AccessAnalyzerServiceException as __BaseException } from "./AccessAnalyzerServiceException";
 export interface Access {
-  actions?: string[];
-  resources?: string[];
+  actions?: string[] | undefined;
+  resources?: string[] | undefined;
 }
 export declare class AccessDeniedException extends __BaseException {
   readonly name: "AccessDeniedException";
@@ -19,22 +19,22 @@ export declare class ConflictException extends __BaseException {
   constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
 }
 export interface Criterion {
-  eq?: string[];
-  neq?: string[];
-  contains?: string[];
-  exists?: boolean;
+  eq?: string[] | undefined;
+  neq?: string[] | undefined;
+  contains?: string[] | undefined;
+  exists?: boolean | undefined;
 }
 export interface CreateArchiveRuleRequest {
   analyzerName: string | undefined;
   ruleName: string | undefined;
   filter: Record<string, Criterion> | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export declare class InternalServerException extends __BaseException {
   readonly name: "InternalServerException";
   readonly $fault: "server";
   $retryable: {};
-  retryAfterSeconds?: number;
+  retryAfterSeconds?: number | undefined;
   constructor(
     opts: __ExceptionOptionType<InternalServerException, __BaseException>
   );
@@ -63,7 +63,7 @@ export declare class ThrottlingException extends __BaseException {
   $retryable: {
     throttling: boolean;
   };
-  retryAfterSeconds?: number;
+  retryAfterSeconds?: number | undefined;
   constructor(
     opts: __ExceptionOptionType<ThrottlingException, __BaseException>
   );
@@ -85,7 +85,7 @@ export declare class ValidationException extends __BaseException {
   readonly name: "ValidationException";
   readonly $fault: "client";
   reason: ValidationExceptionReason | undefined;
-  fieldList?: ValidationExceptionField[];
+  fieldList?: ValidationExceptionField[] | undefined;
   constructor(
     opts: __ExceptionOptionType<ValidationException, __BaseException>
   );
@@ -93,7 +93,7 @@ export declare class ValidationException extends __BaseException {
 export interface DeleteArchiveRuleRequest {
   analyzerName: string | undefined;
   ruleName: string | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export interface GetArchiveRuleRequest {
   analyzerName: string | undefined;
@@ -110,25 +110,33 @@ export interface GetArchiveRuleResponse {
 }
 export interface ListArchiveRulesRequest {
   analyzerName: string | undefined;
-  nextToken?: string;
-  maxResults?: number;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
 }
 export interface ListArchiveRulesResponse {
   archiveRules: ArchiveRuleSummary[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface UpdateArchiveRuleRequest {
   analyzerName: string | undefined;
   ruleName: string | undefined;
   filter: Record<string, Criterion> | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export interface InlineArchiveRule {
   ruleName: string | undefined;
   filter: Record<string, Criterion> | undefined;
 }
+export interface AnalysisRuleCriteria {
+  accountIds?: string[] | undefined;
+  resourceTags?: Record<string, string>[] | undefined;
+}
+export interface AnalysisRule {
+  exclusions?: AnalysisRuleCriteria[] | undefined;
+}
 export interface UnusedAccessConfiguration {
-  unusedAccessAge?: number;
+  unusedAccessAge?: number | undefined;
+  analysisRule?: AnalysisRule | undefined;
 }
 export type AnalyzerConfiguration =
   | AnalyzerConfiguration.UnusedAccessMember
@@ -156,17 +164,17 @@ export type Type =
 export interface CreateAnalyzerRequest {
   analyzerName: string | undefined;
   type: Type | undefined;
-  archiveRules?: InlineArchiveRule[];
-  tags?: Record<string, string>;
-  clientToken?: string;
-  configuration?: AnalyzerConfiguration;
