@aws-sdk/client-auditmanager 3.245.0 → 3.246.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -7
- package/dist-cjs/endpoint/ruleset.js +3 -3
- package/dist-cjs/models/models_0.js +15 -5
- package/dist-cjs/protocols/Aws_restJson1.js +16 -0
- package/dist-es/endpoint/ruleset.js +3 -3
- package/dist-es/models/models_0.js +9 -0
- package/dist-es/protocols/Aws_restJson1.js +16 -0
- package/dist-types/AuditManager.d.ts +46 -77
- package/dist-types/AuditManagerClient.d.ts +7 -7
- package/dist-types/commands/AssociateAssessmentReportEvidenceFolderCommand.d.ts +1 -1
- package/dist-types/commands/BatchImportEvidenceToAssessmentControlCommand.d.ts +3 -2
- package/dist-types/commands/DeregisterAccountCommand.d.ts +7 -37
- package/dist-types/commands/DeregisterOrganizationAdminAccountCommand.d.ts +24 -26
- package/dist-types/commands/GetEvidenceFoldersByAssessmentControlCommand.d.ts +2 -2
- package/dist-types/commands/ListAssessmentFrameworksCommand.d.ts +2 -2
- package/dist-types/endpoint/EndpointParameters.d.ts +1 -1
- package/dist-types/models/models_0.d.ts +95 -46
- package/dist-types/ts3.4/endpoint/EndpointParameters.d.ts +1 -1
- package/dist-types/ts3.4/models/models_0.d.ts +13 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -12,13 +12,13 @@ AWS SDK for JavaScript AuditManager Client for Node.js, Browser and React Native
|
|
|
12
12
|
<p>Welcome to the Audit Manager API reference. This guide is for developers who
|
|
13
13
|
need detailed information about the Audit Manager API operations, data types, and
|
|
14
14
|
errors. </p>
|
|
15
|
-
<p>Audit Manager is a service that provides automated evidence collection so that
|
|
16
|
-
|
|
15
|
+
<p>Audit Manager is a service that provides automated evidence collection so that you
|
|
16
|
+
can continually audit your Amazon Web Services usage. You can use it to assess the
|
|
17
17
|
effectiveness of your controls, manage risk, and simplify compliance.</p>
|
|
18
|
-
<p>Audit Manager provides prebuilt frameworks that structure and automate
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
<p>Audit Manager provides prebuilt frameworks that structure and automate assessments
|
|
19
|
+
for a given compliance standard. Frameworks include a prebuilt collection of controls with
|
|
20
|
+
descriptions and testing procedures. These controls are grouped according to the
|
|
21
|
+
requirements of the specified compliance standard or regulation. You can also customize
|
|
22
22
|
frameworks and controls to support internal audits with specific requirements. </p>
|
|
23
23
|
<p>Use the following links to get started with the Audit Manager API:</p>
|
|
24
24
|
<ul>
|
|
@@ -35,7 +35,7 @@ types.</p>
|
|
|
35
35
|
<li>
|
|
36
36
|
<p>
|
|
37
37
|
<a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/CommonParameters.html">Common
|
|
38
|
-
parameters</a>: Parameters that all
|
|
38
|
+
parameters</a>: Parameters that all operations can use.</p>
|
|
39
39
|
</li>
|
|
40
40
|
<li>
|
|
41
41
|
<p>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.ruleSet = void 0;
|
|
4
|
-
const
|
|
5
|
-
const a =
|
|
6
|
-
const _data = { version: "1.0", parameters: { Region:
|
|
4
|
+
const q = "fn", r = "argv", s = "ref";
|
|
5
|
+
const a = true, b = false, c = "String", d = "PartitionResult", e = "tree", f = "error", g = "endpoint", h = { "required": true, "default": false, "type": "Boolean" }, i = { [s]: "Endpoint" }, j = { [q]: "booleanEquals", [r]: [{ [s]: "UseFIPS" }, true] }, k = { [q]: "booleanEquals", [r]: [{ [s]: "UseDualStack" }, true] }, l = {}, m = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsFIPS"] }] }, n = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsDualStack"] }] }, o = [j], p = [k];
|
|
6
|
+
const _data = { version: "1.0", parameters: { Region: { required: a, type: c }, UseDualStack: h, UseFIPS: h, Endpoint: { required: b, type: c } }, rules: [{ conditions: [{ [q]: "aws.partition", [r]: [{ [s]: "Region" }], assign: d }], type: e, rules: [{ conditions: [{ [q]: "isSet", [r]: [i] }], type: e, rules: [{ conditions: o, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: f }, { type: e, rules: [{ conditions: p, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: f }, { endpoint: { url: i, properties: l, headers: l }, type: g }] }] }, { conditions: [j, k], type: e, rules: [{ conditions: [m, n], type: e, rules: [{ endpoint: { url: "https://auditmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: f }] }, { conditions: o, type: e, rules: [{ conditions: [m], type: e, rules: [{ type: e, rules: [{ endpoint: { url: "https://auditmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] }, { error: "FIPS is enabled but this partition does not support FIPS", type: f }] }, { conditions: p, type: e, rules: [{ conditions: [n], type: e, rules: [{ endpoint: { url: "https://auditmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "DualStack is enabled but this partition does not support DualStack", type: f }] }, { endpoint: { url: "https://auditmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] };
|
|
7
7
|
exports.ruleSet = _data;
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
4
|
-
exports.
|
|
5
|
-
exports.
|
|
6
|
-
exports.
|
|
7
|
-
exports.ValidateAssessmentReportIntegrityResponseFilterSensitiveLog = exports.ValidateAssessmentReportIntegrityRequestFilterSensitiveLog = exports.UpdateSettingsResponseFilterSensitiveLog = void 0;
|
|
3
|
+
exports.AssessmentReportEvidenceErrorFilterSensitiveLog = exports.AssessmentReportFilterSensitiveLog = exports.AssessmentMetadataItemFilterSensitiveLog = exports.AssessmentFrameworkShareRequestFilterSensitiveLog = exports.AssessmentFrameworkMetadataFilterSensitiveLog = exports.AssessmentEvidenceFolderFilterSensitiveLog = exports.AssessmentFilterSensitiveLog = exports.AssessmentMetadataFilterSensitiveLog = exports.ScopeFilterSensitiveLog = exports.AWSServiceFilterSensitiveLog = exports.AssessmentReportsDestinationFilterSensitiveLog = exports.AssessmentFrameworkFilterSensitiveLog = exports.FrameworkMetadataFilterSensitiveLog = exports.AssessmentControlSetFilterSensitiveLog = exports.RoleFilterSensitiveLog = exports.DelegationFilterSensitiveLog = exports.AssessmentControlFilterSensitiveLog = exports.ControlCommentFilterSensitiveLog = exports.AWSAccountFilterSensitiveLog = exports.ShareRequestAction = exports.ThrottlingException = exports.EvidenceFinderEnablementStatus = exports.EvidenceFinderBackfillStatus = exports.DeleteResources = exports.SettingAttribute = exports.ObjectTypeEnum = exports.ShareRequestType = exports.ControlType = exports.SourceType = exports.SourceSetUpOption = exports.KeywordInputType = exports.SourceFrequency = exports.ServiceQuotaExceededException = exports.ValidationException = exports.ValidationExceptionReason = exports.ResourceNotFoundException = exports.InternalServerException = exports.AssessmentReportStatus = exports.ShareRequestStatus = exports.FrameworkType = exports.AssessmentStatus = exports.AssessmentReportDestinationType = exports.ControlSetStatus = exports.DelegationStatus = exports.RoleType = exports.ControlStatus = exports.ControlResponse = exports.ActionEnum = exports.AccountStatus = exports.AccessDeniedException = void 0;
|
|
4
|
+
exports.DisassociateAssessmentReportEvidenceFolderRequestFilterSensitiveLog = exports.DeregisterOrganizationAdminAccountResponseFilterSensitiveLog = exports.DeregisterOrganizationAdminAccountRequestFilterSensitiveLog = exports.DeregisterAccountResponseFilterSensitiveLog = exports.DeregisterAccountRequestFilterSensitiveLog = exports.DeleteControlResponseFilterSensitiveLog = exports.DeleteControlRequestFilterSensitiveLog = exports.DeleteAssessmentReportResponseFilterSensitiveLog = exports.DeleteAssessmentReportRequestFilterSensitiveLog = exports.DeleteAssessmentFrameworkShareResponseFilterSensitiveLog = exports.DeleteAssessmentFrameworkShareRequestFilterSensitiveLog = exports.DeleteAssessmentFrameworkResponseFilterSensitiveLog = exports.DeleteAssessmentFrameworkRequestFilterSensitiveLog = exports.DeleteAssessmentResponseFilterSensitiveLog = exports.DeleteAssessmentRequestFilterSensitiveLog = exports.CreateControlResponseFilterSensitiveLog = exports.CreateControlRequestFilterSensitiveLog = exports.CreateControlMappingSourceFilterSensitiveLog = exports.CreateAssessmentReportResponseFilterSensitiveLog = exports.CreateAssessmentReportRequestFilterSensitiveLog = exports.CreateAssessmentFrameworkResponseFilterSensitiveLog = exports.FrameworkFilterSensitiveLog = exports.ControlSetFilterSensitiveLog = exports.ControlFilterSensitiveLog = exports.ControlMappingSourceFilterSensitiveLog = exports.SourceKeywordFilterSensitiveLog = exports.CreateAssessmentFrameworkRequestFilterSensitiveLog = exports.CreateAssessmentFrameworkControlSetFilterSensitiveLog = exports.CreateAssessmentFrameworkControlFilterSensitiveLog = exports.CreateAssessmentResponseFilterSensitiveLog = exports.CreateAssessmentRequestFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlResponseFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlErrorFilterSensitiveLog = exports.BatchImportEvidenceToAssessmentControlRequestFilterSensitiveLog = exports.ManualEvidenceFilterSensitiveLog = exports.BatchDisassociateAssessmentReportEvidenceResponseFilterSensitiveLog = exports.BatchDisassociateAssessmentReportEvidenceRequestFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentResponseFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentErrorFilterSensitiveLog = exports.BatchDeleteDelegationByAssessmentRequestFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentResponseFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentErrorFilterSensitiveLog = exports.BatchCreateDelegationByAssessmentRequestFilterSensitiveLog = exports.CreateDelegationRequestFilterSensitiveLog = exports.BatchAssociateAssessmentReportEvidenceResponseFilterSensitiveLog = exports.BatchAssociateAssessmentReportEvidenceRequestFilterSensitiveLog = exports.ValidationExceptionFieldFilterSensitiveLog = exports.AssociateAssessmentReportEvidenceFolderResponseFilterSensitiveLog = exports.AssociateAssessmentReportEvidenceFolderRequestFilterSensitiveLog = exports.AssessmentReportMetadataFilterSensitiveLog = void 0;
|
|
5
|
+
exports.ListAssessmentControlInsightsByControlDomainResponseFilterSensitiveLog = exports.ControlInsightsMetadataByAssessmentItemFilterSensitiveLog = exports.EvidenceInsightsFilterSensitiveLog = exports.ListAssessmentControlInsightsByControlDomainRequestFilterSensitiveLog = exports.GetSettingsResponseFilterSensitiveLog = exports.SettingsFilterSensitiveLog = exports.EvidenceFinderEnablementFilterSensitiveLog = exports.DeregistrationPolicyFilterSensitiveLog = exports.GetSettingsRequestFilterSensitiveLog = exports.GetServicesInScopeResponseFilterSensitiveLog = exports.ServiceMetadataFilterSensitiveLog = exports.GetServicesInScopeRequestFilterSensitiveLog = exports.GetOrganizationAdminAccountResponseFilterSensitiveLog = exports.GetOrganizationAdminAccountRequestFilterSensitiveLog = exports.GetInsightsByAssessmentResponseFilterSensitiveLog = exports.InsightsByAssessmentFilterSensitiveLog = exports.GetInsightsByAssessmentRequestFilterSensitiveLog = exports.GetInsightsResponseFilterSensitiveLog = exports.InsightsFilterSensitiveLog = exports.GetInsightsRequestFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentControlResponseFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentControlRequestFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentResponseFilterSensitiveLog = exports.GetEvidenceFoldersByAssessmentRequestFilterSensitiveLog = exports.GetEvidenceFolderResponseFilterSensitiveLog = exports.GetEvidenceFolderRequestFilterSensitiveLog = exports.GetEvidenceByEvidenceFolderResponseFilterSensitiveLog = exports.GetEvidenceByEvidenceFolderRequestFilterSensitiveLog = exports.GetEvidenceResponseFilterSensitiveLog = exports.EvidenceFilterSensitiveLog = exports.ResourceFilterSensitiveLog = exports.GetEvidenceRequestFilterSensitiveLog = exports.GetDelegationsResponseFilterSensitiveLog = exports.DelegationMetadataFilterSensitiveLog = exports.GetDelegationsRequestFilterSensitiveLog = exports.GetControlResponseFilterSensitiveLog = exports.GetControlRequestFilterSensitiveLog = exports.GetChangeLogsResponseFilterSensitiveLog = exports.ChangeLogFilterSensitiveLog = exports.GetChangeLogsRequestFilterSensitiveLog = exports.GetAssessmentReportUrlResponseFilterSensitiveLog = exports.URLFilterSensitiveLog = exports.GetAssessmentReportUrlRequestFilterSensitiveLog = exports.GetAssessmentFrameworkResponseFilterSensitiveLog = exports.GetAssessmentFrameworkRequestFilterSensitiveLog = exports.GetAssessmentResponseFilterSensitiveLog = exports.GetAssessmentRequestFilterSensitiveLog = exports.GetAccountStatusResponseFilterSensitiveLog = exports.GetAccountStatusRequestFilterSensitiveLog = exports.DisassociateAssessmentReportEvidenceFolderResponseFilterSensitiveLog = void 0;
|
|
6
|
+
exports.UpdateControlRequestFilterSensitiveLog = exports.UpdateAssessmentStatusResponseFilterSensitiveLog = exports.UpdateAssessmentStatusRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkShareResponseFilterSensitiveLog = exports.UpdateAssessmentFrameworkShareRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkResponseFilterSensitiveLog = exports.UpdateAssessmentFrameworkRequestFilterSensitiveLog = exports.UpdateAssessmentFrameworkControlSetFilterSensitiveLog = exports.UpdateAssessmentControlSetStatusResponseFilterSensitiveLog = exports.UpdateAssessmentControlSetStatusRequestFilterSensitiveLog = exports.UpdateAssessmentControlResponseFilterSensitiveLog = exports.UpdateAssessmentControlRequestFilterSensitiveLog = exports.UpdateAssessmentResponseFilterSensitiveLog = exports.UpdateAssessmentRequestFilterSensitiveLog = exports.UntagResourceResponseFilterSensitiveLog = exports.UntagResourceRequestFilterSensitiveLog = exports.TagResourceResponseFilterSensitiveLog = exports.TagResourceRequestFilterSensitiveLog = exports.StartAssessmentFrameworkShareResponseFilterSensitiveLog = exports.StartAssessmentFrameworkShareRequestFilterSensitiveLog = exports.RegisterOrganizationAdminAccountResponseFilterSensitiveLog = exports.RegisterOrganizationAdminAccountRequestFilterSensitiveLog = exports.RegisterAccountResponseFilterSensitiveLog = exports.RegisterAccountRequestFilterSensitiveLog = exports.ListTagsForResourceResponseFilterSensitiveLog = exports.ListTagsForResourceRequestFilterSensitiveLog = exports.ListNotificationsResponseFilterSensitiveLog = exports.NotificationFilterSensitiveLog = exports.ListNotificationsRequestFilterSensitiveLog = exports.ListKeywordsForDataSourceResponseFilterSensitiveLog = exports.ListKeywordsForDataSourceRequestFilterSensitiveLog = exports.ListControlsResponseFilterSensitiveLog = exports.ControlMetadataFilterSensitiveLog = exports.ListControlsRequestFilterSensitiveLog = exports.ListControlInsightsByControlDomainResponseFilterSensitiveLog = exports.ControlInsightsMetadataItemFilterSensitiveLog = exports.ListControlInsightsByControlDomainRequestFilterSensitiveLog = exports.ListControlDomainInsightsByAssessmentResponseFilterSensitiveLog = exports.ListControlDomainInsightsByAssessmentRequestFilterSensitiveLog = exports.ListControlDomainInsightsResponseFilterSensitiveLog = exports.ControlDomainInsightsFilterSensitiveLog = exports.ListControlDomainInsightsRequestFilterSensitiveLog = exports.ListAssessmentsResponseFilterSensitiveLog = exports.ListAssessmentsRequestFilterSensitiveLog = exports.ListAssessmentReportsResponseFilterSensitiveLog = exports.ListAssessmentReportsRequestFilterSensitiveLog = exports.ListAssessmentFrameworkShareRequestsResponseFilterSensitiveLog = exports.ListAssessmentFrameworkShareRequestsRequestFilterSensitiveLog = exports.ListAssessmentFrameworksResponseFilterSensitiveLog = exports.ListAssessmentFrameworksRequestFilterSensitiveLog = void 0;
|
|
7
|
+
exports.ValidateAssessmentReportIntegrityResponseFilterSensitiveLog = exports.ValidateAssessmentReportIntegrityRequestFilterSensitiveLog = exports.UpdateSettingsResponseFilterSensitiveLog = exports.UpdateSettingsRequestFilterSensitiveLog = exports.UpdateControlResponseFilterSensitiveLog = void 0;
|
|
8
8
|
const AuditManagerServiceException_1 = require("./AuditManagerServiceException");
|
|
9
9
|
class AccessDeniedException extends AuditManagerServiceException_1.AuditManagerServiceException {
|
|
10
10
|
constructor(opts) {
|
|
@@ -206,10 +206,16 @@ var SettingAttribute;
|
|
|
206
206
|
SettingAttribute["ALL"] = "ALL";
|
|
207
207
|
SettingAttribute["DEFAULT_ASSESSMENT_REPORTS_DESTINATION"] = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION";
|
|
208
208
|
SettingAttribute["DEFAULT_PROCESS_OWNERS"] = "DEFAULT_PROCESS_OWNERS";
|
|
209
|
+
SettingAttribute["DEREGISTRATION_POLICY"] = "DEREGISTRATION_POLICY";
|
|
209
210
|
SettingAttribute["EVIDENCE_FINDER_ENABLEMENT"] = "EVIDENCE_FINDER_ENABLEMENT";
|
|
210
211
|
SettingAttribute["IS_AWS_ORG_ENABLED"] = "IS_AWS_ORG_ENABLED";
|
|
211
212
|
SettingAttribute["SNS_TOPIC"] = "SNS_TOPIC";
|
|
212
213
|
})(SettingAttribute = exports.SettingAttribute || (exports.SettingAttribute = {}));
|
|
214
|
+
var DeleteResources;
|
|
215
|
+
(function (DeleteResources) {
|
|
216
|
+
DeleteResources["ALL"] = "ALL";
|
|
217
|
+
DeleteResources["DEFAULT"] = "DEFAULT";
|
|
218
|
+
})(DeleteResources = exports.DeleteResources || (exports.DeleteResources = {}));
|
|
213
219
|
var EvidenceFinderBackfillStatus;
|
|
214
220
|
(function (EvidenceFinderBackfillStatus) {
|
|
215
221
|
EvidenceFinderBackfillStatus["COMPLETED"] = "COMPLETED";
|
|
@@ -686,6 +692,10 @@ const GetSettingsRequestFilterSensitiveLog = (obj) => ({
|
|
|
686
692
|
...obj,
|
|
687
693
|
});
|
|
688
694
|
exports.GetSettingsRequestFilterSensitiveLog = GetSettingsRequestFilterSensitiveLog;
|
|
695
|
+
const DeregistrationPolicyFilterSensitiveLog = (obj) => ({
|
|
696
|
+
...obj,
|
|
697
|
+
});
|
|
698
|
+
exports.DeregistrationPolicyFilterSensitiveLog = DeregistrationPolicyFilterSensitiveLog;
|
|
689
699
|
const EvidenceFinderEnablementFilterSensitiveLog = (obj) => ({
|
|
690
700
|
...obj,
|
|
691
701
|
});
|
|
@@ -1323,6 +1323,9 @@ const serializeAws_restJson1UpdateSettingsCommand = async (input, context) => {
|
|
|
1323
1323
|
...(input.defaultProcessOwners != null && {
|
|
1324
1324
|
defaultProcessOwners: serializeAws_restJson1Roles(input.defaultProcessOwners, context),
|
|
1325
1325
|
}),
|
|
1326
|
+
...(input.deregistrationPolicy != null && {
|
|
1327
|
+
deregistrationPolicy: serializeAws_restJson1DeregistrationPolicy(input.deregistrationPolicy, context),
|
|
1328
|
+
}),
|
|
1326
1329
|
...(input.evidenceFinderEnabled != null && { evidenceFinderEnabled: input.evidenceFinderEnabled }),
|
|
1327
1330
|
...(input.kmsKey != null && { kmsKey: input.kmsKey }),
|
|
1328
1331
|
...(input.snsTopic != null && { snsTopic: input.snsTopic }),
|
|
@@ -4192,6 +4195,11 @@ const serializeAws_restJson1DelegationIds = (input, context) => {
|
|
|
4192
4195
|
return entry;
|
|
4193
4196
|
});
|
|
4194
4197
|
};
|
|
4198
|
+
const serializeAws_restJson1DeregistrationPolicy = (input, context) => {
|
|
4199
|
+
return {
|
|
4200
|
+
...(input.deleteResources != null && { deleteResources: input.deleteResources }),
|
|
4201
|
+
};
|
|
4202
|
+
};
|
|
4195
4203
|
const serializeAws_restJson1EvidenceIds = (input, context) => {
|
|
4196
4204
|
return input
|
|
4197
4205
|
.filter((e) => e != null)
|
|
@@ -4878,6 +4886,11 @@ const deserializeAws_restJson1Delegations = (output, context) => {
|
|
|
4878
4886
|
});
|
|
4879
4887
|
return retVal;
|
|
4880
4888
|
};
|
|
4889
|
+
const deserializeAws_restJson1DeregistrationPolicy = (output, context) => {
|
|
4890
|
+
return {
|
|
4891
|
+
deleteResources: (0, smithy_client_1.expectString)(output.deleteResources),
|
|
4892
|
+
};
|
|
4893
|
+
};
|
|
4881
4894
|
const deserializeAws_restJson1Evidence = (output, context) => {
|
|
4882
4895
|
return {
|
|
4883
4896
|
assessmentReportSelection: (0, smithy_client_1.expectString)(output.assessmentReportSelection),
|
|
@@ -5138,6 +5151,9 @@ const deserializeAws_restJson1Settings = (output, context) => {
|
|
|
5138
5151
|
defaultProcessOwners: output.defaultProcessOwners != null
|
|
5139
5152
|
? deserializeAws_restJson1Roles(output.defaultProcessOwners, context)
|
|
5140
5153
|
: undefined,
|
|
5154
|
+
deregistrationPolicy: output.deregistrationPolicy != null
|
|
5155
|
+
? deserializeAws_restJson1DeregistrationPolicy(output.deregistrationPolicy, context)
|
|
5156
|
+
: undefined,
|
|
5141
5157
|
evidenceFinderEnablement: output.evidenceFinderEnablement != null
|
|
5142
5158
|
? deserializeAws_restJson1EvidenceFinderEnablement(output.evidenceFinderEnablement, context)
|
|
5143
5159
|
: undefined,
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
const
|
|
2
|
-
const a =
|
|
3
|
-
const _data = { version: "1.0", parameters: { Region:
|
|
1
|
+
const q = "fn", r = "argv", s = "ref";
|
|
2
|
+
const a = true, b = false, c = "String", d = "PartitionResult", e = "tree", f = "error", g = "endpoint", h = { "required": true, "default": false, "type": "Boolean" }, i = { [s]: "Endpoint" }, j = { [q]: "booleanEquals", [r]: [{ [s]: "UseFIPS" }, true] }, k = { [q]: "booleanEquals", [r]: [{ [s]: "UseDualStack" }, true] }, l = {}, m = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsFIPS"] }] }, n = { [q]: "booleanEquals", [r]: [true, { [q]: "getAttr", [r]: [{ [s]: d }, "supportsDualStack"] }] }, o = [j], p = [k];
|
|
3
|
+
const _data = { version: "1.0", parameters: { Region: { required: a, type: c }, UseDualStack: h, UseFIPS: h, Endpoint: { required: b, type: c } }, rules: [{ conditions: [{ [q]: "aws.partition", [r]: [{ [s]: "Region" }], assign: d }], type: e, rules: [{ conditions: [{ [q]: "isSet", [r]: [i] }], type: e, rules: [{ conditions: o, error: "Invalid Configuration: FIPS and custom endpoint are not supported", type: f }, { type: e, rules: [{ conditions: p, error: "Invalid Configuration: Dualstack and custom endpoint are not supported", type: f }, { endpoint: { url: i, properties: l, headers: l }, type: g }] }] }, { conditions: [j, k], type: e, rules: [{ conditions: [m, n], type: e, rules: [{ endpoint: { url: "https://auditmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "FIPS and DualStack are enabled, but this partition does not support one or both", type: f }] }, { conditions: o, type: e, rules: [{ conditions: [m], type: e, rules: [{ type: e, rules: [{ endpoint: { url: "https://auditmanager-fips.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] }, { error: "FIPS is enabled but this partition does not support FIPS", type: f }] }, { conditions: p, type: e, rules: [{ conditions: [n], type: e, rules: [{ endpoint: { url: "https://auditmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", properties: l, headers: l }, type: g }] }, { error: "DualStack is enabled but this partition does not support DualStack", type: f }] }, { endpoint: { url: "https://auditmanager.{Region}.{PartitionResult#dnsSuffix}", properties: l, headers: l }, type: g }] }] };
|
|
4
4
|
export const ruleSet = _data;
|
|
@@ -194,10 +194,16 @@ export var SettingAttribute;
|
|
|
194
194
|
SettingAttribute["ALL"] = "ALL";
|
|
195
195
|
SettingAttribute["DEFAULT_ASSESSMENT_REPORTS_DESTINATION"] = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION";
|
|
196
196
|
SettingAttribute["DEFAULT_PROCESS_OWNERS"] = "DEFAULT_PROCESS_OWNERS";
|
|
197
|
+
SettingAttribute["DEREGISTRATION_POLICY"] = "DEREGISTRATION_POLICY";
|
|
197
198
|
SettingAttribute["EVIDENCE_FINDER_ENABLEMENT"] = "EVIDENCE_FINDER_ENABLEMENT";
|
|
198
199
|
SettingAttribute["IS_AWS_ORG_ENABLED"] = "IS_AWS_ORG_ENABLED";
|
|
199
200
|
SettingAttribute["SNS_TOPIC"] = "SNS_TOPIC";
|
|
200
201
|
})(SettingAttribute || (SettingAttribute = {}));
|
|
202
|
+
export var DeleteResources;
|
|
203
|
+
(function (DeleteResources) {
|
|
204
|
+
DeleteResources["ALL"] = "ALL";
|
|
205
|
+
DeleteResources["DEFAULT"] = "DEFAULT";
|
|
206
|
+
})(DeleteResources || (DeleteResources = {}));
|
|
201
207
|
export var EvidenceFinderBackfillStatus;
|
|
202
208
|
(function (EvidenceFinderBackfillStatus) {
|
|
203
209
|
EvidenceFinderBackfillStatus["COMPLETED"] = "COMPLETED";
|
|
@@ -562,6 +568,9 @@ export const GetServicesInScopeResponseFilterSensitiveLog = (obj) => ({
|
|
|
562
568
|
export const GetSettingsRequestFilterSensitiveLog = (obj) => ({
|
|
563
569
|
...obj,
|
|
564
570
|
});
|
|
571
|
+
export const DeregistrationPolicyFilterSensitiveLog = (obj) => ({
|
|
572
|
+
...obj,
|
|
573
|
+
});
|
|
565
574
|
export const EvidenceFinderEnablementFilterSensitiveLog = (obj) => ({
|
|
566
575
|
...obj,
|
|
567
576
|
});
|
|
@@ -1259,6 +1259,9 @@ export const serializeAws_restJson1UpdateSettingsCommand = async (input, context
|
|
|
1259
1259
|
...(input.defaultProcessOwners != null && {
|
|
1260
1260
|
defaultProcessOwners: serializeAws_restJson1Roles(input.defaultProcessOwners, context),
|
|
1261
1261
|
}),
|
|
1262
|
+
...(input.deregistrationPolicy != null && {
|
|
1263
|
+
deregistrationPolicy: serializeAws_restJson1DeregistrationPolicy(input.deregistrationPolicy, context),
|
|
1264
|
+
}),
|
|
1262
1265
|
...(input.evidenceFinderEnabled != null && { evidenceFinderEnabled: input.evidenceFinderEnabled }),
|
|
1263
1266
|
...(input.kmsKey != null && { kmsKey: input.kmsKey }),
|
|
1264
1267
|
...(input.snsTopic != null && { snsTopic: input.snsTopic }),
|
|
@@ -4065,6 +4068,11 @@ const serializeAws_restJson1DelegationIds = (input, context) => {
|
|
|
4065
4068
|
return entry;
|
|
4066
4069
|
});
|
|
4067
4070
|
};
|
|
4071
|
+
const serializeAws_restJson1DeregistrationPolicy = (input, context) => {
|
|
4072
|
+
return {
|
|
4073
|
+
...(input.deleteResources != null && { deleteResources: input.deleteResources }),
|
|
4074
|
+
};
|
|
4075
|
+
};
|
|
4068
4076
|
const serializeAws_restJson1EvidenceIds = (input, context) => {
|
|
4069
4077
|
return input
|
|
4070
4078
|
.filter((e) => e != null)
|
|
@@ -4751,6 +4759,11 @@ const deserializeAws_restJson1Delegations = (output, context) => {
|
|
|
4751
4759
|
});
|
|
4752
4760
|
return retVal;
|
|
4753
4761
|
};
|
|
4762
|
+
const deserializeAws_restJson1DeregistrationPolicy = (output, context) => {
|
|
4763
|
+
return {
|
|
4764
|
+
deleteResources: __expectString(output.deleteResources),
|
|
4765
|
+
};
|
|
4766
|
+
};
|
|
4754
4767
|
const deserializeAws_restJson1Evidence = (output, context) => {
|
|
4755
4768
|
return {
|
|
4756
4769
|
assessmentReportSelection: __expectString(output.assessmentReportSelection),
|
|
@@ -5011,6 +5024,9 @@ const deserializeAws_restJson1Settings = (output, context) => {
|
|
|
5011
5024
|
defaultProcessOwners: output.defaultProcessOwners != null
|
|
5012
5025
|
? deserializeAws_restJson1Roles(output.defaultProcessOwners, context)
|
|
5013
5026
|
: undefined,
|
|
5027
|
+
deregistrationPolicy: output.deregistrationPolicy != null
|
|
5028
|
+
? deserializeAws_restJson1DeregistrationPolicy(output.deregistrationPolicy, context)
|
|
5029
|
+
: undefined,
|
|
5014
5030
|
evidenceFinderEnablement: output.evidenceFinderEnablement != null
|
|
5015
5031
|
? deserializeAws_restJson1EvidenceFinderEnablement(output.evidenceFinderEnablement, context)
|
|
5016
5032
|
: undefined,
|
|
@@ -65,13 +65,13 @@ import { ValidateAssessmentReportIntegrityCommandInput, ValidateAssessmentReport
|
|
|
65
65
|
* <p>Welcome to the Audit Manager API reference. This guide is for developers who
|
|
66
66
|
* need detailed information about the Audit Manager API operations, data types, and
|
|
67
67
|
* errors. </p>
|
|
68
|
-
* <p>Audit Manager is a service that provides automated evidence collection so that
|
|
69
|
-
*
|
|
68
|
+
* <p>Audit Manager is a service that provides automated evidence collection so that you
|
|
69
|
+
* can continually audit your Amazon Web Services usage. You can use it to assess the
