feat(client-macie2): Added support for configuring Macie to continual…

…ly sample objects from S3 buckets and inspect them for sensitive data. Results appear in statistics, findings, and other data that Macie provides.
aws · Nov 29, 2022 · f418c4b · f418c4b
1 parent aa2dc1f
commit f418c4b
Show file tree

Hide file tree

Showing 44 changed files with 8,843 additions and 1,975 deletions.
diff --git a/clients/client-macie2/README.md b/clients/client-macie2/README.md
@@ -9,7 +9,7 @@
 
 AWS SDK for JavaScript Macie2 Client for Node.js, Browser and React Native.
 
-<p>Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.</p>
+<p>Amazon Macie</p>
 
 ## Installing
 

diff --git a/clients/client-macie2/src/Macie2.ts b/clients/client-macie2/src/Macie2.ts
diff --git a/clients/client-macie2/src/Macie2Client.ts b/clients/client-macie2/src/Macie2Client.ts
@@ -116,6 +116,10 @@ import {
   GetAdministratorAccountCommandOutput,
 } from "./commands/GetAdministratorAccountCommand";
 import { GetAllowListCommandInput, GetAllowListCommandOutput } from "./commands/GetAllowListCommand";
+import {
+  GetAutomatedDiscoveryConfigurationCommandInput,
+  GetAutomatedDiscoveryConfigurationCommandOutput,
+} from "./commands/GetAutomatedDiscoveryConfigurationCommand";
 import {
   GetBucketStatisticsCommandInput,
   GetBucketStatisticsCommandOutput,
@@ -124,6 +128,10 @@ import {
   GetClassificationExportConfigurationCommandInput,
   GetClassificationExportConfigurationCommandOutput,
 } from "./commands/GetClassificationExportConfigurationCommand";
+import {
+  GetClassificationScopeCommandInput,
+  GetClassificationScopeCommandOutput,
+} from "./commands/GetClassificationScopeCommand";
 import {
   GetCustomDataIdentifierCommandInput,
   GetCustomDataIdentifierCommandOutput,
@@ -145,6 +153,7 @@ import {
 import { GetMacieSessionCommandInput, GetMacieSessionCommandOutput } from "./commands/GetMacieSessionCommand";
 import { GetMasterAccountCommandInput, GetMasterAccountCommandOutput } from "./commands/GetMasterAccountCommand";
 import { GetMemberCommandInput, GetMemberCommandOutput } from "./commands/GetMemberCommand";
+import { GetResourceProfileCommandInput, GetResourceProfileCommandOutput } from "./commands/GetResourceProfileCommand";
 import {
   GetRevealConfigurationCommandInput,
   GetRevealConfigurationCommandOutput,
@@ -157,13 +166,21 @@ import {
   GetSensitiveDataOccurrencesCommandInput,
   GetSensitiveDataOccurrencesCommandOutput,
 } from "./commands/GetSensitiveDataOccurrencesCommand";
+import {
+  GetSensitivityInspectionTemplateCommandInput,
+  GetSensitivityInspectionTemplateCommandOutput,
+} from "./commands/GetSensitivityInspectionTemplateCommand";
 import { GetUsageStatisticsCommandInput, GetUsageStatisticsCommandOutput } from "./commands/GetUsageStatisticsCommand";
 import { GetUsageTotalsCommandInput, GetUsageTotalsCommandOutput } from "./commands/GetUsageTotalsCommand";
 import { ListAllowListsCommandInput, ListAllowListsCommandOutput } from "./commands/ListAllowListsCommand";
 import {
   ListClassificationJobsCommandInput,
   ListClassificationJobsCommandOutput,
 } from "./commands/ListClassificationJobsCommand";
+import {
+  ListClassificationScopesCommandInput,
+  ListClassificationScopesCommandOutput,
+} from "./commands/ListClassificationScopesCommand";
 import {
   ListCustomDataIdentifiersCommandInput,
   ListCustomDataIdentifiersCommandOutput,
@@ -183,6 +200,18 @@ import {
   ListOrganizationAdminAccountsCommandInput,
   ListOrganizationAdminAccountsCommandOutput,
 } from "./commands/ListOrganizationAdminAccountsCommand";
+import {
+  ListResourceProfileArtifactsCommandInput,
+  ListResourceProfileArtifactsCommandOutput,
+} from "./commands/ListResourceProfileArtifactsCommand";
+import {
+  ListResourceProfileDetectionsCommandInput,
+  ListResourceProfileDetectionsCommandOutput,
+} from "./commands/ListResourceProfileDetectionsCommand";
+import {
+  ListSensitivityInspectionTemplatesCommandInput,
+  ListSensitivityInspectionTemplatesCommandOutput,
+} from "./commands/ListSensitivityInspectionTemplatesCommand";
 import {
