@aws-sdk/client-controlcatalog 3.687.0 → 3.691.0

package/dist-cjs/protocols/Aws_restJson1.js

@@ -94,7 +94,9 @@ const de_GetControlCommand = async (output, context) => {
         Arn: smithy_client_1.expectString,
         Behavior: smithy_client_1.expectString,
         Description: smithy_client_1.expectString,
+        Implementation: smithy_client_1._json,
         Name: smithy_client_1.expectString,
+        Parameters: smithy_client_1._json,
         RegionConfiguration: smithy_client_1._json,
     });
     Object.assign(contents, doc);

package/dist-es/protocols/Aws_restJson1.js

@@ -86,7 +86,9 @@ export const de_GetControlCommand = async (output, context) => {
         Arn: __expectString,
         Behavior: __expectString,
         Description: __expectString,
+        Implementation: _json,
         Name: __expectString,
+        Parameters: _json,
         RegionConfiguration: _json,
     });
     Object.assign(contents, doc);

package/dist-types/commands/GetControlCommand.d.ts

@@ -51,6 +51,14 @@ declare const GetControlCommand_base: {
  * //       "STRING_VALUE",
  * //     ],
  * //   },
+ * //   Implementation: { // ImplementationDetails
+ * //     Type: "STRING_VALUE", // required
+ * //   },
+ * //   Parameters: [ // ControlParameters
+ * //     { // ControlParameter
+ * //       Name: "STRING_VALUE", // required
+ * //     },
+ * //   ],
  * // };
  *
  * ```

package/dist-types/models/models_0.d.ts

@@ -7,7 +7,7 @@ import { ControlCatalogServiceException as __BaseException } from "./ControlCata
 export declare class AccessDeniedException extends __BaseException {
     readonly name: "AccessDeniedException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -22,12 +22,12 @@ export interface AssociatedDomainSummary {
      * <p>The Amazon Resource Name (ARN) of the related domain.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The name of the related domain.</p>
      * @public
      */
-    Name?: string;
+    Name?: string | undefined;
 }
 /**
  * <p>A summary of the objective that a common control supports.</p>
@@ -38,12 +38,12 @@ export interface AssociatedObjectiveSummary {
      * <p>The Amazon Resource Name (ARN) of the related objective.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
     /**
      * <p>The name of the related objective.</p>
      * @public
      */
-    Name?: string;
+    Name?: string | undefined;
 }
 /**
  * <p>The objective resource that's being used as a filter.</p>
@@ -54,7 +54,7 @@ export interface ObjectiveResourceFilter {
      * <p>The Amazon Resource Name (ARN) of the objective.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
 }
 /**
  * <p>An optional filter that narrows the results to a specific objective.</p>
@@ -67,7 +67,7 @@ export interface CommonControlFilter {
      *       in the <code>CommonControlFilter</code> isn’t currently supported.</p>
      * @public
      */
-    Objectives?: ObjectiveResourceFilter[];
+    Objectives?: ObjectiveResourceFilter[] | undefined;
 }
 /**
  * <p>An internal service error occurred during the processing of your request. Try again later.</p>
@@ -77,7 +77,7 @@ export declare class InternalServerException extends __BaseException {
     readonly name: "InternalServerException";
     readonly $fault: "server";
     $retryable: {};
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -91,19 +91,19 @@ export interface ListCommonControlsRequest {
      * <p>The maximum number of results on a page or for an API request call.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>An optional filter that narrows the results to a specific objective.</p>
      *          <p>This filter allows you to specify one objective ARN at a time. Passing multiple ARNs in
      *       the <code>CommonControlFilter</code> isn’t currently supported.</p>
      * @public
      */
-    CommonControlFilter?: CommonControlFilter;
+    CommonControlFilter?: CommonControlFilter | undefined;
 }
 /**
  * <p>A summary of metadata for a common control.</p>
@@ -159,7 +159,7 @@ export interface ListCommonControlsResponse {
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * <p>The request was denied due to request throttling.</p>
@@ -171,7 +171,7 @@ export declare class ThrottlingException extends __BaseException {