|
|
70
70
|
* effectiveness of your controls, manage risk, and simplify compliance.</p>
|
|
71
|
-
* <p>Audit Manager provides prebuilt frameworks that structure and automate
|
|
72
|
-
*
|
|
73
|
-
*
|
|
74
|
-
*
|
|
71
|
+
* <p>Audit Manager provides prebuilt frameworks that structure and automate assessments
|
|
72
|
+
* for a given compliance standard. Frameworks include a prebuilt collection of controls with
|
|
73
|
+
* descriptions and testing procedures. These controls are grouped according to the
|
|
74
|
+
* requirements of the specified compliance standard or regulation. You can also customize
|
|
75
75
|
* frameworks and controls to support internal audits with specific requirements. </p>
|
|
76
76
|
* <p>Use the following links to get started with the Audit Manager API:</p>
|
|
77
77
|
* <ul>
|
|
@@ -88,7 +88,7 @@ import { ValidateAssessmentReportIntegrityCommandInput, ValidateAssessmentReport
|
|
|
88
88
|
* <li>
|
|
89
89
|
* <p>
|
|
90
90
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/CommonParameters.html">Common
|
|
91
|
-
* parameters</a>: Parameters that all
|
|
91
|
+
* parameters</a>: Parameters that all operations can use.</p>
|
|
92
92
|
* </li>
|
|
93
93
|
* <li>
|
|
94
94
|
* <p>
|
|
@@ -101,7 +101,7 @@ import { ValidateAssessmentReportIntegrityCommandInput, ValidateAssessmentReport
|
|
|
101
101
|
*/
|
|
102
102
|
export declare class AuditManager extends AuditManagerClient {
|
|
103
103
|
/**
|
|
104
|
-
* <p> Associates an evidence folder to an assessment report in
|
|
104
|
+
* <p> Associates an evidence folder to an assessment report in an Audit Manager
|
|
105
105
|
* assessment. </p>
|
|
106
106
|
*/
|
|
107
107
|
associateAssessmentReportEvidenceFolder(args: AssociateAssessmentReportEvidenceFolderCommandInput, options?: __HttpHandlerOptions): Promise<AssociateAssessmentReportEvidenceFolderCommandOutput>;
|
|
@@ -134,8 +134,9 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
134
134
|
batchDisassociateAssessmentReportEvidence(args: BatchDisassociateAssessmentReportEvidenceCommandInput, cb: (err: any, data?: BatchDisassociateAssessmentReportEvidenceCommandOutput) => void): void;
|
|
135
135
|
batchDisassociateAssessmentReportEvidence(args: BatchDisassociateAssessmentReportEvidenceCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: BatchDisassociateAssessmentReportEvidenceCommandOutput) => void): void;
|
|
136
136
|
/**
|
|
137
|
-
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment.
|
|
138
|
-
*
|
|
137
|
+
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment.
|
|
138
|
+
* You can upload manual evidence from any Amazon Simple Storage Service (Amazon S3) bucket by
|
|
139
|
+
* specifying the S3 URI of the evidence. </p>
|
|
139
140
|
* <p>You must upload manual evidence to your S3 bucket before you can upload it to your
|
|
140
141
|
* assessment. For instructions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html">CreateBucket</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html">PutObject</a> in
|
|
141
142
|
* the <i>Amazon Simple Storage Service API Reference.</i>
|
|
@@ -237,43 +238,13 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
237
238
|
/**
|
|
238
239
|
* <p> Deregisters an account in Audit Manager. </p>
|
|
239
240
|
* <note>
|
|
240
|
-
* <p>
|
|
241
|
-
*
|
|
242
|
-
*
|
|
243
|
-
*
|
|
244
|
-
* <p>
|
|
245
|
-
*
|
|
246
|
-
*
|
|
247
|
-
* <p>
|
|
248
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
249
|
-
* assessment</a> in the <i>Audit Manager User
|
|
250
|
-
* Guide</i>)</p>
|
|
251
|
-
* </li>
|
|
252
|
-
* <li>
|
|
253
|
-
* <p>
|
|
254
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
255
|
-
* custom framework</a> in the <i>Audit Manager User
|
|
256
|
-
* Guide</i>)</p>
|
|
257
|
-
* </li>
|
|
258
|
-
* <li>
|
|
259
|
-
* <p>
|
|
260
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
261
|
-
* Guide</i>)</p>
|
|
262
|
-
* </li>
|
|
263
|
-
* <li>
|
|
264
|
-
* <p>
|
|
265
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
266
|
-
* User Guide</i>)</p>
|
|
267
|
-
* </li>
|
|
268
|
-
* <li>
|
|
269
|
-
* <p>
|
|
270
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
271
|
-
* control</a> in the <i>Audit Manager User
|
|
272
|
-
* Guide</i>)</p>
|
|
273
|
-
* </li>
|
|
274
|
-
* </ul>
|
|
275
|
-
* <p>At this time, Audit Manager doesn't provide an option to delete evidence. All
|
|
276
|
-
* available delete operations are listed above.</p>
|
|
241
|
+
* <p>Before you deregister, you can use the <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateSettings.html">UpdateSettings</a> API operation to set your preferred data retention policy. By
|
|
242
|
+
* default, Audit Manager retains your data. If you want to delete your data, you can
|
|
243
|
+
* use the <code>DeregistrationPolicy</code> attribute to request the deletion of your
|
|
244
|
+
* data. </p>
|
|
245
|
+
* <p>For more information about data retention, see <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html">Data
|
|
246
|
+
* Protection</a> in the <i>Audit Manager User Guide</i>.
|
|
247
|
+
* </p>
|
|
277
248
|
* </note>
|
|
278
249
|
*/
|
|
279
250
|
deregisterAccount(args: DeregisterAccountCommandInput, options?: __HttpHandlerOptions): Promise<DeregisterAccountCommandOutput>;
|
|
@@ -282,12 +253,10 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
282
253
|
/**
|
|
283
254
|
* <p>Removes the specified Amazon Web Services account as a delegated administrator for
|
|
284
255
|
* Audit Manager. </p>
|
|
285
|
-
*
|
|
286
256
|
* <p>When you remove a delegated administrator from your Audit Manager settings, you
|
|
287
|
-
*
|
|
288
|
-
*
|
|
289
|
-
*
|
|
290
|
-
* evidence to that delegated administrator account moving forward.</p>
|
|
257
|
+
* continue to have access to the evidence that you previously collected under that account.
|
|
258
|
+
* This is also the case when you deregister a delegated administrator from Organizations. However, Audit Manager stops collecting and attaching evidence to
|
|
259
|
+
* that delegated administrator account moving forward.</p>
|
|
291
260
|
* <important>
|
|
292
261
|
* <p>Keep in mind the following cleanup task if you use evidence finder:</p>
|
|
293
262
|
* <p>Before you use your management account to remove a delegated administrator, make sure
|
|
@@ -296,52 +265,52 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
296
265
|
* event data store that was created in their account when they enabled evidence finder. If
|
|
297
266
|
* this task isn’t completed, the event data store remains in their account. In this case,
|
|
298
267
|
* we recommend that the original delegated administrator goes to CloudTrail Lake
|
|
299
|
-
* and manually <a href="https://docs.aws.amazon.com/
|
|
268
|
+
* and manually <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-eds-disable-termination.html">deletes the
|
|
269
|
+
* event data store</a>.</p>
|
|
300
270
|
* <p>This cleanup task is necessary to ensure that you don't end up with multiple event
|
|
301
|
-
* data stores. Audit Manager
|
|
302
|
-
*
|
|
303
|
-
*
|
|
304
|
-
* it.</p>
|
|
271
|
+
* data stores. Audit Manager ignores an unused event data store after you remove or
|
|
272
|
+
* change a delegated administrator account. However, the unused event data store continues
|
|
273
|
+
* to incur storage costs from CloudTrail Lake if you don't delete it.</p>
|
|
305
274
|
* </important>
|
|
306
|
-
*
|
|
307
275
|
* <p>When you deregister a delegated administrator account for Audit Manager, the data
|
|
308
|
-
*
|
|
309
|
-
*
|
|
310
|
-
*
|
|
311
|
-
*
|
|
276
|
+
* for that account isn’t deleted. If you want to delete resource data for a delegated
|
|
277
|
+
* administrator account, you must perform that task separately before you deregister the
|
|
278
|
+
* account. Either, you can do this in the Audit Manager console. Or, you can use one of
|
|
279
|
+
* the delete API operations that are provided by Audit Manager. </p>
|
|
312
280
|
* <p>To delete your Audit Manager resource data, see the following instructions: </p>
|
|
313
281
|
* <ul>
|
|
314
282
|
* <li>
|
|
315
283
|
* <p>
|
|
316
284
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
317
|
-
*
|
|
318
|
-
*
|
|
285
|
+
* assessment</a> in the <i>Audit Manager User
|
|
286
|
+
* Guide</i>)</p>
|
|
319
287
|
* </li>
|
|
320
288
|
* <li>
|
|
321
289
|
* <p>
|
|
322
290
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
323
|
-
*
|
|
324
|
-
*
|
|
291
|
+
* custom framework</a> in the <i>Audit Manager User
|
|
292
|
+
* Guide</i>)</p>
|
|
325
293
|
* </li>
|
|
326
294
|
* <li>
|
|
327
295
|
* <p>
|
|
328
296
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
329
|
-
*
|
|
297
|
+
* Guide</i>)</p>
|
|
330
298
|
* </li>
|
|
331
299
|
* <li>
|
|
332
300
|
* <p>
|
|
333
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
334
|
-
*
|
|
301
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager User
|
|
302
|
+
* Guide</i>)</p>
|
|
335
303
|
* </li>
|
|
336
304
|
* <li>
|
|
337
305
|
* <p>
|
|
338
306
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
339
|
-
*
|
|
340
|
-
*
|
|
307
|
+
* control</a> in the <i>Audit Manager User
|
|
308
|
+
* Guide</i>)</p>
|
|
341
309
|
* </li>
|
|
342
310