   ListTagsForResourceCommandInput,
   ListTagsForResourceCommandOutput,
@@ -203,10 +232,18 @@ import {
 } from "./commands/TestCustomDataIdentifierCommand";
 import { UntagResourceCommandInput, UntagResourceCommandOutput } from "./commands/UntagResourceCommand";
 import { UpdateAllowListCommandInput, UpdateAllowListCommandOutput } from "./commands/UpdateAllowListCommand";
+import {
+  UpdateAutomatedDiscoveryConfigurationCommandInput,
+  UpdateAutomatedDiscoveryConfigurationCommandOutput,
+} from "./commands/UpdateAutomatedDiscoveryConfigurationCommand";
 import {
   UpdateClassificationJobCommandInput,
   UpdateClassificationJobCommandOutput,
 } from "./commands/UpdateClassificationJobCommand";
+import {
+  UpdateClassificationScopeCommandInput,
+  UpdateClassificationScopeCommandOutput,
+} from "./commands/UpdateClassificationScopeCommand";
 import {
   UpdateFindingsFilterCommandInput,
   UpdateFindingsFilterCommandOutput,
@@ -220,10 +257,22 @@ import {
   UpdateOrganizationConfigurationCommandInput,
   UpdateOrganizationConfigurationCommandOutput,
 } from "./commands/UpdateOrganizationConfigurationCommand";
+import {
+  UpdateResourceProfileCommandInput,
+  UpdateResourceProfileCommandOutput,
+} from "./commands/UpdateResourceProfileCommand";
+import {
+  UpdateResourceProfileDetectionsCommandInput,
+  UpdateResourceProfileDetectionsCommandOutput,
+} from "./commands/UpdateResourceProfileDetectionsCommand";
 import {
   UpdateRevealConfigurationCommandInput,
   UpdateRevealConfigurationCommandOutput,
 } from "./commands/UpdateRevealConfigurationCommand";
+import {
+  UpdateSensitivityInspectionTemplateCommandInput,
+  UpdateSensitivityInspectionTemplateCommandOutput,
+} from "./commands/UpdateSensitivityInspectionTemplateCommand";
 import {
   ClientInputEndpointParameters,
   ClientResolvedEndpointParameters,
@@ -260,8 +309,10 @@ export type ServiceInputTypes =
   | EnableOrganizationAdminAccountCommandInput
   | GetAdministratorAccountCommandInput
   | GetAllowListCommandInput
+  | GetAutomatedDiscoveryConfigurationCommandInput
   | GetBucketStatisticsCommandInput
   | GetClassificationExportConfigurationCommandInput
+  | GetClassificationScopeCommandInput
   | GetCustomDataIdentifierCommandInput
   | GetFindingStatisticsCommandInput
   | GetFindingsCommandInput
@@ -271,20 +322,26 @@ export type ServiceInputTypes =
   | GetMacieSessionCommandInput
   | GetMasterAccountCommandInput
   | GetMemberCommandInput
+  | GetResourceProfileCommandInput
   | GetRevealConfigurationCommandInput
   | GetSensitiveDataOccurrencesAvailabilityCommandInput
   | GetSensitiveDataOccurrencesCommandInput
+  | GetSensitivityInspectionTemplateCommandInput
   | GetUsageStatisticsCommandInput
   | GetUsageTotalsCommandInput
   | ListAllowListsCommandInput
   | ListClassificationJobsCommandInput
+  | ListClassificationScopesCommandInput
   | ListCustomDataIdentifiersCommandInput
   | ListFindingsCommandInput
   | ListFindingsFiltersCommandInput
   | ListInvitationsCommandInput
   | ListManagedDataIdentifiersCommandInput
   | ListMembersCommandInput
   | ListOrganizationAdminAccountsCommandInput
+  | ListResourceProfileArtifactsCommandInput
+  | ListResourceProfileDetectionsCommandInput
+  | ListSensitivityInspectionTemplatesCommandInput
   | ListTagsForResourceCommandInput
   | PutClassificationExportConfigurationCommandInput
   | PutFindingsPublicationConfigurationCommandInput
@@ -293,12 +350,17 @@ export type ServiceInputTypes =
   | TestCustomDataIdentifierCommandInput
   | UntagResourceCommandInput
   | UpdateAllowListCommandInput
+  | UpdateAutomatedDiscoveryConfigurationCommandInput
   | UpdateClassificationJobCommandInput
+  | UpdateClassificationScopeCommandInput
   | UpdateFindingsFilterCommandInput
   | UpdateMacieSessionCommandInput
   | UpdateMemberSessionCommandInput
   | UpdateOrganizationConfigurationCommandInput
-  | UpdateRevealConfigurationCommandInput;
+  | UpdateResourceProfileCommandInput
+  | UpdateResourceProfileDetectionsCommandInput
+  | UpdateRevealConfigurationCommandInput
+  | UpdateSensitivityInspectionTemplateCommandInput;
 
