cdk-comprehend-s3olap 2.0.53 → 2.0.56

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/.jsii +4 -4
  2. package/lib/cdk-comprehend-s3olap.js +2 -2
  3. package/lib/comprehend-lambdas.js +2 -2
  4. package/lib/iam-roles.js +4 -4
  5. package/node_modules/aws-sdk/CHANGELOG.md +8 -1
  6. package/node_modules/aws-sdk/README.md +1 -1
  7. package/node_modules/aws-sdk/apis/license-manager-user-subscriptions-2018-05-10.examples.json +5 -0
  8. package/node_modules/aws-sdk/apis/license-manager-user-subscriptions-2018-05-10.min.json +446 -0
  9. package/node_modules/aws-sdk/apis/license-manager-user-subscriptions-2018-05-10.paginators.json +28 -0
  10. package/node_modules/aws-sdk/apis/metadata.json +4 -0
  11. package/node_modules/aws-sdk/apis/personalize-2018-05-22.min.json +28 -25
  12. package/node_modules/aws-sdk/apis/workspaces-2015-04-08.min.json +51 -18
  13. package/node_modules/aws-sdk/clients/all.d.ts +1 -0
  14. package/node_modules/aws-sdk/clients/all.js +2 -1
  15. package/node_modules/aws-sdk/clients/configservice.d.ts +21 -21
  16. package/node_modules/aws-sdk/clients/licensemanagerusersubscriptions.d.ts +490 -0
  17. package/node_modules/aws-sdk/clients/licensemanagerusersubscriptions.js +18 -0
  18. package/node_modules/aws-sdk/clients/personalize.d.ts +15 -2
  19. package/node_modules/aws-sdk/clients/workspaces.d.ts +46 -0
  20. package/node_modules/aws-sdk/dist/aws-sdk-core-react-native.js +2 -2
  21. package/node_modules/aws-sdk/dist/aws-sdk-react-native.js +43 -6
  22. package/node_modules/aws-sdk/dist/aws-sdk.js +35 -28
  23. package/node_modules/aws-sdk/dist/aws-sdk.min.js +33 -33
  24. package/node_modules/aws-sdk/lib/config_service_placeholders.d.ts +2 -0
  25. package/node_modules/aws-sdk/lib/core.js +1 -1
  26. package/node_modules/aws-sdk/package.json +1 -1
  27. package/node_modules/esbuild/bin/esbuild +1 -0
  28. package/node_modules/esbuild/install.js +5 -4
  29. package/node_modules/esbuild/lib/main.d.ts +2 -2
  30. package/node_modules/esbuild/lib/main.js +22 -15
  31. package/node_modules/esbuild/package.json +22 -21
  32. package/node_modules/esbuild-linux-64/bin/esbuild +0 -0
  33. package/node_modules/esbuild-linux-64/package.json +1 -1
  34. package/package.json +7 -7
@@ -799,6 +799,9 @@
799
799
  "Tenancy": {},
800
800
  "SelfservicePermissions": {
801
801
  "shape": "S52"
802
+ },
803
+ "SamlProperties": {
804
+ "shape": "S53"
802
805
  }
803
806
  }
804
807
  }
@@ -905,10 +908,10 @@
905
908
  "type": "structure",
906
909
  "members": {
907
910
  "RebuildSnapshots": {
908
- "shape": "S5i"
911
+ "shape": "S5l"
909
912
  },
910
913
  "RestoreSnapshots": {
911
- "shape": "S5i"
914
+ "shape": "S5l"
912
915
  }
913
916
  }
914
917
  }
@@ -918,7 +921,7 @@
918
921
  "type": "structure",
919
922
  "members": {
920
923
  "WorkspaceIds": {
921
- "shape": "S5l"
924
+ "shape": "S5o"
922
925
  },
923
926
  "DirectoryId": {},
924
927
  "UserName": {},
@@ -944,7 +947,7 @@
944
947
  "type": "structure",
945
948
  "members": {
946
949
  "WorkspaceIds": {
947
- "shape": "S5l"
950
+ "shape": "S5o"
948
951
  },
949
952
  "NextToken": {}
950
953
  }
@@ -1015,13 +1018,13 @@
1015
1018
  "members": {
1016
1019
  "ResourceId": {},
1017
1020
  "DeviceTypeWindows": {
1018
- "shape": "S5x"
1021
+ "shape": "S60"
1019
1022
  },
1020
1023
  "DeviceTypeOsx": {
1021
- "shape": "S5x"
1024
+ "shape": "S60"
1022
1025
  },
1023
1026
  "DeviceTypeAndroid": {
1024
- "shape": "S5x"
1027
+ "shape": "S60"
1025
1028
  },
1026
1029
  "DeviceTypeIos": {
1027
1030
  "type": "structure",
@@ -1044,10 +1047,10 @@
1044
1047
  }
1045
1048
  },
1046
1049
  "DeviceTypeLinux": {
1047
- "shape": "S5x"
1050
+ "shape": "S60"