|
* </ul>
|
|
343
|
-
* <p>At this time, Audit Manager doesn't provide an option to delete evidence
|
|
344
|
-
*
|
|
311
|
+
* <p>At this time, Audit Manager doesn't provide an option to delete evidence for a
|
|
312
|
+
* specific delegated administrator. Instead, when your management account deregisters Audit Manager, we perform a cleanup for the current delegated administrator account at the
|
|
313
|
+
* time of deregistration.</p>
|
|
345
314
|
*/
|
|
346
315
|
deregisterOrganizationAdminAccount(args: DeregisterOrganizationAdminAccountCommandInput, options?: __HttpHandlerOptions): Promise<DeregisterOrganizationAdminAccountCommandOutput>;
|
|
347
316
|
deregisterOrganizationAdminAccount(args: DeregisterOrganizationAdminAccountCommandInput, cb: (err: any, data?: DeregisterOrganizationAdminAccountCommandOutput) => void): void;
|
|
@@ -421,8 +390,8 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
421
390
|
getEvidenceFoldersByAssessment(args: GetEvidenceFoldersByAssessmentCommandInput, cb: (err: any, data?: GetEvidenceFoldersByAssessmentCommandOutput) => void): void;
|
|
422
391
|
getEvidenceFoldersByAssessment(args: GetEvidenceFoldersByAssessmentCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: GetEvidenceFoldersByAssessmentCommandOutput) => void): void;
|
|
423
392
|
/**
|
|
424
|
-
* <p> Returns a list of evidence folders that are associated with a specified control
|
|
425
|
-
*
|
|
393
|
+
* <p> Returns a list of evidence folders that are associated with a specified control in an
|
|
394
|
+
* Audit Manager assessment. </p>
|
|
426
395
|
*/
|
|
427
396
|
getEvidenceFoldersByAssessmentControl(args: GetEvidenceFoldersByAssessmentControlCommandInput, options?: __HttpHandlerOptions): Promise<GetEvidenceFoldersByAssessmentControlCommandOutput>;
|
|
428
397
|
getEvidenceFoldersByAssessmentControl(args: GetEvidenceFoldersByAssessmentControlCommandInput, cb: (err: any, data?: GetEvidenceFoldersByAssessmentControlCommandOutput) => void): void;
|
|
@@ -474,8 +443,8 @@ export declare class AuditManager extends AuditManagerClient {
|
|
|
474
443
|
listAssessmentControlInsightsByControlDomain(args: ListAssessmentControlInsightsByControlDomainCommandInput, cb: (err: any, data?: ListAssessmentControlInsightsByControlDomainCommandOutput) => void): void;
|
|
475
444
|
listAssessmentControlInsightsByControlDomain(args: ListAssessmentControlInsightsByControlDomainCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: ListAssessmentControlInsightsByControlDomainCommandOutput) => void): void;
|
|
476
445
|
/**
|
|
477
|
-
* <p> Returns a list of the frameworks that are available in the Audit Manager
|
|
478
|
-
*
|
|
446
|
+
* <p> Returns a list of the frameworks that are available in the Audit Manager framework
|
|
447
|
+
* library. </p>
|
|
479
448
|
*/
|
|
480
449
|
listAssessmentFrameworks(args: ListAssessmentFrameworksCommandInput, options?: __HttpHandlerOptions): Promise<ListAssessmentFrameworksCommandOutput>;
|
|
481
450
|
listAssessmentFrameworks(args: ListAssessmentFrameworksCommandInput, cb: (err: any, data?: ListAssessmentFrameworksCommandOutput) => void): void;
|
|
@@ -187,13 +187,13 @@ export interface AuditManagerClientResolvedConfig extends AuditManagerClientReso
|
|
|
187
187
|
* <p>Welcome to the Audit Manager API reference. This guide is for developers who
|
|
188
188
|
* need detailed information about the Audit Manager API operations, data types, and
|
|
189
189
|
* errors. </p>
|
|
190
|
-
* <p>Audit Manager is a service that provides automated evidence collection so that
|
|
191
|
-
*
|
|
190
|
+
* <p>Audit Manager is a service that provides automated evidence collection so that you
|
|
191
|
+
* can continually audit your Amazon Web Services usage. You can use it to assess the
|
|
192
192
|
* effectiveness of your controls, manage risk, and simplify compliance.</p>
|
|
193
|
-
* <p>Audit Manager provides prebuilt frameworks that structure and automate
|
|
194
|
-
*
|
|
195
|
-
*
|
|
196
|
-
*
|
|
193
|
+
* <p>Audit Manager provides prebuilt frameworks that structure and automate assessments
|
|
194
|
+
* for a given compliance standard. Frameworks include a prebuilt collection of controls with
|
|
195
|
+
* descriptions and testing procedures. These controls are grouped according to the
|
|
196
|
+
* requirements of the specified compliance standard or regulation. You can also customize
|
|
197
197
|
* frameworks and controls to support internal audits with specific requirements. </p>
|
|
198
198
|
* <p>Use the following links to get started with the Audit Manager API:</p>
|
|
199
199
|
* <ul>
|
|
@@ -210,7 +210,7 @@ export interface AuditManagerClientResolvedConfig extends AuditManagerClientReso
|
|
|
210
210
|
* <li>
|
|
211
211
|
* <p>
|
|
212
212
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/CommonParameters.html">Common
|
|
213
|
-
* parameters</a>: Parameters that all
|
|
213
|
+
* parameters</a>: Parameters that all operations can use.</p>
|
|
214
214
|
* </li>
|
|
215
215
|
* <li>
|
|
216
216
|
* <p>
|
|
@@ -8,7 +8,7 @@ export interface AssociateAssessmentReportEvidenceFolderCommandInput extends Ass
|
|
|
8
8
|
export interface AssociateAssessmentReportEvidenceFolderCommandOutput extends AssociateAssessmentReportEvidenceFolderResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p> Associates an evidence folder to an assessment report in
|
|
11
|
+
* <p> Associates an evidence folder to an assessment report in an Audit Manager
|
|
12
12
|
* assessment. </p>
|
|
13
13
|
* @example
|
|
14
14
|
* Use a bare-bones client and the command you need to make an API call.
|
|
@@ -8,8 +8,9 @@ export interface BatchImportEvidenceToAssessmentControlCommandInput extends Batc
|
|
|
8
8
|
export interface BatchImportEvidenceToAssessmentControlCommandOutput extends BatchImportEvidenceToAssessmentControlResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment.
|
|
12
|
-
*
|
|
11
|
+
* <p>Uploads one or more pieces of evidence to a control in an Audit Manager assessment.
|
|
12
|
+
* You can upload manual evidence from any Amazon Simple Storage Service (Amazon S3) bucket by
|
|
13
|
+
* specifying the S3 URI of the evidence. </p>
|
|
13
14
|
* <p>You must upload manual evidence to your S3 bucket before you can upload it to your
|
|
14
15
|
* assessment. For instructions, see <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html">CreateBucket</a> and <a href="https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html">PutObject</a> in
|
|
15
16
|
* the <i>Amazon Simple Storage Service API Reference.</i>
|
|
@@ -10,43 +10,13 @@ export interface DeregisterAccountCommandOutput extends DeregisterAccountRespons
|
|
|
10
10
|
/**
|
|
11
11
|
* <p> Deregisters an account in Audit Manager. </p>
|
|
12
12
|
* <note>
|
|
13
|
-
* <p>
|
|
14
|
-
*
|
|
15
|
-
*
|
|
16
|
-
*
|
|
17
|
-
* <p>
|
|
18
|
-
*
|
|
19
|
-
*
|
|
20
|
-
* <p>
|
|
21
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
22
|
-
* assessment</a> in the <i>Audit Manager User
|
|
23
|
-
* Guide</i>)</p>
|
|
24
|
-
* </li>
|
|
25
|
-
* <li>
|
|
26
|
-
* <p>
|
|
27
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
28
|
-
* custom framework</a> in the <i>Audit Manager User
|
|
29
|
-
* Guide</i>)</p>
|
|
30
|
-
* </li>
|
|
31
|
-
* <li>
|
|
32
|
-
* <p>
|
|
33
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
34
|
-
* Guide</i>)</p>
|
|
35
|
-
* </li>
|
|
36
|
-
* <li>
|
|
37
|
-
* <p>
|
|
38
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
39
|
-
* User Guide</i>)</p>
|
|
40
|
-
* </li>
|
|
41
|
-
* <li>
|
|
42
|
-
* <p>
|
|
43
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
44
|
-
* control</a> in the <i>Audit Manager User
|
|
45
|
-
* Guide</i>)</p>
|
|
46
|
-
* </li>
|
|
47
|
-
* </ul>
|
|
48
|
-
* <p>At this time, Audit Manager doesn't provide an option to delete evidence. All
|
|
49
|
-
* available delete operations are listed above.</p>
|
|
13
|
+
* <p>Before you deregister, you can use the <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_UpdateSettings.html">UpdateSettings</a> API operation to set your preferred data retention policy. By
|
|
14
|
+
* default, Audit Manager retains your data. If you want to delete your data, you can
|
|
15
|
+
* use the <code>DeregistrationPolicy</code> attribute to request the deletion of your
|
|
16
|
+
* data. </p>
|
|
17
|
+
* <p>For more information about data retention, see <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html">Data
|
|
18
|
+
* Protection</a> in the <i>Audit Manager User Guide</i>.
|
|
19
|
+
* </p>
|
|
50
20
|
* </note>
|
|
51
21
|
* @example
|
|
52
22
|
* Use a bare-bones client and the command you need to make an API call.
|
|
@@ -10,12 +10,10 @@ export interface DeregisterOrganizationAdminAccountCommandOutput extends Deregis
|
|
|
10
10
|
/**
|
|
11
11
|
* <p>Removes the specified Amazon Web Services account as a delegated administrator for
|
|
12
12
|
* Audit Manager. </p>
|
|
13
|
-
*
|
|
14
13
|
* <p>When you remove a delegated administrator from your Audit Manager settings, you
|
|
15
|
-
*
|
|
16
|
-
*
|
|
17
|
-
*
|
|
18
|
-
* evidence to that delegated administrator account moving forward.</p>
|
|
14
|
+
* continue to have access to the evidence that you previously collected under that account.
|
|
15
|
+
* This is also the case when you deregister a delegated administrator from Organizations. However, Audit Manager stops collecting and attaching evidence to
|
|
16
|
+
* that delegated administrator account moving forward.</p>
|
|
19
17
|
* <important>
|
|
20
18
|
* <p>Keep in mind the following cleanup task if you use evidence finder:</p>
|
|
21
19
|
* <p>Before you use your management account to remove a delegated administrator, make sure
|
|
@@ -24,52 +22,52 @@ export interface DeregisterOrganizationAdminAccountCommandOutput extends Deregis
|
|
|
24
22
|
* event data store that was created in their account when they enabled evidence finder. If
|
|
25
23
|
* this task isn’t completed, the event data store remains in their account. In this case,
|
|
26
24
|
* we recommend that the original delegated administrator goes to CloudTrail Lake
|
|
27
|
-
* and manually <a href="https://docs.aws.amazon.com/
|
|
25
|
+
* and manually <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-eds-disable-termination.html">deletes the
|
|
26
|
+
* event data store</a>.</p>
|
|
28
27
|
* <p>This cleanup task is necessary to ensure that you don't end up with multiple event
|
|
29
|
-
* data stores. Audit Manager
|
|
30
|
-
*
|
|
31
|
-
*
|
|
32
|
-
* it.</p>
|
|
28
|
+
* data stores. Audit Manager ignores an unused event data store after you remove or
|
|
29
|
+
* change a delegated administrator account. However, the unused event data store continues
|
|
30
|
+
* to incur storage costs from CloudTrail Lake if you don't delete it.</p>
|
|
33
31
|
* </important>
|
|
34
|
-
*
|
|
35
32
|
* <p>When you deregister a delegated administrator account for Audit Manager, the data
|
|
36
|
-
*
|
|
37
|
-
*
|
|
38
|
-
*
|
|
39
|
-
*
|
|
33
|
+
* for that account isn’t deleted. If you want to delete resource data for a delegated
|
|
34
|
+
* administrator account, you must perform that task separately before you deregister the
|
|
35
|
+
* account. Either, you can do this in the Audit Manager console. Or, you can use one of
|
|
36
|
+
* the delete API operations that are provided by Audit Manager. </p>
|
|
40
37
|
* <p>To delete your Audit Manager resource data, see the following instructions: </p>
|
|
41
38
|
* <ul>
|
|
42
39
|
* <li>
|
|
43
40
|
* <p>
|
|
44
41
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessment.html">DeleteAssessment</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-assessment.html">Deleting an
|
|
45
|
-
*
|
|
46
|
-
*
|
|
42
|
+
* assessment</a> in the <i>Audit Manager User
|
|
43
|
+
* Guide</i>)</p>
|
|
47
44
|
* </li>
|
|
48
45
|
* <li>
|
|
49
46
|
* <p>
|
|
50
47
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFramework.html">DeleteAssessmentFramework</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-custom-framework.html">Deleting a
|
|
51
|
-
*
|
|
52
|
-
*
|
|
48
|
+
* custom framework</a> in the <i>Audit Manager User
|
|
49
|
+
* Guide</i>)</p>
|
|
53
50
|
* </li>
|
|
54
51
|
* <li>
|
|
55
52
|
* <p>
|
|
56
53
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentFrameworkShare.html">DeleteAssessmentFrameworkShare</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/deleting-shared-framework-requests.html">Deleting a share request</a> in the <i>Audit Manager User
|
|
57
|
-
*
|
|
54
|
+
* Guide</i>)</p>
|
|
58
55
|
* </li>
|
|
59
56
|
* <li>
|
|
60
57
|
* <p>
|
|
61
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager
|
|
62
|
-
*
|
|
58
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteAssessmentReport.html">DeleteAssessmentReport</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#delete-assessment-report-steps">Deleting an assessment report</a> in the <i>Audit Manager User
|
|
59
|
+
* Guide</i>)</p>
|
|
63
60
|
* </li>
|
|
64
61
|
* <li>
|
|
65
62
|
* <p>
|
|
66
63
|
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeleteControl.html">DeleteControl</a> (see also: <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/delete-controls.html">Deleting a custom
|
|
67
|
-
*
|
|
68
|
-
*
|
|
64
|
+
* control</a> in the <i>Audit Manager User
|
|
65
|
+
* Guide</i>)</p>
|
|
69
66
|
* </li>
|
|
70
67
|
* </ul>
|
|
71
|
-
* <p>At this time, Audit Manager doesn't provide an option to delete evidence
|
|
72
|
-
*
|
|
68
|
+
* <p>At this time, Audit Manager doesn't provide an option to delete evidence for a
|
|
69
|
+
* specific delegated administrator. Instead, when your management account deregisters Audit Manager, we perform a cleanup for the current delegated administrator account at the
|
|
70
|
+
* time of deregistration.</p>
|
|
73
71
|
* @example
|
|
74
72
|
* Use a bare-bones client and the command you need to make an API call.
|
|
75
73
|
* ```javascript
|
|
@@ -8,8 +8,8 @@ export interface GetEvidenceFoldersByAssessmentControlCommandInput extends GetEv
|
|
|
8
8
|
export interface GetEvidenceFoldersByAssessmentControlCommandOutput extends GetEvidenceFoldersByAssessmentControlResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p> Returns a list of evidence folders that are associated with a specified control
|
|
12
|
-
*
|
|
11
|
+
* <p> Returns a list of evidence folders that are associated with a specified control in an
|
|
12
|
+
* Audit Manager assessment. </p>
|
|
13
13
|
* @example
|
|
14
14
|
* Use a bare-bones client and the command you need to make an API call.
|
|
15
15
|
* ```javascript
|
|
@@ -8,8 +8,8 @@ export interface ListAssessmentFrameworksCommandInput extends ListAssessmentFram
|
|
|
8
8
|
export interface ListAssessmentFrameworksCommandOutput extends ListAssessmentFrameworksResponse, __MetadataBearer {
|
|
9
9
|
}
|
|
10
10
|
/**
|
|
11
|
-
* <p> Returns a list of the frameworks that are available in the Audit Manager
|
|
12
|
-
*
|
|
11
|
+
* <p> Returns a list of the frameworks that are available in the Audit Manager framework
|
|
12
|
+
* library. </p>
|
|
13
13
|
* @example
|
|
14
14
|
* Use a bare-bones client and the command you need to make an API call.
|
|
15
15
|
* ```javascript
|
|
@@ -12,7 +12,7 @@ export declare const resolveClientEndpointParameters: <T>(options: T & ClientInp
|
|
|
12
12
|
defaultSigningName: string;
|
|
13
13
|
};
|
|
14
14
|
export interface EndpointParameters extends __EndpointParameters {
|
|
15
|
-
Region
|
|
15
|
+
Region: string;
|
|
16
16
|
UseDualStack?: boolean;
|
|
17
17
|
UseFIPS?: boolean;
|
|
18
18
|
Endpoint?: string;
|
|
@@ -107,7 +107,7 @@ export interface AssessmentControl {
|
|
|
107
107
|
*/
|
|
108
108
|
evidenceSources?: string[];
|
|
109
109
|
/**
|
|
110
|
-
* <p> The amount of evidence that's
|
|
110
|
+
* <p> The amount of evidence that's collected for the control. </p>
|
|
111
111
|
*/
|
|
112
112
|
evidenceCount?: number;
|
|
113
113
|
/**
|
|
@@ -182,9 +182,8 @@ export interface Delegation {
|
|
|
182
182
|
createdBy?: string;
|
|
183
183
|
}
|
|
184
184
|
/**
|
|
185
|
-
* <p> The wrapper that contains the Audit Manager role information of the current
|
|
186
|
-
*
|
|
187
|
-
* </p>
|
|
185
|
+
* <p> The wrapper that contains the Audit Manager role information of the current user.
|
|
186
|
+
* This includes the role type and IAM Amazon Resource Name (ARN). </p>
|
|
188
187
|
*/
|
|
189
188
|
export interface Role {
|
|
190
189
|
/**
|
|
@@ -223,7 +222,7 @@ export interface AssessmentControlSet {
|
|
|
223
222
|
*/
|
|
224
223
|
description?: string;
|
|
225
224
|
/**
|
|
226
|
-
* <p>
|
|
225
|
+
* <p> The current status of the control set. </p>
|
|
227
226
|
*/
|
|
228
227
|
status?: ControlSetStatus | string;
|
|
229
228
|
/**
|
|
@@ -393,8 +392,7 @@ export interface AssessmentMetadata {
|
|
|
393
392
|
}
|
|
394
393
|
/**
|
|
395
394
|
* <p> An entity that defines the scope of audit evidence collected by Audit Manager.
|
|
396
|
-
* An Audit Manager assessment is an implementation of an Audit Manager
|
|
397
|
-
* framework. </p>
|
|
395
|
+
* An Audit Manager assessment is an implementation of an Audit Manager framework. </p>
|
|
398
396
|
*/
|
|
399
397
|
export interface Assessment {
|
|
400
398
|
/**
|
|
@@ -548,11 +546,11 @@ export interface AssessmentFrameworkMetadata {
|
|
|
548
546
|
*/
|
|
549
547
|
controlSetsCount?: number;
|
|
550
548
|
/**
|
|
551
|
-
* <p>
|
|
549
|
+
* <p> The time when the framework was created. </p>
|
|
552
550
|
*/
|
|
553
551
|
createdAt?: Date;
|
|
554
552
|
/**
|
|
555
|
-
* <p>
|
|
553
|
+
* <p> The time when the framework was most recently updated. </p>
|
|
556
554
|
*/
|
|
557
555
|
lastUpdatedAt?: Date;
|
|
558
556
|
}
|
|
@@ -1103,8 +1101,7 @@ export interface CreateAssessmentRequest {
|
|
|
1103
1101
|
export interface CreateAssessmentResponse {
|
|
1104
1102
|
/**
|
|
1105
1103
|
* <p> An entity that defines the scope of audit evidence collected by Audit Manager.
|
|
1106
|
-
* An Audit Manager assessment is an implementation of an Audit Manager
|
|
1107
|
-
* framework. </p>
|
|
1104
|
+
* An Audit Manager assessment is an implementation of an Audit Manager framework. </p>
|
|
1108
1105
|
*/
|
|
1109
1106
|
assessment?: Assessment;
|
|
1110
1107
|
}
|
|
@@ -1307,7 +1304,7 @@ export interface ControlMappingSource {
|
|
|
1307
1304
|
*/
|
|
1308
1305
|
sourceSetUpOption?: SourceSetUpOption | string;
|
|
1309
1306
|
/**
|
|
1310
|
-
* <p> Specifies one of the five
|
|
1307
|
+
* <p> Specifies one of the five data source types for evidence collection. </p>
|
|
1311
1308
|
*/
|
|
1312
1309
|
sourceType?: SourceType | string;
|
|
1313
1310
|
/**
|
|
@@ -1392,8 +1389,8 @@ export interface Control {
|
|
|
1392
1389
|
*/
|
|
1393
1390
|
actionPlanInstructions?: string;
|
|
1394
1391
|
/**
|
|
1395
|
-
* <p> The data source types that determine where Audit Manager collects evidence from
|
|
1396
|
-
*
|
|
1392
|
+
* <p> The data source types that determine where Audit Manager collects evidence from for
|
|
1393
|
+
* the control. </p>
|
|
1397
1394
|
*/
|
|
1398
1395
|
controlSources?: string;
|
|
1399
1396
|
/**
|
|
@@ -1401,11 +1398,11 @@ export interface Control {
|
|
|
1401
1398
|
*/
|
|
1402
1399
|
controlMappingSources?: ControlMappingSource[];
|
|
1403
1400
|
/**
|
|
1404
|
-
* <p>
|
|
1401
|
+
* <p> The time when the control was created. </p>
|
|
1405
1402
|
*/
|
|
1406
1403
|
createdAt?: Date;
|
|
1407
1404
|
/**
|
|
1408
|
-
* <p>
|
|
1405
|
+
* <p> The time when the control was most recently updated. </p>
|
|
1409
1406
|
*/
|
|
1410
1407
|
lastUpdatedAt?: Date;
|
|
1411
1408
|
/**
|
|
@@ -1482,11 +1479,11 @@ export interface Framework {
|
|
|
1482
1479
|
*/
|
|
1483
1480
|
controlSets?: ControlSet[];
|
|
1484
1481
|
/**
|
|
1485
|
-
* <p>
|
|
1482
|
+
* <p> The time when the framework was created. </p>
|
|
1486
1483
|
*/
|
|
1487
1484
|
createdAt?: Date;
|
|
1488
1485
|
/**
|
|
1489
|
-
* <p>
|
|
1486
|
+
* <p> The time when the framework was most recently updated. </p>
|
|
1490
1487
|
*/
|
|
1491
1488
|
lastUpdatedAt?: Date;
|
|
1492
1489
|
/**
|
|
@@ -1527,11 +1524,12 @@ export interface CreateAssessmentReportRequest {
|
|
|
1527
1524
|
* <p>Provide this parameter when you want to generate an assessment report from the results
|
|
1528
1525
|
* of an evidence finder search query. When you use this parameter, Audit Manager
|
|
1529
1526
|
* generates a one-time report using only the evidence from the query output. This report does
|
|
1530
|
-
* not include any assessment evidence that was manually <a href="https://docs.aws.amazon.com/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence">added to a report using the console</a>, or <a href="https://docs.aws.amazon.com/
|
|
1531
|
-
* <p>To use this parameter, the <a href="https://docs.aws.amazon.com/
|
|
1527
|
+
* not include any assessment evidence that was manually <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/generate-assessment-report.html#generate-assessment-report-include-evidence">added to a report using the console</a>, or <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_BatchAssociateAssessmentReportEvidence.html">associated with a report using the API</a>. </p>
|
|
1528
|
+
* <p>To use this parameter, the <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_EvidenceFinderEnablement.html#auditmanager-Type-EvidenceFinderEnablement-enablementStatus">enablementStatus</a> of evidence finder must be <code>ENABLED</code>. </p>
|
|
1532
1529
|
* <p> For examples and help resolving <code>queryStatement</code> validation exceptions, see
|
|
1533
|
-
* <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions">Troubleshooting evidence finder issues</a> in the
|
|
1534
|
-
*
|
|
1530
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/evidence-finder-issues.html#querystatement-exceptions">Troubleshooting evidence finder issues</a> in the
|
|
1531
|
+
* <i>Audit Manager User Guide.</i>
|
|
1532
|
+
* </p>
|
|
1535
1533
|
*/
|
|
1536
1534
|
queryStatement?: string;
|
|
1537
1535
|
}
|
|
@@ -1738,14 +1736,12 @@ export interface GetAssessmentRequest {
|
|
|
1738
1736
|
export interface GetAssessmentResponse {
|
|
1739
1737
|
/**
|
|
1740
1738
|
* <p> An entity that defines the scope of audit evidence collected by Audit Manager.
|
|
1741
|
-
* An Audit Manager assessment is an implementation of an Audit Manager
|
|
1742
|
-
* framework. </p>
|
|
1739
|
+
* An Audit Manager assessment is an implementation of an Audit Manager framework. </p>
|
|
1743
1740
|
*/
|
|
1744
1741
|
assessment?: Assessment;
|
|
1745
1742
|
/**
|
|
1746
|
-
* <p> The wrapper that contains the Audit Manager role information of the current
|
|
1747
|
-
*
|
|
1748
|
-
* </p>
|
|
1743
|
+
* <p> The wrapper that contains the Audit Manager role information of the current user.
|
|
1744
|
+
* This includes the role type and IAM Amazon Resource Name (ARN). </p>
|
|
1749
1745
|
*/
|
|
1750
1746
|
userRole?: Role;
|
|
1751
1747
|
}
|
|
@@ -1980,7 +1976,7 @@ export interface Resource {
|
|
|
1980
1976
|
}
|
|
1981
1977
|
/**
|
|
1982
1978
|
* <p> A record that contains the information needed to demonstrate compliance with the
|
|
1983
|
-
* requirements specified by a control. Examples of evidence include change activity
|
|
1979
|
+
* requirements specified by a control. Examples of evidence include change activity invoked
|
|
1984
1980
|
* by a user, or a system configuration snapshot. </p>
|
|
1985
1981
|
*/
|
|
1986
1982
|
export interface Evidence {
|
|
@@ -2072,7 +2068,7 @@ export interface Evidence {
|
|
|
2072
2068
|
}
|
|
2073
2069
|
export interface GetEvidenceResponse {
|
|
2074
2070
|
/**
|
|
2075
|
-
* <p> The evidence that the <code>
|
|
2071
|
+
* <p> The evidence that the <code>GetEvidence</code> API returned. </p>
|
|
2076
2072
|
*/
|
|
2077
2073
|
evidence?: Evidence;
|
|
2078
2074
|
}
|
|
@@ -2402,16 +2398,57 @@ export declare enum SettingAttribute {
|
|
|
2402
2398
|
ALL = "ALL",
|
|
2403
2399
|
DEFAULT_ASSESSMENT_REPORTS_DESTINATION = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION",
|
|
2404
2400
|
DEFAULT_PROCESS_OWNERS = "DEFAULT_PROCESS_OWNERS",
|
|
2401
|
+
DEREGISTRATION_POLICY = "DEREGISTRATION_POLICY",
|
|
2405
2402
|
EVIDENCE_FINDER_ENABLEMENT = "EVIDENCE_FINDER_ENABLEMENT",
|
|
2406
2403
|
IS_AWS_ORG_ENABLED = "IS_AWS_ORG_ENABLED",
|
|
2407
2404
|
SNS_TOPIC = "SNS_TOPIC"
|
|
2408
2405
|
}
|
|
2409
2406
|
export interface GetSettingsRequest {
|
|
2410
2407
|
/**
|
|
2411
|
-
* <p> The list of
|
|
2408
|
+
* <p> The list of setting attribute enum values. </p>
|
|
2412
2409
|
*/
|
|
2413
2410
|
attribute: SettingAttribute | string | undefined;
|
|
2414
2411
|
}
|
|
2412
|
+
export declare enum DeleteResources {
|
|
2413
|
+
ALL = "ALL",
|
|
2414
|
+
DEFAULT = "DEFAULT"
|
|
2415
|
+
}
|
|
2416
|
+
/**
|
|
2417
|
+
* <p>The deregistration policy for the data that's stored in Audit Manager. You can
|
|
2418
|
+
* use this attribute to determine how your data is handled when you <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html">deregister Audit Manager</a>.</p>
|
|
2419
|
+
* <p>By default, Audit Manager retains evidence data for two years from the time of its
|
|
2420
|
+
* creation. Other Audit Manager resources (including assessments, custom controls, and
|
|
2421
|
+
* custom frameworks) remain in Audit Manager indefinitely, and are available if you
|
|
2422
|
+
* <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html">re-register Audit Manager</a> in the future. For more
|
|
2423
|
+
* information about data retention, see <a href="https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html">Data
|
|
2424
|
+
* Protection</a> in the <i>Audit Manager User Guide</i>.</p>
|
|
2425
|
+
* <important>
|
|
2426
|
+
* <p>If you choose to delete all data, this action permanently deletes all evidence data
|
|
2427
|
+
* in your account within seven days. It also deletes all of the Audit Manager
|
|
2428
|
+
* resources that you created, including assessments, custom controls, and custom
|
|
2429
|
+
* frameworks. Your data will not be available if you re-register Audit Manager in the
|
|
2430
|
+
* future.</p>
|
|
2431
|
+
* </important>
|
|
2432
|
+
*/
|
|
2433
|
+
export interface DeregistrationPolicy {
|
|
2434
|
+
/**
|
|
2435
|
+
* <p>Specifies which Audit Manager data will be deleted when you deregister Audit Manager.</p>
|
|
2436
|
+
* <ul>
|
|
2437
|
+
* <li>
|
|
2438
|
+
* <p>If you set the value to <code>ALL</code>, all of your data is deleted within seven
|
|
2439
|
+
* days of deregistration.</p>
|
|
2440
|
+
* </li>
|
|
2441
|
+
* <li>
|
|
2442
|
+
* <p>If you set the value to <code>DEFAULT</code>, none of your data is deleted at the
|
|
2443
|
+
* time of deregistration. However, keep in mind that the Audit Manager data
|
|
2444
|
+
* retention policy still applies. As a result, any evidence data will be deleted two
|
|
2445
|
+
* years after its creation date. Your other Audit Manager resources will continue
|
|
2446
|
+
* to exist indefinitely.</p>
|
|
2447
|
+
* </li>
|
|
2448
|
+
* </ul>
|
|
2449
|
+
*/
|
|
2450
|
+
deleteResources?: DeleteResources | string;
|
|
2451
|
+
}
|
|
2415
2452
|
export declare enum EvidenceFinderBackfillStatus {
|
|
2416
2453
|
COMPLETED = "COMPLETED",
|
|
2417
2454
|
IN_PROGRESS = "IN_PROGRESS",
|
|
@@ -2447,9 +2484,10 @@ export interface EvidenceFinderEnablement {
|
|
|
2447
2484
|
* <li>
|
|
2448
2485
|
* <p>
|
|
2449
2486
|
* <code>ENABLED</code> means that an event data store was successfully created and
|
|
2450
|
-
* evidence finder is enabled. We recommend that you wait
|
|
2451
|
-
* store is backfilled with your past evidence data. You can use
|
|
2452
|
-
* meantime, but not all data might be available until the
|
|
2487
|
+
* evidence finder is enabled. We recommend that you wait 7 days until the event data
|
|
2488
|
+
* store is backfilled with your past two years’ worth of evidence data. You can use
|
|
2489
|
+
* evidence finder in the meantime, but not all data might be available until the
|
|
2490
|
+
* backfill is complete.</p>
|
|
2453
2491
|
* </li>
|
|
2454
2492
|
* <li>
|
|
2455
2493
|
* <p>
|
|
@@ -2467,8 +2505,8 @@ export interface EvidenceFinderEnablement {
|
|
|
2467
2505
|
enablementStatus?: EvidenceFinderEnablementStatus | string;
|
|
2468
2506
|
/**
|
|
2469
2507
|
* <p>The current status of the evidence data backfill process. </p>
|
|
2470
|
-
* <p>The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past evidence data so that
|
|
2471
|
-
* queried.</p>
|
|
2508
|
+
* <p>The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that
|
|
2509
|
+
* your evidence can be queried.</p>
|
|
2472
2510
|
* <ul>
|
|
2473
2511
|
* <li>
|
|
2474
2512
|
* <p>
|
|
@@ -2476,8 +2514,8 @@ export interface EvidenceFinderEnablement {
|
|
|
2476
2514
|
* </li>
|
|
2477
2515
|
* <li>
|
|
2478
2516
|
* <p>
|
|
2479
|
-
* <code>IN_PROGRESS</code> means that the backfill is in progress. This can take up
|
|
2480
|
-
* to complete, depending on the amount of evidence data. </p>
|
|
2517
|
+
* <code>IN_PROGRESS</code> means that the backfill is in progress. This can take up
|
|
2518
|
+
* to 7 days to complete, depending on the amount of evidence data. </p>
|
|
2481
2519
|
* </li>
|
|
2482
2520
|
* <li>
|
|
2483
2521
|
* <p>
|
|
@@ -2520,6 +2558,11 @@ export interface Settings {
|
|
|
2520
2558
|
* <p>The current evidence finder status and event data store details.</p>
|
|
2521
2559
|
*/
|
|
2522
2560
|
evidenceFinderEnablement?: EvidenceFinderEnablement;
|
|
2561
|
+
/**
|
|
2562
|
+
* <p>The deregistration policy for your Audit Manager data. You can
|
|
2563
|
+
* use this attribute to determine how your data is handled when you deregister Audit Manager.</p>
|
|
2564
|
+
*/
|
|
2565
|
+
deregistrationPolicy?: DeregistrationPolicy;
|
|
2523
2566
|
}
|
|
2524
2567
|
export interface GetSettingsResponse {
|
|
2525
2568
|
/**
|
|
@@ -2870,16 +2913,16 @@ export interface ControlMetadata {
|
|
|
2870
2913
|
*/
|
|
2871
2914
|
name?: string;
|
|
2872
2915
|
/**
|
|
2873
|
-
* <p> The data source that determines where Audit Manager collects evidence from for
|
|
2874
|
-
*
|
|
2916
|
+
* <p> The data source that determines where Audit Manager collects evidence from for the
|
|
2917
|
+
* control. </p>
|
|
2875
2918
|
*/
|
|
2876
2919
|
controlSources?: string;
|
|
2877
2920
|
/**
|
|
2878
|
-
* <p>
|
|
2921
|
+
* <p> The time when the control was created. </p>
|
|
2879
2922
|
*/
|
|
2880
2923
|
createdAt?: Date;
|
|
2881
2924
|
/**
|
|
2882
|
-
* <p>
|
|
2925
|
+
* <p> The time when the control was most recently updated. </p>
|
|
2883
2926
|
*/
|
|
2884
2927
|
lastUpdatedAt?: Date;
|
|
2885
2928
|
}
|
|
@@ -3110,8 +3153,8 @@ export interface UpdateAssessmentRequest {
|
|
|
3110
3153
|
}
|
|
3111
3154
|
export interface UpdateAssessmentResponse {
|
|
3112
3155
|
/**
|
|
3113
|
-
* <p> The response object for the <code>
|
|
3114
|
-
*
|
|
3156
|
+
* <p> The response object for the <code>UpdateAssessment</code> API. This is the name of the
|
|
3157
|
+
* updated assessment.</p>
|
|
3115
3158
|
*/
|
|
3116
3159
|
assessment?: Assessment;
|
|
3117
3160
|
}
|
|
@@ -3321,12 +3364,14 @@ export interface UpdateSettingsRequest {
|
|
|
3321
3364
|
* event data store that’s used to query your evidence data. As a result, you can’t
|
|
3322
3365
|
* re-enable evidence finder and use the feature again. Your only alternative is to <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html">deregister</a> and then <a href="https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html">re-register</a>
|
|
3323
3366
|
* Audit Manager. </p>
|
|
3324
|
-
* <p>Disabling evidence finder is permanent, so consider this decision carefully before
|
|
3325
|
-
* you proceed. If you’re using Audit Manager as a delegated administrator, keep in
|
|
3326
|
-
* mind that this action applies to all member accounts in your organization.</p>
|
|
3327
3367
|
* </important>
|
|
3328
3368
|
*/
|
|
3329
3369
|
evidenceFinderEnabled?: boolean;
|
|
3370
|
+
/**
|
|
3371
|
+
* <p>The deregistration policy for your Audit Manager data. You can
|
|
3372
|
+
* use this attribute to determine how your data is handled when you deregister Audit Manager.</p>
|
|
3373
|
+
*/
|
|
3374
|
+
deregistrationPolicy?: DeregistrationPolicy;
|
|
3330
3375
|
}
|
|
3331
3376
|
export interface UpdateSettingsResponse {
|
|
3332
3377
|
/**
|
|
@@ -3808,6 +3853,10 @@ export declare const GetServicesInScopeResponseFilterSensitiveLog: (obj: GetServ
|
|
|
3808
3853
|
* @internal
|
|
3809
3854
|
*/
|
|
3810
3855
|
export declare const GetSettingsRequestFilterSensitiveLog: (obj: GetSettingsRequest) => any;
|
|
3856
|
+
/**
|
|
3857
|
+
* @internal
|
|
3858
|
+
*/
|
|
3859
|
+
export declare const DeregistrationPolicyFilterSensitiveLog: (obj: DeregistrationPolicy) => any;
|
|
3811
3860
|
/**
|
|
3812
3861
|
* @internal
|
|
3813
3862
|
*/
|
|
@@ -27,7 +27,7 @@ export declare const resolveClientEndpointParameters: <T>(
|
|
|
27
27
|
defaultSigningName: string;
|
|
28
28
|
};
|
|
29
29
|
export interface EndpointParameters extends __EndpointParameters {
|
|
30
|
-
Region
|
|
30
|
+
Region: string;
|
|
31
31
|
UseDualStack?: boolean;
|
|
32
32
|
UseFIPS?: boolean;
|
|
33
33
|
Endpoint?: string;
|
|
@@ -728,6 +728,7 @@ export declare enum SettingAttribute {
|
|
|
728
728
|
ALL = "ALL",
|
|
729
729
|
DEFAULT_ASSESSMENT_REPORTS_DESTINATION = "DEFAULT_ASSESSMENT_REPORTS_DESTINATION",
|
|
730
730
|
DEFAULT_PROCESS_OWNERS = "DEFAULT_PROCESS_OWNERS",
|
|
731
|
+
DEREGISTRATION_POLICY = "DEREGISTRATION_POLICY",
|
|
731
732
|
EVIDENCE_FINDER_ENABLEMENT = "EVIDENCE_FINDER_ENABLEMENT",
|
|
732
733
|
IS_AWS_ORG_ENABLED = "IS_AWS_ORG_ENABLED",
|
|
733
734
|
SNS_TOPIC = "SNS_TOPIC",
|
|
@@ -735,6 +736,13 @@ export declare enum SettingAttribute {
|
|
|
735
736
|
export interface GetSettingsRequest {
|
|
736
737
|
attribute: SettingAttribute | string | undefined;
|
|
737
738
|
}
|
|
739
|
+
export declare enum DeleteResources {
|
|
740
|
+
ALL = "ALL",
|
|
741
|
+
DEFAULT = "DEFAULT",
|
|
742
|
+
}
|
|
743
|
+
export interface DeregistrationPolicy {
|
|
744
|
+
deleteResources?: DeleteResources | string;
|
|
745
|
+
}
|
|
738
746
|
export declare enum EvidenceFinderBackfillStatus {
|
|
739
747
|
COMPLETED = "COMPLETED",
|
|
740
748
|
IN_PROGRESS = "IN_PROGRESS",
|
|
@@ -759,6 +767,7 @@ export interface Settings {
|
|
|
759
767
|
defaultProcessOwners?: Role[];
|
|
760
768
|
kmsKey?: string;
|
|
761
769
|
evidenceFinderEnablement?: EvidenceFinderEnablement;
|
|
770
|
+
deregistrationPolicy?: DeregistrationPolicy;
|
|
762
771
|
}
|
|
763
772
|
export interface GetSettingsResponse {
|
|
764
773
|
settings?: Settings;
|
|
@@ -1033,6 +1042,7 @@ export interface UpdateSettingsRequest {
|
|
|
1033
1042
|
defaultProcessOwners?: Role[];
|
|
1034
1043
|
kmsKey?: string;
|
|
1035
1044
|
evidenceFinderEnabled?: boolean;
|
|
1045
|
+
deregistrationPolicy?: DeregistrationPolicy;
|
|
1036
1046
|
}
|
|
1037
1047
|
export interface UpdateSettingsResponse {
|
|
1038
1048
|
settings?: Settings;
|
|
@@ -1352,6 +1362,9 @@ export declare const GetServicesInScopeResponseFilterSensitiveLog: (
|
|
|
1352
1362
|
export declare const GetSettingsRequestFilterSensitiveLog: (
|
|
1353
1363
|
obj: GetSettingsRequest
|
|
1354
1364
|
) => any;
|
|
1365
|
+
export declare const DeregistrationPolicyFilterSensitiveLog: (
|
|
1366
|
+
obj: DeregistrationPolicy
|
|
1367
|
+
) => any;
|
|
1355
1368
|
export declare const EvidenceFinderEnablementFilterSensitiveLog: (
|
|
1356
1369
|
obj: EvidenceFinderEnablement
|
|
1357
1370
|
) => any;
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/client-auditmanager",
|
|
3
3
|
"description": "AWS SDK for JavaScript Auditmanager Client for Node.js, Browser and React Native",
|
|
4
|
-
"version": "3.
|
|
4
|
+
"version": "3.246.0",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
|
|
7
7
|
"build:cjs": "tsc -p tsconfig.cjs.json",
|