 export type ServiceOutputTypes =
   | AcceptInvitationCommandOutput
@@ -328,8 +390,10 @@ export type ServiceOutputTypes =
   | EnableOrganizationAdminAccountCommandOutput
   | GetAdministratorAccountCommandOutput
   | GetAllowListCommandOutput
+  | GetAutomatedDiscoveryConfigurationCommandOutput
   | GetBucketStatisticsCommandOutput
   | GetClassificationExportConfigurationCommandOutput
+  | GetClassificationScopeCommandOutput
   | GetCustomDataIdentifierCommandOutput
   | GetFindingStatisticsCommandOutput
   | GetFindingsCommandOutput
@@ -339,20 +403,26 @@ export type ServiceOutputTypes =
   | GetMacieSessionCommandOutput
   | GetMasterAccountCommandOutput
   | GetMemberCommandOutput
+  | GetResourceProfileCommandOutput
   | GetRevealConfigurationCommandOutput
   | GetSensitiveDataOccurrencesAvailabilityCommandOutput
   | GetSensitiveDataOccurrencesCommandOutput
+  | GetSensitivityInspectionTemplateCommandOutput
   | GetUsageStatisticsCommandOutput
   | GetUsageTotalsCommandOutput
   | ListAllowListsCommandOutput
   | ListClassificationJobsCommandOutput
+  | ListClassificationScopesCommandOutput
   | ListCustomDataIdentifiersCommandOutput
   | ListFindingsCommandOutput
   | ListFindingsFiltersCommandOutput
   | ListInvitationsCommandOutput
   | ListManagedDataIdentifiersCommandOutput
   | ListMembersCommandOutput
   | ListOrganizationAdminAccountsCommandOutput
+  | ListResourceProfileArtifactsCommandOutput
+  | ListResourceProfileDetectionsCommandOutput
+  | ListSensitivityInspectionTemplatesCommandOutput
   | ListTagsForResourceCommandOutput
   | PutClassificationExportConfigurationCommandOutput
   | PutFindingsPublicationConfigurationCommandOutput
@@ -361,12 +431,17 @@ export type ServiceOutputTypes =
   | TestCustomDataIdentifierCommandOutput
   | UntagResourceCommandOutput
   | UpdateAllowListCommandOutput
+  | UpdateAutomatedDiscoveryConfigurationCommandOutput
   | UpdateClassificationJobCommandOutput
+  | UpdateClassificationScopeCommandOutput
   | UpdateFindingsFilterCommandOutput
   | UpdateMacieSessionCommandOutput
   | UpdateMemberSessionCommandOutput
   | UpdateOrganizationConfigurationCommandOutput
-  | UpdateRevealConfigurationCommandOutput;
+  | UpdateResourceProfileCommandOutput
+  | UpdateResourceProfileDetectionsCommandOutput
+  | UpdateRevealConfigurationCommandOutput
+  | UpdateSensitivityInspectionTemplateCommandOutput;
 
 export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> {
   /**
@@ -518,7 +593,7 @@ type Macie2ClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandle
 export interface Macie2ClientResolvedConfig extends Macie2ClientResolvedConfigType {}
 
 /**
- * <p>Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.</p>
+ * <p>Amazon Macie</p>
  */
 export class Macie2Client extends __Client<
   __HttpHandlerOptions,

diff --git a/clients/client-macie2/src/commands/DescribeBucketsCommand.ts b/clients/client-macie2/src/commands/DescribeBucketsCommand.ts
@@ -29,7 +29,7 @@ export interface DescribeBucketsCommandInput extends DescribeBucketsRequest {}
 export interface DescribeBucketsCommandOutput extends DescribeBucketsResponse, __MetadataBearer {}
 
 /**
- * <p>Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes.</p>
+ * <p>Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