+  archiveRules?: InlineArchiveRule[] | undefined;
+  tags?: Record<string, string> | undefined;
+  clientToken?: string | undefined;
+  configuration?: AnalyzerConfiguration | undefined;
 }
 export interface CreateAnalyzerResponse {
-  arn?: string;
+  arn?: string | undefined;
 }
 export interface DeleteAnalyzerRequest {
   analyzerName: string | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export interface GetAnalyzerRequest {
   analyzerName: string | undefined;
@@ -185,29 +193,36 @@ export interface AnalyzerSummary {
   name: string | undefined;
   type: Type | undefined;
   createdAt: Date | undefined;
-  lastResourceAnalyzed?: string;
-  lastResourceAnalyzedAt?: Date;
-  tags?: Record<string, string>;
+  lastResourceAnalyzed?: string | undefined;
+  lastResourceAnalyzedAt?: Date | undefined;
+  tags?: Record<string, string> | undefined;
   status: AnalyzerStatus | undefined;
-  statusReason?: StatusReason;
-  configuration?: AnalyzerConfiguration;
+  statusReason?: StatusReason | undefined;
+  configuration?: AnalyzerConfiguration | undefined;
 }
 export interface GetAnalyzerResponse {
   analyzer: AnalyzerSummary | undefined;
 }
 export interface ListAnalyzersRequest {
-  nextToken?: string;
-  maxResults?: number;
-  type?: Type;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
+  type?: Type | undefined;
 }
 export interface ListAnalyzersResponse {
   analyzers: AnalyzerSummary[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
+}
+export interface UpdateAnalyzerRequest {
+  analyzerName: string | undefined;
+  configuration?: AnalyzerConfiguration | undefined;
+}
+export interface UpdateAnalyzerResponse {
+  configuration?: AnalyzerConfiguration | undefined;
 }
 export interface ApplyArchiveRuleRequest {
   analyzerArn: string | undefined;
   ruleName: string | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export interface CancelPolicyGenerationRequest {
   jobId: string | undefined;
@@ -225,9 +240,9 @@ export interface CheckAccessNotGrantedRequest {
   policyType: AccessCheckPolicyType | undefined;
 }
 export interface ReasonSummary {
-  description?: string;
-  statementIndex?: number;
-  statementId?: string;
+  description?: string | undefined;
+  statementIndex?: number | undefined;
+  statementId?: string | undefined;
 }
 export declare const CheckAccessNotGrantedResult: {
   readonly FAIL: "FAIL";
@@ -236,9 +251,9 @@ export declare const CheckAccessNotGrantedResult: {
 export type CheckAccessNotGrantedResult =
   (typeof CheckAccessNotGrantedResult)[keyof typeof CheckAccessNotGrantedResult];
 export interface CheckAccessNotGrantedResponse {
-  result?: CheckAccessNotGrantedResult;
-  message?: string;
-  reasons?: ReasonSummary[];
+  result?: CheckAccessNotGrantedResult | undefined;
+  message?: string | undefined;
+  reasons?: ReasonSummary[] | undefined;
 }
 export declare class InvalidParameterException extends __BaseException {
   readonly name: "InvalidParameterException";
@@ -267,9 +282,9 @@ export declare const CheckNoNewAccessResult: {
 export type CheckNoNewAccessResult =
   (typeof CheckNoNewAccessResult)[keyof typeof CheckNoNewAccessResult];
 export interface CheckNoNewAccessResponse {
-  result?: CheckNoNewAccessResult;
-  message?: string;
-  reasons?: ReasonSummary[];
+  result?: CheckNoNewAccessResult | undefined;
+  message?: string | undefined;
+  reasons?: ReasonSummary[] | undefined;
 }
 export declare const AccessCheckResourceType: {
   readonly DYNAMODB_STREAM: "AWS::DynamoDB::Stream";
@@ -304,33 +319,33 @@ export declare const CheckNoPublicAccessResult: {
 export type CheckNoPublicAccessResult =
   (typeof CheckNoPublicAccessResult)[keyof typeof CheckNoPublicAccessResult];
 export interface CheckNoPublicAccessResponse {