1048
1051
  },
1049
1052
  "DeviceTypeWeb": {
1050
- "shape": "S5x"
1053
+ "shape": "S60"
1051
1054
  }
1052
1055
  }
1053
1056
  },
@@ -1182,6 +1185,28 @@
1182
1185
  "members": {}
1183
1186
  }
1184
1187
  },
1188
+ "ModifySamlProperties": {
1189
+ "input": {
1190
+ "type": "structure",
1191
+ "required": [
1192
+ "ResourceId"
1193
+ ],
1194
+ "members": {
1195
+ "ResourceId": {},
1196
+ "SamlProperties": {
1197
+ "shape": "S53"
1198
+ },
1199
+ "PropertiesToDelete": {
1200
+ "type": "list",
1201
+ "member": {}
1202
+ }
1203
+ }
1204
+ },
1205
+ "output": {
1206
+ "type": "structure",
1207
+ "members": {}
1208
+ }
1209
+ },
1185
1210
  "ModifySelfservicePermissions": {
1186
1211
  "input": {
1187
1212
  "type": "structure",
@@ -1318,7 +1343,7 @@
1318
1343
  "FailedRequests": {
1319
1344
  "type": "list",
1320
1345
  "member": {
1321
- "shape": "S73"
1346
+ "shape": "S7a"
1322
1347
  }
1323
1348
  }
1324
1349
  }
@@ -1351,7 +1376,7 @@
1351
1376
  "FailedRequests": {
1352
1377
  "type": "list",
1353
1378
  "member": {
1354
- "shape": "S73"
1379
+ "shape": "S7a"
1355
1380
  }
1356
1381
  }
1357
1382
  }
@@ -1445,7 +1470,7 @@
1445
1470
  "FailedRequests": {
1446
1471
  "type": "list",
1447
1472
  "member": {
1448
- "shape": "S73"
1473
+ "shape": "S7a"
1449
1474
  }
1450
1475
  }
1451
1476
  }
@@ -1475,7 +1500,7 @@
1475
1500
  "FailedRequests": {
1476
1501
  "type": "list",
1477
1502
  "member": {
1478
- "shape": "S73"
1503
+ "shape": "S7a"
1479
1504
  }
1480
1505
  }
1481
1506
  }
@@ -1508,7 +1533,7 @@
1508
1533
  "FailedRequests": {
1509
1534
  "type": "list",
1510
1535
  "member": {
1511
- "shape": "S73"
1536
+ "shape": "S7a"
1512
1537
  }
1513
1538
  }
1514
1539
  }
@@ -1840,7 +1865,15 @@
1840
1865
  "RebuildWorkspace": {}
1841
1866
  }
1842
1867
  },
1843
- "S5i": {
1868
+ "S53": {
1869
+ "type": "structure",
1870
+ "members": {
1871
+ "Status": {},
1872
+ "UserAccessUrl": {},
1873
+ "RelayStateParameterName": {}
1874
+ }
1875
+ },
1876
+ "S5l": {
1844
1877
  "type": "list",
1845
1878
  "member": {
1846
1879
  "type": "structure",
@@ -1851,11 +1884,11 @@
1851
1884
  }
1852
1885
  }
1853
1886
  },
1854
- "S5l": {
1887
+ "S5o": {
1855
1888
  "type": "list",
1856
1889
  "member": {}
1857
1890
  },
1858
- "S5x": {
1891
+ "S60": {
1859
1892
  "type": "structure",
1860
1893
  "members": {
1861
1894
  "Logo": {
@@ -1869,7 +1902,7 @@
1869
1902
  }
1870
1903
  }
1871
1904
  },
1872
- "S73": {
1905
+ "S7a": {
1873
1906
  "type": "structure",
1874
1907
  "members": {
1875
1908
  "WorkspaceId": {},
@@ -309,3 +309,4 @@ export import M2 = require('./m2');
309
309
  export import ConnectCampaigns = require('./connectcampaigns');
310
310
  export import RedshiftServerless = require('./redshiftserverless');
311
311
  export import RolesAnywhere = require('./rolesanywhere');
312
+ export import LicenseManagerUserSubscriptions = require('./licensemanagerusersubscriptions');
@@ -310,5 +310,6 @@ module.exports = {
310
310
  M2: require('./m2'),
311
311
  ConnectCampaigns: require('./connectcampaigns'),
312
312
  RedshiftServerless: require('./redshiftserverless'),
313
- RolesAnywhere: require('./rolesanywhere')
313
+ RolesAnywhere: require('./rolesanywhere'),
314
+ LicenseManagerUserSubscriptions: require('./licensemanagerusersubscriptions')
314
315
  };
@@ -504,11 +504,11 @@ declare class ConfigService extends Service {
504
504
  */
505
505
  listAggregateDiscoveredResources(callback?: (err: AWSError, data: ConfigService.Types.ListAggregateDiscoveredResourcesResponse) => void): Request<ConfigService.Types.ListAggregateDiscoveredResourcesResponse, AWSError>;
506
506
  /**
507
- * Returns a list of conformance pack compliance scores. A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack. This metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand compliance deviations in your conformance packs.
507
+ * Returns a list of conformance pack compliance scores. A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack. This metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand the level of compliance in your conformance packs. Conformance packs with no evaluation results will have a compliance score of INSUFFICIENT_DATA.
508
508
  */
509
509
  listConformancePackComplianceScores(params: ConfigService.Types.ListConformancePackComplianceScoresRequest, callback?: (err: AWSError, data: ConfigService.Types.ListConformancePackComplianceScoresResponse) => void): Request<ConfigService.Types.ListConformancePackComplianceScoresResponse, AWSError>;
510
510
  /**
511
- * Returns a list of conformance pack compliance scores. A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack. This metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand compliance deviations in your conformance packs.
511
+ * Returns a list of conformance pack compliance scores. A compliance score is the percentage of the number of compliant rule-resource combinations in a conformance pack compared to the number of total possible rule-resource combinations in the conformance pack. This metric provides you with a high-level view of the compliance state of your conformance packs, and can be used to identify, investigate, and understand the level of compliance in your conformance packs. Conformance packs with no evaluation results will have a compliance score of INSUFFICIENT_DATA.
512
512
  */
513
513
  listConformancePackComplianceScores(callback?: (err: AWSError, data: ConfigService.Types.ListConformancePackComplianceScoresResponse) => void): Request<ConfigService.Types.ListConformancePackComplianceScoresResponse, AWSError>;
514
514
  /**
@@ -544,11 +544,11 @@ declare class ConfigService extends Service {
544
544
  */
545
545
  putAggregationAuthorization(callback?: (err: AWSError, data: ConfigService.Types.PutAggregationAuthorizationResponse) => void): Request<ConfigService.Types.PutAggregationAuthorizationResponse, AWSError>;
546
546
  /**
547
- * Adds or updates an Config rule for evaluating whether your Amazon Web Services resources comply with your desired configurations. You can use this action for Config custom rules and Config managed rules. A Config custom rule is a rule that you develop and maintain. An Config managed rule is a customizable, predefined rule that Config provides. If you are adding a new Config custom rule, you must first create the Lambda function that the rule invokes to evaluate your resources. When you use the PutConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. Specify the ARN for the SourceIdentifier key. This key is part of the Source object, which is part of the ConfigRule object. If you are adding an Config managed rule, specify the rule's identifier for the SourceIdentifier key. To reference Config managed rule identifiers, see About Config managed rules. For any new rule that you add, specify the ConfigRuleName in the ConfigRule object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values are generated by Config for new rules. If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule data type that you use in this request. For information on how many Config rules you can have per account, see Service Limits in the Config Developer Guide. For more information about developing and using Config rules, see Evaluating Amazon Web Services resource Configurations with Config in the Config Developer Guide.