     $retryable: {
         throttling: boolean;
     };
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -184,7 +184,7 @@ export declare class ThrottlingException extends __BaseException {
 export declare class ValidationException extends __BaseException {
     readonly name: "ValidationException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -229,6 +229,92 @@ export interface GetControlRequest {
      */
     ControlArn: string | undefined;
 }
+/**
+ * <p>An object that describes the implementation type for a control.</p>
+ *          <p>Our <code>ImplementationDetails</code>
+ *             <code>Type</code> format has three required segments:</p>
+ *          <ul>
+ *             <li>
+ *                <p>
+ *                   <code>SERVICE-PROVIDER::SERVICE-NAME::RESOURCE-NAME</code>
+ *                </p>
+ *             </li>
+ *          </ul>
+ *          <p>For example, <code>AWS::Config::ConfigRule</code>
+ *             <b>or</b>
+ *             <code>AWS::SecurityHub::SecurityControl</code> resources have the format with three required segments.</p>
+ *          <p>Our <code>ImplementationDetails</code>
+ *             <code>Type</code> format has an optional fourth segment, which is present for applicable
+ *       implementation types. The format is as follows: </p>
+ *          <ul>
+ *             <li>
+ *                <p>
+ *                   <code>SERVICE-PROVIDER::SERVICE-NAME::RESOURCE-NAME::RESOURCE-TYPE-DESCRIPTION</code>
+ *                </p>
+ *             </li>
+ *          </ul>
+ *          <p>For example, <code>AWS::Organizations::Policy::SERVICE_CONTROL_POLICY</code>
+ *             <b>or</b>
+ *             <code>AWS::CloudFormation::Type::HOOK</code> have the format with four segments.</p>
+ *          <p>Although the format is similar, the values for the <code>Type</code> field do not match any Amazon Web Services CloudFormation values, and we do not use CloudFormation to implement these controls.</p>
+ * @public
+ */
+export interface ImplementationDetails {
+    /**
+     * <p>A string that describes a control's implementation type.</p>
+     * @public
+     */
+    Type: string | undefined;
+}
+/**
+ * <p>Four types of control parameters are supported.</p>
+ *          <ul>
+ *             <li>
+ *                <p>
+ *                   <b>AllowedRegions</b>: List of Amazon Web Services Regions exempted from the
+ *           control. Each string is expected to be an Amazon Web Services Region code. This parameter is mandatory for the <b>OU Region deny</b> control, <b>CT.MULTISERVICE.PV.1</b>.</p>
+ *                <p>Example: <code>["us-east-1","us-west-2"]</code>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <b>ExemptedActions</b>: List of Amazon Web Services IAM actions exempted
+ *           from the control. Each string is expected to be an IAM action.</p>
+ *                <p>Example:
+ *           <code>["logs:DescribeLogGroups","logs:StartQuery","logs:GetQueryResults"]</code>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <b>ExemptedPrincipalArns</b>: List of Amazon Web Services IAM principal ARNs
+ *           exempted from the control. Each string is expected to be an IAM principal that follows
+ *           the pattern <code>^arn:(aws|aws-us-gov):(iam|sts)::.+:.+$</code>
+ *                </p>
+ *                <p>Example:
+ *           <code>["arn:aws:iam::*:role/ReadOnly","arn:aws:sts::*:assumed-role/ReadOnly/*"]</code>
+ *                </p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <b>ExemptedResourceArns</b>: List of resource ARNs exempted
+ *           from the control. Each string is expected to be a resource ARN.</p>
+ *                <p>Example: <code>["arn:aws:s3:::my-bucket-name"]</code>
+ *                </p>
+ *             </li>
+ *          </ul>
+ * @public
+ */
+export interface ControlParameter {
+    /**
+     * <p>The parameter name. This name is the parameter <code>key</code> when you call <a href="https://docs.aws.amazon.com/controltower/latest/APIReference/API_EnableControl.html">
+     *                <code>EnableControl</code>
+     *             </a> or <a href="https://docs.aws.amazon.com/controltower/latest/APIReference/API_UpdateEnabledControl.html">
+     *                <code>UpdateEnabledControl</code>
+     *             </a>.</p>
+     * @public
+     */
+    Name: string | undefined;
+}
 /**
  * @public
  * @enum
@@ -242,7 +328,7 @@ export declare const ControlScope: {
  */
 export type ControlScope = (typeof ControlScope)[keyof typeof ControlScope];
 /**
- * <p>Returns information about the control, including the scope of the control, if enabled, and the Regions in which the control currently is available for deployment.</p>
+ * <p>Returns information about the control, including the scope of the control, if enabled, and the Regions in which the control currently is available for deployment. For more information about scope, see <a href="https://docs.aws.amazon.com/whitepapers/latest/aws-fault-isolation-boundaries/global-services.html">Global services</a>.</p>
  *          <p>If you are applying controls through an Amazon Web Services Control Tower landing zone environment, remember that the values returned in the <code>RegionConfiguration</code> API operation are not related to the governed Regions in your landing zone. For example, if you are governing Regions <code>A</code>,<code>B</code>,and <code>C</code> while the control is available in Regions <code>A</code>, <code>B</code>, C<code>,</code> and <code>D</code>, you'd see a response with <code>DeployableRegions</code> of <code>A</code>, <code>B</code>, <code>C</code>, and <code>D</code> for a control with <code>REGIONAL</code> scope, even though you may not intend to deploy the control in Region <code>D</code>, because you do not govern it through your landing zone.</p>
  * @public
  */
@@ -256,7 +342,7 @@ export interface RegionConfiguration {
      * <p>Regions in which the control is available to be deployed.</p>
      * @public
      */
-    DeployableRegions?: string[];
+    DeployableRegions?: string[] | undefined;
 }
 /**
  * @public
@@ -278,17 +364,28 @@ export interface GetControlResponse {
      */
     Description: string | undefined;
     /**
-     * <p>A term that identifies the control's functional behavior. One of <code>Preventive</code>, <code>Deteictive</code>, <code>Proactive</code>
+     * <p>A term that identifies the control's functional behavior. One of <code>Preventive</code>, <code>Detective</code>, <code>Proactive</code>
      *          </p>
      * @public
      */
     Behavior: ControlBehavior | undefined;
     /**
-     * <p>Returns information about the control, including the scope of the control, if enabled, and the Regions in which the control currently is available for deployment.</p>
+     * <p>Returns information about the control, including the scope of the control, if enabled, and the Regions in which the control currently is available for deployment. For more information about scope, see <a href="https://docs.aws.amazon.com/whitepapers/latest/aws-fault-isolation-boundaries/global-services.html">Global services</a>.</p>
      *          <p>If you are applying controls through an Amazon Web Services Control Tower landing zone environment, remember that the values returned in the <code>RegionConfiguration</code> API operation are not related to the governed Regions in your landing zone. For example, if you are governing Regions <code>A</code>,<code>B</code>,and <code>C</code> while the control is available in Regions <code>A</code>, <code>B</code>, C<code>,</code> and <code>D</code>, you'd see a response with <code>DeployableRegions</code> of <code>A</code>, <code>B</code>, <code>C</code>, and <code>D</code> for a control with <code>REGIONAL</code> scope, even though you may not intend to deploy the control in Region <code>D</code>, because you do not govern it through your landing zone.</p>
      * @public
      */
     RegionConfiguration: RegionConfiguration | undefined;
+    /**
+     * <p>Returns information about the control, as an <code>ImplementationDetails</code> object that shows the underlying implementation type for a control.</p>
+     * @public
+     */
+    Implementation?: ImplementationDetails | undefined;
+    /**
+     * <p>Returns an array of <code>ControlParameter</code> objects that specify the parameters a control supports. An empty list is returned for controls that don’t support parameters.
+     *     </p>
+     * @public
+     */
+    Parameters?: ControlParameter[] | undefined;
 }
 /**
  * <p>The requested resource does not exist.</p>
@@ -297,7 +394,7 @@ export interface GetControlResponse {
 export declare class ResourceNotFoundException extends __BaseException {
     readonly name: "ResourceNotFoundException";
     readonly $fault: "client";
-    Message?: string;
+    Message?: string | undefined;
     /**
      * @internal
      */
@@ -311,12 +408,12 @@ export interface ListControlsRequest {
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>The maximum number of results on a page or for an API request call.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
 }
 /**
  * <p>Overview of information about a control.</p>
@@ -352,7 +449,7 @@ export interface ListControlsResponse {
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * @public
@@ -362,12 +459,12 @@ export interface ListDomainsRequest {
      * <p>The maximum number of results on a page or for an API request call.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * <p>A summary of metadata for a domain.</p>
@@ -413,7 +510,7 @@ export interface ListDomainsResponse {
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }
 /**
  * <p>The domain resource that's being used as a filter.</p>
@@ -424,7 +521,7 @@ export interface DomainResourceFilter {
      * <p>The Amazon Resource Name (ARN) of the domain.</p>
      * @public
      */
-    Arn?: string;
+    Arn?: string | undefined;
 }
 /**
  * <p>An optional filter that narrows the list of objectives to a specific domain.</p>
@@ -437,7 +534,7 @@ export interface ObjectiveFilter {
      *       the <code>ObjectiveFilter</code> isn’t currently supported.</p>
      * @public
      */
-    Domains?: DomainResourceFilter[];
+    Domains?: DomainResourceFilter[] | undefined;
 }
 /**
  * @public
@@ -447,19 +544,19 @@ export interface ListObjectivesRequest {
      * <p>The maximum number of results on a page or for an API request call.</p>
      * @public
      */
-    MaxResults?: number;
+    MaxResults?: number | undefined;
     /**
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
     /**
      * <p>An optional filter that narrows the results to a specific domain.</p>
      *          <p>This filter allows you to specify one domain ARN at a time.
      *       Passing multiple ARNs in the <code>ObjectiveFilter</code> isn’t currently supported.</p>
      * @public
      */
-    ObjectiveFilter?: ObjectiveFilter;
+    ObjectiveFilter?: ObjectiveFilter | undefined;
 }
 /**
  * <p>A summary of metadata for an objective.</p>
@@ -510,5 +607,5 @@ export interface ListObjectivesResponse {
      * <p>The pagination token that's used to fetch the next set of results.</p>
      * @public
      */
-    NextToken?: string;
+    NextToken?: string | undefined;
 }

package/dist-types/ts3.4/models/models_0.d.ts

@@ -3,38 +3,38 @@ import { ControlCatalogServiceException as __BaseException } from "./ControlCata
 export declare class AccessDeniedException extends __BaseException {
   readonly name: "AccessDeniedException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<AccessDeniedException, __BaseException>
   );
 }
 export interface AssociatedDomainSummary {
-  Arn?: string;
-  Name?: string;
+  Arn?: string | undefined;
+  Name?: string | undefined;
 }
 export interface AssociatedObjectiveSummary {
-  Arn?: string;
-  Name?: string;
+  Arn?: string | undefined;
+  Name?: string | undefined;
 }
 export interface ObjectiveResourceFilter {
-  Arn?: string;
+  Arn?: string | undefined;
 }
 export interface CommonControlFilter {
-  Objectives?: ObjectiveResourceFilter[];
+  Objectives?: ObjectiveResourceFilter[] | undefined;
 }
 export declare class InternalServerException extends __BaseException {
   readonly name: "InternalServerException";
   readonly $fault: "server";
   $retryable: {};
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<InternalServerException, __BaseException>
   );
 }
 export interface ListCommonControlsRequest {
-  MaxResults?: number;
-  NextToken?: string;
-  CommonControlFilter?: CommonControlFilter;
+  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
+  CommonControlFilter?: CommonControlFilter | undefined;
 }
 export interface CommonControlSummary {
   Arn: string | undefined;
@@ -47,7 +47,7 @@ export interface CommonControlSummary {
 }
 export interface ListCommonControlsResponse {
   CommonControls: CommonControlSummary[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export declare class ThrottlingException extends __BaseException {
   readonly name: "ThrottlingException";
@@ -55,7 +55,7 @@ export declare class ThrottlingException extends __BaseException {
   $retryable: {
     throttling: boolean;
   };
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ThrottlingException, __BaseException>
   );
@@ -63,7 +63,7 @@ export declare class ThrottlingException extends __BaseException {
 export declare class ValidationException extends __BaseException {
   readonly name: "ValidationException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ValidationException, __BaseException>
   );
@@ -78,6 +78,12 @@ export type ControlBehavior =
 export interface GetControlRequest {
   ControlArn: string | undefined;
 }
+export interface ImplementationDetails {
+  Type: string | undefined;
+}
+export interface ControlParameter {
+  Name: string | undefined;
+}
 export declare const ControlScope: {
   readonly GLOBAL: "GLOBAL";
   readonly REGIONAL: "REGIONAL";
@@ -85,7 +91,7 @@ export declare const ControlScope: {
 export type ControlScope = (typeof ControlScope)[keyof typeof ControlScope];
 export interface RegionConfiguration {
   Scope: ControlScope | undefined;
-  DeployableRegions?: string[];
+  DeployableRegions?: string[] | undefined;
 }
 export interface GetControlResponse {
   Arn: string | undefined;
@@ -93,18 +99,20 @@ export interface GetControlResponse {
   Description: string | undefined;
   Behavior: ControlBehavior | undefined;
   RegionConfiguration: RegionConfiguration | undefined;
+  Implementation?: ImplementationDetails | undefined;
+  Parameters?: ControlParameter[] | undefined;
 }
 export declare class ResourceNotFoundException extends __BaseException {
   readonly name: "ResourceNotFoundException";
   readonly $fault: "client";
-  Message?: string;
+  Message?: string | undefined;
   constructor(
     opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>
   );
 }
 export interface ListControlsRequest {
-  NextToken?: string;
-  MaxResults?: number;
+  NextToken?: string | undefined;
+  MaxResults?: number | undefined;
 }
 export interface ControlSummary {
   Arn: string | undefined;
@@ -113,11 +121,11 @@ export interface ControlSummary {
 }
 export interface ListControlsResponse {
   Controls: ControlSummary[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export interface ListDomainsRequest {
-  MaxResults?: number;
-  NextToken?: string;
+  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
 }
 export interface DomainSummary {
   Arn: string | undefined;
@@ -128,18 +136,18 @@ export interface DomainSummary {
 }
 export interface ListDomainsResponse {
   Domains: DomainSummary[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }
 export interface DomainResourceFilter {
-  Arn?: string;
+  Arn?: string | undefined;
 }
 export interface ObjectiveFilter {
-  Domains?: DomainResourceFilter[];
+  Domains?: DomainResourceFilter[] | undefined;
 }
 export interface ListObjectivesRequest {
-  MaxResults?: number;
-  NextToken?: string;
-  ObjectiveFilter?: ObjectiveFilter;
+  MaxResults?: number | undefined;
+  NextToken?: string | undefined;
+  ObjectiveFilter?: ObjectiveFilter | undefined;
 }
 export interface ObjectiveSummary {
   Arn: string | undefined;
@@ -151,5 +159,5 @@ export interface ObjectiveSummary {
 }
 export interface ListObjectivesResponse {
   Objectives: ObjectiveSummary[] | undefined;
-  NextToken?: string;
+  NextToken?: string | undefined;
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-controlcatalog",
   "description": "AWS SDK for JavaScript Controlcatalog Client for Node.js, Browser and React Native",
-  "version": "3.687.0",
+  "version": "3.691.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -20,19 +20,19 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "5.2.0",
     "@aws-crypto/sha256-js": "5.2.0",
-    "@aws-sdk/client-sso-oidc": "3.687.0",
-    "@aws-sdk/client-sts": "3.687.0",
-    "@aws-sdk/core": "3.686.0",
-    "@aws-sdk/credential-provider-node": "3.687.0",
+    "@aws-sdk/client-sso-oidc": "3.691.0",
+    "@aws-sdk/client-sts": "3.691.0",
+    "@aws-sdk/core": "3.691.0",
+    "@aws-sdk/credential-provider-node": "3.691.0",
     "@aws-sdk/middleware-host-header": "3.686.0",
     "@aws-sdk/middleware-logger": "3.686.0",
     "@aws-sdk/middleware-recursion-detection": "3.686.0",
-    "@aws-sdk/middleware-user-agent": "3.687.0",
+    "@aws-sdk/middleware-user-agent": "3.691.0",
     "@aws-sdk/region-config-resolver": "3.686.0",
     "@aws-sdk/types": "3.686.0",
     "@aws-sdk/util-endpoints": "3.686.0",
     "@aws-sdk/util-user-agent-browser": "3.686.0",
-    "@aws-sdk/util-user-agent-node": "3.687.0",
+    "@aws-sdk/util-user-agent-node": "3.691.0",
     "@smithy/config-resolver": "^3.0.10",
     "@smithy/core": "^2.5.1",
     "@smithy/fetch-http-handler": "^4.0.0",