-  result?: CheckNoPublicAccessResult;
-  message?: string;
-  reasons?: ReasonSummary[];
+  result?: CheckNoPublicAccessResult | undefined;
+  message?: string | undefined;
+  reasons?: ReasonSummary[] | undefined;
 }
 export interface DynamodbStreamConfiguration {
-  streamPolicy?: string;
+  streamPolicy?: string | undefined;
 }
 export interface DynamodbTableConfiguration {
-  tablePolicy?: string;
+  tablePolicy?: string | undefined;
 }
 export interface EbsSnapshotConfiguration {
-  userIds?: string[];
-  groups?: string[];
-  kmsKeyId?: string;
+  userIds?: string[] | undefined;
+  groups?: string[] | undefined;
+  kmsKeyId?: string | undefined;
 }
 export interface EcrRepositoryConfiguration {
-  repositoryPolicy?: string;
+  repositoryPolicy?: string | undefined;
 }
 export interface EfsFileSystemConfiguration {
-  fileSystemPolicy?: string;
+  fileSystemPolicy?: string | undefined;
 }
 export interface IamRoleConfiguration {
-  trustPolicy?: string;
+  trustPolicy?: string | undefined;
 }
 export interface KmsGrantConstraints {
-  encryptionContextEquals?: Record<string, string>;
-  encryptionContextSubset?: Record<string, string>;
+  encryptionContextEquals?: Record<string, string> | undefined;
+  encryptionContextSubset?: Record<string, string> | undefined;
 }
 export declare const KmsGrantOperation: {
   readonly CREATE_GRANT: "CreateGrant";
@@ -353,13 +368,13 @@ export type KmsGrantOperation =
 export interface KmsGrantConfiguration {
   operations: KmsGrantOperation[] | undefined;
   granteePrincipal: string | undefined;
-  retiringPrincipal?: string;
-  constraints?: KmsGrantConstraints;
+  retiringPrincipal?: string | undefined;
+  constraints?: KmsGrantConstraints | undefined;
   issuingAccount: string | undefined;
 }
 export interface KmsKeyConfiguration {
-  keyPolicies?: Record<string, string>;
-  grants?: KmsGrantConfiguration[];
+  keyPolicies?: Record<string, string> | undefined;
+  grants?: KmsGrantConfiguration[] | undefined;
 }
 export type RdsDbClusterSnapshotAttributeValue =
   | RdsDbClusterSnapshotAttributeValue.AccountIdsMember
@@ -383,8 +398,8 @@ export declare namespace RdsDbClusterSnapshotAttributeValue {
   ) => T;
 }
 export interface RdsDbClusterSnapshotConfiguration {
-  attributes?: Record<string, RdsDbClusterSnapshotAttributeValue>;
-  kmsKeyId?: string;
+  attributes?: Record<string, RdsDbClusterSnapshotAttributeValue> | undefined;
+  kmsKeyId?: string | undefined;
 }
 export type RdsDbSnapshotAttributeValue =
   | RdsDbSnapshotAttributeValue.AccountIdsMember
@@ -408,8 +423,8 @@ export declare namespace RdsDbSnapshotAttributeValue {
   ) => T;
 }
 export interface RdsDbSnapshotConfiguration {
-  attributes?: Record<string, RdsDbSnapshotAttributeValue>;
-  kmsKeyId?: string;
+  attributes?: Record<string, RdsDbSnapshotAttributeValue> | undefined;
+  kmsKeyId?: string | undefined;
 }
 export interface InternetConfiguration {}
 export interface VpcConfiguration {
@@ -447,9 +462,9 @@ export interface S3PublicAccessBlockConfiguration {
   restrictPublicBuckets: boolean | undefined;
 }
 export interface S3AccessPointConfiguration {
-  accessPointPolicy?: string;
-  publicAccessBlock?: S3PublicAccessBlockConfiguration;
-  networkOrigin?: NetworkOriginConfiguration;
+  accessPointPolicy?: string | undefined;
+  publicAccessBlock?: S3PublicAccessBlockConfiguration | undefined;
+  networkOrigin?: NetworkOriginConfiguration | undefined;
 }
 export type AclGrantee =
   | AclGrantee.IdMember
@@ -491,23 +506,23 @@ export interface S3BucketAclGrantConfiguration {
   grantee: AclGrantee | undefined;
 }
 export interface S3BucketConfiguration {
-  bucketPolicy?: string;
-  bucketAclGrants?: S3BucketAclGrantConfiguration[];