547
+ * Adds or updates an Config rule to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many Config rules you can have per account, see Service Limits in the Config Developer Guide. There are two types of rules: Config Custom Rules and Config Managed Rules. You can use PutConfigRule to create both Config custom rules and Config managed rules. Custom rules are rules that you can create using either Guard or Lambda functions. Guard (Guard GitHub Repository) is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. Lambda uses custom code that you upload to evaluate a custom rule. If you are adding a new Custom Lambda rule, you first need to create an Lambda function that the rule invokes to evaluate your resources. When you use PutConfigRule to add a Custom Lambda rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. You specify the ARN in the SourceIdentifier key. This key is part of the Source object, which is part of the ConfigRule object. Managed rules are predefined, customizable rules created by Config. For a list of managed rules, see List of Config Managed Rules. If you are adding an Config managed rule, you must specify the rule's identifier for the SourceIdentifier key. For any new rule that you add, specify the ConfigRuleName in the ConfigRule object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values are generated by Config for new rules. If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule data type that you use in this request. For more information about developing and using Config rules, see Evaluating Amazon Web Services resource Configurations with Config in the Config Developer Guide.
548
548
  */
549
549
  putConfigRule(params: ConfigService.Types.PutConfigRuleRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
550
550
  /**
551
- * Adds or updates an Config rule for evaluating whether your Amazon Web Services resources comply with your desired configurations. You can use this action for Config custom rules and Config managed rules. A Config custom rule is a rule that you develop and maintain. An Config managed rule is a customizable, predefined rule that Config provides. If you are adding a new Config custom rule, you must first create the Lambda function that the rule invokes to evaluate your resources. When you use the PutConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. Specify the ARN for the SourceIdentifier key. This key is part of the Source object, which is part of the ConfigRule object. If you are adding an Config managed rule, specify the rule's identifier for the SourceIdentifier key. To reference Config managed rule identifiers, see About Config managed rules. For any new rule that you add, specify the ConfigRuleName in the ConfigRule object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values are generated by Config for new rules. If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule data type that you use in this request. For information on how many Config rules you can have per account, see Service Limits in the Config Developer Guide. For more information about developing and using Config rules, see Evaluating Amazon Web Services resource Configurations with Config in the Config Developer Guide.
551
+ * Adds or updates an Config rule to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many Config rules you can have per account, see Service Limits in the Config Developer Guide. There are two types of rules: Config Custom Rules and Config Managed Rules. You can use PutConfigRule to create both Config custom rules and Config managed rules. Custom rules are rules that you can create using either Guard or Lambda functions. Guard (Guard GitHub Repository) is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. Lambda uses custom code that you upload to evaluate a custom rule. If you are adding a new Custom Lambda rule, you first need to create an Lambda function that the rule invokes to evaluate your resources. When you use PutConfigRule to add a Custom Lambda rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. You specify the ARN in the SourceIdentifier key. This key is part of the Source object, which is part of the ConfigRule object. Managed rules are predefined, customizable rules created by Config. For a list of managed rules, see List of Config Managed Rules. If you are adding an Config managed rule, you must specify the rule's identifier for the SourceIdentifier key. For any new rule that you add, specify the ConfigRuleName in the ConfigRule object. Do not specify the ConfigRuleArn or the ConfigRuleId. These values are generated by Config for new rules. If you are updating a rule that you added previously, you can specify the rule by ConfigRuleName, ConfigRuleId, or ConfigRuleArn in the ConfigRule data type that you use in this request. For more information about developing and using Config rules, see Evaluating Amazon Web Services resource Configurations with Config in the Config Developer Guide.
552
552
  */
553
553
  putConfigRule(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
554
554
  /**
@@ -568,11 +568,11 @@ declare class ConfigService extends Service {
568
568
  */
569
569
  putConfigurationRecorder(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
570
570
  /**
571
- * Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization. For information on how many conformance packs you can have per account, see Service Limits in the Config Developer Guide. This API creates a service linked role AWSServiceRoleForConfigConforms in your account. The service linked role is created only when the role does not exist in your account. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.
571
+ * Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization. For information on how many conformance packs you can have per account, see Service Limits in the Config Developer Guide. This API creates a service-linked role AWSServiceRoleForConfigConforms in your account. The service-linked role is created only when the role does not exist in your account. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.
