@aws-sdk/client-auditmanager 3.212.0 → 3.214.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/models/models_0.js +23 -4
- package/dist-cjs/protocols/Aws_restJson1.js +14 -0
- package/dist-es/models/models_0.js +17 -0
- package/dist-es/protocols/Aws_restJson1.js +14 -0
- package/dist-types/AuditManager.d.ts +66 -33
- package/dist-types/commands/BatchImportEvidenceToAssessmentControlCommand.d.ts +21 -2
- package/dist-types/commands/DeregisterOrganizationAdminAccountCommand.d.ts +42 -29
- package/dist-types/commands/GetServicesInScopeCommand.d.ts +3 -2
- package/dist-types/models/models_0.d.ts +167 -17
- package/dist-types/ts3.4/models/models_0.d.ts +25 -0
- package/package.json +2 -2
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
4
|
-
exports.
|
|
5
|
-
exports.
|
|
6
|
-
exports.
|
|
3
|
+
exports.AssessmentReportMetadataFilterSensitiveLog = exports.AssessmentReportEvidenceErrorFilterSensitiveLog = exports.AssessmentReportFilterSensitiveLog = exports.AssessmentMetadataItemFilterSensitiveLog = exports.AssessmentFrameworkShareRequestFilterSensitiveLog = exports.AssessmentFrameworkMetadataFilterSensitiveLog = exports.AssessmentEvidenceFolderFilterSensitiveLog = exports.AssessmentFilterSensitiveLog = exports.AssessmentMetadataFilterSensitiveLog = exports.ScopeFilterSensitiveLog = exports.AWSServiceFilterSensitiveLog = exports.AssessmentReportsDestinationFilterSensitiveLog = exports.AssessmentFrameworkFilterSensitiveLog = exports.FrameworkMetadataFilterSensitiveLog = exports.AssessmentControlSetFilterSensitiveLog = exports.RoleFilterSensitiveLog = exports.DelegationFilterSensitiveLog = exports.AssessmentControlFilterSensitiveLog = exports.ControlCommentFilterSensitiveLog = exports.AWSAccountFilterSensitiveLog = exports.ShareRequestAction = exports.ThrottlingException = exports.EvidenceFinderEnablementStatus = exports.EvidenceFinderBackfillStatus = exports.SettingAttribute = exports.ObjectTypeEnum = exports.ShareRequestType = exports.ControlType = exports.SourceType = exports.SourceSetUpOption = exports.KeywordInputType = exports.SourceFrequency = exports.ServiceQuotaExceededException = exports.ValidationException = exports.ValidationExceptionReason = exports.ResourceNotFoundException = exports.InternalServerException = exports.AssessmentReportStatus = exports.ShareRequestStatus = exports.FrameworkType = exports.AssessmentStatus = exports.AssessmentReportDestinationType = exports.ControlSetStatus = exports.DelegationStatus = exports.RoleType = exports.ControlStatus = exports.ControlResponse = exports.ActionEnum = exports.AccountStatus = exports.AccessDeniedException = void 0;
|
|
4
|
+
exports.DisassociateAssessmentReportEvidenceFolderResponseFilterSensitiveLog = exports.DisassociateAssessmentReportEvidenceFolderRequestFilterSensitiveLog = exports.DeregisterOrganizationAdminAccountResponseFilterSensitiveLog = exports.DeregisterOrganizationAdminAccountRequestFilterSensitiveLog = exports.DeregisterAccountResponseFilterSensitiveLog = exports.DeregisterAccountRequestFilterSensitiveLog = exports.DeleteControlResponseFilterSensitiveLog = exports.DeleteControlRequestFilterSensitiveLog = exports.DeleteAssessmentReportResponseFilterSensitiveLog = exports.DeleteAssessmentReportRequestFilterSensitiveLog = exports.DeleteAssessmentFrameworkShareResponseFilterSensitiveLog = exports.DeleteAssessmentFrameworkShareRequestFilterSensitiveLog = exports.DeleteAssessmentFrameworkResponseFilterSensitiveLog = exports.DeleteAssessmentFrameworkRequestFilterSensitiveLog = exports.DeleteAssessmentResponseFilterSensitiveLog = exports.DeleteAssessmentRequestFilterSensitiveLog = exports.CreateControlResponseFilterSensitiveLog = exports.CreateControlRequestFilterSensitiveLog = exports.CreateControlMappingSourceFilterSensitiveLog = exports.CreateAssessmentReportResponseFilterSensitiveLog = exports.CreateAssessmentReportRequestFilterSensitiveLog = exports.CreateAssessmentFrameworkResponseFilterSensitiveLog = exports.FrameworkFilterSensitiveLog = exports.ControlSetFilterSensitiveLog = exports.ControlFilterSensitiveLog = exports.ControlMappingSourceFilterSensitiveLog = exports.SourceKeywordFilterSensitiveLog = exports.CreateAssessmentFrameworkRequestFilterSensitiveLog = exports.CreateAssessmentFrameworkControlSetFilterSensitiveLog = exports.CreateAssessmentFrameworkControlFilterSensitiveLog = exports.CreateAssessmentResponseFilterSensitiveLog = exports.CreateAssessmentRequestFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlResponseFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlErrorFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlRequestFilterSensitiveLog = exports.ManualEvidenceFilterSensitiveLog = exports.BatchDisassociateAssessmentReportEvidenceResponseFilterSensitiveLog = exports.BatchDisassociateAssessmentReportEvidenceRequestFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentResponseFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentErrorFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentRequestFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentResponseFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentErrorFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentRequestFilterSensitiveLog = exports.CreateDelegationRequestFilterSensitiveLog = exports.BatchAssociateAssessmentReportEvidenceResponseFilterSensitiveLog = exports.BatchAssociateAssessmentReportEvidenceRequestFilterSensitiveLog = exports.ValidationExceptionFieldFilterSensitiveLog = exports.AssociateAssessmentReportEvidenceFolderResponseFilterSensitiveLog = exports.AssociateAssessmentReportEvidenceFolderRequestFilterSensitiveLog = void 0;
|
|
5
|
+
exports.ListAssessmentFrameworksResponseFilterSensitiveLog = exports.ListAssessmentFrameworksRequestFilterSensitiveLog = exports.ListAssessmentControlInsightsByControlDomainResponseFilterSensitiveLog = exports.ControlInsightsMetadataByAssessmentItemFilterSensitiveLog = exports.EvidenceInsightsFilterSensitiveLog = exports.ListAssessmentControlInsightsByControlDomainRequestFilterSensitiveLog = exports.GetSettingsResponseFilterSensitiveLog = exports.SettingsFilterSensitiveLog = exports.EvidenceFinderEnablementFilterSensitiveLog = exports.GetSettingsRequestFilterSensitiveLog = exports.GetServicesInScopeResponseFilterSensitiveLog = exports.ServiceMetadataFilterSensitiveLog = exports.GetServicesInScopeRequestFilterSensitiveLog = exports.GetOrganizationAdminAccountResponseFilterSensitiveLog = exports.GetOrganizationAdminAccountRequestFilterSensitiveLog = exports.GetInsightsByAssessmentResponseFilterSensitiveLog = exports.InsightsByAssessmentFilterSensitiveLog = exports.GetInsightsByAssessmentRequestFilterSensitiveLog = exports.GetInsightsResponseFilterSensitiveLog = exports.InsightsFilterSensitiveLog = exports.GetInsightsRequestFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentControlResponseFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentControlRequestFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentResponseFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentRequestFilterSensitiveLog = exports.GetEvidenceFolderResponseFilterSensitiveLog = exports.GetEvidenceFolderRequestFilterSensitiveLog = exports.GetEvidenceByEvidenceFolderResponseFilterSensitiveLog = exports.GetEvidenceByEvidenceFolderRequestFilterSensitiveLog = exports.GetEvidenceResponseFilterSensitiveLog = exports.EvidenceFilterSensitiveLog = exports.ResourceFilterSensitiveLog = exports.GetEvidenceRequestFilterSensitiveLog = exports.GetDelegationsResponseFilterSensitiveLog = exports.DelegationMetadataFilterSensitiveLog = exports.GetDelegationsRequestFilterSensitiveLog = exports.GetControlResponseFilterSensitiveLog = exports.GetControlRequestFilterSensitiveLog = exports.GetChangeLogsResponseFilterSensitiveLog = exports.ChangeLogFilterSensitiveLog = exports.GetChangeLogsRequestFilterSensitiveLog = exports.GetAssessmentReportUrlResponseFilterSensitiveLog = exports.URLFilterSensitiveLog = exports.GetAssessmentReportUrlRequestFilterSensitiveLog = exports.GetAssessmentFrameworkResponseFilterSensitiveLog = exports.GetAssessmentFrameworkRequestFilterSensitiveLog = exports.GetAssessmentResponseFilterSensitiveLog = exports.GetAssessmentRequestFilterSensitiveLog = exports.GetAccountStatusResponseFilterSensitiveLog = exports.GetAccountStatusRequestFilterSensitiveLog = void 0;