-  bucketPublicAccessBlock?: S3PublicAccessBlockConfiguration;
-  accessPoints?: Record<string, S3AccessPointConfiguration>;
+  bucketPolicy?: string | undefined;
+  bucketAclGrants?: S3BucketAclGrantConfiguration[] | undefined;
+  bucketPublicAccessBlock?: S3PublicAccessBlockConfiguration | undefined;
+  accessPoints?: Record<string, S3AccessPointConfiguration> | undefined;
 }
 export interface S3ExpressDirectoryBucketConfiguration {
-  bucketPolicy?: string;
+  bucketPolicy?: string | undefined;
 }
 export interface SecretsManagerSecretConfiguration {
-  kmsKeyId?: string;
-  secretPolicy?: string;
+  kmsKeyId?: string | undefined;
+  secretPolicy?: string | undefined;
 }
 export interface SnsTopicConfiguration {
-  topicPolicy?: string;
+  topicPolicy?: string | undefined;
 }
 export interface SqsQueueConfiguration {
-  queuePolicy?: string;
+  queuePolicy?: string | undefined;
 }
 export type Configuration =
   | Configuration.DynamodbStreamMember
@@ -805,7 +820,7 @@ export declare namespace Configuration {
 export interface CreateAccessPreviewRequest {
   analyzerArn: string | undefined;
   configurations: Record<string, Configuration> | undefined;
-  clientToken?: string;
+  clientToken?: string | undefined;
 }
 export interface CreateAccessPreviewResponse {
   id: string | undefined;
@@ -840,7 +855,7 @@ export interface AccessPreview {
   configurations: Record<string, Configuration> | undefined;
   createdAt: Date | undefined;
   status: AccessPreviewStatus | undefined;
-  statusReason?: AccessPreviewStatusReason;
+  statusReason?: AccessPreviewStatusReason | undefined;
 }
 export interface GetAccessPreviewResponse {
   accessPreview: AccessPreview | undefined;
@@ -856,6 +871,7 @@ export type ResourceType =
   | "AWS::ECR::Repository"
   | "AWS::EFS::FileSystem"
   | "AWS::IAM::Role"
+  | "AWS::IAM::User"
   | "AWS::KMS::Key"
   | "AWS::Lambda::Function"
   | "AWS::Lambda::LayerVersion"
@@ -874,22 +890,29 @@ export interface AnalyzedResource {
   analyzedAt: Date | undefined;
   updatedAt: Date | undefined;
   isPublic: boolean | undefined;
-  actions?: string[];
-  sharedVia?: string[];
-  status?: FindingStatus;
+  actions?: string[] | undefined;
+  sharedVia?: string[] | undefined;
+  status?: FindingStatus | undefined;
   resourceOwnerAccount: string | undefined;
-  error?: string;
+  error?: string | undefined;
 }
 export interface GetAnalyzedResourceResponse {
-  resource?: AnalyzedResource;
+  resource?: AnalyzedResource | undefined;
 }
 export interface GetFindingRequest {
   analyzerArn: string | undefined;
   id: string | undefined;
 }
+export declare const ResourceControlPolicyRestriction: {
+  readonly APPLICABLE: "APPLICABLE";
+  readonly FAILED_TO_EVALUATE_RCP: "FAILED_TO_EVALUATE_RCP";
+  readonly NOT_APPLICABLE: "NOT_APPLICABLE";
+};
+export type ResourceControlPolicyRestriction =
+  (typeof ResourceControlPolicyRestriction)[keyof typeof ResourceControlPolicyRestriction];
 export interface FindingSourceDetail {
-  accessPointArn?: string;
-  accessPointAccount?: string;
+  accessPointArn?: string | undefined;
+  accessPointAccount?: string | undefined;
 }
 export type FindingSourceType =
   | "BUCKET_ACL"
@@ -898,14 +921,14 @@ export type FindingSourceType =
   | "S3_ACCESS_POINT_ACCOUNT";
 export interface FindingSource {
   type: FindingSourceType | undefined;
-  detail?: FindingSourceDetail;
+  detail?: FindingSourceDetail | undefined;
 }
 export interface Finding {
   id: string | undefined;
-  principal?: Record<string, string>;
-  action?: string[];
-  resource?: string;
-  isPublic?: boolean;
+  principal?: Record<string, string> | undefined;
+  action?: string[] | undefined;
+  resource?: string | undefined;
+  isPublic?: boolean | undefined;
   resourceType: ResourceType | undefined;
   condition: Record<string, string> | undefined;
   createdAt: Date | undefined;
@@ -913,17 +936,20 @@ export interface Finding {
   updatedAt: Date | undefined;
   status: FindingStatus | undefined;
   resourceOwnerAccount: string | undefined;
-  error?: string;
-  sources?: FindingSource[];
+  error?: string | undefined;
+  sources?: FindingSource[] | undefined;
+  resourceControlPolicyRestriction?:
+    | ResourceControlPolicyRestriction
+    | undefined;
 }
 export interface GetFindingResponse {
-  finding?: Finding;
+  finding?: Finding | undefined;
 }
 export interface GetFindingRecommendationRequest {
   analyzerArn: string | undefined;
   id: string | undefined;
-  maxResults?: number;
-  nextToken?: string;
+  maxResults?: number | undefined;
+  nextToken?: string | undefined;
 }
 export interface RecommendationError {
   code: string | undefined;
@@ -941,10 +967,10 @@ export declare const RecommendedRemediationAction: {
 export type RecommendedRemediationAction =
   (typeof RecommendedRemediationAction)[keyof typeof RecommendedRemediationAction];
 export interface UnusedPermissionsRecommendedStep {
-  policyUpdatedAt?: Date;
+  policyUpdatedAt?: Date | undefined;
   recommendedAction: RecommendedRemediationAction | undefined;
-  recommendedPolicy?: string;
-  existingPolicyId?: string;
+  recommendedPolicy?: string | undefined;
+  existingPolicyId?: string | undefined;
 }
 export type RecommendedStep =
   | RecommendedStep.UnusedPermissionsRecommendedStepMember
@@ -974,45 +1000,48 @@ export declare const Status: {
 export type Status = (typeof Status)[keyof typeof Status];
 export interface GetFindingRecommendationResponse {
   startedAt: Date | undefined;
-  completedAt?: Date;
-  nextToken?: string;
-  error?: RecommendationError;
+  completedAt?: Date | undefined;
+  nextToken?: string | undefined;
+  error?: RecommendationError | undefined;
   resourceArn: string | undefined;
-  recommendedSteps?: RecommendedStep[];
+  recommendedSteps?: RecommendedStep[] | undefined;
   recommendationType: RecommendationType | undefined;
   status: Status | undefined;
 }
 export interface GetFindingV2Request {
   analyzerArn: string | undefined;
   id: string | undefined;
-  maxResults?: number;
-  nextToken?: string;
+  maxResults?: number | undefined;
+  nextToken?: string | undefined;
 }
 export interface ExternalAccessDetails {
-  action?: string[];
+  action?: string[] | undefined;
   condition: Record<string, string> | undefined;
-  isPublic?: boolean;
-  principal?: Record<string, string>;
-  sources?: FindingSource[];
+  isPublic?: boolean | undefined;
+  principal?: Record<string, string> | undefined;
+  sources?: FindingSource[] | undefined;
+  resourceControlPolicyRestriction?:
+    | ResourceControlPolicyRestriction
+    | undefined;
 }
 export interface UnusedIamRoleDetails {
-  lastAccessed?: Date;
+  lastAccessed?: Date | undefined;
 }
 export interface UnusedIamUserAccessKeyDetails {
   accessKeyId: string | undefined;
-  lastAccessed?: Date;
+  lastAccessed?: Date | undefined;
 }
 export interface UnusedIamUserPasswordDetails {
-  lastAccessed?: Date;
+  lastAccessed?: Date | undefined;
 }
 export interface UnusedAction {
   action: string | undefined;
-  lastAccessed?: Date;
+  lastAccessed?: Date | undefined;
 }
 export interface UnusedPermissionDetails {
-  actions?: UnusedAction[];
+  actions?: UnusedAction[] | undefined;
   serviceNamespace: string | undefined;
-  lastAccessed?: Date;
+  lastAccessed?: Date | undefined;
 }
 export type FindingDetails =
   | FindingDetails.ExternalAccessDetailsMember
@@ -1091,29 +1120,29 @@ export type FindingType = (typeof FindingType)[keyof typeof FindingType];
 export interface GetFindingV2Response {
   analyzedAt: Date | undefined;
   createdAt: Date | undefined;
-  error?: string;
+  error?: string | undefined;
   id: string | undefined;
-  nextToken?: string;
-  resource?: string;
+  nextToken?: string | undefined;
+  resource?: string | undefined;
   resourceType: ResourceType | undefined;
   resourceOwnerAccount: string | undefined;
   status: FindingStatus | undefined;
   updatedAt: Date | undefined;
   findingDetails: FindingDetails[] | undefined;
-  findingType?: FindingType;
+  findingType?: FindingType | undefined;
 }
 export interface GetGeneratedPolicyRequest {
   jobId: string | undefined;
-  includeResourcePlaceholders?: boolean;
-  includeServiceLevelTemplate?: boolean;
+  includeResourcePlaceholders?: boolean | undefined;
+  includeServiceLevelTemplate?: boolean | undefined;
 }
 export interface GeneratedPolicy {
   policy: string | undefined;
 }
 export interface TrailProperties {
   cloudTrailArn: string | undefined;
-  regions?: string[];
-  allRegions?: boolean;
+  regions?: string[] | undefined;
+  allRegions?: boolean | undefined;
 }
 export interface CloudTrailProperties {
   trailProperties: TrailProperties[] | undefined;
@@ -1121,13 +1150,13 @@ export interface CloudTrailProperties {
   endTime: Date | undefined;
 }
 export interface GeneratedPolicyProperties {
-  isComplete?: boolean;
+  isComplete?: boolean | undefined;
   principalArn: string | undefined;
-  cloudTrailProperties?: CloudTrailProperties;
+  cloudTrailProperties?: CloudTrailProperties | undefined;
 }
 export interface GeneratedPolicyResult {
   properties: GeneratedPolicyProperties | undefined;
-  generatedPolicies?: GeneratedPolicy[];
+  generatedPolicies?: GeneratedPolicy[] | undefined;
 }
 export declare const JobErrorCode: {
   readonly AUTHORIZATION_ERROR: "AUTHORIZATION_ERROR";
@@ -1151,8 +1180,8 @@ export interface JobDetails {
   jobId: string | undefined;
   status: JobStatus | undefined;
   startedOn: Date | undefined;
-  completedOn?: Date;
-  jobError?: JobError;
+  completedOn?: Date | undefined;
+  jobError?: JobError | undefined;
 }
 export interface GetGeneratedPolicyResponse {
   jobDetails: JobDetails | undefined;
@@ -1161,9 +1190,9 @@ export interface GetGeneratedPolicyResponse {
 export interface ListAccessPreviewFindingsRequest {
   accessPreviewId: string | undefined;
   analyzerArn: string | undefined;
-  filter?: Record<string, Criterion>;
-  nextToken?: string;
-  maxResults?: number;
+  filter?: Record<string, Criterion> | undefined;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
 }
 export declare const FindingChangeType: {
   readonly CHANGED: "CHANGED";
@@ -1174,46 +1203,49 @@ export type FindingChangeType =
   (typeof FindingChangeType)[keyof typeof FindingChangeType];
 export interface AccessPreviewFinding {
   id: string | undefined;
-  existingFindingId?: string;
-  existingFindingStatus?: FindingStatus;
-  principal?: Record<string, string>;
-  action?: string[];
-  condition?: Record<string, string>;
-  resource?: string;
-  isPublic?: boolean;
+  existingFindingId?: string | undefined;
+  existingFindingStatus?: FindingStatus | undefined;
+  principal?: Record<string, string> | undefined;
+  action?: string[] | undefined;
+  condition?: Record<string, string> | undefined;
+  resource?: string | undefined;
+  isPublic?: boolean | undefined;
   resourceType: ResourceType | undefined;
   createdAt: Date | undefined;
   changeType: FindingChangeType | undefined;
   status: FindingStatus | undefined;
   resourceOwnerAccount: string | undefined;
-  error?: string;
-  sources?: FindingSource[];
+  error?: string | undefined;
+  sources?: FindingSource[] | undefined;
+  resourceControlPolicyRestriction?:
+    | ResourceControlPolicyRestriction
+    | undefined;
 }
 export interface ListAccessPreviewFindingsResponse {
   findings: AccessPreviewFinding[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface ListAccessPreviewsRequest {
   analyzerArn: string | undefined;
-  nextToken?: string;
-  maxResults?: number;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
 }
 export interface AccessPreviewSummary {
   id: string | undefined;
   analyzerArn: string | undefined;
   createdAt: Date | undefined;
   status: AccessPreviewStatus | undefined;
-  statusReason?: AccessPreviewStatusReason;
+  statusReason?: AccessPreviewStatusReason | undefined;
 }
 export interface ListAccessPreviewsResponse {
   accessPreviews: AccessPreviewSummary[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface ListAnalyzedResourcesRequest {
   analyzerArn: string | undefined;
-  resourceType?: ResourceType;
-  nextToken?: string;
-  maxResults?: number;
+  resourceType?: ResourceType | undefined;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
 }
 export interface AnalyzedResourceSummary {
   resourceArn: string | undefined;
@@ -1222,26 +1254,26 @@ export interface AnalyzedResourceSummary {
 }
 export interface ListAnalyzedResourcesResponse {
   analyzedResources: AnalyzedResourceSummary[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export type OrderBy = "ASC" | "DESC";
 export interface SortCriteria {
-  attributeName?: string;
-  orderBy?: OrderBy;
+  attributeName?: string | undefined;
+  orderBy?: OrderBy | undefined;
 }
 export interface ListFindingsRequest {
   analyzerArn: string | undefined;
-  filter?: Record<string, Criterion>;
-  sort?: SortCriteria;
-  nextToken?: string;
-  maxResults?: number;
+  filter?: Record<string, Criterion> | undefined;
+  sort?: SortCriteria | undefined;
+  nextToken?: string | undefined;
+  maxResults?: number | undefined;
 }
 export interface FindingSummary {
   id: string | undefined;
-  principal?: Record<string, string>;
-  action?: string[];
-  resource?: string;
-  isPublic?: boolean;
+  principal?: Record<string, string> | undefined;
+  action?: string[] | undefined;
+  resource?: string | undefined;
+  isPublic?: boolean | undefined;
   resourceType: ResourceType | undefined;
   condition: Record<string, string> | undefined;
   createdAt: Date | undefined;
@@ -1249,76 +1281,79 @@ export interface FindingSummary {
   updatedAt: Date | undefined;
   status: FindingStatus | undefined;
   resourceOwnerAccount: string | undefined;
-  error?: string;
-  sources?: FindingSource[];
+  error?: string | undefined;
+  sources?: FindingSource[] | undefined;
+  resourceControlPolicyRestriction?:
+    | ResourceControlPolicyRestriction
+    | undefined;
 }
 export interface ListFindingsResponse {
   findings: FindingSummary[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface ListFindingsV2Request {
   analyzerArn: string | undefined;
-  filter?: Record<string, Criterion>;
-  maxResults?: number;
-  nextToken?: string;
-  sort?: SortCriteria;
+  filter?: Record<string, Criterion> | undefined;
+  maxResults?: number | undefined;
+  nextToken?: string | undefined;
+  sort?: SortCriteria | undefined;
 }
 export interface FindingSummaryV2 {
   analyzedAt: Date | undefined;
   createdAt: Date | undefined;
-  error?: string;
+  error?: string | undefined;
   id: string | undefined;
-  resource?: string;
+  resource?: string | undefined;
   resourceType: ResourceType | undefined;
   resourceOwnerAccount: string | undefined;
   status: FindingStatus | undefined;
   updatedAt: Date | undefined;
-  findingType?: FindingType;
+  findingType?: FindingType | undefined;
 }
 export interface ListFindingsV2Response {
   findings: FindingSummaryV2[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface ListPolicyGenerationsRequest {
-  principalArn?: string;