572
572
  */
573
573
  putConformancePack(params: ConfigService.Types.PutConformancePackRequest, callback?: (err: AWSError, data: ConfigService.Types.PutConformancePackResponse) => void): Request<ConfigService.Types.PutConformancePackResponse, AWSError>;
574
574
  /**
575
- * Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization. For information on how many conformance packs you can have per account, see Service Limits in the Config Developer Guide. This API creates a service linked role AWSServiceRoleForConfigConforms in your account. The service linked role is created only when the role does not exist in your account. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.
575
+ * Creates or updates a conformance pack. A conformance pack is a collection of Config rules that can be easily deployed in an account and a region and across Amazon Web Services Organization. For information on how many conformance packs you can have per account, see Service Limits in the Config Developer Guide. This API creates a service-linked role AWSServiceRoleForConfigConforms in your account. The service-linked role is created only when the role does not exist in your account. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.
576
576
  */
577
577
  putConformancePack(callback?: (err: AWSError, data: ConfigService.Types.PutConformancePackResponse) => void): Request<ConfigService.Types.PutConformancePackResponse, AWSError>;
578
578
  /**
@@ -600,19 +600,19 @@ declare class ConfigService extends Service {
600
600
  */
601
601
  putExternalEvaluation(callback?: (err: AWSError, data: ConfigService.Types.PutExternalEvaluationResponse) => void): Request<ConfigService.Types.PutExternalEvaluationResponse, AWSError>;
602
602
  /**
603
- * Adds or updates organization Config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com. You can use this action to create both Config custom rules and Config managed rules. If you are adding a new Config custom rule, you must first create Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function. When you use the PutOrganizationConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. If you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.
603
+ * Adds or updates an Config rule for your entire organization to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access through the EnableAWSServiceAccess action and creates a service-linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service-linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com. There are two types of rules: Config Custom Rules and Config Managed Rules. You can use PutOrganizationConfigRule to create both Config custom rules and Config managed rules. Custom rules are rules that you can create using either Guard or Lambda functions. Guard (Guard GitHub Repository) is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. Lambda uses custom code that you upload to evaluate a custom rule. If you are adding a new Custom Lambda rule, you first need to create an Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed account that can be assumed by the Lambda function. When you use PutOrganizationConfigRule to add a Custom Lambda rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. Managed rules are predefined, customizable rules created by Config. For a list of managed rules, see List of Config Managed Rules. If you are adding an Config managed rule, you must specify the rule's identifier for the RuleIdentifier key. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. Make sure to specify one of either OrganizationCustomPolicyRuleMetadata for Custom Policy rules, OrganizationCustomRuleMetadata for Custom Lambda rules, or OrganizationManagedRuleMetadata for managed rules.
604
604
  */
605
605
  putOrganizationConfigRule(params: ConfigService.Types.PutOrganizationConfigRuleRequest, callback?: (err: AWSError, data: ConfigService.Types.PutOrganizationConfigRuleResponse) => void): Request<ConfigService.Types.PutOrganizationConfigRuleResponse, AWSError>;
606
606
  /**
607
- * Adds or updates organization Config rule for your entire organization evaluating whether your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com. You can use this action to create both Config custom rules and Config managed rules. If you are adding a new Config custom rule, you must first create Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed-account that can be assumed by the Lambda function. When you use the PutOrganizationConfigRule action to add the rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. If you are adding an Config managed rule, specify the rule's identifier for the RuleIdentifier key. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. Specify either OrganizationCustomRuleMetadata or OrganizationManagedRuleMetadata.