|
|
6
|
+
exports.UpdateSettingsRequestFilterSensitiveLog = exports.UpdateControlResponseFilterSensitiveLog = exports.UpdateControlRequestFilterSensitiveLog = exports.UpdateAssessmentStatusResponseFilterSensitiveLog = exports.UpdateAssessmentStatusRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkShareResponseFilterSensitiveLog = exports.UpdateAssessmentFrameworkShareRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkResponseFilterSensitiveLog = exports.UpdateAssessmentFrameworkRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkControlSetFilterSensitiveLog = exports.UpdateAssessmentControlSetStatusResponseFilterSensitiveLog = exports.UpdateAssessmentControlSetStatusRequestFilterSensitiveLog = exports.UpdateAssessmentControlResponseFilterSensitiveLog = exports.UpdateAssessmentControlRequestFilterSensitiveLog = exports.UpdateAssessmentResponseFilterSensitiveLog = exports.UpdateAssessmentRequestFilterSensitiveLog = exports.UntagResourceResponseFilterSensitiveLog = exports.UntagResourceRequestFilterSensitiveLog = exports.TagResourceResponseFilterSensitiveLog = exports.TagResourceRequestFilterSensitiveLog = exports.StartAssessmentFrameworkShareResponseFilterSensitiveLog = exports.StartAssessmentFrameworkShareRequestFilterSensitiveLog = exports.RegisterOrganizationAdminAccountResponseFilterSensitiveLog = exports.RegisterOrganizationAdminAccountRequestFilterSensitiveLog = exports.RegisterAccountResponseFilterSensitiveLog = exports.RegisterAccountRequestFilterSensitiveLog = exports.ListTagsForResourceResponseFilterSensitiveLog = exports.ListTagsForResourceRequestFilterSensitiveLog = exports.ListNotificationsResponseFilterSensitiveLog = exports.NotificationFilterSensitiveLog = exports.ListNotificationsRequestFilterSensitiveLog = exports.ListKeywordsForDataSourceResponseFilterSensitiveLog = exports.ListKeywordsForDataSourceRequestFilterSensitiveLog = exports.ListControlsResponseFilterSensitiveLog = exports.ControlMetadataFilterSensitiveLog = exports.ListControlsRequestFilterSensitiveLog = exports.ListControlInsightsByControlDomainResponseFilterSensitiveLog = exports.ControlInsightsMetadataItemFilterSensitiveLog = exports.ListControlInsightsByControlDomainRequestFilterSensitiveLog = exports.ListControlDomainInsightsByAssessmentResponseFilterSensitiveLog = exports.ListControlDomainInsightsByAssessmentRequestFilterSensitiveLog = exports.ListControlDomainInsightsResponseFilterSensitiveLog = exports.ControlDomainInsightsFilterSensitiveLog = exports.ListControlDomainInsightsRequestFilterSensitiveLog = exports.ListAssessmentsResponseFilterSensitiveLog = exports.ListAssessmentsRequestFilterSensitiveLog = exports.ListAssessmentReportsResponseFilterSensitiveLog = exports.ListAssessmentReportsRequestFilterSensitiveLog = exports.ListAssessmentFrameworkShareRequestsResponseFilterSensitiveLog = exports.ListAssessmentFrameworkShareRequestsRequestFilterSensitiveLog = void 0;
|
|
7
|
+
exports.ValidateAssessmentReportIntegrityResponseFilterSensitiveLog = exports.ValidateAssessmentReportIntegrityRequestFilterSensitiveLog = exports.UpdateSettingsResponseFilterSensitiveLog = void 0;
|
|
7
8
|
const AuditManagerServiceException_1 = require("./AuditManagerServiceException");
|
|
8
9
|
class AccessDeniedException extends AuditManagerServiceException_1.AuditManagerServiceException {
|
|
9
10
|
constructor(opts) {
|
|
@@ -205,9 +206,23 @@ var SettingAttribute;
|
|
|
205
206
|
SettingAttribute["ALL"] = "ALL";
|
|
206
207
|
SettingAttribute["DEFAULT_ASSESSMENT_REPORTS_DESTINATION"] = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION";
|
|
207
208
|
SettingAttribute["DEFAULT_PROCESS_OWNERS"] = "DEFAULT_PROCESS_OWNERS";
|
|
209
|
+
SettingAttribute["EVIDENCE_FINDER_ENABLEMENT"] = "EVIDENCE_FINDER_ENABLEMENT";
|
|
208
210
|
SettingAttribute["IS_AWS_ORG_ENABLED"] = "IS_AWS_ORG_ENABLED";
|
|
209
211
|
SettingAttribute["SNS_TOPIC"] = "SNS_TOPIC";
|
|
210
212
|
})(SettingAttribute = exports.SettingAttribute || (exports.SettingAttribute = {}));
|
|
213
|
+
var EvidenceFinderBackfillStatus;
|
|
214
|
+
(function (EvidenceFinderBackfillStatus) {
|
|
215
|
+
EvidenceFinderBackfillStatus["COMPLETED"] = "COMPLETED";
|
|
216
|
+
EvidenceFinderBackfillStatus["IN_PROGRESS"] = "IN_PROGRESS";
|
|
217
|
+
EvidenceFinderBackfillStatus["NOT_STARTED"] = "NOT_STARTED";
|
|
218
|
+
})(EvidenceFinderBackfillStatus = exports.EvidenceFinderBackfillStatus || (exports.EvidenceFinderBackfillStatus = {}));
|
|
219
|
+
var EvidenceFinderEnablementStatus;
|
|
220
|
+
(function (EvidenceFinderEnablementStatus) {
|
|
221
|
+
EvidenceFinderEnablementStatus["DISABLED"] = "DISABLED";
|
|
222
|
+
EvidenceFinderEnablementStatus["DISABLE_IN_PROGRESS"] = "DISABLE_IN_PROGRESS";
|
|
223
|
+
EvidenceFinderEnablementStatus["ENABLED"] = "ENABLED";
|
|
224
|
+
EvidenceFinderEnablementStatus["ENABLE_IN_PROGRESS"] = "ENABLE_IN_PROGRESS";
|
|
225
|
+
})(EvidenceFinderEnablementStatus = exports.EvidenceFinderEnablementStatus || (exports.EvidenceFinderEnablementStatus = {}));
|
|
211
226
|
class ThrottlingException extends AuditManagerServiceException_1.AuditManagerServiceException {
|
|
212
227
|
constructor(opts) {
|
|
213
228
|
super({
|
|
@@ -671,6 +686,10 @@ const GetSettingsRequestFilterSensitiveLog = (obj) => ({
|
|
|
671
686
|
...obj,
|
|
672
687
|
});
|
|
673
688
|
exports.GetSettingsRequestFilterSensitiveLog = GetSettingsRequestFilterSensitiveLog;
|
|
689
|
+
const EvidenceFinderEnablementFilterSensitiveLog = (obj) => ({
|
|
690
|
+
...obj,
|
|
691
|
+
});
|
|
692
|
+
exports.EvidenceFinderEnablementFilterSensitiveLog = EvidenceFinderEnablementFilterSensitiveLog;
|
|
674
693
|
const SettingsFilterSensitiveLog = (obj) => ({
|
|
675
694
|
...obj,
|
|
676
695
|
});
|
|
@@ -220,6 +220,7 @@ const serializeAws_restJson1CreateAssessmentReportCommand = async (input, contex
|
|
|
220
220
|
body = JSON.stringify({
|
|
221
221
|
...(input.description != null && { description: input.description }),
|
|
222
222
|
...(input.name != null && { name: input.name }),
|
|
223
|
+
...(input.queryStatement != null && { queryStatement: input.queryStatement }),
|
|
223
224
|
});
|
|
224
225
|
return new protocol_http_1.HttpRequest({
|
|
225
226
|
protocol,
|
|