-  maxResults?: number;
-  nextToken?: string;
+  principalArn?: string | undefined;
+  maxResults?: number | undefined;
+  nextToken?: string | undefined;
 }
 export interface PolicyGeneration {
   jobId: string | undefined;
   principalArn: string | undefined;
   status: JobStatus | undefined;
   startedOn: Date | undefined;
-  completedOn?: Date;
+  completedOn?: Date | undefined;
 }
 export interface ListPolicyGenerationsResponse {
   policyGenerations: PolicyGeneration[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export interface ListTagsForResourceRequest {
   resourceArn: string | undefined;
 }
 export interface ListTagsForResourceResponse {
-  tags?: Record<string, string>;
+  tags?: Record<string, string> | undefined;
 }
 export interface Trail {
   cloudTrailArn: string | undefined;
-  regions?: string[];
-  allRegions?: boolean;
+  regions?: string[] | undefined;
+  allRegions?: boolean | undefined;
 }
 export interface CloudTrailDetails {
   trails: Trail[] | undefined;
   accessRole: string | undefined;
   startTime: Date | undefined;
-  endTime?: Date;
+  endTime?: Date | undefined;
 }
 export interface PolicyGenerationDetails {
   principalArn: string | undefined;
 }
 export interface StartPolicyGenerationRequest {
   policyGenerationDetails: PolicyGenerationDetails | undefined;
-  cloudTrailDetails?: CloudTrailDetails;
-  clientToken?: string;
+  cloudTrailDetails?: CloudTrailDetails | undefined;
+  clientToken?: string | undefined;
 }
 export interface StartPolicyGenerationResponse {
   jobId: string | undefined;
@@ -1326,7 +1361,7 @@ export interface StartPolicyGenerationResponse {
 export interface StartResourceScanRequest {
   analyzerArn: string | undefined;
   resourceArn: string | undefined;
-  resourceOwnerAccount?: string;
+  resourceOwnerAccount?: string | undefined;
 }
 export interface TagResourceRequest {
   resourceArn: string | undefined;
@@ -1342,9 +1377,9 @@ export type FindingStatusUpdate = "ACTIVE" | "ARCHIVED";
 export interface UpdateFindingsRequest {
   analyzerArn: string | undefined;
   status: FindingStatusUpdate | undefined;
-  ids?: string[];
-  resourceArn?: string;
-  clientToken?: string;
+  ids?: string[] | undefined;
+  resourceArn?: string | undefined;
+  clientToken?: string | undefined;
 }
 export declare const Locale: {
   readonly DE: "DE";
@@ -1361,6 +1396,7 @@ export declare const Locale: {
 export type Locale = (typeof Locale)[keyof typeof Locale];
 export declare const PolicyType: {
   readonly IDENTITY_POLICY: "IDENTITY_POLICY";
+  readonly RESOURCE_CONTROL_POLICY: "RESOURCE_CONTROL_POLICY";
   readonly RESOURCE_POLICY: "RESOURCE_POLICY";
   readonly SERVICE_CONTROL_POLICY: "SERVICE_CONTROL_POLICY";
 };
@@ -1376,12 +1412,12 @@ export declare const ValidatePolicyResourceType: {
 export type ValidatePolicyResourceType =
   (typeof ValidatePolicyResourceType)[keyof typeof ValidatePolicyResourceType];
 export interface ValidatePolicyRequest {
-  locale?: Locale;
-  maxResults?: number;
-  nextToken?: string;
+  locale?: Locale | undefined;
+  maxResults?: number | undefined;
+  nextToken?: string | undefined;
   policyDocument: string | undefined;
   policyType: PolicyType | undefined;
-  validatePolicyResourceType?: ValidatePolicyResourceType;
+  validatePolicyResourceType?: ValidatePolicyResourceType | undefined;
 }
 export declare const ValidatePolicyFindingType: {
   readonly ERROR: "ERROR";
@@ -1468,7 +1504,7 @@ export interface ValidatePolicyFinding {
 }
 export interface ValidatePolicyResponse {
   findings: ValidatePolicyFinding[] | undefined;
-  nextToken?: string;
+  nextToken?: string | undefined;
 }
 export declare const CheckAccessNotGrantedRequestFilterSensitiveLog: (
   obj: CheckAccessNotGrantedRequest