607
+ * Adds or updates an Config rule for your entire organization to evaluate if your Amazon Web Services resources comply with your desired configurations. For information on how many organization Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can create or update an organization Config rule. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access through the EnableAWSServiceAccess action and creates a service-linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service-linked role is created only when the role does not exist in the caller account. Config verifies the existence of role with GetRole action. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegated-administrator for config-multiaccountsetup.amazonaws.com. There are two types of rules: Config Custom Rules and Config Managed Rules. You can use PutOrganizationConfigRule to create both Config custom rules and Config managed rules. Custom rules are rules that you can create using either Guard or Lambda functions. Guard (Guard GitHub Repository) is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. Lambda uses custom code that you upload to evaluate a custom rule. If you are adding a new Custom Lambda rule, you first need to create an Lambda function in the master account or a delegated administrator that the rule invokes to evaluate your resources. You also need to create an IAM role in the managed account that can be assumed by the Lambda function. When you use PutOrganizationConfigRule to add a Custom Lambda rule to Config, you must specify the Amazon Resource Name (ARN) that Lambda assigns to the function. Managed rules are predefined, customizable rules created by Config. For a list of managed rules, see List of Config Managed Rules. If you are adding an Config managed rule, you must specify the rule's identifier for the RuleIdentifier key. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. Make sure to specify one of either OrganizationCustomPolicyRuleMetadata for Custom Policy rules, OrganizationCustomRuleMetadata for Custom Lambda rules, or OrganizationManagedRuleMetadata for managed rules.
608
608
  */
609
609
  putOrganizationConfigRule(callback?: (err: AWSError, data: ConfigService.Types.PutOrganizationConfigRuleResponse) => void): Request<ConfigService.Types.PutOrganizationConfigRuleResponse, AWSError>;
610
610
  /**
611
- * Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter. Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.
611
+ * Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service-linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service-linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter. Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.
612
612
  */
613
613
  putOrganizationConformancePack(params: ConfigService.Types.PutOrganizationConformancePackRequest, callback?: (err: AWSError, data: ConfigService.Types.PutOrganizationConformancePackResponse) => void): Request<ConfigService.Types.PutOrganizationConformancePackResponse, AWSError>;
614
614
  /**
615
- * Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter. Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.
615
+ * Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, see Service Limits in the Config Developer Guide. Only a master account and a delegated administrator can call this API. When calling this API with a delegated administrator, you must ensure Organizations ListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators. This API enables organization service access for config-multiaccountsetup.amazonaws.com through the EnableAWSServiceAccess action and creates a service-linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. The service-linked role is created only when the role does not exist in the caller account. To use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization register-delegate-admin for config-multiaccountsetup.amazonaws.com. Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization. You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. If you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter. Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. You cannot update a conformance pack while it is in this state.
616
616
  */
617
617
  putOrganizationConformancePack(callback?: (err: AWSError, data: ConfigService.Types.PutOrganizationConformancePackResponse) => void): Request<ConfigService.Types.PutOrganizationConformancePackResponse, AWSError>;
618
618
  /**
@@ -1192,7 +1192,7 @@ declare namespace ConfigService {
1192
1192
  */
1193
1193
  Scope?: Scope;
1194
1194
  /**
1195
- * Provides the rule owner (Amazon Web Services or customer), the rule identifier, and the notifications that cause the function to evaluate your Amazon Web Services resources.
1195
+ * Provides the rule owner (Amazon Web Services for managed rules, CUSTOM_POLICY for Custom Policy rules, and CUSTOM_LAMBDA for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your Amazon Web Services resources.
1196
1196
  */
1197
1197
  Source: Source;
1198
1198
  /**
@@ -1208,7 +1208,7 @@ declare namespace ConfigService {
1208
1208
  */
1209
1209
  ConfigRuleState?: ConfigRuleState;
1210
1210
  /**
1211
- * Service principal name of the service that created the rule. The field is populated only if the service linked rule is created by a service. The field is empty if you create your own rule.
1211
+ * Service principal name of the service that created the rule. The field is populated only if the service-linked rule is created by a service. The field is empty if you create your own rule.
1212
1212
  */
1213
1213
  CreatedBy?: StringWithCharLimit256;
1214
1214
  }
@@ -1511,7 +1511,7 @@ declare namespace ConfigService {
1511
1511
  export type ConformancePackComplianceResourceIds = StringWithCharLimit256[];
1512
1512
  export interface ConformancePackComplianceScore {
1513
1513
  /**
1514
- * Compliance score for the conformance pack.
1514
+ * Compliance score for the conformance pack. Conformance packs with no evaluation results will have a compliance score of INSUFFICIENT_DATA.
1515
1515
  */
1516
1516
  Score?: ComplianceScore;
1517
1517
  /**
@@ -1526,7 +1526,7 @@ declare namespace ConfigService {
1526
1526
  export type ConformancePackComplianceScores = ConformancePackComplianceScore[];
1527
1527
  export interface ConformancePackComplianceScoresFilters {
1528
1528
  /**
1529
- * The name of a conformance pack whose score should be included in the compliance score result.
1529
+ * The names of the conformance packs whose compliance scores you want to include in the conformance pack compliance score result set. You can include up to 25 conformance packs in the ConformancePackNames array of strings, each with a character limit of 256 characters for the conformance pack name.
1530
1530
  */
1531
1531
  ConformancePackNames: ConformancePackNameFilter;
1532
1532
  }
@@ -3111,11 +3111,11 @@ declare namespace ConfigService {
3111
3111
  */
3112
3112
  Filters?: ConformancePackComplianceScoresFilters;
3113
3113
  /**
3114
- * Determines the order in which conformance pack compliance scores are sorted. Either in ascending or descending order.
3114
+ * Determines the order in which conformance pack compliance scores are sorted. Either in ascending or descending order. Conformance packs with a compliance score of INSUFFICIENT_DATA will be first when sorting by ascending order and last when sorting by descending order.
3115
3115
  */
3116
3116
  SortOrder?: SortOrder;
3117
3117
  /**
3118
- * Sorts your conformance pack compliance scores in either ascending or descending order, depending on SortOrder.
3118
+ * Sorts your conformance pack compliance scores in either ascending or descending order, depending on SortOrder. By default, conformance pack compliance scores are sorted in ascending order by compliance score and alphabetically by name of the conformance pack if there is more than one conformance pack with the same compliance score.
3119
3119
  */
3120
3120
  SortBy?: SortBy;
3121
3121
  /**
@@ -3133,7 +3133,7 @@ declare namespace ConfigService {
3133
3133
  */
3134
3134
  NextToken?: NextToken;
3135
3135
  /**
3136
- * A list of ConformancePackComplianceScore objects
3136
+ * A list of ConformancePackComplianceScore objects.
3137
3137
  */
3138
3138
  ConformancePackComplianceScores: ConformancePackComplianceScores;
3139
3139
  }
@@ -3735,11 +3735,11 @@ declare namespace ConfigService {
3735
3735
  */
3736
3736
  OrganizationConfigRuleName: OrganizationConfigRuleName;
3737
3737
  /**
3738
- * An OrganizationManagedRuleMetadata object.
3738
+ * An OrganizationManagedRuleMetadata object. This object specifies organization managed rule metadata such as resource type and ID of Amazon Web Services resource along with the rule identifier. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.
3739
3739
  */
3740
3740
  OrganizationManagedRuleMetadata?: OrganizationManagedRuleMetadata;
3741
3741
  /**
3742
- * An OrganizationCustomRuleMetadata object.
3742
+ * An OrganizationCustomRuleMetadata object. This object specifies organization custom rule metadata such as resource type, resource ID of Amazon Web Services resource, Lambda function ARN, and organization trigger types that trigger Config to evaluate your Amazon Web Services resources against a rule. It also provides the frequency with which you want Config to run evaluations for the rule if the trigger type is periodic.
3743
3743
  */
3744
3744
  OrganizationCustomRuleMetadata?: OrganizationCustomRuleMetadata;
3745
3745
  /**
@@ -3747,7 +3747,7 @@ declare namespace ConfigService {
3747
3747
  */
3748
3748
  ExcludedAccounts?: ExcludedAccounts;
3749
3749
  /**
3750
- * An object that specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
3750
+ * An OrganizationCustomPolicyRuleMetadata object. This object specifies metadata for your organization's Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of Amazon Web Services resource, and organization trigger types that initiate Config to evaluate Amazon Web Services resources against a rule.
3751
3751
  */
3752
3752
  OrganizationCustomPolicyRuleMetadata?: OrganizationCustomPolicyRuleMetadata;
3753
3753
  }
@@ -3979,7 +3979,7 @@ declare namespace ConfigService {
3979
3979
  */
3980
3980
  Arn?: StringWithCharLimit1024;
3981
3981
  /**
3982
- * Name of the service that owns the service linked rule, if applicable.
3982
+ * Name of the service that owns the service-linked rule, if applicable.
3983
3983
  */
3984
3984
  CreatedByService?: StringWithCharLimit1024;
3985
3985
  }