@@ -1319,6 +1320,7 @@ const serializeAws_restJson1UpdateSettingsCommand = async (input, context) => {
|
|
|
1319
1320
|
...(input.defaultProcessOwners != null && {
|
|
1320
1321
|
defaultProcessOwners: serializeAws_restJson1Roles(input.defaultProcessOwners, context),
|
|
1321
1322
|
}),
|
|
1323
|
+
...(input.evidenceFinderEnabled != null && { evidenceFinderEnabled: input.evidenceFinderEnabled }),
|
|
1322
1324
|
...(input.kmsKey != null && { kmsKey: input.kmsKey }),
|
|
1323
1325
|
...(input.snsTopic != null && { snsTopic: input.snsTopic }),
|
|
1324
1326
|
});
|
|
@@ -4903,6 +4905,14 @@ const deserializeAws_restJson1EvidenceAttributes = (output, context) => {
|
|
|
4903
4905
|
return acc;
|
|
4904
4906
|
}, {});
|
|
4905
4907
|
};
|
|
4908
|
+
const deserializeAws_restJson1EvidenceFinderEnablement = (output, context) => {
|
|
4909
|
+
return {
|
|
4910
|
+
backfillStatus: (0, smithy_client_1.expectString)(output.backfillStatus),
|
|
4911
|
+
enablementStatus: (0, smithy_client_1.expectString)(output.enablementStatus),
|
|
4912
|
+
error: (0, smithy_client_1.expectString)(output.error),
|
|
4913
|
+
eventDataStoreArn: (0, smithy_client_1.expectString)(output.eventDataStoreArn),
|
|
4914
|
+
};
|
|
4915
|
+
};
|
|
4906
4916
|
const deserializeAws_restJson1EvidenceIds = (output, context) => {
|
|
4907
4917
|
const retVal = (output || [])
|
|
4908
4918
|
.filter((e) => e != null)
|
|
@@ -5060,6 +5070,7 @@ const deserializeAws_restJson1Notifications = (output, context) => {
|
|
|
5060
5070
|
const deserializeAws_restJson1Resource = (output, context) => {
|
|
5061
5071
|
return {
|
|
5062
5072
|
arn: (0, smithy_client_1.expectString)(output.arn),
|
|
5073
|
+
complianceCheck: (0, smithy_client_1.expectString)(output.complianceCheck),
|
|
5063
5074
|
value: (0, smithy_client_1.expectString)(output.value),
|
|
5064
5075
|
};
|
|
5065
5076
|
};
|
|
@@ -5124,6 +5135,9 @@ const deserializeAws_restJson1Settings = (output, context) => {
|
|
|
5124
5135
|
defaultProcessOwners: output.defaultProcessOwners != null
|
|
5125
5136
|
? deserializeAws_restJson1Roles(output.defaultProcessOwners, context)
|
|
5126
5137
|
: undefined,
|
|
5138
|
+
evidenceFinderEnablement: output.evidenceFinderEnablement != null
|
|
5139
|
+
? deserializeAws_restJson1EvidenceFinderEnablement(output.evidenceFinderEnablement, context)
|
|
5140
|
+
: undefined,
|
|
5127
5141
|
isAwsOrgEnabled: (0, smithy_client_1.expectBoolean)(output.isAwsOrgEnabled),
|
|
5128
5142
|
kmsKey: (0, smithy_client_1.expectString)(output.kmsKey),
|
|
5129
5143
|
snsTopic: (0, smithy_client_1.expectString)(output.snsTopic),
|
|
@@ -194,9 +194,23 @@ export var SettingAttribute;
|
|
|
194
194
|
SettingAttribute["ALL"] = "ALL";
|
|
195
195
|
SettingAttribute["DEFAULT_ASSESSMENT_REPORTS_DESTINATION"] = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION";
|
|
196
196
|
SettingAttribute["DEFAULT_PROCESS_OWNERS"] = "DEFAULT_PROCESS_OWNERS";
|
|
197
|
+
SettingAttribute["EVIDENCE_FINDER_ENABLEMENT"] = "EVIDENCE_FINDER_ENABLEMENT";
|
|
197
198
|
SettingAttribute["IS_AWS_ORG_ENABLED"] = "IS_AWS_ORG_ENABLED";
|
|
198
199
|
SettingAttribute["SNS_TOPIC"] = "SNS_TOPIC";
|
|
199
200
|
})(SettingAttribute || (SettingAttribute = {}));
|
|
201
|
+
export var EvidenceFinderBackfillStatus;
|
|
202
|
+
(function (EvidenceFinderBackfillStatus) {
|
|
203
|
+
EvidenceFinderBackfillStatus["COMPLETED"] = "COMPLETED";
|
|
204
|
+
EvidenceFinderBackfillStatus["IN_PROGRESS"] = "IN_PROGRESS";
|
|
205
|
+
EvidenceFinderBackfillStatus["NOT_STARTED"] = "NOT_STARTED";
|
|
206
|
+
})(EvidenceFinderBackfillStatus || (EvidenceFinderBackfillStatus = {}));
|
|
207
|
+
export var EvidenceFinderEnablementStatus;
|
|
208
|
+
(function (EvidenceFinderEnablementStatus) {
|
|
209
|
+
EvidenceFinderEnablementStatus["DISABLED"] = "DISABLED";
|
|
210
|
+
EvidenceFinderEnablementStatus["DISABLE_IN_PROGRESS"] = "DISABLE_IN_PROGRESS";
|
|
211
|
+
EvidenceFinderEnablementStatus["ENABLED"] = "ENABLED";
|
|
212
|
+
EvidenceFinderEnablementStatus["ENABLE_IN_PROGRESS"] = "ENABLE_IN_PROGRESS";
|
|
213
|
+
})(EvidenceFinderEnablementStatus || (EvidenceFinderEnablementStatus = {}));
|
|
200
214
|
export class ThrottlingException extends __BaseException {
|
|
201
215
|
constructor(opts) {
|
|
202
216
|
super({
|
|
@@ -548,6 +562,9 @@ export const GetServicesInScopeResponseFilterSensitiveLog = (obj) => ({
|
|
|
548
562
|
export const GetSettingsRequestFilterSensitiveLog = (obj) => ({
|
|
549
563
|
...obj,
|
|
550
564
|
});
|
|
565
|
+
export const EvidenceFinderEnablementFilterSensitiveLog = (obj) => ({
|
|
566
|
+
...obj,
|
|
567
|
+
});
|
|
551
568
|
export const SettingsFilterSensitiveLog = (obj) => ({
|
|
552
569
|
...obj,
|
|
553
570
|
});
|
|
@@ -207,6 +207,7 @@ export const serializeAws_restJson1CreateAssessmentReportCommand = async (input,
|
|
|
207
207
|
body = JSON.stringify({
|
|
208
208
|
...(input.description != null && { description: input.description }),
|
|
209
209
|
...(input.name != null && { name: input.name }),
|
|
210
|
+
...(input.queryStatement != null && { queryStatement: input.queryStatement }),
|
|
210
211
|
});
|
|
211
212
|
return new __HttpRequest({
|
|
212
213
|
protocol,
|
|
@@ -1255,6 +1256,7 @@ export const serializeAws_restJson1UpdateSettingsCommand = async (input, context
|
|
|
1255
1256
|
...(input.defaultProcessOwners != null && {
|
|
1256
1257
|
defaultProcessOwners: serializeAws_restJson1Roles(input.defaultProcessOwners, context),
|
|
1257
1258
|
}),
|
|
1259
|
+
...(input.evidenceFinderEnabled != null && { evidenceFinderEnabled: input.evidenceFinderEnabled }),
|
|
1258
1260
|
...(input.kmsKey != null && { kmsKey: input.kmsKey }),
|
|
1259
1261
|
...(input.snsTopic != null && { snsTopic: input.snsTopic }),
|
|
1260
1262
|
});
|
|
@@ -4776,6 +4778,14 @@ const deserializeAws_restJson1EvidenceAttributes = (output, context) => {
|
|
|
4776
4778
|
return acc;
|
|
4777
4779
|
}, {});
|
|
4778
4780
|
};
|
|
4781
|
+
const deserializeAws_restJson1EvidenceFinderEnablement = (output, context) => {
|
|
4782
|
+
return {
|
|
4783
|
+
backfillStatus: __expectString(output.backfillStatus),
|
|
4784
|
+
enablementStatus: __expectString(output.enablementStatus),
|
|
4785
|
+
error: __expectString(output.error),
|
|
4786
|
+
eventDataStoreArn: __expectString(output.eventDataStoreArn),
|
|
4787
|
+
};
|
|
4788
|
+
};
|
|
4779
4789
|
const deserializeAws_restJson1EvidenceIds = (output, context) => {
|
|
4780
4790
|
const retVal = (output || [])
|
|
4781
4791
|
.filter((e) => e != null)
|
|
@@ -4933,6 +4943,7 @@ const deserializeAws_restJson1Notifications = (output, context) => {
|
|
|
4933
4943
|
const deserializeAws_restJson1Resource = (output, context) => {
|
|
4934
4944
|
return {
|
|
4935
4945
|
arn: __expectString(output.arn),
|
|
4946
|
+
complianceCheck: __expectString(output.complianceCheck),
|
|
4936
4947
|
value: __expectString(output.value),
|
|
4937
4948
|
};
|
|
4938
4949
|
};
|
|
@@ -4997,6 +5008,9 @@ const deserializeAws_restJson1Settings = (output, context) => {
|
|
|
4997
5008
|
defaultProcessOwners: output.defaultProcessOwners != null
|
|
4998
5009
|
? deserializeAws_restJson1Roles(output.defaultProcessOwners, context)
|
|
4999
5010
|
: undefined,
|
|
5011
|
+
evidenceFinderEnablement: output.evidenceFinderEnablement != null
|
|
5012
|
+
? deserializeAws_restJson1EvidenceFinderEnablement(output.evidenceFinderEnablement, context)
|
|
5013
|
+
: undefined,
|
|
5000
5014
|
isAwsOrgEnabled: __expectBoolean(output.isAwsOrgEnabled),
|
|
5001
5015
|
kmsKey: __expectString(output.kmsKey),
|
|
5002
5016
|
snsTopic: __expectString(output.snsTopic),
|
|
@@ -134,8 +134,27 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
134
134
|
batchDisassociateAssessmentReportEvidence(args: BatchDisassociateAssessmentReportEvidenceCommandInput, cb: (err: any, data?: BatchDisassociateAssessmentReportEvidenceCommandOutput) => void): void;
|
|
135
135
|
batchDisassociateAssessmentReportEvidence(args: BatchDisassociateAssessmentReportEvidenceCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: BatchDisassociateAssessmentReportEvidenceCommandOutput) => void): void;
|
|
136
136
|
/**
|
|
137
|
-
* <p>
|
|
138
|
-
*
|
|
137
|
+
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment. You can upload manual evidence from any Amazon Simple Storage Service (Amazon S3) bucket by specifying
|
|
138
|
+
* the S3 URI of the evidence. </p>
|
|
139
|
+
* <p>You must upload manual evidence to your S3 bucket before you can upload it to your
|
|
140
|
+
* assessment. For instructions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html">CreateBucket</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html">PutObject</a> in
|
|
141
|
+
* the <i>Amazon Simple Storage Service API Reference.</i>
|
|
142
|
+
* </p>
|
|
143
|
+
* <p>The following restrictions apply to this action:</p>
|
|
144
|
+
* <ul>
|
|
145
|
+
* <li>
|
|
146
|
+
* <p>Maximum size of an individual evidence file: 100 MB</p>
|
|
147
|
+
* </li>
|
|
148
|
+
* <li>
|
|
149
|
+
* <p>Number of daily manual evidence uploads per control: 100</p>
|
|
150
|
+
* </li>
|
|
151
|
+
* <li>
|
|
152
|
+
* <p>Supported file formats: See <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html#supported-manual-evidence-files">Supported file types for manual evidence</a> in the <i>Audit Manager User Guide</i>
|
|
153
|
+
* </p>
|
|
154
|
+
* </li>
|
|
155
|
+
* </ul>
|
|
156
|
+
* <p>For more information about Audit Manager service restrictions, see <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html">Quotas and
|
|
157
|
+
* restrictions for Audit Manager</a>.</p>
|
|
139
158
|
*/
|
|
140
159
|
batchImportEvidenceToAssessmentControl(args: BatchImportEvidenceToAssessmentControlCommandInput, options?: __HttpHandlerOptions): Promise<BatchImportEvidenceToAssessmentControlCommandOutput>;
|
|
141
160
|
batchImportEvidenceToAssessmentControl(args: BatchImportEvidenceToAssessmentControlCommandInput, cb: (err: any, data?: BatchImportEvidenceToAssessmentControlCommandOutput) => void): void;
|
|
@@ -263,53 +282,66 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
263
282
|
/**
|
|
264
283
|
* <p>Removes the specified Amazon Web Services account as a delegated administrator for
|
|
265
284
|
* Audit Manager. </p>
|
|
266
|
-
*
|
|
267
|
-
*
|
|
285
|
+
*
|
|
286
|
+
* <p>When you remove a delegated administrator from your Audit Manager settings, you
|
|
268
287
|
* continue to have access to the evidence that you previously collected under that
|
|
269
288
|
* account. This is also the case when you deregister a delegated administrator from
|
|
270
289
|
* Organizations. However, Audit Manager will stop collecting and attaching
|
|
271
290
|
* evidence to that delegated administrator account moving forward.</p>
|
|
291
|
+
* <important>
|
|
292
|
+
* <p>Keep in mind the following cleanup task if you use evidence finder:</p>
|
|
293
|
+
* <p>Before you use your management account to remove a delegated administrator, make sure
|
|
294
|
+
* that the current delegated administrator account signs in to Audit Manager and
|
|
295
|
+
* disables evidence finder first. Disabling evidence finder automatically deletes the
|
|
296
|
+
* event data store that was created in their account when they enabled evidence finder. If
|
|
297
|
+
* this task isn’t completed, the event data store remains in their account. In this case,
|
|
298
|
+
* we recommend that the original delegated administrator goes to CloudTrail Lake
|
|
299
|
+
* and manually <a href="https://docs.aws.amazon.com/userguide/awscloudtrail/latest/userguide/query-eds-disable-termination.html">deletes the event data store</a>.</p>
|
|
300
|
+
* <p>This cleanup task is necessary to ensure that you don't end up with multiple event
|
|
301
|
+
* data stores. Audit Manager will ignore an unused event data store after you remove
|
|
302
|
+
* or change a delegated administrator account. However, the unused event data store
|
|
303
|
+
* continues to incur storage costs from CloudTrail Lake if you don't delete
|
|
304
|
+
* it.</p>
|
|
272
305
|
* </important>
|
|
273
|
-
*
|
|
274
|
-
*
|
|
306
|
+
*
|
|
307
|
+
* <p>When you deregister a delegated administrator account for Audit Manager, the data
|
|
275
308
|
* for that account isn’t deleted. If you want to delete resource data for a delegated
|
|
276
309
|
* administrator account, you must perform that task separately before you deregister the
|
|
277
310
|
* account. Either, you can do this in the Audit Manager console. Or, you can use one
|
|
278
311
|
* of the delete API operations that are provided by Audit Manager. </p>
|
|
279
|
-
*
|
|
280
|
-
*
|
|
281
|
-
*
|
|
282
|
-
*
|
|
283
|
-
*
|
|
312
|
+
* <p>To delete your Audit Manager resource data, see the following instructions: </p>
|
|
313
|
+
* <ul>
|
|
314
|
+
* <li>
|
|
315
|
+
* <p>
|
|
316
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
284
317
|
* assessment</a> in the <i>Audit Manager User
|
|
285
318
|
* Guide</i>)</p>
|
|
286
|
-
*
|
|
287
|
-
*
|
|
288
|
-
*
|
|
289
|
-
*
|
|
319
|
+
* </li>
|
|
320
|
+
* <li>
|
|
321
|
+
* <p>
|
|
322
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
290
323
|
* custom framework</a> in the <i>Audit Manager User
|
|
291
324
|
* Guide</i>)</p>
|
|
292
|
-
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
295
|
-
*
|
|
325
|
+
* </li>
|
|
326
|
+
* <li>
|
|
327
|
+
* <p>
|
|
328
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
296
329
|
* Guide</i>)</p>
|
|
297
|
-
*
|
|
298
|
-
*
|
|
299
|
-
*
|
|
300
|
-
*
|
|
330
|
+
* </li>
|
|
331
|
+
* <li>
|
|
332
|
+
* <p>
|
|
333
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
301
334
|
* User Guide</i>)</p>
|
|
302
|
-
*
|
|
303
|
-
*
|
|
304
|
-
*
|
|
305
|
-
*
|
|
335
|
+
* </li>
|
|
336
|
+
* <li>
|
|
337
|
+
* <p>
|
|
338
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
306
339
|
* control</a> in the <i>Audit Manager User
|
|
307
340
|
* Guide</i>)</p>
|
|
308
|
-
*
|
|
309
|
-
*
|
|
310
|
-
*
|
|
341
|
+
* </li>
|
|
342
|
+
* </ul>
|
|
343
|
+
* <p>At this time, Audit Manager doesn't provide an option to delete evidence. All
|
|
311
344
|
* available delete operations are listed above.</p>
|
|
312
|
-
* </note>
|
|
313
345
|
*/
|
|
314
346
|
deregisterOrganizationAdminAccount(args: DeregisterOrganizationAdminAccountCommandInput, options?: __HttpHandlerOptions): Promise<DeregisterOrganizationAdminAccountCommandOutput>;
|
|
315
347
|
deregisterOrganizationAdminAccount(args: DeregisterOrganizationAdminAccountCommandInput, cb: (err: any, data?: DeregisterOrganizationAdminAccountCommandOutput) => void): void;
|
|
@@ -415,8 +447,9 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
415
447
|
getOrganizationAdminAccount(args: GetOrganizationAdminAccountCommandInput, cb: (err: any, data?: GetOrganizationAdminAccountCommandOutput) => void): void;
|
|
416
448
|
getOrganizationAdminAccount(args: GetOrganizationAdminAccountCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetOrganizationAdminAccountCommandOutput) => void): void;
|
|
417
449
|
/**
|
|
418
|
-
* <p>
|
|
419
|
-
* assessment. </
|
|
450
|
+
* <p>Returns a list of all of the Amazon Web Services that you can choose to include
|
|
451
|
+
* in your assessment. When you <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html">create an assessment</a>, specify which of these services you want to include to
|
|
452
|
+
* narrow the assessment's <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_Scope.html">scope</a>.</p>
|
|
420
453
|
*/
|
|
421
454
|
getServicesInScope(args: GetServicesInScopeCommandInput, options?: __HttpHandlerOptions): Promise<GetServicesInScopeCommandOutput>;
|
|
422
455
|
getServicesInScope(args: GetServicesInScopeCommandInput, cb: (err: any, data?: GetServicesInScopeCommandOutput) => void): void;
|
|
@@ -8,8 +8,27 @@ export interface BatchImportEvidenceToAssessmentControlCommandInput extends Batc
|
|
|
8
8
|
export interface BatchImportEvidenceToAssessmentControlCommandOutput extends BatchImportEvidenceToAssessmentControlResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p>
|
|
12
|
-
*
|
|
11
|
+
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment. You can upload manual evidence from any Amazon Simple Storage Service (Amazon S3) bucket by specifying
|
|
12
|
+
* the S3 URI of the evidence. </p>
|
|
13
|
+
* <p>You must upload manual evidence to your S3 bucket before you can upload it to your
|
|
14
|
+
* assessment. For instructions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html">CreateBucket</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html">PutObject</a> in
|
|
15
|
+
* the <i>Amazon Simple Storage Service API Reference.</i>
|
|
16
|
+
* </p>
|
|
17
|
+
* <p>The following restrictions apply to this action:</p>
|
|
18
|
+
* <ul>
|
|
19
|
+
* <li>
|
|
20
|
+
* <p>Maximum size of an individual evidence file: 100 MB</p>
|
|
21
|
+
* </li>
|
|
22
|
+
* <li>
|
|
23
|
+
* <p>Number of daily manual evidence uploads per control: 100</p>
|
|
24
|
+
* </li>
|
|
25
|
+
* <li>
|
|
26
|
+
* <p>Supported file formats: See <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/upload-evidence.html#supported-manual-evidence-files">Supported file types for manual evidence</a> in the <i>Audit Manager User Guide</i>
|
|
27
|
+
* </p>
|
|
28
|
+
* </li>
|
|
29
|
+
* </ul>
|
|
30
|
+
* <p>For more information about Audit Manager service restrictions, see <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/service-quotas.html">Quotas and
|
|
31
|
+
* restrictions for Audit Manager</a>.</p>
|
|
13
32
|
* @example
|
|
14
33
|
* Use a bare-bones client and the command you need to make an API call.
|
|
15
34
|
* ```javascript
|
|
@@ -10,53 +10,66 @@ export interface DeregisterOrganizationAdminAccountCommandOutput extends Deregis
|
|
|
10
10
|
/**
|
|
11
11
|
* <p>Removes the specified Amazon Web Services account as a delegated administrator for
|
|
12
12
|
* Audit Manager. </p>
|
|
13
|
-
*
|
|
14
|
-
*
|
|
13
|
+
*
|
|
14
|
+
* <p>When you remove a delegated administrator from your Audit Manager settings, you
|
|
15
15
|
* continue to have access to the evidence that you previously collected under that
|
|
16
16
|
* account. This is also the case when you deregister a delegated administrator from
|
|
17
17
|
* Organizations. However, Audit Manager will stop collecting and attaching
|
|
18
18
|
* evidence to that delegated administrator account moving forward.</p>
|
|
19
|
+
* <important>
|
|
20
|
+
* <p>Keep in mind the following cleanup task if you use evidence finder:</p>
|
|
21
|
+
* <p>Before you use your management account to remove a delegated administrator, make sure
|
|
22
|
+
* that the current delegated administrator account signs in to Audit Manager and
|
|
23
|
+
* disables evidence finder first. Disabling evidence finder automatically deletes the
|
|
24
|
+
* event data store that was created in their account when they enabled evidence finder. If
|
|
25
|
+
* this task isn’t completed, the event data store remains in their account. In this case,
|
|
26
|
+
* we recommend that the original delegated administrator goes to CloudTrail Lake
|
|
27
|
+
* and manually <a href="https://docs.aws.amazon.com/userguide/awscloudtrail/latest/userguide/query-eds-disable-termination.html">deletes the event data store</a>.</p>
|
|
28
|
+
* <p>This cleanup task is necessary to ensure that you don't end up with multiple event
|
|
29
|
+
* data stores. Audit Manager will ignore an unused event data store after you remove
|
|
30
|
+
* or change a delegated administrator account. However, the unused event data store
|
|
31
|
+
* continues to incur storage costs from CloudTrail Lake if you don't delete
|
|
32
|
+
* it.</p>
|
|
19
33
|
* </important>
|
|
20
|
-
*
|
|
21
|
-
*
|
|
34
|
+
*
|
|
35
|
+
* <p>When you deregister a delegated administrator account for Audit Manager, the data
|
|
22
36
|
* for that account isn’t deleted. If you want to delete resource data for a delegated
|
|
23
37
|
* administrator account, you must perform that task separately before you deregister the
|
|
24
38
|
* account. Either, you can do this in the Audit Manager console. Or, you can use one
|
|
25
39
|
* of the delete API operations that are provided by Audit Manager. </p>
|
|
26
|
-
*
|
|
27
|
-
*
|
|
28
|
-
*
|
|
29
|
-
*
|
|
30
|
-
*
|
|
40
|
+
* <p>To delete your Audit Manager resource data, see the following instructions: </p>
|
|
41
|
+
* <ul>
|
|
42
|
+
* <li>
|
|
43
|
+
* <p>
|
|
44
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
31
45
|
* assessment</a> in the <i>Audit Manager User
|
|
32
46
|
* Guide</i>)</p>
|
|
33
|
-
*
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
47
|
+
* </li>
|
|
48
|
+
* <li>
|
|
49
|
+
* <p>
|
|
50
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
37
51
|
* custom framework</a> in the <i>Audit Manager User
|
|
38
52
|
* Guide</i>)</p>
|
|
39
|
-
*
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
53
|
+
* </li>
|
|
54
|
+
* <li>
|
|
55
|
+
* <p>
|
|
56
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
43
57
|
* Guide</i>)</p>
|
|
44
|
-
*
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
*
|
|
58
|
+
* </li>
|
|
59
|
+
* <li>
|
|
60
|
+
* <p>
|
|
61
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
48
62
|
* User Guide</i>)</p>
|
|
49
|
-
*
|
|
50
|
-
*
|
|
51
|
-
*
|
|
52
|
-
*
|
|
63
|
+
* </li>
|
|
64
|
+
* <li>
|
|
65
|
+
* <p>
|
|
66
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
53
67
|
* control</a> in the <i>Audit Manager User
|
|
54
68
|
* Guide</i>)</p>
|
|
55
|
-
*
|
|
56
|
-
*
|
|
57
|
-
*
|
|
69
|
+
* </li>
|
|
70
|
+
* </ul>
|
|
71
|
+
* <p>At this time, Audit Manager doesn't provide an option to delete evidence. All
|
|
58
72
|
* available delete operations are listed above.</p>
|
|
59
|
-
* </note>
|
|
60
73
|
* @example
|
|
61
74
|
* Use a bare-bones client and the command you need to make an API call.
|
|
62
75
|
* ```javascript
|
|
@@ -8,8 +8,9 @@ export interface GetServicesInScopeCommandInput extends GetServicesInScopeReques
|
|
|
8
8
|
export interface GetServicesInScopeCommandOutput extends GetServicesInScopeResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p>
|
|
12
|
-
* assessment. </
|
|
11
|
+
* <p>Returns a list of all of the Amazon Web Services that you can choose to include
|
|
12
|
+
* in your assessment. When you <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_CreateAssessment.html">create an assessment</a>, specify which of these services you want to include to
|
|
13
|
+
* narrow the assessment's <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_Scope.html">scope</a>.</p>
|
|
13
14
|
* @example
|
|
14
15
|
* Use a bare-bones client and the command you need to make an API call.
|
|
15
16
|
* ```javascript
|
|
@@ -721,8 +721,8 @@ export interface AssessmentReport {
|
|
|
721
721
|
creationTime?: Date;
|
|
722
722
|
}
|
|
723
723
|
/**
|
|
724
|
-
* <p> An error entity for
|
|
725
|
-
*
|
|
724
|
+
* <p> An error entity for assessment report evidence errors. This is used to provide more
|
|
725
|
+
* meaningful errors than a simple string message. </p>
|
|
726
726
|
*/
|
|
727
727
|
export interface AssessmentReportEvidenceError {
|
|
728
728
|
/**
|
|
@@ -730,11 +730,11 @@ export interface AssessmentReportEvidenceError {
|
|
|
730
730
|
*/
|
|
731
731
|
evidenceId?: string;
|
|
732
732
|
/**
|
|
733
|
-
* <p> The error code that
|
|
733
|
+
* <p> The error code that was returned. </p>
|
|
734
734
|
*/
|
|
735
735
|
errorCode?: string;
|
|
736
736
|
/**
|
|
737
|
-
* <p> The error message that
|
|
737
|
+
* <p> The error message that was returned. </p>
|
|
738
738
|
*/
|
|
739
739
|
errorMessage?: string;
|
|
740
740
|
}
|
|
@@ -1260,13 +1260,6 @@ export interface SourceKeyword {
|
|
|
1260
1260
|
* </p>
|
|
1261
1261
|
* </li>
|
|
1262
1262
|
* <li>
|
|
1263
|
-
* <p>Service-linked rule name: securityhub-api-gw-cache-encrypted-101104e1</p>
|
|
1264
|
-
* <p>
|
|
1265
|
-
* <code>keywordValue</code>:
|
|
1266
|
-
* <code>Custom_securityhub-api-gw-cache-encrypted</code>
|
|
1267
|
-
* </p>
|
|
1268
|
-
* </li>
|
|
1269
|
-
* <li>
|
|
1270
1263
|
* <p>Service-linked rule name:
|
|
1271
1264
|
* OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba</p>
|
|
1272
1265
|
* <p>
|
|
@@ -1399,8 +1392,8 @@ export interface Control {
|
|
|
1399
1392
|
*/
|
|
1400
1393
|
actionPlanInstructions?: string;
|
|
1401
1394
|
/**
|
|
1402
|
-
* <p> The data source that
|
|
1403
|
-
* the control. </p>
|
|
1395
|
+
* <p> The data source types that determine where Audit Manager collects evidence from
|
|
1396
|
+
* for the control. </p>
|
|
1404
1397
|
*/
|
|
1405
1398
|
controlSources?: string;
|
|
1406
1399
|
/**
|
|
@@ -1529,6 +1522,18 @@ export interface CreateAssessmentReportRequest {
|
|
|
1529
1522
|
* <p> The identifier for the assessment. </p>
|
|
1530
1523
|
*/
|
|
1531
1524
|
assessmentId: string | undefined;
|
|
1525
|
+
/**
|
|
1526
|
+
* <p>A SQL statement that represents an evidence finder query.</p>
|
|
1527
|
+
* <p>Provide this parameter when you want to generate an assessment report from the results
|
|
1528
|
+
* of an evidence finder search query. When you use this parameter, Audit Manager
|
|
1529
|
+
* generates a one-time report using only the evidence from the query output. This report does
|
|
1530
|
+
* not include any assessment evidence that was manually <a href="https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence">added to a report using the console</a>, or <a href="https://docs.aws.amazon.com/APIReference-evidenceFinder/API_BatchAssociateAssessmentReportEvidence.html">associated with a report using the API</a>. </p>
|
|
1531
|
+
* <p>To use this parameter, the <a href="https://docs.aws.amazon.com/APIReference-evidenceFinder/API_EvidenceFinderSetup.html#auditmanager-Type-EvidenceFinderSetup-enablementStatus">enablementStatus</a> of evidence finder must be <code>ENABLED</code>. </p>
|
|
1532
|
+
* <p> For examples and help resolving <code>queryStatement</code> validation exceptions, see
|
|
1533
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions">Troubleshooting evidence finder issues</a> in the AWS Audit
|
|
1534
|
+
* Manager User Guide. </p>
|
|
1535
|
+
*/
|
|
1536
|
+
queryStatement?: string;
|
|
1532
1537
|
}
|
|
1533
1538
|
export interface CreateAssessmentReportResponse {
|
|
1534
1539
|
/**
|
|
@@ -1948,6 +1953,30 @@ export interface Resource {
|
|
|
1948
1953
|
* <p> The value of the resource. </p>
|
|
1949
1954
|
*/
|
|
1950
1955
|
value?: string;
|
|
1956
|
+
/**
|
|
1957
|
+
* <p> The evaluation status for a resource that was assessed when collecting compliance check
|
|
1958
|
+
* evidence. </p>
|
|
1959
|
+
* <ul>
|
|
1960
|
+
* <li>
|
|
1961
|
+
* <p>Audit Manager classes the resource as non-compliant if Security Hub reports a
|
|
1962
|
+
* <i>Fail</i> result, or if Config reports a
|
|
1963
|
+
* <i>Non-compliant</i> result.</p>
|
|
1964
|
+
* </li>
|
|
1965
|
+
* <li>
|
|
1966
|
+
* <p>Audit Manager classes the resource as compliant if Security Hub reports a
|
|
1967
|
+
* <i>Pass</i> result, or if Config reports a
|
|
1968
|
+
* <i>Compliant</i> result.</p>
|
|
1969
|
+
* </li>
|
|
1970
|
+
* <li>
|
|
1971
|
+
* <p>If a compliance check isn't available or applicable, then no compliance evaluation can be made
|
|
1972
|
+
* for that resource. This is the case if a resource assessment uses Config or Security Hub as the underlying data source type, but those services
|
|
1973
|
+
* aren't enabled. This is also the case if the resource assessment uses an underlying
|
|
1974
|
+
* data source type that doesn't support compliance checks (such as manual evidence,
|
|
1975
|
+
* Amazon Web Services API calls, or CloudTrail). </p>
|
|
1976
|
+
* </li>
|
|
1977
|
+
* </ul>
|
|
1978
|
+
*/
|
|
1979
|
+
complianceCheck?: string;
|
|
1951
1980
|
}
|
|
1952
1981
|
/**
|
|
1953
1982
|
* <p> A record that contains the information needed to demonstrate compliance with the
|
|
@@ -1995,10 +2024,28 @@ export interface Evidence {
|
|
|
1995
2024
|
*/
|
|
1996
2025
|
iamId?: string;
|
|
1997
2026
|
/**
|
|
1998
|
-
* <p>
|
|
1999
|
-
*
|
|
2000
|
-
*
|
|
2001
|
-
*
|
|
2027
|
+
* <p>The evaluation status for automated evidence that falls under the compliance check
|
|
2028
|
+
* category.</p>
|
|
2029
|
+
* <ul>
|
|
2030
|
+
* <li>
|
|
2031
|
+
* <p>Audit Manager classes evidence as non-compliant if Security Hub reports a
|
|
2032
|
+
* <i>Fail</i> result, or if Config reports a
|
|
2033
|
+
* <i>Non-compliant</i> result.</p>
|
|
2034
|
+
* </li>
|
|
2035
|
+
* <li>
|
|
2036
|
+
* <p>Audit Manager classes evidence as compliant if Security Hub reports a
|
|
2037
|
+
* <i>Pass</i> result, or if Config reports a
|
|
2038
|
+
* <i>Compliant</i> result.</p>
|
|
2039
|
+
* </li>
|
|
2040
|
+
* <li>
|
|
2041
|
+
* <p>If a compliance check isn't available or applicable, then no compliance evaluation can be made
|
|
2042
|
+
* for that evidence. This is the case if the evidence uses Config or
|
|
2043
|
+
* Security Hub as the underlying data source type, but those services aren't
|
|
2044
|
+
* enabled. This is also the case if the evidence uses an underlying data source type
|
|
2045
|
+
* that doesn't support compliance checks (such as manual evidence, Amazon Web Services
|
|
2046
|
+
* API calls, or CloudTrail). </p>
|
|
2047
|
+
* </li>
|
|
2048
|
+
* </ul>
|
|
2002
2049
|
*/
|
|
2003
2050
|
complianceCheck?: string;
|
|
2004
2051
|
/**
|
|
@@ -2355,6 +2402,7 @@ export declare enum SettingAttribute {
|
|
|
2355
2402
|
ALL = "ALL",
|
|
2356
2403
|
DEFAULT_ASSESSMENT_REPORTS_DESTINATION = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION",
|
|
2357
2404
|
DEFAULT_PROCESS_OWNERS = "DEFAULT_PROCESS_OWNERS",
|
|
2405
|
+
EVIDENCE_FINDER_ENABLEMENT = "EVIDENCE_FINDER_ENABLEMENT",
|
|
2358
2406
|
IS_AWS_ORG_ENABLED = "IS_AWS_ORG_ENABLED",
|
|
2359
2407
|
SNS_TOPIC = "SNS_TOPIC"
|
|
2360
2408
|
}
|
|
@@ -2364,6 +2412,86 @@ export interface GetSettingsRequest {
|
|
|
2364
2412
|
*/
|
|
2365
2413
|
attribute: SettingAttribute | string | undefined;
|
|
2366
2414
|
}
|
|
2415
|
+
export declare enum EvidenceFinderBackfillStatus {
|
|
2416
|
+
COMPLETED = "COMPLETED",
|
|
2417
|
+
IN_PROGRESS = "IN_PROGRESS",
|
|
2418
|
+
NOT_STARTED = "NOT_STARTED"
|
|
2419
|
+
}
|
|
2420
|
+
export declare enum EvidenceFinderEnablementStatus {
|
|
2421
|
+
DISABLED = "DISABLED",
|
|
2422
|
+
DISABLE_IN_PROGRESS = "DISABLE_IN_PROGRESS",
|
|
2423
|
+
ENABLED = "ENABLED",
|
|
2424
|
+
ENABLE_IN_PROGRESS = "ENABLE_IN_PROGRESS"
|
|
2425
|
+
}
|
|
2426
|
+
/**
|
|
2427
|
+
* <p>The settings object that specifies whether evidence finder is enabled. This object also
|
|
2428
|
+
* describes the related event data store, and the backfill status for populating the event
|
|
2429
|
+
* data store with evidence data.</p>
|
|
2430
|
+
*/
|
|
2431
|
+
export interface EvidenceFinderEnablement {
|
|
2432
|
+
/**
|
|
2433
|
+
* <p>The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s
|
|
2434
|
+
* used by evidence finder. The event data store is the lake of evidence data that evidence
|
|
2435
|
+
* finder runs queries against.</p>
|
|
2436
|
+
*/
|
|
2437
|
+
eventDataStoreArn?: string;
|
|
2438
|
+
/**
|
|
2439
|
+
* <p>The current status of the evidence finder feature and the related event data store. </p>
|
|
2440
|
+
* <ul>
|
|
2441
|
+
* <li>
|
|
2442
|
+
* <p>
|
|
2443
|
+
* <code>ENABLE_IN_PROGRESS</code> means that you requested to enable evidence
|
|
2444
|
+
* finder. An event data store is currently being created to support evidence finder
|
|
2445
|
+
* queries.</p>
|
|
2446
|
+
* </li>
|
|
2447
|
+
* <li>
|
|
2448
|
+
* <p>
|
|
2449
|
+
* <code>ENABLED</code> means that an event data store was successfully created and
|
|
2450
|
+
* evidence finder is enabled. We recommend that you wait 24 hours until the event data
|
|
2451
|
+
* store is backfilled with your past evidence data. You can use evidence finder in the
|
|
2452
|
+
* meantime, but not all data might be available until the backfill is complete.</p>
|
|
2453
|
+
* </li>
|
|
2454
|
+
* <li>
|
|
2455
|
+
* <p>
|
|
2456
|
+
* <code>DISABLE_IN_PROGRESS</code> means that you requested to disable evidence finder, and your
|
|
2457
|
+
* request is pending the deletion of the event data store.</p>
|
|
2458
|
+
* </li>
|
|
2459
|
+
* <li>
|
|
2460
|
+
* <p>
|
|
2461
|
+
* <code>DISABLED</code> means that you have permanently disabled evidence finder and the event
|
|
2462
|
+
* data store has been deleted. You can't re-enable evidence finder after this
|
|
2463
|
+
* point.</p>
|
|
2464
|
+
* </li>
|
|
2465
|
+
* </ul>
|
|
2466
|
+
*/
|
|
2467
|
+
enablementStatus?: EvidenceFinderEnablementStatus | string;
|
|
2468
|
+
/**
|
|
2469
|
+
* <p>The current status of the evidence data backfill process. </p>
|
|
2470
|
+
* <p>The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past evidence data so that your evidence can be
|
|
2471
|
+
* queried.</p>
|
|
2472
|
+
* <ul>
|
|
2473
|
+
* <li>
|
|
2474
|
+
* <p>
|
|
2475
|
+
* <code>NOT_STARTED</code> means that the backfill hasn’t started yet. </p>
|
|
2476
|
+
* </li>
|
|
2477
|
+
* <li>
|
|
2478
|
+
* <p>
|
|
2479
|
+
* <code>IN_PROGRESS</code> means that the backfill is in progress. This can take up to 24 hours
|
|
2480
|
+
* to complete, depending on the amount of evidence data. </p>
|
|
2481
|
+
* </li>
|
|
2482
|
+
* <li>
|
|
2483
|
+
* <p>
|
|
2484
|
+
* <code>COMPLETED</code> means that the backfill is complete. All of your past
|
|
2485
|
+
* evidence is now queryable. </p>
|
|
2486
|
+
* </li>
|
|
2487
|
+
* </ul>
|
|
2488
|
+
*/
|
|
2489
|
+
backfillStatus?: EvidenceFinderBackfillStatus | string;
|
|
2490
|
+
/**
|
|
2491
|
+
* <p>Represents any errors that occurred when enabling or disabling evidence finder. </p>
|
|
2492
|
+
*/
|
|
2493
|
+
error?: string;
|
|
2494
|
+
}
|
|
2367
2495
|
/**
|
|
2368
2496
|
* <p> The settings object that holds all supported Audit Manager settings. </p>
|
|
2369
2497
|
*/
|
|
@@ -2388,6 +2516,10 @@ export interface Settings {
|
|
|
2388
2516
|
* <p> The KMS key details. </p>
|
|
2389
2517
|
*/
|
|
2390
2518
|
kmsKey?: string;
|
|
2519
|
+
/**
|
|
2520
|
+
* <p>The current evidence finder status and event data store details.</p>
|
|
2521
|
+
*/
|
|
2522
|
+
evidenceFinderEnablement?: EvidenceFinderEnablement;
|
|
2391
2523
|
}
|
|
2392
2524
|
export interface GetSettingsResponse {
|
|
2393
2525
|
/**
|
|
@@ -3181,6 +3313,20 @@ export interface UpdateSettingsRequest {
|
|
|
3181
3313
|
* <p> The KMS key details. </p>
|
|
3182
3314
|
*/
|
|
3183
3315
|
kmsKey?: string;
|
|
3316
|
+
/**
|
|
3317
|
+
* <p>Specifies whether the evidence finder feature is enabled. Change this attribute to
|
|
3318
|
+
* enable or disable evidence finder.</p>
|
|
3319
|
+
* <important>
|
|
3320
|
+
* <p>When you use this attribute to disable evidence finder, Audit Manager deletes the
|
|
3321
|
+
* event data store that’s used to query your evidence data. As a result, you can’t
|
|
3322
|
+
* re-enable evidence finder and use the feature again. Your only alternative is to <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html">deregister</a> and then <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html">re-register</a>
|
|
3323
|
+
* Audit Manager. </p>
|
|
3324
|
+
* <p>Disabling evidence finder is permanent, so consider this decision carefully before
|
|
3325
|
+
* you proceed. If you’re using Audit Manager as a delegated administrator, keep in
|
|
3326
|
+
* mind that this action applies to all member accounts in your organization.</p>
|
|
3327
|
+
* </important>
|
|
3328
|
+
*/
|
|
3329
|
+
evidenceFinderEnabled?: boolean;
|
|
3184
3330
|
}
|
|
3185
3331
|
export interface UpdateSettingsResponse {
|
|
3186
3332
|
/**
|
|
@@ -3662,6 +3808,10 @@ export declare const GetServicesInScopeResponseFilterSensitiveLog: (obj: GetServ
|
|
|
3662
3808
|
* @internal
|
|
3663
3809
|
*/
|
|
3664
3810
|
export declare const GetSettingsRequestFilterSensitiveLog: (obj: GetSettingsRequest) => any;
|
|
3811
|
+
/**
|
|
3812
|
+
* @internal
|
|
3813
|
+
*/
|
|
3814
|
+
export declare const EvidenceFinderEnablementFilterSensitiveLog: (obj: EvidenceFinderEnablement) => any;
|
|
3665
3815
|
/**
|
|
3666
3816
|
* @internal
|
|
3667
3817
|
*/
|
|
@@ -471,6 +471,7 @@ export interface CreateAssessmentReportRequest {
|
|
|
471
471
|
name: string | undefined;
|
|
472
472
|
description?: string;
|
|
473
473
|
assessmentId: string | undefined;
|
|
474
|
+
queryStatement?: string;
|
|
474
475
|
}
|
|
475
476
|
export interface CreateAssessmentReportResponse {
|
|
476
477
|
assessmentReport?: AssessmentReport;
|
|
@@ -620,6 +621,7 @@ export interface GetEvidenceRequest {
|
|
|
620
621
|
export interface Resource {
|
|
621
622
|
arn?: string;
|
|
622
623
|
value?: string;
|
|
624
|
+
complianceCheck?: string;
|
|
623
625
|
}
|
|
624
626
|
export interface Evidence {
|
|
625
627
|
dataSource?: string;
|
|
@@ -726,18 +728,37 @@ export declare enum SettingAttribute {
|
|
|
726
728
|
ALL = "ALL",
|
|
727
729
|
DEFAULT_ASSESSMENT_REPORTS_DESTINATION = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION",
|
|
728
730
|
DEFAULT_PROCESS_OWNERS = "DEFAULT_PROCESS_OWNERS",
|
|
731
|
+
EVIDENCE_FINDER_ENABLEMENT = "EVIDENCE_FINDER_ENABLEMENT",
|
|
729
732
|
IS_AWS_ORG_ENABLED = "IS_AWS_ORG_ENABLED",
|
|
730
733
|
SNS_TOPIC = "SNS_TOPIC",
|
|
731
734
|
}
|
|
732
735
|
export interface GetSettingsRequest {
|
|
733
736
|
attribute: SettingAttribute | string | undefined;
|
|
734
737
|
}
|
|
738
|
+
export declare enum EvidenceFinderBackfillStatus {
|
|
739
|
+
COMPLETED = "COMPLETED",
|
|
740
|
+
IN_PROGRESS = "IN_PROGRESS",
|
|
741
|
+
NOT_STARTED = "NOT_STARTED",
|
|
742
|
+
}
|
|
743
|
+
export declare enum EvidenceFinderEnablementStatus {
|
|
744
|
+
DISABLED = "DISABLED",
|
|
745
|
+
DISABLE_IN_PROGRESS = "DISABLE_IN_PROGRESS",
|
|
746
|
+
ENABLED = "ENABLED",
|
|
747
|
+
ENABLE_IN_PROGRESS = "ENABLE_IN_PROGRESS",
|
|
748
|
+
}
|
|
749
|
+
export interface EvidenceFinderEnablement {
|
|
750
|
+
eventDataStoreArn?: string;
|
|
751
|
+
enablementStatus?: EvidenceFinderEnablementStatus | string;
|
|
752
|
+
backfillStatus?: EvidenceFinderBackfillStatus | string;
|
|
753
|
+
error?: string;
|
|
754
|
+
}
|
|
735
755
|
export interface Settings {
|
|
736
756
|
isAwsOrgEnabled?: boolean;
|
|
737
757
|
snsTopic?: string;
|
|
738
758
|
defaultAssessmentReportsDestination?: AssessmentReportsDestination;
|
|
739
759
|
defaultProcessOwners?: Role[];
|
|
740
760
|
kmsKey?: string;
|
|
761
|
+
evidenceFinderEnablement?: EvidenceFinderEnablement;
|
|
741
762
|
}
|
|
742
763
|
export interface GetSettingsResponse {
|
|
743
764
|
settings?: Settings;
|
|
@@ -1011,6 +1032,7 @@ export interface UpdateSettingsRequest {
|
|
|
1011
1032
|
defaultAssessmentReportsDestination?: AssessmentReportsDestination;
|
|
1012
1033
|
defaultProcessOwners?: Role[];
|
|
1013
1034
|
kmsKey?: string;
|
|
1035
|
+
evidenceFinderEnabled?: boolean;
|
|
1014
1036
|
}
|
|
1015
1037
|
export interface UpdateSettingsResponse {
|
|
1016
1038
|
settings?: Settings;
|
|
@@ -1330,6 +1352,9 @@ export declare const GetServicesInScopeResponseFilterSensitiveLog: (
|
|
|
1330
1352
|
export declare const GetSettingsRequestFilterSensitiveLog: (
|
|
1331
1353
|
obj: GetSettingsRequest
|
|
1332
1354
|
) => any;
|
|
1355
|
+
export declare const EvidenceFinderEnablementFilterSensitiveLog: (
|
|
1356
|
+
obj: EvidenceFinderEnablement
|
|
1357
|
+
) => any;
|
|
1333
1358
|
export declare const SettingsFilterSensitiveLog: (obj: Settings) => any;
|
|
1334
1359
|
export declare const GetSettingsResponseFilterSensitiveLog: (
|
|
1335
1360
|
obj: GetSettingsResponse
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/client-auditmanager",
|
|
3
3
|
"description": "AWS SDK for JavaScript Auditmanager Client for Node.js, Browser and React Native",
|
|
4
|
-
"version": "3.
|
|
4
|
+
"version": "3.214.0",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
|
|
7
7
|
"build:cjs": "tsc -p tsconfig.cjs.json",
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"@aws-crypto/sha256-browser": "2.0.0",
|
|
21
21
|
"@aws-crypto/sha256-js": "2.0.0",
|
|
22
|
-
"@aws-sdk/client-sts": "3.
|
|
22
|
+
"@aws-sdk/client-sts": "3.213.0",
|
|
23
23
|
"@aws-sdk/config-resolver": "3.212.0",
|
|
24
24
|
"@aws-sdk/credential-provider-node": "3.212.0",
|
|
25
25
|
"@aws-sdk/fetch-http-handler": "3.212.0",
|