diff --git a/clients/client-macie2/src/commands/GetAutomatedDiscoveryConfigurationCommand.ts b/clients/client-macie2/src/commands/GetAutomatedDiscoveryConfigurationCommand.ts
@@ -0,0 +1,122 @@
+// smithy-typescript generated code
+import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint";
+import { getSerdePlugin } from "@aws-sdk/middleware-serde";
+import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import {
+  FinalizeHandlerArguments,
+  Handler,
+  HandlerExecutionContext,
+  HttpHandlerOptions as __HttpHandlerOptions,
+  MetadataBearer as __MetadataBearer,
+  MiddlewareStack,
+  SerdeContext as __SerdeContext,
+} from "@aws-sdk/types";
+
+import { Macie2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../Macie2Client";
+import {
+  GetAutomatedDiscoveryConfigurationRequest,
+  GetAutomatedDiscoveryConfigurationRequestFilterSensitiveLog,
+  GetAutomatedDiscoveryConfigurationResponse,
+  GetAutomatedDiscoveryConfigurationResponseFilterSensitiveLog,
+} from "../models/models_0";
+import {
+  deserializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand,
+  serializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand,
+} from "../protocols/Aws_restJson1";
+
+export interface GetAutomatedDiscoveryConfigurationCommandInput extends GetAutomatedDiscoveryConfigurationRequest {}
+export interface GetAutomatedDiscoveryConfigurationCommandOutput
+  extends GetAutomatedDiscoveryConfigurationResponse,
+    __MetadataBearer {}
+
+/**
+ * <p>Retrieves the configuration settings and status of automated sensitive data discovery for an account.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { Macie2Client, GetAutomatedDiscoveryConfigurationCommand } from "@aws-sdk/client-macie2"; // ES Modules import
+ * // const { Macie2Client, GetAutomatedDiscoveryConfigurationCommand } = require("@aws-sdk/client-macie2"); // CommonJS import
+ * const client = new Macie2Client(config);
+ * const command = new GetAutomatedDiscoveryConfigurationCommand(input);
+ * const response = await client.send(command);
+ * ```
+ *
+ * @see {@link GetAutomatedDiscoveryConfigurationCommandInput} for command's `input` shape.
+ * @see {@link GetAutomatedDiscoveryConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape.
+ *
+ */
+export class GetAutomatedDiscoveryConfigurationCommand extends $Command<
+  GetAutomatedDiscoveryConfigurationCommandInput,
+  GetAutomatedDiscoveryConfigurationCommandOutput,
+  Macie2ClientResolvedConfig
+> {
+  // Start section: command_properties
+  // End section: command_properties
+
+  public static getEndpointParameterInstructions(): EndpointParameterInstructions {
+    return {
+      UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+      Endpoint: { type: "builtInParams", name: "endpoint" },
+      Region: { type: "builtInParams", name: "region" },
+      UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+    };
+  }
+
+  constructor(readonly input: GetAutomatedDiscoveryConfigurationCommandInput) {
+    // Start section: command_constructor
+    super();
+    // End section: command_constructor
+  }
+
+  /**
+   * @internal
+   */
+  resolveMiddleware(
+    clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>,
+    configuration: Macie2ClientResolvedConfig,
+    options?: __HttpHandlerOptions
+  ): Handler<GetAutomatedDiscoveryConfigurationCommandInput, GetAutomatedDiscoveryConfigurationCommandOutput> {
+    this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+    this.middlewareStack.use(
+      getEndpointPlugin(configuration, GetAutomatedDiscoveryConfigurationCommand.getEndpointParameterInstructions())
+    );
+
+    const stack = clientStack.concat(this.middlewareStack);
+
+    const { logger } = configuration;
+    const clientName = "Macie2Client";
+    const commandName = "GetAutomatedDiscoveryConfigurationCommand";
+    const handlerExecutionContext: HandlerExecutionContext = {
+      logger,
+      clientName,
+      commandName,
+      inputFilterSensitiveLog: GetAutomatedDiscoveryConfigurationRequestFilterSensitiveLog,
+      outputFilterSensitiveLog: GetAutomatedDiscoveryConfigurationResponseFilterSensitiveLog,
+    };
+    const { requestHandler } = configuration;
+    return stack.resolve(
+      (request: FinalizeHandlerArguments<any>) =>
+        requestHandler.handle(request.request as __HttpRequest, options || {}),
+      handlerExecutionContext
+    );
+  }
+
+  private serialize(
+    input: GetAutomatedDiscoveryConfigurationCommandInput,
+    context: __SerdeContext
+  ): Promise<__HttpRequest> {
+    return serializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand(input, context);
+  }
+
+  private deserialize(
+    output: __HttpResponse,
+    context: __SerdeContext
+  ): Promise<GetAutomatedDiscoveryConfigurationCommandOutput> {
+    return deserializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand(output, context);
+  }
+
+  // Start section: command_body_extra
+  // End section: command_body_extra
+}
diff --git a/clients/client-macie2/src/commands/GetBucketStatisticsCommand.ts b/clients/client-macie2/src/commands/GetBucketStatisticsCommand.ts
@@ -29,7 +29,7 @@ export interface GetBucketStatisticsCommandInput extends GetBucketStatisticsRequ
 export interface GetBucketStatisticsCommandOutput extends GetBucketStatisticsResponse, __MetadataBearer {}
 
 /**
- * <p>Retrieves (queries) aggregated statistical data about S3 buckets that Amazon Macie monitors and analyzes.</p>
+ * <p>Retrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript