Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.
+Amazon Macie
## Installing diff --git a/clients/client-macie2/src/Macie2.ts b/clients/client-macie2/src/Macie2.ts index aca1f133dc150..932c1560e1e47 100644 --- a/clients/client-macie2/src/Macie2.ts +++ b/clients/client-macie2/src/Macie2.ts @@ -132,6 +132,11 @@ import { GetAllowListCommandInput, GetAllowListCommandOutput, } from "./commands/GetAllowListCommand"; +import { + GetAutomatedDiscoveryConfigurationCommand, + GetAutomatedDiscoveryConfigurationCommandInput, + GetAutomatedDiscoveryConfigurationCommandOutput, +} from "./commands/GetAutomatedDiscoveryConfigurationCommand"; import { GetBucketStatisticsCommand, GetBucketStatisticsCommandInput, @@ -142,6 +147,11 @@ import { GetClassificationExportConfigurationCommandInput, GetClassificationExportConfigurationCommandOutput, } from "./commands/GetClassificationExportConfigurationCommand"; +import { + GetClassificationScopeCommand, + GetClassificationScopeCommandInput, + GetClassificationScopeCommandOutput, +} from "./commands/GetClassificationScopeCommand"; import { GetCustomDataIdentifierCommand, GetCustomDataIdentifierCommandInput, @@ -179,6 +189,11 @@ import { GetMasterAccountCommandOutput, } from "./commands/GetMasterAccountCommand"; import { GetMemberCommand, GetMemberCommandInput, GetMemberCommandOutput } from "./commands/GetMemberCommand"; +import { + GetResourceProfileCommand, + GetResourceProfileCommandInput, + GetResourceProfileCommandOutput, +} from "./commands/GetResourceProfileCommand"; import { GetRevealConfigurationCommand, GetRevealConfigurationCommandInput, @@ -194,6 +209,11 @@ import { GetSensitiveDataOccurrencesCommandInput, GetSensitiveDataOccurrencesCommandOutput, } from "./commands/GetSensitiveDataOccurrencesCommand"; +import { + GetSensitivityInspectionTemplateCommand, + GetSensitivityInspectionTemplateCommandInput, + GetSensitivityInspectionTemplateCommandOutput, +} from "./commands/GetSensitivityInspectionTemplateCommand"; import { GetUsageStatisticsCommand, GetUsageStatisticsCommandInput, @@ -214,6 +234,11 @@ import { ListClassificationJobsCommandInput, ListClassificationJobsCommandOutput, } from "./commands/ListClassificationJobsCommand"; +import { + ListClassificationScopesCommand, + ListClassificationScopesCommandInput, + ListClassificationScopesCommandOutput, +} from "./commands/ListClassificationScopesCommand"; import { ListCustomDataIdentifiersCommand, ListCustomDataIdentifiersCommandInput, @@ -245,6 +270,21 @@ import { ListOrganizationAdminAccountsCommandInput, ListOrganizationAdminAccountsCommandOutput, } from "./commands/ListOrganizationAdminAccountsCommand"; +import { + ListResourceProfileArtifactsCommand, + ListResourceProfileArtifactsCommandInput, + ListResourceProfileArtifactsCommandOutput, +} from "./commands/ListResourceProfileArtifactsCommand"; +import { + ListResourceProfileDetectionsCommand, + ListResourceProfileDetectionsCommandInput, + ListResourceProfileDetectionsCommandOutput, +} from "./commands/ListResourceProfileDetectionsCommand"; +import { + ListSensitivityInspectionTemplatesCommand, + ListSensitivityInspectionTemplatesCommandInput, + ListSensitivityInspectionTemplatesCommandOutput, +} from "./commands/ListSensitivityInspectionTemplatesCommand"; import { ListTagsForResourceCommand, ListTagsForResourceCommandInput, @@ -281,11 +321,21 @@ import { UpdateAllowListCommandInput, UpdateAllowListCommandOutput, } from "./commands/UpdateAllowListCommand"; +import { + UpdateAutomatedDiscoveryConfigurationCommand, + UpdateAutomatedDiscoveryConfigurationCommandInput, + UpdateAutomatedDiscoveryConfigurationCommandOutput, +} from "./commands/UpdateAutomatedDiscoveryConfigurationCommand"; import { UpdateClassificationJobCommand, UpdateClassificationJobCommandInput, UpdateClassificationJobCommandOutput, } from "./commands/UpdateClassificationJobCommand"; +import { + UpdateClassificationScopeCommand, + UpdateClassificationScopeCommandInput, + UpdateClassificationScopeCommandOutput, +} from "./commands/UpdateClassificationScopeCommand"; import { UpdateFindingsFilterCommand, UpdateFindingsFilterCommandInput, @@ -306,15 +356,30 @@ import { UpdateOrganizationConfigurationCommandInput, UpdateOrganizationConfigurationCommandOutput, } from "./commands/UpdateOrganizationConfigurationCommand"; +import { + UpdateResourceProfileCommand, + UpdateResourceProfileCommandInput, + UpdateResourceProfileCommandOutput, +} from "./commands/UpdateResourceProfileCommand"; +import { + UpdateResourceProfileDetectionsCommand, + UpdateResourceProfileDetectionsCommandInput, + UpdateResourceProfileDetectionsCommandOutput, +} from "./commands/UpdateResourceProfileDetectionsCommand"; import { UpdateRevealConfigurationCommand, UpdateRevealConfigurationCommandInput, UpdateRevealConfigurationCommandOutput, } from "./commands/UpdateRevealConfigurationCommand"; +import { + UpdateSensitivityInspectionTemplateCommand, + UpdateSensitivityInspectionTemplateCommandInput, + UpdateSensitivityInspectionTemplateCommandOutput, +} from "./commands/UpdateSensitivityInspectionTemplateCommand"; import { Macie2Client } from "./Macie2Client"; /** - *Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.
+ *Amazon Macie
*/ export class Macie2 extends Macie2Client { /** @@ -792,7 +857,7 @@ export class Macie2 extends Macie2Client { } /** - *Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes.
+ *Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account.
*/ public describeBuckets( args: DescribeBucketsCommandInput, @@ -1164,7 +1229,39 @@ export class Macie2 extends Macie2Client { } /** - *Retrieves (queries) aggregated statistical data about S3 buckets that Amazon Macie monitors and analyzes.
+ *Retrieves the configuration settings and status of automated sensitive data discovery for an account.
+ */ + public getAutomatedDiscoveryConfiguration( + args: GetAutomatedDiscoveryConfigurationCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account.
*/ public getBucketStatistics( args: GetBucketStatisticsCommandInput, @@ -1227,6 +1324,38 @@ export class Macie2 extends Macie2Client { } } + /** + *Retrieves the classification scope settings for an account.
+ */ + public getClassificationScope( + args: GetClassificationScopeCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves the criteria and other settings for a custom data identifier.
*/ @@ -1414,7 +1543,7 @@ export class Macie2 extends Macie2Client { } /** - *Retrieves the current status and configuration settings for an Amazon Macie account.
+ *Retrieves the status and configuration settings for an Amazon Macie account.
*/ public getMacieSession( args: GetMacieSessionCommandInput, @@ -1503,6 +1632,38 @@ export class Macie2 extends Macie2Client { } } + /** + *Retrieves (queries) sensitive data discovery statistics and the sensitivity score for an S3 bucket.
+ */ + public getResourceProfile( + args: GetResourceProfileCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves the status and configuration settings for retrieving occurrences of sensitive data reported by findings.
*/ @@ -1601,6 +1762,38 @@ export class Macie2 extends Macie2Client { } } + /** + *Retrieves the settings for the sensitivity inspection template for an account.
+ */ + public getSensitivityInspectionTemplate( + args: GetSensitivityInspectionTemplateCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves (queries) quotas and aggregated usage data for one or more accounts.
*/ @@ -1729,6 +1922,38 @@ export class Macie2 extends Macie2Client { } } + /** + *Retrieves a subset of information about the classification scope for an account.
+ */ + public listClassificationScopes( + args: ListClassificationScopesCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves a subset of information about all the custom data identifiers for an account.
*/ @@ -1944,6 +2169,102 @@ export class Macie2 extends Macie2Client { } } + /** + *Retrieves information about objects that were selected from an S3 bucket for automated sensitive data discovery.
+ */ + public listResourceProfileArtifacts( + args: ListResourceProfileArtifactsCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket.
+ */ + public listResourceProfileDetections( + args: ListResourceProfileDetectionsCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves a subset of information about the sensitivity inspection template for an account.
+ */ + public listSensitivityInspectionTemplates( + args: ListSensitivityInspectionTemplatesCommandInput, + options?: __HttpHandlerOptions + ): PromiseRetrieves the tags (keys and values) that are associated with an Amazon Macie resource.
*/ @@ -2194,6 +2515,40 @@ export class Macie2 extends Macie2Client { } } + /** + *Enables or disables automated sensitive data discovery for an account.
+ */ + public updateAutomatedDiscoveryConfiguration( + args: UpdateAutomatedDiscoveryConfigurationCommandInput, + options?: __HttpHandlerOptions + ): PromiseChanges the status of a classification job.
*/ @@ -2226,6 +2581,38 @@ export class Macie2 extends Macie2Client { } } + /** + *Updates the classification scope settings for an account.
+ */ + public updateClassificationScope( + args: UpdateClassificationScopeCommandInput, + options?: __HttpHandlerOptions + ): PromiseUpdates the criteria and other settings for a findings filter.
*/ @@ -2354,6 +2741,70 @@ export class Macie2 extends Macie2Client { } } + /** + *Updates the sensitivity score for an S3 bucket.
+ */ + public updateResourceProfile( + args: UpdateResourceProfileCommandInput, + options?: __HttpHandlerOptions + ): PromiseUpdates the sensitivity scoring settings for an S3 bucket.
+ */ + public updateResourceProfileDetections( + args: UpdateResourceProfileDetectionsCommandInput, + options?: __HttpHandlerOptions + ): PromiseUpdates the status and configuration settings for retrieving occurrences of sensitive data reported by findings.
*/ @@ -2385,4 +2836,36 @@ export class Macie2 extends Macie2Client { return this.send(command, optionsOrCb); } } + + /** + *Updates the settings for the sensitivity inspection template for an account.
+ */ + public updateSensitivityInspectionTemplate( + args: UpdateSensitivityInspectionTemplateCommandInput, + options?: __HttpHandlerOptions + ): PromiseAmazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.
+ *Amazon Macie
*/ export class Macie2Client extends __Client< __HttpHandlerOptions, diff --git a/clients/client-macie2/src/commands/DescribeBucketsCommand.ts b/clients/client-macie2/src/commands/DescribeBucketsCommand.ts index a02cdba103019..288a90637e491 100644 --- a/clients/client-macie2/src/commands/DescribeBucketsCommand.ts +++ b/clients/client-macie2/src/commands/DescribeBucketsCommand.ts @@ -29,7 +29,7 @@ export interface DescribeBucketsCommandInput extends DescribeBucketsRequest {} export interface DescribeBucketsCommandOutput extends DescribeBucketsResponse, __MetadataBearer {} /** - *Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes.
+ *Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-macie2/src/commands/GetAutomatedDiscoveryConfigurationCommand.ts b/clients/client-macie2/src/commands/GetAutomatedDiscoveryConfigurationCommand.ts new file mode 100644 index 0000000000000..7cd495726421e --- /dev/null +++ b/clients/client-macie2/src/commands/GetAutomatedDiscoveryConfigurationCommand.ts @@ -0,0 +1,122 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { Macie2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../Macie2Client"; +import { + GetAutomatedDiscoveryConfigurationRequest, + GetAutomatedDiscoveryConfigurationRequestFilterSensitiveLog, + GetAutomatedDiscoveryConfigurationResponse, + GetAutomatedDiscoveryConfigurationResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand, + serializeAws_restJson1GetAutomatedDiscoveryConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface GetAutomatedDiscoveryConfigurationCommandInput extends GetAutomatedDiscoveryConfigurationRequest {} +export interface GetAutomatedDiscoveryConfigurationCommandOutput + extends GetAutomatedDiscoveryConfigurationResponse, + __MetadataBearer {} + +/** + *Retrieves the configuration settings and status of automated sensitive data discovery for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, GetAutomatedDiscoveryConfigurationCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, GetAutomatedDiscoveryConfigurationCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new GetAutomatedDiscoveryConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetAutomatedDiscoveryConfigurationCommandInput} for command's `input` shape. + * @see {@link GetAutomatedDiscoveryConfigurationCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class GetAutomatedDiscoveryConfigurationCommand extends $Command< + GetAutomatedDiscoveryConfigurationCommandInput, + GetAutomatedDiscoveryConfigurationCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: GetAutomatedDiscoveryConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves (queries) aggregated statistical data about S3 buckets that Amazon Macie monitors and analyzes.
+ *Retrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-macie2/src/commands/GetClassificationScopeCommand.ts b/clients/client-macie2/src/commands/GetClassificationScopeCommand.ts new file mode 100644 index 0000000000000..024afe9eaacc3 --- /dev/null +++ b/clients/client-macie2/src/commands/GetClassificationScopeCommand.ts @@ -0,0 +1,114 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { Macie2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../Macie2Client"; +import { + GetClassificationScopeRequest, + GetClassificationScopeRequestFilterSensitiveLog, + GetClassificationScopeResponse, + GetClassificationScopeResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_restJson1GetClassificationScopeCommand, + serializeAws_restJson1GetClassificationScopeCommand, +} from "../protocols/Aws_restJson1"; + +export interface GetClassificationScopeCommandInput extends GetClassificationScopeRequest {} +export interface GetClassificationScopeCommandOutput extends GetClassificationScopeResponse, __MetadataBearer {} + +/** + *Retrieves the classification scope settings for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, GetClassificationScopeCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, GetClassificationScopeCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new GetClassificationScopeCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetClassificationScopeCommandInput} for command's `input` shape. + * @see {@link GetClassificationScopeCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class GetClassificationScopeCommand extends $Command< + GetClassificationScopeCommandInput, + GetClassificationScopeCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: GetClassificationScopeCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves the current status and configuration settings for an Amazon Macie account.
+ *Retrieves the status and configuration settings for an Amazon Macie account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-macie2/src/commands/GetResourceProfileCommand.ts b/clients/client-macie2/src/commands/GetResourceProfileCommand.ts new file mode 100644 index 0000000000000..b8824227eafa7 --- /dev/null +++ b/clients/client-macie2/src/commands/GetResourceProfileCommand.ts @@ -0,0 +1,114 @@ +// smithy-typescript generated code +import { EndpointParameterInstructions, getEndpointPlugin } from "@aws-sdk/middleware-endpoint"; +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { Macie2ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../Macie2Client"; +import { + GetResourceProfileRequest, + GetResourceProfileRequestFilterSensitiveLog, + GetResourceProfileResponse, + GetResourceProfileResponseFilterSensitiveLog, +} from "../models/models_0"; +import { + deserializeAws_restJson1GetResourceProfileCommand, + serializeAws_restJson1GetResourceProfileCommand, +} from "../protocols/Aws_restJson1"; + +export interface GetResourceProfileCommandInput extends GetResourceProfileRequest {} +export interface GetResourceProfileCommandOutput extends GetResourceProfileResponse, __MetadataBearer {} + +/** + *Retrieves (queries) sensitive data discovery statistics and the sensitivity score for an S3 bucket.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, GetResourceProfileCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, GetResourceProfileCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new GetResourceProfileCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetResourceProfileCommandInput} for command's `input` shape. + * @see {@link GetResourceProfileCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class GetResourceProfileCommand extends $Command< + GetResourceProfileCommandInput, + GetResourceProfileCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: GetResourceProfileCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves the settings for the sensitivity inspection template for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, GetSensitivityInspectionTemplateCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, GetSensitivityInspectionTemplateCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new GetSensitivityInspectionTemplateCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetSensitivityInspectionTemplateCommandInput} for command's `input` shape. + * @see {@link GetSensitivityInspectionTemplateCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class GetSensitivityInspectionTemplateCommand extends $Command< + GetSensitivityInspectionTemplateCommandInput, + GetSensitivityInspectionTemplateCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: GetSensitivityInspectionTemplateCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves a subset of information about the classification scope for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, ListClassificationScopesCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, ListClassificationScopesCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new ListClassificationScopesCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListClassificationScopesCommandInput} for command's `input` shape. + * @see {@link ListClassificationScopesCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class ListClassificationScopesCommand extends $Command< + ListClassificationScopesCommandInput, + ListClassificationScopesCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: ListClassificationScopesCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves information about objects that were selected from an S3 bucket for automated sensitive data discovery.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, ListResourceProfileArtifactsCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, ListResourceProfileArtifactsCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new ListResourceProfileArtifactsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListResourceProfileArtifactsCommandInput} for command's `input` shape. + * @see {@link ListResourceProfileArtifactsCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class ListResourceProfileArtifactsCommand extends $Command< + ListResourceProfileArtifactsCommandInput, + ListResourceProfileArtifactsCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: ListResourceProfileArtifactsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, ListResourceProfileDetectionsCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, ListResourceProfileDetectionsCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new ListResourceProfileDetectionsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListResourceProfileDetectionsCommandInput} for command's `input` shape. + * @see {@link ListResourceProfileDetectionsCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class ListResourceProfileDetectionsCommand extends $Command< + ListResourceProfileDetectionsCommandInput, + ListResourceProfileDetectionsCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: ListResourceProfileDetectionsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackRetrieves a subset of information about the sensitivity inspection template for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, ListSensitivityInspectionTemplatesCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, ListSensitivityInspectionTemplatesCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new ListSensitivityInspectionTemplatesCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListSensitivityInspectionTemplatesCommandInput} for command's `input` shape. + * @see {@link ListSensitivityInspectionTemplatesCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class ListSensitivityInspectionTemplatesCommand extends $Command< + ListSensitivityInspectionTemplatesCommandInput, + ListSensitivityInspectionTemplatesCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: ListSensitivityInspectionTemplatesCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackEnables or disables automated sensitive data discovery for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, UpdateAutomatedDiscoveryConfigurationCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, UpdateAutomatedDiscoveryConfigurationCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new UpdateAutomatedDiscoveryConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateAutomatedDiscoveryConfigurationCommandInput} for command's `input` shape. + * @see {@link UpdateAutomatedDiscoveryConfigurationCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class UpdateAutomatedDiscoveryConfigurationCommand extends $Command< + UpdateAutomatedDiscoveryConfigurationCommandInput, + UpdateAutomatedDiscoveryConfigurationCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateAutomatedDiscoveryConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUpdates the classification scope settings for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, UpdateClassificationScopeCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, UpdateClassificationScopeCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new UpdateClassificationScopeCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateClassificationScopeCommandInput} for command's `input` shape. + * @see {@link UpdateClassificationScopeCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class UpdateClassificationScopeCommand extends $Command< + UpdateClassificationScopeCommandInput, + UpdateClassificationScopeCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateClassificationScopeCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUpdates the sensitivity score for an S3 bucket.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, UpdateResourceProfileCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, UpdateResourceProfileCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new UpdateResourceProfileCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateResourceProfileCommandInput} for command's `input` shape. + * @see {@link UpdateResourceProfileCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class UpdateResourceProfileCommand extends $Command< + UpdateResourceProfileCommandInput, + UpdateResourceProfileCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateResourceProfileCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUpdates the sensitivity scoring settings for an S3 bucket.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, UpdateResourceProfileDetectionsCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, UpdateResourceProfileDetectionsCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new UpdateResourceProfileDetectionsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateResourceProfileDetectionsCommandInput} for command's `input` shape. + * @see {@link UpdateResourceProfileDetectionsCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class UpdateResourceProfileDetectionsCommand extends $Command< + UpdateResourceProfileDetectionsCommandInput, + UpdateResourceProfileDetectionsCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateResourceProfileDetectionsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUpdates the settings for the sensitivity inspection template for an account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { Macie2Client, UpdateSensitivityInspectionTemplateCommand } from "@aws-sdk/client-macie2"; // ES Modules import + * // const { Macie2Client, UpdateSensitivityInspectionTemplateCommand } = require("@aws-sdk/client-macie2"); // CommonJS import + * const client = new Macie2Client(config); + * const command = new UpdateSensitivityInspectionTemplateCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link UpdateSensitivityInspectionTemplateCommandInput} for command's `input` shape. + * @see {@link UpdateSensitivityInspectionTemplateCommandOutput} for command's `response` shape. + * @see {@link Macie2ClientResolvedConfig | config} for Macie2Client's `config` shape. + * + */ +export class UpdateSensitivityInspectionTemplateCommand extends $Command< + UpdateSensitivityInspectionTemplateCommandInput, + UpdateSensitivityInspectionTemplateCommandOutput, + Macie2ClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + public static getEndpointParameterInstructions(): EndpointParameterInstructions { + return { + UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" }, + Endpoint: { type: "builtInParams", name: "endpoint" }, + Region: { type: "builtInParams", name: "region" }, + UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" }, + }; + } + + constructor(readonly input: UpdateSensitivityInspectionTemplateCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackProvides information about the block public access settings for an S3 bucket. These settings can apply to a bucket at the account level or bucket level. For detailed information about each setting, see Blocking public access to your Amazon S3 storage in the Amazon Simple Storage Service User Guide.
+ *Provides information about the block public access settings for an S3 bucket. These settings can apply to a bucket at the account or bucket level. For detailed information about each setting, see Blocking public access to your Amazon S3 storage in the Amazon Simple Storage Service User Guide.
*/ export interface BlockPublicAccess { /** @@ -355,7 +355,7 @@ export interface KeyValuePair { } /** - *Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for the buckets in the query results. If versioning is enabled for a bucket, total storage size values are based on the size of the latest version of each applicable object in the bucket.
+ *Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for all the buckets in the query results. If versioning is enabled for a bucket, storage size values are based on the size of the latest version of each applicable object in the bucket.
*/ export interface ObjectLevelStatistics { /** @@ -375,7 +375,7 @@ export interface ObjectLevelStatistics { } /** - *Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
+ *Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process metadata from Amazon S3 for the bucket and the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Key exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
*/ export interface BucketMetadata { /** @@ -384,7 +384,7 @@ export interface BucketMetadata { accountId?: string; /** - *Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include a valid server-side encryption header.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include a valid server-side encryption header.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Valid server-side encryption headers are: x-amz-server-side-encryption with a value of AES256 or aws:kms, and x-amz-server-side-encryption-customer-algorithm with a value of AES256.
*/ allowsUnencryptedObjectUploads?: AllowsUnencryptedObjectUploads | string; @@ -394,7 +394,7 @@ export interface BucketMetadata { bucketArn?: string; /** - *The date and time, in UTC and extended ISO 8601 format, when the bucket was created.
+ *The date and time, in UTC and extended ISO 8601 format, when the bucket was created, or changes such as edits to the bucket's policy were most recently made to the bucket.
*/ bucketCreatedAt?: Date; @@ -428,6 +428,11 @@ export interface BucketMetadata { */ jobDetails?: JobDetails; + /** + *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently performed automated sensitive data discovery for the bucket. This value is null if automated sensitive data discovery is currently disabled for your account.
+ */ + lastAutomatedDiscoveryTime?: Date; + /** *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently retrieved both bucket and object metadata from Amazon S3 for the bucket.
*/ @@ -458,6 +463,11 @@ export interface BucketMetadata { */ replicationDetails?: ReplicationDetails; + /** + *The sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). This value is null if automated sensitive data discovery is currently disabled for your account.
+ */ + sensitivityScore?: number; + /** *Specifies whether the bucket encrypts new objects by default and, if so, the type of server-side encryption that's used.
*/ @@ -499,6 +509,21 @@ export interface BucketMetadata { versioning?: boolean; } +/** + *Provides information about the classification scope for an Amazon Macie account. Macie uses the scope's settings when it performs automated sensitive data discovery for the account.
+ */ +export interface ClassificationScopeSummary { + /** + *The unique identifier for the classification scope.
+ */ + id?: string; + + /** + *The name of the classification scope.
+ */ + name?: string; +} + export enum JobComparator { CONTAINS = "CONTAINS", EQ = "EQ", @@ -622,12 +647,53 @@ export interface DetectedDataDetails { value: string | undefined; } +export enum DataIdentifierType { + CUSTOM = "CUSTOM", + MANAGED = "MANAGED", +} + +/** + *Provides information about a type of sensitive data that Amazon Macie found in an S3 bucket while performing automated sensitive data discovery for the bucket. The information also specifies the custom data identifier or managed data identifier that detected the data. This information is available only if automated sensitive data discovery is currently enabled for your account.
+ */ +export interface Detection { + /** + *If the sensitive data was detected by a custom data identifier, the Amazon Resource Name (ARN) of the custom data identifier that detected the data. Otherwise, this value is null.
+ */ + arn?: string; + + /** + *The total number of occurrences of the sensitive data.
+ */ + count?: number; + + /** + *The unique identifier for the custom data identifier or managed data identifier that detected the sensitive data. For additional details about a specified managed data identifier, see Using managed data identifiers in the Amazon Macie User Guide.
+ */ + id?: string; + + /** + *The name of the custom data identifier or managed data identifier that detected the sensitive data. For a managed data identifier, this value is the same as the unique identifier (id).
+ */ + name?: string; + + /** + *Specifies whether occurrences of this type of sensitive data are excluded (true) or included (false) in the bucket's sensitivity score.
+ */ + suppressed?: boolean; + + /** + *The type of data identifier that detected the sensitive data. Possible values are: CUSTOM, for a custom data identifier; and, MANAGED, for a managed data identifier.
+ */ + type?: DataIdentifierType | string; +} + export enum FindingCategory { CLASSIFICATION = "CLASSIFICATION", POLICY = "POLICY", } export enum OriginType { + AUTOMATED_SENSITIVE_DATA_DISCOVERY = "AUTOMATED_SENSITIVE_DATA_DISCOVERY", SENSITIVE_DATA_DISCOVERY_JOB = "SENSITIVE_DATA_DISCOVERY_JOB", } @@ -883,22 +949,22 @@ export interface ClassificationResult { */ export interface ClassificationDetails { /** - *The path to the folder or file (in Amazon S3) that contains the corresponding sensitive data discovery result for the finding. If a finding applies to a large archive or compressed file, this value is the path to a folder. Otherwise, this value is the path to a file.
+ *The path to the folder or file in Amazon S3 that contains the corresponding sensitive data discovery result for the finding. If a finding applies to a large archive or compressed file, this value is the path to a folder. Otherwise, this value is the path to a file.
*/ detailedResultsLocation?: string; /** - *The Amazon Resource Name (ARN) of the classification job that produced the finding.
+ *The Amazon Resource Name (ARN) of the classification job that produced the finding. This value is null if the origin of the finding (originType) is AUTOMATED_SENSITIVE_DATA_DISCOVERY.
*/ jobArn?: string; /** - *The unique identifier for the classification job that produced the finding.
+ *The unique identifier for the classification job that produced the finding. This value is null if the origin of the finding (originType) is AUTOMATED_SENSITIVE_DATA_DISCOVERY.
*/ jobId?: string; /** - *Specifies how Amazon Macie found the sensitive data that produced the finding: SENSITIVE_DATA_DISCOVERY_JOB, for a classification job.
+ *Specifies how Amazon Macie found the sensitive data that produced the finding. Possible values are: SENSITIVE_DATA_DISCOVERY_JOB, for a classification job; and, AUTOMATED_SENSITIVE_DATA_DISCOVERY, for automated sensitive data discovery.
*/ originType?: OriginType | string; @@ -1373,7 +1439,7 @@ export interface S3BucketOwner { */ export interface S3Bucket { /** - *Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of objects.
Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include a valid server-side encryption header.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include a valid server-side encryption header.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Valid server-side encryption headers are: x-amz-server-side-encryption with a value of AES256 or aws:kms, and x-amz-server-side-encryption-customer-algorithm with a value of AES256.
*/ allowsUnencryptedObjectUploads?: AllowsUnencryptedObjectUploads | string; @@ -1562,12 +1628,12 @@ export interface Finding { classificationDetails?: ClassificationDetails; /** - *The total number of occurrences of the finding. For sensitive data findings, this value is always 1. All sensitive data findings are considered new (unique) because they derive from individual classification jobs.
+ *The total number of occurrences of the finding. For sensitive data findings, this value is always 1. All sensitive data findings are considered unique.
*/ count?: number; /** - *The date and time, in UTC and extended ISO 8601 format, when the finding was created.
+ *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie created the finding.
*/ createdAt?: Date; @@ -1627,7 +1693,7 @@ export interface Finding { type?: FindingType | string; /** - *The date and time, in UTC and extended ISO 8601 format, when the finding was last updated. For sensitive data findings, this value is the same as the value for the createdAt property. All sensitive data findings are considered new (unique) because they derive from individual classification jobs.
+ *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie last updated the finding. For sensitive data findings, this value is the same as the value for the createdAt property. All sensitive data findings are considered new.
*/ updatedAt?: Date; } @@ -1642,7 +1708,7 @@ export enum FindingsFilterAction { */ export interface FindingsFilterListItem { /** - *The action that's performed on findings that meet the filter criteria. Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
+ *The action that's performed on findings that match the filter criteria. Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
*/ action?: FindingsFilterAction | string; @@ -1899,6 +1965,11 @@ export interface UserPausedDetails { *Provides information about a classification job, including the current status of the job.
*/ export interface JobSummary { + /** + *The property- and tag-based conditions that determine which S3 buckets are included or excluded from the job's analysis. Each time the job runs, the job uses these criteria to determine which buckets to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
+ */ + bucketCriteria?: S3BucketCriteriaForJob; + /** *An array of objects, one for each Amazon Web Services account that owns specific S3 buckets for the job to analyze. Each object specifies the account ID for an account and one or more buckets to analyze for that account. A job's definition can contain a bucketDefinitions array or a bucketCriteria object, not both.
*/ @@ -1938,11 +2009,6 @@ export interface JobSummary { *If the current status of the job is USER_PAUSED, specifies when the job was paused and when the job or job run will expire and be cancelled if it isn't resumed. This value is present only if the value for jobStatus is USER_PAUSED.
*/ userPausedDetails?: UserPausedDetails; - - /** - *The property- and tag-based conditions that determine which S3 buckets are included or excluded from the job's analysis. Each time the job runs, the job uses these criteria to determine which buckets to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
- */ - bucketCriteria?: S3BucketCriteriaForJob; } export enum ListJobsFilterKey { @@ -1988,7 +2054,7 @@ export interface ManagedDataIdentifierSummary { } /** - *Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
+ *Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Key exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
*/ export interface MatchingBucket { /** @@ -2026,16 +2092,26 @@ export interface MatchingBucket { */ jobDetails?: JobDetails; + /** + *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently performed automated sensitive data discovery for the bucket. This value is null if automated sensitive data discovery is currently disabled for your account.
+ */ + lastAutomatedDiscoveryTime?: Date; + /** *The total number of objects in the bucket.
*/ objectCount?: number; /** - *The total number of objects that are in the bucket, grouped by server-side encryption type. This includes a grouping that reports the total number of objects that aren't encrypted or use client-side encryption.
+ *The total number of objects in the bucket, grouped by server-side encryption type. This includes a grouping that reports the total number of objects that aren't encrypted or use client-side encryption.
*/ objectCountByEncryptionType?: ObjectCountByEncryptionType; + /** + *The current sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). This value is null if automated sensitive data discovery is currently disabled for your account.
+ */ + sensitivityScore?: number; + /** *The total storage size, in bytes, of the bucket.
If versioning is enabled for the bucket, Amazon Macie calculates this value based on the size of the latest version of each object in the bucket. This value doesn't reflect the storage size of all versions of each object in the bucket.
*/ @@ -2117,6 +2193,26 @@ export interface Member { updatedAt?: Date; } +/** + *Provides information about an S3 object that Amazon Macie selected for analysis while performing automated sensitive data discovery for an S3 bucket, and the status and results of the analysis. This information is available only if automated sensitive data discovery is currently enabled for your account.
+ */ +export interface ResourceProfileArtifact { + /** + *The Amazon Resource Name (ARN) of the object.
+ */ + arn: string | undefined; + + /** + *The status of the analysis. Possible values are:
COMPLETE - Amazon Macie successfully completed its analysis of the object.
PARTIAL - Macie analyzed only a subset of data in the object. For example, the object is an archive file that contains files in an unsupported format.
SKIPPED - Macie wasn't able to analyze the object. For example, the object is a malformed file.
Specifies whether Amazon Macie found sensitive data in the object.
+ */ + sensitive?: boolean; +} + export enum SearchResourcesComparator { EQ = "EQ", NE = "NE", @@ -2194,6 +2290,36 @@ export interface SearchResourcesCriteria { tagCriterion?: SearchResourcesTagCriterion; } +/** + *Provides information about the sensitivity inspection template for an Amazon Macie account. Macie uses the template's settings when it performs automated sensitive data discovery for the account.
+ */ +export interface SensitivityInspectionTemplatesEntry { + /** + *The unique identifier for the sensitivity inspection template for the account.
+ */ + id?: string; + + /** + *The name of the sensitivity inspection template for the account.
+ */ + name?: string; +} + +/** + *Specifies a custom data identifier or managed data identifier that detected a type of sensitive data to start excluding or including in an S3 bucket's sensitivity score.
+ */ +export interface SuppressDataIdentifier { + /** + *The unique identifier for the custom data identifier or managed data identifier that detected the type of sensitive data to exclude or include in the score.
+ */ + id?: string; + + /** + *The type of data identifier that detected the sensitive data. Possible values are: CUSTOM, for a custom data identifier; and, MANAGED, for a managed data identifier.
+ */ + type?: DataIdentifierType | string; +} + export enum UnavailabilityReasonCode { INVALID_CLASSIFICATION_RESULT = "INVALID_CLASSIFICATION_RESULT", OBJECT_EXCEEDS_SIZE_QUOTA = "OBJECT_EXCEEDS_SIZE_QUOTA", @@ -2256,6 +2382,8 @@ export interface ServiceLimit { } export enum UsageType { + AUTOMATED_OBJECT_MONITORING = "AUTOMATED_OBJECT_MONITORING", + AUTOMATED_SENSITIVE_DATA_DISCOVERY = "AUTOMATED_SENSITIVE_DATA_DISCOVERY", DATA_INVENTORY_EVALUATION = "DATA_INVENTORY_EVALUATION", SENSITIVE_DATA_DISCOVERY = "SENSITIVE_DATA_DISCOVERY", } @@ -2280,7 +2408,7 @@ export interface UsageByAccount { serviceLimit?: ServiceLimit; /** - *The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects to detect sensitive data.
+ *The name of the metric. Possible values are: AUTOMATED_OBJECT_MONITORING, to monitor S3 objects for automated sensitive data discovery; AUTOMATED_SENSITIVE_DATA_DISCOVERY, to analyze S3 objects for automated sensitive data discovery; DATA_INVENTORY_EVALUATION, to monitor S3 buckets; and, SENSITIVE_DATA_DISCOVERY, to run classification jobs.
*/ type?: UsageType | string; } @@ -2295,7 +2423,12 @@ export interface UsageRecord { accountId?: string; /** - *The date and time, in UTC and extended ISO 8601 format, when the free trial started for the account.
+ *The date and time, in UTC and extended ISO 8601 format, when the free trial of automated sensitive data discovery started for the account. If the account is a member account in an organization, this value is the same as the value for the organization's Amazon Macie administrator account.
+ */ + automatedDiscoveryFreeTrialStartDate?: Date; + + /** + *The date and time, in UTC and extended ISO 8601 format, when the Amazon Macie free trial started for the account.
*/ freeTrialStartDate?: Date; @@ -2337,7 +2470,7 @@ export interface UsageStatisticsFilter { key?: UsageStatisticsFilterKey | string; /** - *An array that lists values to use in the condition, based on the value for the field specified by the key property. If the value for the key property is accountId, this array can specify multiple values. Otherwise, this array can specify only one value.
Valid values for each supported field are:
accountId - The unique identifier for an Amazon Web Services account.
freeTrialStartDate - The date and time, in UTC and extended ISO 8601 format, when the free trial started for an account.
serviceLimit - A Boolean (true or false) value that indicates whether an account has reached its monthly quota.
total - A string that represents the current estimated cost for an account.
An array that lists values to use in the condition, based on the value for the field specified by the key property. If the value for the key property is accountId, this array can specify multiple values. Otherwise, this array can specify only one value.
Valid values for each supported field are:
accountId - The unique identifier for an Amazon Web Services account.
freeTrialStartDate - The date and time, in UTC and extended ISO 8601 format, when the Amazon Macie free trial started for an account.
serviceLimit - A Boolean (true or false) value that indicates whether an account has reached its monthly quota.
total - A string that represents the current estimated cost for an account.
The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects to detect sensitive data.
+ *The name of the metric. Possible values are: AUTOMATED_OBJECT_MONITORING, to monitor S3 objects for automated sensitive data discovery; AUTOMATED_SENSITIVE_DATA_DISCOVERY, to analyze S3 objects for automated sensitive data discovery; DATA_INVENTORY_EVALUATION, to monitor S3 buckets; and, SENSITIVE_DATA_DISCOVERY, to run classification jobs.
*/ type?: UsageType | string; } @@ -2585,6 +2718,11 @@ export interface AllowListStatus { description?: string; } +export enum AutomatedDiscoveryStatus { + DISABLED = "DISABLED", + ENABLED = "ENABLED", +} + export enum AvailabilityCode { AVAILABLE = "AVAILABLE", UNAVAILABLE = "UNAVAILABLE", @@ -2599,7 +2737,7 @@ export interface BatchGetCustomDataIdentifiersRequest { export interface BatchGetCustomDataIdentifiersResponse { /** - *An array of objects, one for each custom data identifier that meets the criteria specified in the request.
+ *An array of objects, one for each custom data identifier that matches the criteria specified in the request.
*/ customDataIdentifiers?: BatchGetCustomDataIdentifierSummary[]; @@ -2689,12 +2827,12 @@ export interface BucketCountBySharedAccessType { */ export interface BucketCountPolicyAllowsUnencryptedObjectUploads { /** - *The total number of buckets that don't have a bucket policy or have a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, the policy doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
+ *The total number of buckets that don't have a bucket policy or have a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, the policy doesn't require PutObject requests to include a valid server-side encryption header: the x-amz-server-side-encryption header with a value of AES256 or aws:kms, or the x-amz-server-side-encryption-customer-algorithm header with a value of AES256.
*/ allowsUnencryptedObjectUploads?: number; /** - *The total number of buckets whose bucket policies require server-side encryption of new objects. PutObject requests for these buckets must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
+ *The total number of buckets whose bucket policies require server-side encryption of new objects. PutObject requests for these buckets must include a valid server-side encryption header: the x-amz-server-side-encryption header with a value of AES256 or aws:kms, or the x-amz-server-side-encryption-customer-algorithm header with a value of AES256.
*/ deniesUnencryptedObjectUploads?: number; @@ -2754,7 +2892,7 @@ export enum OrderBy { */ export interface BucketSortCriteria { /** - *The name of the bucket property to sort the results by. This value can be one of the following properties that Amazon Macie defines as bucket metadata: accountId, bucketName, classifiableObjectCount, classifiableSizeInBytes, objectCount, or sizeInBytes.
+ *The name of the bucket property to sort the results by. This value can be one of the following properties that Amazon Macie defines as bucket metadata: accountId, bucketName, classifiableObjectCount, classifiableSizeInBytes, objectCount, sensitivityScore, or sizeInBytes.
*/ attributeName?: string; @@ -2764,6 +2902,56 @@ export interface BucketSortCriteria { orderBy?: OrderBy | string; } +/** + *Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets. Each field contains aggregated data for all the buckets that have a sensitivity score (sensitivityScore) of a specified value or within a specified range (BucketStatisticsBySensitivity). If automated sensitive data discovery is currently disabled for your account, the value for each field is 0.
+ */ +export interface SensitivityAggregations { + /** + *The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
+ */ + classifiableSizeInBytes?: number; + + /** + *The total number of buckets that are publicly accessible based on a combination of permissions settings for each bucket.
+ */ + publiclyAccessibleCount?: number; + + /** + *The total number of buckets.
+ */ + totalCount?: number; + + /** + *The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each object in the buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
+ */ + totalSizeInBytes?: number; +} + +/** + *Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets, grouped by bucket sensitivity score (sensitivityScore). If automated sensitive data discovery is currently disabled for your account, the value for each metric is 0.
+ */ +export interface BucketStatisticsBySensitivity { + /** + *The aggregated statistical data for all buckets that have a sensitivity score of -1.
+ */ + classificationError?: SensitivityAggregations; + + /** + *The aggregated statistical data for all buckets that have a sensitivity score of 50.
+ */ + notClassified?: SensitivityAggregations; + + /** + *The aggregated statistical data for all buckets that have a sensitivity score of 0-49.
+ */ + notSensitive?: SensitivityAggregations; + + /** + *The aggregated statistical data for all buckets that have a sensitivity score of 51-100.
+ */ + sensitive?: SensitivityAggregations; +} + /** *Specifies an S3 bucket to store data classification results in, and the encryption settings to use when storing results in that bucket.
*/ @@ -2785,7 +2973,7 @@ export interface S3Destination { } /** - *Specifies where to store data classification results, and the encryption settings to use when storing results in that location. Currently, you can store classification results only in an S3 bucket.
+ *Specifies where to store data classification results, and the encryption settings to use when storing results in that location. The location must be an S3 bucket.
*/ export interface ClassificationExportConfiguration { /** @@ -2794,6 +2982,12 @@ export interface ClassificationExportConfiguration { s3Destination?: S3Destination; } +export enum ClassificationScopeUpdateOperation { + ADD = "ADD", + REMOVE = "REMOVE", + REPLACE = "REPLACE", +} + export interface CreateAllowListRequest { /** *A unique, case-sensitive token that you provide to ensure the idempotency of the request.
@@ -2869,6 +3063,11 @@ export interface Scoping { *Specifies which S3 buckets contain the objects that a classification job analyzes, and the scope of that analysis. The bucket specification can be static (bucketDefinitions) or dynamic (bucketCriteria). If it's static, the job analyzes objects in the same predefined set of buckets each time the job runs. If it's dynamic, the job analyzes objects in any buckets that match the specified criteria each time the job starts to run.
*/ export interface S3JobDefinition { + /** + *The property- and tag-based conditions that determine which S3 buckets to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which buckets contain objects to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
+ */ + bucketCriteria?: S3BucketCriteriaForJob; + /** *An array of objects, one for each Amazon Web Services account that owns specific S3 buckets to analyze. Each object specifies the account ID for an account and one or more buckets to analyze for that account. A job's definition can contain a bucketDefinitions array or a bucketCriteria object, not both.
*/ @@ -2878,11 +3077,6 @@ export interface S3JobDefinition { *The property- and tag-based conditions that determine which S3 objects to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which objects to analyze.
*/ scoping?: Scoping; - - /** - *The property- and tag-based conditions that determine which S3 buckets to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which buckets contain objects to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
- */ - bucketCriteria?: S3BucketCriteriaForJob; } /** @@ -3146,7 +3340,7 @@ export interface FindingCriteria { export interface CreateFindingsFilterRequest { /** - *The action to perform on findings that meet the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
+ *The action to perform on findings that match the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
*/ action: FindingsFilterAction | string | undefined; @@ -3338,7 +3532,7 @@ export interface DescribeBucketsRequest { export interface DescribeBucketsResponse { /** - *An array of objects, one for each bucket that meets the filter criteria specified in the request.
+ *An array of objects, one for each bucket that matches the filter criteria specified in the request.
*/ buckets?: BucketMetadata[]; @@ -3648,6 +3842,40 @@ export interface GetAllowListResponse { updatedAt?: Date; } +export interface GetAutomatedDiscoveryConfigurationRequest {} + +export interface GetAutomatedDiscoveryConfigurationResponse { + /** + *The unique identifier for the classification scope that's used when performing automated sensitive data discovery for the account. The classification scope specifies S3 buckets to exclude from automated sensitive data discovery.
+ */ + classificationScopeId?: string; + + /** + *The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was most recently disabled for the account. This value is null if automated sensitive data discovery wasn't enabled and subsequently disabled for the account.
+ */ + disabledAt?: Date; + + /** + *The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was initially enabled for the account. This value is null if automated sensitive data discovery has never been enabled for the account.
+ */ + firstEnabledAt?: Date; + + /** + *The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was most recently enabled or disabled for the account.
+ */ + lastUpdatedAt?: Date; + + /** + *The unique identifier for the sensitivity inspection template that's used when performing automated sensitive data discovery for the account. The template specifies which allow lists, custom data identifiers, and managed data identifiers to use when analyzing data.
+ */ + sensitivityInspectionTemplateId?: string; + + /** + *The current status of the automated sensitive data discovery configuration for the account. Possible values are: ENABLED, use the specified settings to perform automated sensitive data discovery activities for the account; and, DISABLED, don't perform automated sensitive data discovery activities for the account.
+ */ + status?: AutomatedDiscoveryStatus | string; +} + export interface GetBucketStatisticsRequest { /** *The unique identifier for the Amazon Web Services account.
@@ -3681,13 +3909,18 @@ export interface GetBucketStatisticsResponse { */ bucketCountBySharedAccessType?: BucketCountBySharedAccessType; + /** + *The aggregated sensitive data discovery statistics for the buckets. If automated sensitive data discovery is currently disabled for your account, the value for each statistic is 0.
+ */ + bucketStatisticsBySensitivity?: BucketStatisticsBySensitivity; + /** *The total number of objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
*/ classifiableObjectCount?: number; /** - *The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
+ *The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
*/ classifiableSizeInBytes?: number; @@ -3702,12 +3935,12 @@ export interface GetBucketStatisticsResponse { objectCount?: number; /** - *The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each object in those buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
+ *The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each object in the buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
*/ sizeInBytes?: number; /** - *The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.
If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.
+ *The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.
*/ sizeInBytesCompressed?: number; @@ -3731,6 +3964,50 @@ export interface GetClassificationExportConfigurationResponse { configuration?: ClassificationExportConfiguration; } +export interface GetClassificationScopeRequest { + /** + *The unique identifier for the Amazon Macie resource that the request applies to.
+ */ + id: string | undefined; +} + +/** + *Specifies the names of the S3 buckets that are excluded from automated sensitive data discovery.
+ */ +export interface S3ClassificationScopeExclusion { + /** + *An array of strings, one for each S3 bucket that is excluded. Each string is the full name of an excluded bucket.
+ */ + bucketNames: string[] | undefined; +} + +/** + *Specifies the S3 buckets that are excluded from automated sensitive data discovery for an Amazon Macie account.
+ */ +export interface S3ClassificationScope { + /** + *The S3 buckets that are excluded.
+ */ + excludes: S3ClassificationScopeExclusion | undefined; +} + +export interface GetClassificationScopeResponse { + /** + *The unique identifier for the classification scope.
+ */ + id?: string; + + /** + *The name of the classification scope.
+ */ + name?: string; + + /** + *The S3 buckets that are excluded from automated sensitive data discovery.
+ */ + s3?: S3ClassificationScope; +} + export interface GetCustomDataIdentifierRequest { /** *The unique identifier for the Amazon Macie resource that the request applies to.
@@ -3829,7 +4106,7 @@ export interface GetFindingsRequest { export interface GetFindingsResponse { /** - *An array of objects, one for each finding that meets the criteria specified in the request.
+ *An array of objects, one for each finding that matches the criteria specified in the request.
*/ findings?: Finding[]; } @@ -3843,7 +4120,7 @@ export interface GetFindingsFilterRequest { export interface GetFindingsFilterResponse { /** - *The action that's performed on findings that meet the filter criteria (findingCriteria). Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
+ *The action that's performed on findings that match the filter criteria (findingCriteria). Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
*/ action?: FindingsFilterAction | string; @@ -3938,7 +4215,7 @@ export interface GetFindingStatisticsRequest { export interface GetFindingStatisticsResponse { /** - *An array of objects, one for each group of findings that meet the filter criteria specified in the request.
+ *An array of objects, one for each group of findings that matches the filter criteria specified in the request.
*/ countsByGroup?: GroupCount[]; } @@ -4044,6 +4321,85 @@ export interface GetMemberResponse { updatedAt?: Date; } +export interface GetResourceProfileRequest { + /** + *The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
+ */ + resourceArn: string | undefined; +} + +/** + *Provides statistical data for sensitive data discovery metrics that apply to an S3 bucket that Amazon Macie monitors and analyzes for your account. The statistics capture the results of automated sensitive data discovery activities that Macie has performed for the bucket. The data is available only if automated sensitive data discovery is currently enabled for your account.
+ */ +export interface ResourceStatistics { + /** + *The total amount of data, in bytes, that Amazon Macie has analyzed in the bucket.
+ */ + totalBytesClassified?: number; + + /** + *The total number of occurrences of sensitive data that Amazon Macie has found in the bucket's objects. This includes occurrences that are currently suppressed by the sensitivity scoring settings for the bucket (totalDetectionsSuppressed).
+ */ + totalDetections?: number; + + /** + *The total number of occurrences of sensitive data that are currently suppressed by the sensitivity scoring settings for the bucket. These represent occurrences of sensitive data that Amazon Macie found in the bucket's objects, but the occurrences were manually suppressed. By default, suppressed occurrences are excluded from the bucket's sensitivity score.
+ */ + totalDetectionsSuppressed?: number; + + /** + *The total number of objects that Amazon Macie has analyzed in the bucket.
+ */ + totalItemsClassified?: number; + + /** + *The total number of the bucket's objects that Amazon Macie has found sensitive data in.
+ */ + totalItemsSensitive?: number; + + /** + *The total number of objects that Amazon Macie hasn't analyzed in the bucket due to an error or issue. For example, the object is a malformed file. This value includes objects that Macie hasn't analyzed for reasons reported by other statistics in the ResourceStatistics object.
+ */ + totalItemsSkipped?: number; + + /** + *The total number of objects that Amazon Macie hasn't analyzed in the bucket because the objects are encrypted with a key that Macie isn't allowed to use.
+ */ + totalItemsSkippedInvalidEncryption?: number; + + /** + *The total number of objects that Amazon Macie hasn't analyzed in the bucket because the objects are encrypted with an KMS key that was disabled or deleted.
+ */ + totalItemsSkippedInvalidKms?: number; + + /** + *The total number of objects that Amazon Macie hasn't analyzed in the bucket because Macie isn't allowed to access the objects.
+ */ + totalItemsSkippedPermissionDenied?: number; +} + +export interface GetResourceProfileResponse { + /** + *The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently recalculated sensitive data discovery statistics and details for the bucket. If the bucket's sensitivity score is calculated automatically, this includes the score.
+ */ + profileUpdatedAt?: Date; + + /** + *The current sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). By default, this score is calculated automatically based on the amount of data that Amazon Macie has analyzed in the bucket and the amount of sensitive data that Macie has found in the bucket.
+ */ + sensitivityScore?: number; + + /** + *Specifies whether the bucket's current sensitivity score was set manually. If this value is true, the score was manually changed to 100. If this value is false, the score was calculated automatically by Amazon Macie.
+ */ + sensitivityScoreOverridden?: boolean; + + /** + *The sensitive data discovery statistics for the bucket. The statistics capture the results of automated sensitive data discovery activities that Amazon Macie has performed for the bucket.
+ */ + statistics?: ResourceStatistics; +} + export interface GetRevealConfigurationRequest {} export enum RevealStatus { @@ -4141,13 +4497,77 @@ export interface GetSensitiveDataOccurrencesAvailabilityResponse { reasons?: (UnavailabilityReasonCode | string)[]; } -export enum UsageStatisticsSortKey { - accountId = "accountId", - freeTrialStartDate = "freeTrialStartDate", - serviceLimitValue = "serviceLimitValue", - total = "total", -} - +export interface GetSensitivityInspectionTemplateRequest { + /** + *The unique identifier for the Amazon Macie resource that the request applies to.
+ */ + id: string | undefined; +} + +/** + *Specifies managed data identifiers to exclude (not use) when performing automated sensitive data discovery for an Amazon Macie account. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.
+ */ +export interface SensitivityInspectionTemplateExcludes { + /** + *An array of unique identifiers, one for each managed data identifier to exclude. To retrieve a list of valid values, use the ListManagedDataIdentifiers operation.
+ */ + managedDataIdentifierIds?: string[]; +} + +/** + *Specifies the allow lists, custom data identifiers, and managed data identifiers to include (use) when performing automated sensitive data discovery for an Amazon Macie account. The configuration must specify at least one custom data identifier or managed data identifier. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.
+ */ +export interface SensitivityInspectionTemplateIncludes { + /** + *An array of unique identifiers, one for each allow list to include.
+ */ + allowListIds?: string[]; + + /** + *An array of unique identifiers, one for each custom data identifier to include.
+ */ + customDataIdentifierIds?: string[]; + + /** + *An array of unique identifiers, one for each managed data identifier to include.
Amazon Macie uses these managed data identifiers in addition to managed data identifiers that are subsequently released and recommended for automated sensitive data discovery. To retrieve a list of valid values for the managed data identifiers that are currently available, use the ListManagedDataIdentifiers operation.
The custom description of the template.
+ */ + description?: string; + + /** + *The managed data identifiers that are explicitly excluded (not used) when analyzing data.
+ */ + excludes?: SensitivityInspectionTemplateExcludes; + + /** + *The allow lists, custom data identifiers, and managed data identifiers that are included (used) when analyzing data.
+ */ + includes?: SensitivityInspectionTemplateIncludes; + + /** + *The name of the template.
+ */ + name?: string; + + /** + *The unique identifier for the template.
+ */ + sensitivityInspectionTemplateId?: string; +} + +export enum UsageStatisticsSortKey { + accountId = "accountId", + freeTrialStartDate = "freeTrialStartDate", + serviceLimitValue = "serviceLimitValue", + total = "total", +} + /** *Specifies criteria for sorting the results of a query for Amazon Macie account quotas and usage data.
*/ @@ -4202,7 +4622,7 @@ export interface GetUsageStatisticsResponse { nextToken?: string; /** - *An array of objects that contains the results of the query. Each object contains the data for an account that meets the filter criteria specified in the request.
+ *An array of objects that contains the results of the query. Each object contains the data for an account that matches the filter criteria specified in the request.
*/ records?: UsageRecord[]; @@ -4316,7 +4736,7 @@ export interface ListClassificationJobsRequest { export interface ListClassificationJobsResponse { /** - *An array of objects, one for each job that meets the filter criteria specified in the request.
+ *An array of objects, one for each job that matches the filter criteria specified in the request.
*/ items?: JobSummary[]; @@ -4326,11 +4746,11 @@ export interface ListClassificationJobsResponse { nextToken?: string; } -export interface ListCustomDataIdentifiersRequest { +export interface ListClassificationScopesRequest { /** - *The maximum number of items to include in each page of the response.
+ *The name of the classification scope to retrieve the unique identifier for.
*/ - maxResults?: number; + name?: string; /** *The nextToken string that specifies which page of results to return in a paginated response.
@@ -4338,11 +4758,11 @@ export interface ListCustomDataIdentifiersRequest { nextToken?: string; } -export interface ListCustomDataIdentifiersResponse { +export interface ListClassificationScopesResponse { /** - *An array of objects, one for each custom data identifier.
+ *An array that specifies the unique identifier and name of the classification scope for the account.
*/ - items?: CustomDataIdentifierSummary[]; + classificationScopes?: ClassificationScopeSummary[]; /** *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
@@ -4350,12 +4770,7 @@ export interface ListCustomDataIdentifiersResponse { nextToken?: string; } -export interface ListFindingsRequest { - /** - *The criteria to use to filter the results.
- */ - findingCriteria?: FindingCriteria; - +export interface ListCustomDataIdentifiersRequest { /** *The maximum number of items to include in each page of the response.
*/ @@ -4365,66 +4780,13 @@ export interface ListFindingsRequest { *The nextToken string that specifies which page of results to return in a paginated response.
*/ nextToken?: string; - - /** - *The criteria to use to sort the results.
- */ - sortCriteria?: SortCriteria; -} - -export interface ListFindingsResponse { - /** - *An array of strings, where each string is the unique identifier for a finding that meets the filter criteria specified in the request.
- */ - findingIds?: string[]; - - /** - *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
- */ - nextToken?: string; -} - -export interface ListFindingsFiltersRequest { - /** - *The maximum number of items to include in each page of a paginated response.
- */ - maxResults?: number; - - /** - *The nextToken string that specifies which page of results to return in a paginated response.
- */ - nextToken?: string; } -export interface ListFindingsFiltersResponse { - /** - *An array of objects, one for each filter that's associated with the account.
- */ - findingsFilterListItems?: FindingsFilterListItem[]; - - /** - *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
- */ - nextToken?: string; -} - -export interface ListInvitationsRequest { - /** - *The maximum number of items to include in each page of a paginated response.
- */ - maxResults?: number; - - /** - *The nextToken string that specifies which page of results to return in a paginated response.
- */ - nextToken?: string; -} - -export interface ListInvitationsResponse { +export interface ListCustomDataIdentifiersResponse { /** - *An array of objects, one for each invitation that was received by the account.
+ *An array of objects, one for each custom data identifier.
*/ - invitations?: Invitation[]; + items?: CustomDataIdentifierSummary[]; /** *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
@@ -4432,28 +4794,14 @@ export interface ListInvitationsResponse { nextToken?: string; } -export interface ListManagedDataIdentifiersRequest { - /** - *The nextToken string that specifies which page of results to return in a paginated response.
- */ - nextToken?: string; -} - -export interface ListManagedDataIdentifiersResponse { - /** - *An array of objects, one for each managed data identifier.
- */ - items?: ManagedDataIdentifierSummary[]; - +export interface ListFindingsRequest { /** - *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ *The criteria to use to filter the results.
*/ - nextToken?: string; -} + findingCriteria?: FindingCriteria; -export interface ListMembersRequest { /** - *The maximum number of items to include in each page of a paginated response.
+ *The maximum number of items to include in each page of the response.
*/ maxResults?: number; @@ -4463,16 +4811,16 @@ export interface ListMembersRequest { nextToken?: string; /** - *Specifies which accounts to include in the response, based on the status of an account's relationship with the administrator account. By default, the response includes only current member accounts. To include all accounts, set this value to false.
+ *The criteria to use to sort the results.
*/ - onlyAssociated?: string; + sortCriteria?: SortCriteria; } -export interface ListMembersResponse { +export interface ListFindingsResponse { /** - *An array of objects, one for each account that's associated with the administrator account and meets the criteria specified in the request.
+ *An array of strings, where each string is the unique identifier for a finding that matches the filter criteria specified in the request.
*/ - members?: Member[]; + findingIds?: string[]; /** *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
@@ -4480,7 +4828,7 @@ export interface ListMembersResponse { nextToken?: string; } -export interface ListOrganizationAdminAccountsRequest { +export interface ListFindingsFiltersRequest { /** *The maximum number of items to include in each page of a paginated response.
*/ @@ -4492,11 +4840,11 @@ export interface ListOrganizationAdminAccountsRequest { nextToken?: string; } -export interface ListOrganizationAdminAccountsResponse { +export interface ListFindingsFiltersResponse { /** - *An array of objects, one for each delegated Amazon Macie administrator account for the organization. Only one of these accounts can have a status of ENABLED.
+ *An array of objects, one for each filter that's associated with the account.
*/ - adminAccounts?: AdminAccount[]; + findingsFilterListItems?: FindingsFilterListItem[]; /** *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
@@ -4504,189 +4852,6 @@ export interface ListOrganizationAdminAccountsResponse { nextToken?: string; } -export interface ListTagsForResourceRequest { - /** - *The Amazon Resource Name (ARN) of the resource.
- */ - resourceArn: string | undefined; -} - -export interface ListTagsForResourceResponse { - /** - *A map of key-value pairs that specifies which tags (keys and values) are associated with the resource.
- */ - tags?: RecordThe location to store data classification results in, and the encryption settings to use when storing results in that location.
- */ - configuration: ClassificationExportConfiguration | undefined; -} - -export interface PutClassificationExportConfigurationResponse { - /** - *The location where the data classification results are stored, and the encryption settings that are used when storing results in that location.
- */ - configuration?: ClassificationExportConfiguration; -} - -export interface PutFindingsPublicationConfigurationRequest { - /** - *A unique, case-sensitive token that you provide to ensure the idempotency of the request.
- */ - clientToken?: string; - - /** - *The configuration settings that determine which findings to publish to Security Hub.
- */ - securityHubConfiguration?: SecurityHubConfiguration; -} - -export interface PutFindingsPublicationConfigurationResponse {} - -/** - *Specifies property- and tag-based conditions that define filter criteria for including or excluding Amazon Web Services resources from the query results.
- */ -export interface SearchResourcesCriteriaBlock { - /** - *An array of objects, one for each property- or tag-based condition that includes or excludes resources from the query results. If you specify more than one condition, Amazon Macie uses AND logic to join the conditions.
- */ - and?: SearchResourcesCriteria[]; -} - -/** - *Specifies property- and tag-based conditions that define filter criteria for including or excluding S3 buckets from the query results. Exclude conditions take precedence over include conditions.
- */ -export interface SearchResourcesBucketCriteria { - /** - *The property- and tag-based conditions that determine which buckets to exclude from the results.
- */ - excludes?: SearchResourcesCriteriaBlock; - - /** - *The property- and tag-based conditions that determine which buckets to include in the results.
- */ - includes?: SearchResourcesCriteriaBlock; -} - -export enum SearchResourcesSortAttributeName { - ACCOUNT_ID = "ACCOUNT_ID", - RESOURCE_NAME = "RESOURCE_NAME", - S3_CLASSIFIABLE_OBJECT_COUNT = "S3_CLASSIFIABLE_OBJECT_COUNT", - S3_CLASSIFIABLE_SIZE_IN_BYTES = "S3_CLASSIFIABLE_SIZE_IN_BYTES", -} - -/** - *Specifies criteria for sorting the results of a query for information about Amazon Web Services resources that Amazon Macie monitors and analyzes.
- */ -export interface SearchResourcesSortCriteria { - /** - *The property to sort the results by.
- */ - attributeName?: SearchResourcesSortAttributeName | string; - - /** - *The sort order to apply to the results, based on the value for the property specified by the attributeName property. Valid values are: ASC, sort the results in ascending order; and, DESC, sort the results in descending order.
- */ - orderBy?: OrderBy | string; -} - -export interface SearchResourcesRequest { - /** - *The filter conditions that determine which S3 buckets to include or exclude from the query results.
- */ - bucketCriteria?: SearchResourcesBucketCriteria; - - /** - *The maximum number of items to include in each page of the response. The default value is 50.
- */ - maxResults?: number; - - /** - *The nextToken string that specifies which page of results to return in a paginated response.
- */ - nextToken?: string; - - /** - *The criteria to use to sort the results.
- */ - sortCriteria?: SearchResourcesSortCriteria; -} - -export interface SearchResourcesResponse { - /** - *An array of objects, one for each resource that meets the filter criteria specified in the request.
- */ - matchingResources?: MatchingResource[]; - - /** - *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
- */ - nextToken?: string; -} - -export interface TagResourceRequest { - /** - *The Amazon Resource Name (ARN) of the resource.
- */ - resourceArn: string | undefined; - - /** - *A map of key-value pairs that specifies the tags to associate with the resource.
A resource can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.
- */ - tags: RecordAn array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression contains any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.
- */ - ignoreWords?: string[]; - - /** - *An array that lists specific character sequences (keywords), one of which must precede and be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.
- */ - keywords?: string[]; - - /** - *The maximum number of characters that can exist between the end of at least one complete character sequence specified by the keywords array and the end of the text that matches the regex pattern. If a complete keyword precedes all the text that matches the pattern and the keyword is within the specified distance, Amazon Macie includes the result. The distance can be 1-300 characters. The default value is 50.
- */ - maximumMatchDistance?: number; - - /** - *The regular expression (regex) that defines the pattern to match. The expression can contain as many as 512 characters.
- */ - regex: string | undefined; - - /** - *The sample text to inspect by using the custom data identifier. The text can contain as many as 1,000 characters.
- */ - sampleText: string | undefined; -} - -export interface TestCustomDataIdentifierResponse { - /** - *The number of occurrences of sample text that matched the criteria specified by the custom data identifier.
- */ - matchCount?: number; -} - -export interface UntagResourceRequest { - /** - *The Amazon Resource Name (ARN) of the resource.
- */ - resourceArn: string | undefined; - - /** - *One or more tags (keys) to remove from the resource. In an HTTP request to remove multiple tags, append the tagKeys parameter and argument for each tag to remove, separated by an ampersand (&).
- */ - tagKeys: string[] | undefined; -} - /** * @internal */ @@ -4808,6 +4973,13 @@ export const BucketMetadataFilterSensitiveLog = (obj: BucketMetadata): any => ({ ...obj, }); +/** + * @internal + */ +export const ClassificationScopeSummaryFilterSensitiveLog = (obj: ClassificationScopeSummary): any => ({ + ...obj, +}); + /** * @internal */ @@ -4850,6 +5022,13 @@ export const DetectedDataDetailsFilterSensitiveLog = (obj: DetectedDataDetails): ...obj, }); +/** + * @internal + */ +export const DetectionFilterSensitiveLog = (obj: Detection): any => ({ + ...obj, +}); + /** * @internal */ @@ -5249,6 +5428,13 @@ export const MemberFilterSensitiveLog = (obj: Member): any => ({ ...obj, }); +/** + * @internal + */ +export const ResourceProfileArtifactFilterSensitiveLog = (obj: ResourceProfileArtifact): any => ({ + ...obj, +}); + /** * @internal */ @@ -5277,6 +5463,22 @@ export const SearchResourcesCriteriaFilterSensitiveLog = (obj: SearchResourcesCr ...obj, }); +/** + * @internal + */ +export const SensitivityInspectionTemplatesEntryFilterSensitiveLog = ( + obj: SensitivityInspectionTemplatesEntry +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SuppressDataIdentifierFilterSensitiveLog = (obj: SuppressDataIdentifier): any => ({ + ...obj, +}); + /** * @internal */ @@ -5423,6 +5625,20 @@ export const BucketSortCriteriaFilterSensitiveLog = (obj: BucketSortCriteria): a ...obj, }); +/** + * @internal + */ +export const SensitivityAggregationsFilterSensitiveLog = (obj: SensitivityAggregations): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const BucketStatisticsBySensitivityFilterSensitiveLog = (obj: BucketStatisticsBySensitivity): any => ({ + ...obj, +}); + /** * @internal */ @@ -5894,22 +6110,8 @@ export const GetAllowListResponseFilterSensitiveLog = (obj: GetAllowListResponse /** * @internal */ -export const GetBucketStatisticsRequestFilterSensitiveLog = (obj: GetBucketStatisticsRequest): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetBucketStatisticsResponseFilterSensitiveLog = (obj: GetBucketStatisticsResponse): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetClassificationExportConfigurationRequestFilterSensitiveLog = ( - obj: GetClassificationExportConfigurationRequest +export const GetAutomatedDiscoveryConfigurationRequestFilterSensitiveLog = ( + obj: GetAutomatedDiscoveryConfigurationRequest ): any => ({ ...obj, }); @@ -5917,8 +6119,8 @@ export const GetClassificationExportConfigurationRequestFilterSensitiveLog = ( /** * @internal */ -export const GetClassificationExportConfigurationResponseFilterSensitiveLog = ( - obj: GetClassificationExportConfigurationResponse +export const GetAutomatedDiscoveryConfigurationResponseFilterSensitiveLog = ( + obj: GetAutomatedDiscoveryConfigurationResponse ): any => ({ ...obj, }); @@ -5926,57 +6128,22 @@ export const GetClassificationExportConfigurationResponseFilterSensitiveLog = ( /** * @internal */ -export const GetCustomDataIdentifierRequestFilterSensitiveLog = (obj: GetCustomDataIdentifierRequest): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetCustomDataIdentifierResponseFilterSensitiveLog = (obj: GetCustomDataIdentifierResponse): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const SortCriteriaFilterSensitiveLog = (obj: SortCriteria): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetFindingsRequestFilterSensitiveLog = (obj: GetFindingsRequest): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetFindingsResponseFilterSensitiveLog = (obj: GetFindingsResponse): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetFindingsFilterRequestFilterSensitiveLog = (obj: GetFindingsFilterRequest): any => ({ +export const GetBucketStatisticsRequestFilterSensitiveLog = (obj: GetBucketStatisticsRequest): any => ({ ...obj, }); /** * @internal */ -export const GetFindingsFilterResponseFilterSensitiveLog = (obj: GetFindingsFilterResponse): any => ({ +export const GetBucketStatisticsResponseFilterSensitiveLog = (obj: GetBucketStatisticsResponse): any => ({ ...obj, }); /** * @internal */ -export const GetFindingsPublicationConfigurationRequestFilterSensitiveLog = ( - obj: GetFindingsPublicationConfigurationRequest +export const GetClassificationExportConfigurationRequestFilterSensitiveLog = ( + obj: GetClassificationExportConfigurationRequest ): any => ({ ...obj, }); @@ -5984,15 +6151,8 @@ export const GetFindingsPublicationConfigurationRequestFilterSensitiveLog = ( /** * @internal */ -export const SecurityHubConfigurationFilterSensitiveLog = (obj: SecurityHubConfiguration): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetFindingsPublicationConfigurationResponseFilterSensitiveLog = ( - obj: GetFindingsPublicationConfigurationResponse +export const GetClassificationExportConfigurationResponseFilterSensitiveLog = ( + obj: GetClassificationExportConfigurationResponse ): any => ({ ...obj, }); @@ -6000,106 +6160,101 @@ export const GetFindingsPublicationConfigurationResponseFilterSensitiveLog = ( /** * @internal */ -export const GetFindingStatisticsRequestFilterSensitiveLog = (obj: GetFindingStatisticsRequest): any => ({ - ...obj, -}); - -/** - * @internal - */ -export const GetFindingStatisticsResponseFilterSensitiveLog = (obj: GetFindingStatisticsResponse): any => ({ +export const GetClassificationScopeRequestFilterSensitiveLog = (obj: GetClassificationScopeRequest): any => ({ ...obj, }); /** * @internal */ -export const GetInvitationsCountRequestFilterSensitiveLog = (obj: GetInvitationsCountRequest): any => ({ +export const S3ClassificationScopeExclusionFilterSensitiveLog = (obj: S3ClassificationScopeExclusion): any => ({ ...obj, }); /** * @internal */ -export const GetInvitationsCountResponseFilterSensitiveLog = (obj: GetInvitationsCountResponse): any => ({ +export const S3ClassificationScopeFilterSensitiveLog = (obj: S3ClassificationScope): any => ({ ...obj, }); /** * @internal */ -export const GetMacieSessionRequestFilterSensitiveLog = (obj: GetMacieSessionRequest): any => ({ +export const GetClassificationScopeResponseFilterSensitiveLog = (obj: GetClassificationScopeResponse): any => ({ ...obj, }); /** * @internal */ -export const GetMacieSessionResponseFilterSensitiveLog = (obj: GetMacieSessionResponse): any => ({ +export const GetCustomDataIdentifierRequestFilterSensitiveLog = (obj: GetCustomDataIdentifierRequest): any => ({ ...obj, }); /** * @internal */ -export const GetMasterAccountRequestFilterSensitiveLog = (obj: GetMasterAccountRequest): any => ({ +export const GetCustomDataIdentifierResponseFilterSensitiveLog = (obj: GetCustomDataIdentifierResponse): any => ({ ...obj, }); /** * @internal */ -export const GetMasterAccountResponseFilterSensitiveLog = (obj: GetMasterAccountResponse): any => ({ +export const SortCriteriaFilterSensitiveLog = (obj: SortCriteria): any => ({ ...obj, }); /** * @internal */ -export const GetMemberRequestFilterSensitiveLog = (obj: GetMemberRequest): any => ({ +export const GetFindingsRequestFilterSensitiveLog = (obj: GetFindingsRequest): any => ({ ...obj, }); /** * @internal */ -export const GetMemberResponseFilterSensitiveLog = (obj: GetMemberResponse): any => ({ +export const GetFindingsResponseFilterSensitiveLog = (obj: GetFindingsResponse): any => ({ ...obj, }); /** * @internal */ -export const GetRevealConfigurationRequestFilterSensitiveLog = (obj: GetRevealConfigurationRequest): any => ({ +export const GetFindingsFilterRequestFilterSensitiveLog = (obj: GetFindingsFilterRequest): any => ({ ...obj, }); /** * @internal */ -export const RevealConfigurationFilterSensitiveLog = (obj: RevealConfiguration): any => ({ +export const GetFindingsFilterResponseFilterSensitiveLog = (obj: GetFindingsFilterResponse): any => ({ ...obj, }); /** * @internal */ -export const GetRevealConfigurationResponseFilterSensitiveLog = (obj: GetRevealConfigurationResponse): any => ({ +export const GetFindingsPublicationConfigurationRequestFilterSensitiveLog = ( + obj: GetFindingsPublicationConfigurationRequest +): any => ({ ...obj, }); /** * @internal */ -export const GetSensitiveDataOccurrencesRequestFilterSensitiveLog = (obj: GetSensitiveDataOccurrencesRequest): any => ({ +export const SecurityHubConfigurationFilterSensitiveLog = (obj: SecurityHubConfiguration): any => ({ ...obj, }); /** * @internal */ -export const GetSensitiveDataOccurrencesResponseFilterSensitiveLog = ( - obj: GetSensitiveDataOccurrencesResponse +export const GetFindingsPublicationConfigurationResponseFilterSensitiveLog = ( + obj: GetFindingsPublicationConfigurationResponse ): any => ({ ...obj, }); @@ -6107,316 +6262,314 @@ export const GetSensitiveDataOccurrencesResponseFilterSensitiveLog = ( /** * @internal */ -export const GetSensitiveDataOccurrencesAvailabilityRequestFilterSensitiveLog = ( - obj: GetSensitiveDataOccurrencesAvailabilityRequest -): any => ({ +export const GetFindingStatisticsRequestFilterSensitiveLog = (obj: GetFindingStatisticsRequest): any => ({ ...obj, }); /** * @internal */ -export const GetSensitiveDataOccurrencesAvailabilityResponseFilterSensitiveLog = ( - obj: GetSensitiveDataOccurrencesAvailabilityResponse -): any => ({ +export const GetFindingStatisticsResponseFilterSensitiveLog = (obj: GetFindingStatisticsResponse): any => ({ ...obj, }); /** * @internal */ -export const UsageStatisticsSortByFilterSensitiveLog = (obj: UsageStatisticsSortBy): any => ({ +export const GetInvitationsCountRequestFilterSensitiveLog = (obj: GetInvitationsCountRequest): any => ({ ...obj, }); /** * @internal */ -export const GetUsageStatisticsRequestFilterSensitiveLog = (obj: GetUsageStatisticsRequest): any => ({ +export const GetInvitationsCountResponseFilterSensitiveLog = (obj: GetInvitationsCountResponse): any => ({ ...obj, }); /** * @internal */ -export const GetUsageStatisticsResponseFilterSensitiveLog = (obj: GetUsageStatisticsResponse): any => ({ +export const GetMacieSessionRequestFilterSensitiveLog = (obj: GetMacieSessionRequest): any => ({ ...obj, }); /** * @internal */ -export const GetUsageTotalsRequestFilterSensitiveLog = (obj: GetUsageTotalsRequest): any => ({ +export const GetMacieSessionResponseFilterSensitiveLog = (obj: GetMacieSessionResponse): any => ({ ...obj, }); /** * @internal */ -export const GetUsageTotalsResponseFilterSensitiveLog = (obj: GetUsageTotalsResponse): any => ({ +export const GetMasterAccountRequestFilterSensitiveLog = (obj: GetMasterAccountRequest): any => ({ ...obj, }); /** * @internal */ -export const ListAllowListsRequestFilterSensitiveLog = (obj: ListAllowListsRequest): any => ({ +export const GetMasterAccountResponseFilterSensitiveLog = (obj: GetMasterAccountResponse): any => ({ ...obj, }); /** * @internal */ -export const ListAllowListsResponseFilterSensitiveLog = (obj: ListAllowListsResponse): any => ({ +export const GetMemberRequestFilterSensitiveLog = (obj: GetMemberRequest): any => ({ ...obj, }); /** * @internal */ -export const ListJobsFilterCriteriaFilterSensitiveLog = (obj: ListJobsFilterCriteria): any => ({ +export const GetMemberResponseFilterSensitiveLog = (obj: GetMemberResponse): any => ({ ...obj, }); /** * @internal */ -export const ListJobsSortCriteriaFilterSensitiveLog = (obj: ListJobsSortCriteria): any => ({ +export const GetResourceProfileRequestFilterSensitiveLog = (obj: GetResourceProfileRequest): any => ({ ...obj, }); /** * @internal */ -export const ListClassificationJobsRequestFilterSensitiveLog = (obj: ListClassificationJobsRequest): any => ({ +export const ResourceStatisticsFilterSensitiveLog = (obj: ResourceStatistics): any => ({ ...obj, }); /** * @internal */ -export const ListClassificationJobsResponseFilterSensitiveLog = (obj: ListClassificationJobsResponse): any => ({ +export const GetResourceProfileResponseFilterSensitiveLog = (obj: GetResourceProfileResponse): any => ({ ...obj, }); /** * @internal */ -export const ListCustomDataIdentifiersRequestFilterSensitiveLog = (obj: ListCustomDataIdentifiersRequest): any => ({ +export const GetRevealConfigurationRequestFilterSensitiveLog = (obj: GetRevealConfigurationRequest): any => ({ ...obj, }); /** * @internal */ -export const ListCustomDataIdentifiersResponseFilterSensitiveLog = (obj: ListCustomDataIdentifiersResponse): any => ({ +export const RevealConfigurationFilterSensitiveLog = (obj: RevealConfiguration): any => ({ ...obj, }); /** * @internal */ -export const ListFindingsRequestFilterSensitiveLog = (obj: ListFindingsRequest): any => ({ +export const GetRevealConfigurationResponseFilterSensitiveLog = (obj: GetRevealConfigurationResponse): any => ({ ...obj, }); /** * @internal */ -export const ListFindingsResponseFilterSensitiveLog = (obj: ListFindingsResponse): any => ({ +export const GetSensitiveDataOccurrencesRequestFilterSensitiveLog = (obj: GetSensitiveDataOccurrencesRequest): any => ({ ...obj, }); /** * @internal */ -export const ListFindingsFiltersRequestFilterSensitiveLog = (obj: ListFindingsFiltersRequest): any => ({ +export const GetSensitiveDataOccurrencesResponseFilterSensitiveLog = ( + obj: GetSensitiveDataOccurrencesResponse +): any => ({ ...obj, }); /** * @internal */ -export const ListFindingsFiltersResponseFilterSensitiveLog = (obj: ListFindingsFiltersResponse): any => ({ +export const GetSensitiveDataOccurrencesAvailabilityRequestFilterSensitiveLog = ( + obj: GetSensitiveDataOccurrencesAvailabilityRequest +): any => ({ ...obj, }); /** * @internal */ -export const ListInvitationsRequestFilterSensitiveLog = (obj: ListInvitationsRequest): any => ({ +export const GetSensitiveDataOccurrencesAvailabilityResponseFilterSensitiveLog = ( + obj: GetSensitiveDataOccurrencesAvailabilityResponse +): any => ({ ...obj, }); /** * @internal */ -export const ListInvitationsResponseFilterSensitiveLog = (obj: ListInvitationsResponse): any => ({ +export const GetSensitivityInspectionTemplateRequestFilterSensitiveLog = ( + obj: GetSensitivityInspectionTemplateRequest +): any => ({ ...obj, }); /** * @internal */ -export const ListManagedDataIdentifiersRequestFilterSensitiveLog = (obj: ListManagedDataIdentifiersRequest): any => ({ +export const SensitivityInspectionTemplateExcludesFilterSensitiveLog = ( + obj: SensitivityInspectionTemplateExcludes +): any => ({ ...obj, }); /** * @internal */ -export const ListManagedDataIdentifiersResponseFilterSensitiveLog = (obj: ListManagedDataIdentifiersResponse): any => ({ +export const SensitivityInspectionTemplateIncludesFilterSensitiveLog = ( + obj: SensitivityInspectionTemplateIncludes +): any => ({ ...obj, }); /** * @internal */ -export const ListMembersRequestFilterSensitiveLog = (obj: ListMembersRequest): any => ({ +export const GetSensitivityInspectionTemplateResponseFilterSensitiveLog = ( + obj: GetSensitivityInspectionTemplateResponse +): any => ({ ...obj, }); /** * @internal */ -export const ListMembersResponseFilterSensitiveLog = (obj: ListMembersResponse): any => ({ +export const UsageStatisticsSortByFilterSensitiveLog = (obj: UsageStatisticsSortBy): any => ({ ...obj, }); /** * @internal */ -export const ListOrganizationAdminAccountsRequestFilterSensitiveLog = ( - obj: ListOrganizationAdminAccountsRequest -): any => ({ +export const GetUsageStatisticsRequestFilterSensitiveLog = (obj: GetUsageStatisticsRequest): any => ({ ...obj, }); /** * @internal */ -export const ListOrganizationAdminAccountsResponseFilterSensitiveLog = ( - obj: ListOrganizationAdminAccountsResponse -): any => ({ +export const GetUsageStatisticsResponseFilterSensitiveLog = (obj: GetUsageStatisticsResponse): any => ({ ...obj, }); /** * @internal */ -export const ListTagsForResourceRequestFilterSensitiveLog = (obj: ListTagsForResourceRequest): any => ({ +export const GetUsageTotalsRequestFilterSensitiveLog = (obj: GetUsageTotalsRequest): any => ({ ...obj, }); /** * @internal */ -export const ListTagsForResourceResponseFilterSensitiveLog = (obj: ListTagsForResourceResponse): any => ({ +export const GetUsageTotalsResponseFilterSensitiveLog = (obj: GetUsageTotalsResponse): any => ({ ...obj, }); /** * @internal */ -export const PutClassificationExportConfigurationRequestFilterSensitiveLog = ( - obj: PutClassificationExportConfigurationRequest -): any => ({ +export const ListAllowListsRequestFilterSensitiveLog = (obj: ListAllowListsRequest): any => ({ ...obj, }); /** * @internal */ -export const PutClassificationExportConfigurationResponseFilterSensitiveLog = ( - obj: PutClassificationExportConfigurationResponse -): any => ({ +export const ListAllowListsResponseFilterSensitiveLog = (obj: ListAllowListsResponse): any => ({ ...obj, }); /** * @internal */ -export const PutFindingsPublicationConfigurationRequestFilterSensitiveLog = ( - obj: PutFindingsPublicationConfigurationRequest -): any => ({ +export const ListJobsFilterCriteriaFilterSensitiveLog = (obj: ListJobsFilterCriteria): any => ({ ...obj, }); /** * @internal */ -export const PutFindingsPublicationConfigurationResponseFilterSensitiveLog = ( - obj: PutFindingsPublicationConfigurationResponse -): any => ({ +export const ListJobsSortCriteriaFilterSensitiveLog = (obj: ListJobsSortCriteria): any => ({ ...obj, }); /** * @internal */ -export const SearchResourcesCriteriaBlockFilterSensitiveLog = (obj: SearchResourcesCriteriaBlock): any => ({ +export const ListClassificationJobsRequestFilterSensitiveLog = (obj: ListClassificationJobsRequest): any => ({ ...obj, }); /** * @internal */ -export const SearchResourcesBucketCriteriaFilterSensitiveLog = (obj: SearchResourcesBucketCriteria): any => ({ +export const ListClassificationJobsResponseFilterSensitiveLog = (obj: ListClassificationJobsResponse): any => ({ ...obj, }); /** * @internal */ -export const SearchResourcesSortCriteriaFilterSensitiveLog = (obj: SearchResourcesSortCriteria): any => ({ +export const ListClassificationScopesRequestFilterSensitiveLog = (obj: ListClassificationScopesRequest): any => ({ ...obj, }); /** * @internal */ -export const SearchResourcesRequestFilterSensitiveLog = (obj: SearchResourcesRequest): any => ({ +export const ListClassificationScopesResponseFilterSensitiveLog = (obj: ListClassificationScopesResponse): any => ({ ...obj, }); /** * @internal */ -export const SearchResourcesResponseFilterSensitiveLog = (obj: SearchResourcesResponse): any => ({ +export const ListCustomDataIdentifiersRequestFilterSensitiveLog = (obj: ListCustomDataIdentifiersRequest): any => ({ ...obj, }); /** * @internal */ -export const TagResourceRequestFilterSensitiveLog = (obj: TagResourceRequest): any => ({ +export const ListCustomDataIdentifiersResponseFilterSensitiveLog = (obj: ListCustomDataIdentifiersResponse): any => ({ ...obj, }); /** * @internal */ -export const TagResourceResponseFilterSensitiveLog = (obj: TagResourceResponse): any => ({ +export const ListFindingsRequestFilterSensitiveLog = (obj: ListFindingsRequest): any => ({ ...obj, }); /** * @internal */ -export const TestCustomDataIdentifierRequestFilterSensitiveLog = (obj: TestCustomDataIdentifierRequest): any => ({ +export const ListFindingsResponseFilterSensitiveLog = (obj: ListFindingsResponse): any => ({ ...obj, }); /** * @internal */ -export const TestCustomDataIdentifierResponseFilterSensitiveLog = (obj: TestCustomDataIdentifierResponse): any => ({ +export const ListFindingsFiltersRequestFilterSensitiveLog = (obj: ListFindingsFiltersRequest): any => ({ ...obj, }); /** * @internal */ -export const UntagResourceRequestFilterSensitiveLog = (obj: UntagResourceRequest): any => ({ +export const ListFindingsFiltersResponseFilterSensitiveLog = (obj: ListFindingsFiltersResponse): any => ({ ...obj, }); diff --git a/clients/client-macie2/src/models/models_1.ts b/clients/client-macie2/src/models/models_1.ts index 2e6a97d439c5c..4f74574340de8 100644 --- a/clients/client-macie2/src/models/models_1.ts +++ b/clients/client-macie2/src/models/models_1.ts @@ -1,14 +1,387 @@ // smithy-typescript generated code import { + AdminAccount, AllowListCriteria, + AutomatedDiscoveryStatus, + ClassificationExportConfiguration, + ClassificationScopeUpdateOperation, + Detection, FindingCriteria, FindingPublishingFrequency, FindingsFilterAction, + Invitation, JobStatus, MacieStatus, + ManagedDataIdentifierSummary, + MatchingResource, + Member, + OrderBy, + ResourceProfileArtifact, RevealConfiguration, + SearchResourcesCriteria, + SecurityHubConfiguration, + SensitivityInspectionTemplateExcludes, + SensitivityInspectionTemplateIncludes, + SensitivityInspectionTemplatesEntry, + SuppressDataIdentifier, } from "./models_0"; +export interface ListInvitationsRequest { + /** + *The maximum number of items to include in each page of a paginated response.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; +} + +export interface ListInvitationsResponse { + /** + *An array of objects, one for each invitation that was received by the account.
+ */ + invitations?: Invitation[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListManagedDataIdentifiersRequest { + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; +} + +export interface ListManagedDataIdentifiersResponse { + /** + *An array of objects, one for each managed data identifier.
+ */ + items?: ManagedDataIdentifierSummary[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListMembersRequest { + /** + *The maximum number of items to include in each page of a paginated response.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; + + /** + *Specifies which accounts to include in the response, based on the status of an account's relationship with the administrator account. By default, the response includes only current member accounts. To include all accounts, set this value to false.
+ */ + onlyAssociated?: string; +} + +export interface ListMembersResponse { + /** + *An array of objects, one for each account that's associated with the administrator account and matches the criteria specified in the request.
+ */ + members?: Member[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListOrganizationAdminAccountsRequest { + /** + *The maximum number of items to include in each page of a paginated response.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; +} + +export interface ListOrganizationAdminAccountsResponse { + /** + *An array of objects, one for each delegated Amazon Macie administrator account for the organization. Only one of these accounts can have a status of ENABLED.
+ */ + adminAccounts?: AdminAccount[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListResourceProfileArtifactsRequest { + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; + + /** + *The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
+ */ + resourceArn: string | undefined; +} + +export interface ListResourceProfileArtifactsResponse { + /** + *An array of objects, one for each S3 object that Amazon Macie selected for analysis.
+ */ + artifacts?: ResourceProfileArtifact[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListResourceProfileDetectionsRequest { + /** + *The maximum number of items to include in each page of a paginated response.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; + + /** + *The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
+ */ + resourceArn: string | undefined; +} + +export interface ListResourceProfileDetectionsResponse { + /** + *An array of objects, one for each type of sensitive data that Amazon Macie found in the bucket. Each object reports the number of occurrences of the specified type and provides information about the custom data identifier or managed data identifier that detected the data.
+ */ + detections?: Detection[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface ListSensitivityInspectionTemplatesRequest { + /** + *The maximum number of items to include in each page of a paginated response.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; +} + +export interface ListSensitivityInspectionTemplatesResponse { + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; + + /** + *An array that specifies the unique identifier and name of the sensitivity inspection template for the account.
+ */ + sensitivityInspectionTemplates?: SensitivityInspectionTemplatesEntry[]; +} + +export interface ListTagsForResourceRequest { + /** + *The Amazon Resource Name (ARN) of the resource.
+ */ + resourceArn: string | undefined; +} + +export interface ListTagsForResourceResponse { + /** + *A map of key-value pairs that specifies which tags (keys and values) are associated with the resource.
+ */ + tags?: RecordThe location to store data classification results in, and the encryption settings to use when storing results in that location.
+ */ + configuration: ClassificationExportConfiguration | undefined; +} + +export interface PutClassificationExportConfigurationResponse { + /** + *The location where the data classification results are stored, and the encryption settings that are used when storing results in that location.
+ */ + configuration?: ClassificationExportConfiguration; +} + +export interface PutFindingsPublicationConfigurationRequest { + /** + *A unique, case-sensitive token that you provide to ensure the idempotency of the request.
+ */ + clientToken?: string; + + /** + *The configuration settings that determine which findings to publish to Security Hub.
+ */ + securityHubConfiguration?: SecurityHubConfiguration; +} + +export interface PutFindingsPublicationConfigurationResponse {} + +/** + *Specifies property- and tag-based conditions that define filter criteria for including or excluding Amazon Web Services resources from the query results.
+ */ +export interface SearchResourcesCriteriaBlock { + /** + *An array of objects, one for each property- or tag-based condition that includes or excludes resources from the query results. If you specify more than one condition, Amazon Macie uses AND logic to join the conditions.
+ */ + and?: SearchResourcesCriteria[]; +} + +/** + *Specifies property- and tag-based conditions that define filter criteria for including or excluding S3 buckets from the query results. Exclude conditions take precedence over include conditions.
+ */ +export interface SearchResourcesBucketCriteria { + /** + *The property- and tag-based conditions that determine which buckets to exclude from the results.
+ */ + excludes?: SearchResourcesCriteriaBlock; + + /** + *The property- and tag-based conditions that determine which buckets to include in the results.
+ */ + includes?: SearchResourcesCriteriaBlock; +} + +export enum SearchResourcesSortAttributeName { + ACCOUNT_ID = "ACCOUNT_ID", + RESOURCE_NAME = "RESOURCE_NAME", + S3_CLASSIFIABLE_OBJECT_COUNT = "S3_CLASSIFIABLE_OBJECT_COUNT", + S3_CLASSIFIABLE_SIZE_IN_BYTES = "S3_CLASSIFIABLE_SIZE_IN_BYTES", +} + +/** + *Specifies criteria for sorting the results of a query for information about Amazon Web Services resources that Amazon Macie monitors and analyzes.
+ */ +export interface SearchResourcesSortCriteria { + /** + *The property to sort the results by.
+ */ + attributeName?: SearchResourcesSortAttributeName | string; + + /** + *The sort order to apply to the results, based on the value for the property specified by the attributeName property. Valid values are: ASC, sort the results in ascending order; and, DESC, sort the results in descending order.
+ */ + orderBy?: OrderBy | string; +} + +export interface SearchResourcesRequest { + /** + *The filter conditions that determine which S3 buckets to include or exclude from the query results.
+ */ + bucketCriteria?: SearchResourcesBucketCriteria; + + /** + *The maximum number of items to include in each page of the response. The default value is 50.
+ */ + maxResults?: number; + + /** + *The nextToken string that specifies which page of results to return in a paginated response.
+ */ + nextToken?: string; + + /** + *The criteria to use to sort the results.
+ */ + sortCriteria?: SearchResourcesSortCriteria; +} + +export interface SearchResourcesResponse { + /** + *An array of objects, one for each resource that matches the filter criteria specified in the request.
+ */ + matchingResources?: MatchingResource[]; + + /** + *The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
+ */ + nextToken?: string; +} + +export interface TagResourceRequest { + /** + *The Amazon Resource Name (ARN) of the resource.
+ */ + resourceArn: string | undefined; + + /** + *A map of key-value pairs that specifies the tags to associate with the resource.
A resource can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.
+ */ + tags: RecordAn array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression contains any string in this array, Amazon Macie ignores it. The array can contain as many as 10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.
+ */ + ignoreWords?: string[]; + + /** + *An array that lists specific character sequences (keywords), one of which must precede and be within proximity (maximumMatchDistance) of the regular expression to match. The array can contain as many as 50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.
+ */ + keywords?: string[]; + + /** + *The maximum number of characters that can exist between the end of at least one complete character sequence specified by the keywords array and the end of the text that matches the regex pattern. If a complete keyword precedes all the text that matches the pattern and the keyword is within the specified distance, Amazon Macie includes the result. The distance can be 1-300 characters. The default value is 50.
+ */ + maximumMatchDistance?: number; + + /** + *The regular expression (regex) that defines the pattern to match. The expression can contain as many as 512 characters.
+ */ + regex: string | undefined; + + /** + *The sample text to inspect by using the custom data identifier. The text can contain as many as 1,000 characters.
+ */ + sampleText: string | undefined; +} + +export interface TestCustomDataIdentifierResponse { + /** + *The number of occurrences of sample text that matched the criteria specified by the custom data identifier.
+ */ + matchCount?: number; +} + +export interface UntagResourceRequest { + /** + *The Amazon Resource Name (ARN) of the resource.
+ */ + resourceArn: string | undefined; + + /** + *One or more tags (keys) to remove from the resource. In an HTTP request to remove multiple tags, append the tagKeys parameter and argument for each tag to remove, separated by an ampersand (&).
+ */ + tagKeys: string[] | undefined; +} + export interface UntagResourceResponse {} export interface UpdateAllowListRequest { @@ -45,6 +418,15 @@ export interface UpdateAllowListResponse { id?: string; } +export interface UpdateAutomatedDiscoveryConfigurationRequest { + /** + *The new status of automated sensitive data discovery for the account. Valid values are: ENABLED, start or resume automated sensitive data discovery activities for the account; and, DISABLED, stop performing automated sensitive data discovery activities for the account.
When you enable automated sensitive data discovery for the first time, Amazon Macie uses default configuration settings to determine which data sources to analyze and which managed data identifiers to use. To change these settings, use the UpdateClassificationScope and UpdateSensitivityInspectionTemplate operations, respectively. If you change the settings and subsequently disable the configuration, Amazon Macie retains your changes.
+ */ + status: AutomatedDiscoveryStatus | string | undefined; +} + +export interface UpdateAutomatedDiscoveryConfigurationResponse {} + export interface UpdateClassificationJobRequest { /** *The unique identifier for the classification job.
@@ -59,12 +441,56 @@ export interface UpdateClassificationJobRequest { export interface UpdateClassificationJobResponse {} +/** + *Specifies S3 buckets to add or remove from the exclusion list defined by the classification scope for an Amazon Macie account.
+ */ +export interface S3ClassificationScopeExclusionUpdate { + /** + *Depending on the value specified for the update operation (ClassificationScopeUpdateOperation), an array of strings that: lists the names of buckets to add or remove from the list, or specifies a new set of bucket names that overwrites all existing names in the list. Each string must be the full name of an S3 bucket. Values are case sensitive.
+ */ + bucketNames: string[] | undefined; + + /** + *Specifies how to apply the changes to the exclusion list. Valid values are:
ADD - Append the specified bucket names to the current list.
REMOVE - Remove the specified bucket names from the current list.
REPLACE - Overwrite the current list with the specified list of bucket names. If you specify this value, Amazon Macie removes all existing names from the list and adds all the specified names to the list.
Specifies changes to the list of S3 buckets that are excluded from automated sensitive data discovery for an Amazon Macie account.
+ */ +export interface S3ClassificationScopeUpdate { + /** + *The names of the S3 buckets to add or remove from the list.
+ */ + excludes: S3ClassificationScopeExclusionUpdate | undefined; +} + +export interface UpdateClassificationScopeRequest { + /** + *The unique identifier for the Amazon Macie resource that the request applies to.
+ */ + id: string | undefined; + + /** + *The S3 buckets to add or remove from the exclusion list defined by the classification scope.
+ */ + s3?: S3ClassificationScopeUpdate; +} + +export interface UpdateClassificationScopeResponse {} + export interface UpdateFindingsFilterRequest { /** - *The action to perform on findings that meet the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
+ *The action to perform on findings that match the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
*/ action?: FindingsFilterAction | string; + /** + *A unique, case-sensitive token that you provide to ensure the idempotency of the request.
+ */ + clientToken?: string; + /** *A custom description of the filter. The description can contain as many as 512 characters.
We strongly recommend that you avoid including any sensitive data in the description of a filter. Other users might be able to see this description, depending on the actions that they're allowed to perform in Amazon Macie.
*/ @@ -89,11 +515,6 @@ export interface UpdateFindingsFilterRequest { *The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.
*/ position?: number; - - /** - *A unique, case-sensitive token that you provide to ensure the idempotency of the request.
- */ - clientToken?: string; } export interface UpdateFindingsFilterResponse { @@ -145,21 +566,307 @@ export interface UpdateOrganizationConfigurationRequest { export interface UpdateOrganizationConfigurationResponse {} -export interface UpdateRevealConfigurationRequest { +export interface UpdateResourceProfileRequest { /** - *The new configuration settings and the status of the configuration for the account.
+ *The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
*/ - configuration: RevealConfiguration | undefined; -} + resourceArn: string | undefined; -export interface UpdateRevealConfigurationResponse { /** - *The new configuration settings and the status of the configuration for the account.
+ *The new sensitivity score for the bucket. Valid values are: 100, assign the maximum score and apply the Sensitive label to the bucket; and, null (empty), assign a score that Amazon Macie calculates automatically after you submit the request.
*/ - configuration?: RevealConfiguration; + sensitivityScoreOverride?: number; } -/** +export interface UpdateResourceProfileResponse {} + +export interface UpdateResourceProfileDetectionsRequest { + /** + *The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
+ */ + resourceArn: string | undefined; + + /** + *An array of objects, one for each custom data identifier or managed data identifier that detected the type of sensitive data to start excluding or including in the bucket's score. To start including all sensitive data types in the score, don't specify any values for this array.
+ */ + suppressDataIdentifiers?: SuppressDataIdentifier[]; +} + +export interface UpdateResourceProfileDetectionsResponse {} + +export interface UpdateRevealConfigurationRequest { + /** + *The new configuration settings and the status of the configuration for the account.
+ */ + configuration: RevealConfiguration | undefined; +} + +export interface UpdateRevealConfigurationResponse { + /** + *The new configuration settings and the status of the configuration for the account.
+ */ + configuration?: RevealConfiguration; +} + +export interface UpdateSensitivityInspectionTemplateRequest { + /** + *A custom description of the template.
+ */ + description?: string; + + /** + *The managed data identifiers to explicitly exclude (not use) when analyzing data.
To exclude an allow list or custom data identifier that's currently included by the template, update the values for the SensitivityInspectionTemplateIncludes.allowListIds and SensitivityInspectionTemplateIncludes.customDataIdentifierIds properties, respectively.
+ */ + excludes?: SensitivityInspectionTemplateExcludes; + + /** + *The unique identifier for the Amazon Macie resource that the request applies to.
+ */ + id: string | undefined; + + /** + *The allow lists, custom data identifiers, and managed data identifiers to include (use) when analyzing data.
+ */ + includes?: SensitivityInspectionTemplateIncludes; +} + +export interface UpdateSensitivityInspectionTemplateResponse {} + +/** + * @internal + */ +export const ListInvitationsRequestFilterSensitiveLog = (obj: ListInvitationsRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListInvitationsResponseFilterSensitiveLog = (obj: ListInvitationsResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListManagedDataIdentifiersRequestFilterSensitiveLog = (obj: ListManagedDataIdentifiersRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListManagedDataIdentifiersResponseFilterSensitiveLog = (obj: ListManagedDataIdentifiersResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListMembersRequestFilterSensitiveLog = (obj: ListMembersRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListMembersResponseFilterSensitiveLog = (obj: ListMembersResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListOrganizationAdminAccountsRequestFilterSensitiveLog = ( + obj: ListOrganizationAdminAccountsRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListOrganizationAdminAccountsResponseFilterSensitiveLog = ( + obj: ListOrganizationAdminAccountsResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListResourceProfileArtifactsRequestFilterSensitiveLog = ( + obj: ListResourceProfileArtifactsRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListResourceProfileArtifactsResponseFilterSensitiveLog = ( + obj: ListResourceProfileArtifactsResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListResourceProfileDetectionsRequestFilterSensitiveLog = ( + obj: ListResourceProfileDetectionsRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListResourceProfileDetectionsResponseFilterSensitiveLog = ( + obj: ListResourceProfileDetectionsResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListSensitivityInspectionTemplatesRequestFilterSensitiveLog = ( + obj: ListSensitivityInspectionTemplatesRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListSensitivityInspectionTemplatesResponseFilterSensitiveLog = ( + obj: ListSensitivityInspectionTemplatesResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListTagsForResourceRequestFilterSensitiveLog = (obj: ListTagsForResourceRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const ListTagsForResourceResponseFilterSensitiveLog = (obj: ListTagsForResourceResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutClassificationExportConfigurationRequestFilterSensitiveLog = ( + obj: PutClassificationExportConfigurationRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutClassificationExportConfigurationResponseFilterSensitiveLog = ( + obj: PutClassificationExportConfigurationResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutFindingsPublicationConfigurationRequestFilterSensitiveLog = ( + obj: PutFindingsPublicationConfigurationRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const PutFindingsPublicationConfigurationResponseFilterSensitiveLog = ( + obj: PutFindingsPublicationConfigurationResponse +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SearchResourcesCriteriaBlockFilterSensitiveLog = (obj: SearchResourcesCriteriaBlock): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SearchResourcesBucketCriteriaFilterSensitiveLog = (obj: SearchResourcesBucketCriteria): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SearchResourcesSortCriteriaFilterSensitiveLog = (obj: SearchResourcesSortCriteria): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SearchResourcesRequestFilterSensitiveLog = (obj: SearchResourcesRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const SearchResourcesResponseFilterSensitiveLog = (obj: SearchResourcesResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const TagResourceRequestFilterSensitiveLog = (obj: TagResourceRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const TagResourceResponseFilterSensitiveLog = (obj: TagResourceResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const TestCustomDataIdentifierRequestFilterSensitiveLog = (obj: TestCustomDataIdentifierRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const TestCustomDataIdentifierResponseFilterSensitiveLog = (obj: TestCustomDataIdentifierResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UntagResourceRequestFilterSensitiveLog = (obj: UntagResourceRequest): any => ({ + ...obj, +}); + +/** * @internal */ export const UntagResourceResponseFilterSensitiveLog = (obj: UntagResourceResponse): any => ({ @@ -180,6 +887,24 @@ export const UpdateAllowListResponseFilterSensitiveLog = (obj: UpdateAllowListRe ...obj, }); +/** + * @internal + */ +export const UpdateAutomatedDiscoveryConfigurationRequestFilterSensitiveLog = ( + obj: UpdateAutomatedDiscoveryConfigurationRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateAutomatedDiscoveryConfigurationResponseFilterSensitiveLog = ( + obj: UpdateAutomatedDiscoveryConfigurationResponse +): any => ({ + ...obj, +}); + /** * @internal */ @@ -194,6 +919,36 @@ export const UpdateClassificationJobResponseFilterSensitiveLog = (obj: UpdateCla ...obj, }); +/** + * @internal + */ +export const S3ClassificationScopeExclusionUpdateFilterSensitiveLog = ( + obj: S3ClassificationScopeExclusionUpdate +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const S3ClassificationScopeUpdateFilterSensitiveLog = (obj: S3ClassificationScopeUpdate): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateClassificationScopeRequestFilterSensitiveLog = (obj: UpdateClassificationScopeRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateClassificationScopeResponseFilterSensitiveLog = (obj: UpdateClassificationScopeResponse): any => ({ + ...obj, +}); + /** * @internal */ @@ -254,6 +1009,38 @@ export const UpdateOrganizationConfigurationResponseFilterSensitiveLog = ( ...obj, }); +/** + * @internal + */ +export const UpdateResourceProfileRequestFilterSensitiveLog = (obj: UpdateResourceProfileRequest): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateResourceProfileResponseFilterSensitiveLog = (obj: UpdateResourceProfileResponse): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateResourceProfileDetectionsRequestFilterSensitiveLog = ( + obj: UpdateResourceProfileDetectionsRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateResourceProfileDetectionsResponseFilterSensitiveLog = ( + obj: UpdateResourceProfileDetectionsResponse +): any => ({ + ...obj, +}); + /** * @internal */ @@ -267,3 +1054,21 @@ export const UpdateRevealConfigurationRequestFilterSensitiveLog = (obj: UpdateRe export const UpdateRevealConfigurationResponseFilterSensitiveLog = (obj: UpdateRevealConfigurationResponse): any => ({ ...obj, }); + +/** + * @internal + */ +export const UpdateSensitivityInspectionTemplateRequestFilterSensitiveLog = ( + obj: UpdateSensitivityInspectionTemplateRequest +): any => ({ + ...obj, +}); + +/** + * @internal + */ +export const UpdateSensitivityInspectionTemplateResponseFilterSensitiveLog = ( + obj: UpdateSensitivityInspectionTemplateResponse +): any => ({ + ...obj, +}); diff --git a/clients/client-macie2/src/pagination/ListAllowListsPaginator.ts b/clients/client-macie2/src/pagination/ListAllowListsPaginator.ts new file mode 100644 index 0000000000000..d623c98c43e3c --- /dev/null +++ b/clients/client-macie2/src/pagination/ListAllowListsPaginator.ts @@ -0,0 +1,61 @@ +// smithy-typescript generated code +import { Paginator } from "@aws-sdk/types"; + +import { + ListAllowListsCommand, + ListAllowListsCommandInput, + ListAllowListsCommandOutput, +} from "../commands/ListAllowListsCommand"; +import { Macie2 } from "../Macie2"; +import { Macie2Client } from "../Macie2Client"; +import { Macie2PaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: Macie2Client, + input: ListAllowListsCommandInput, + ...args: any +): PromiseThe current status of an account as the delegated Amazon Macie administrator account for an organization in Organizations. Possible values are:
", - "smithy.api#enum": [ - { - "value": "ENABLED", - "name": "ENABLED" - }, - { - "value": "DISABLING_IN_PROGRESS", - "name": "DISABLING_IN_PROGRESS" + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLING_IN_PROGRESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLING_IN_PROGRESS" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The current status of an account as the delegated Amazon Macie administrator account for an organization in Organizations. Possible values are:
" } }, "com.amazonaws.macie2#AllowListCriteria": { @@ -264,43 +268,59 @@ } }, "com.amazonaws.macie2#AllowListStatusCode": { - "type": "string", - "traits": { - "smithy.api#documentation": "Indicates the current status of an allow list. Depending on the type of criteria that the list specifies, possible values are:
", - "smithy.api#enum": [ - { - "value": "OK", - "name": "OK" - }, - { - "value": "S3_OBJECT_NOT_FOUND", - "name": "S3_OBJECT_NOT_FOUND" - }, - { - "value": "S3_USER_ACCESS_DENIED", - "name": "S3_USER_ACCESS_DENIED" - }, - { - "value": "S3_OBJECT_ACCESS_DENIED", - "name": "S3_OBJECT_ACCESS_DENIED" - }, - { - "value": "S3_THROTTLED", - "name": "S3_THROTTLED" - }, - { - "value": "S3_OBJECT_OVERSIZE", - "name": "S3_OBJECT_OVERSIZE" - }, - { - "value": "S3_OBJECT_EMPTY", - "name": "S3_OBJECT_EMPTY" - }, - { - "value": "UNKNOWN_ERROR", - "name": "UNKNOWN_ERROR" + "type": "enum", + "members": { + "OK": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OK" + } + }, + "S3_OBJECT_NOT_FOUND": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_OBJECT_NOT_FOUND" + } + }, + "S3_USER_ACCESS_DENIED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_USER_ACCESS_DENIED" + } + }, + "S3_OBJECT_ACCESS_DENIED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_OBJECT_ACCESS_DENIED" + } + }, + "S3_THROTTLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_THROTTLED" + } + }, + "S3_OBJECT_OVERSIZE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_OBJECT_OVERSIZE" + } + }, + "S3_OBJECT_EMPTY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_OBJECT_EMPTY" } - ] + }, + "UNKNOWN_ERROR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN_ERROR" + } + } + }, + "traits": { + "smithy.api#documentation": "Indicates the current status of an allow list. Depending on the type of criteria that the list specifies, possible values are:
" } }, "com.amazonaws.macie2#AllowListSummary": { @@ -354,22 +374,26 @@ } }, "com.amazonaws.macie2#AllowsUnencryptedObjectUploads": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "TRUE", - "name": "TRUE" - }, - { - "value": "FALSE", - "name": "FALSE" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "TRUE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRUE" + } + }, + "FALSE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FALSE" + } + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" } - ] + } } }, "com.amazonaws.macie2#ApiCallDetails": { @@ -451,20 +475,44 @@ "smithy.api#documentation": "Provides information about an identity that performed an action on an affected resource by using temporary security credentials. The credentials were obtained using the AssumeRole operation of the Security Token Service (STS) API.
" } }, - "com.amazonaws.macie2#AvailabilityCode": { - "type": "string", + "com.amazonaws.macie2#AutomatedDiscoveryStatus": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + }, "traits": { - "smithy.api#documentation": "Specifies whether occurrences of sensitive data can be retrieved for a finding. Possible values are:
", - "smithy.api#enum": [ - { - "value": "AVAILABLE", - "name": "AVAILABLE" - }, - { - "value": "UNAVAILABLE", - "name": "UNAVAILABLE" + "smithy.api#documentation": "The status of the automated sensitive data discovery configuration for an Amazon Macie account. Valid values are:
" + } + }, + "com.amazonaws.macie2#AvailabilityCode": { + "type": "enum", + "members": { + "AVAILABLE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AVAILABLE" + } + }, + "UNAVAILABLE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNAVAILABLE" } - ] + } + }, + "traits": { + "smithy.api#documentation": "Specifies whether occurrences of sensitive data can be retrieved for a finding. Possible values are:
" } }, "com.amazonaws.macie2#AwsAccount": { @@ -613,7 +661,7 @@ "customDataIdentifiers": { "target": "com.amazonaws.macie2#__listOfBatchGetCustomDataIdentifierSummary", "traits": { - "smithy.api#documentation": "An array of objects, one for each custom data identifier that meets the criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each custom data identifier that matches the criteria specified in the request.
", "smithy.api#jsonName": "customDataIdentifiers" } }, @@ -663,7 +711,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides information about the block public access settings for an S3 bucket. These settings can apply to a bucket at the account level or bucket level. For detailed information about each setting, see Blocking public access to your Amazon S3 storage in the Amazon Simple Storage Service User Guide.
" + "smithy.api#documentation": "Provides information about the block public access settings for an S3 bucket. These settings can apply to a bucket at the account or bucket level. For detailed information about each setting, see Blocking public access to your Amazon S3 storage in the Amazon Simple Storage Service User Guide.
" } }, "com.amazonaws.macie2#BucketCountByEffectivePermission": { @@ -793,7 +841,7 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total number of buckets that don't have a bucket policy or have a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, the policy doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
", + "smithy.api#documentation": "The total number of buckets that don't have a bucket policy or have a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, the policy doesn't require PutObject requests to include a valid server-side encryption header: the x-amz-server-side-encryption header with a value of AES256 or aws:kms, or the x-amz-server-side-encryption-customer-algorithm header with a value of AES256.
", "smithy.api#jsonName": "allowsUnencryptedObjectUploads" } }, @@ -801,7 +849,7 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total number of buckets whose bucket policies require server-side encryption of new objects. PutObject requests for these buckets must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
", + "smithy.api#documentation": "The total number of buckets whose bucket policies require server-side encryption of new objects. PutObject requests for these buckets must include a valid server-side encryption header: the x-amz-server-side-encryption header with a value of AES256 or aws:kms, or the x-amz-server-side-encryption-customer-algorithm header with a value of AES256.
", "smithy.api#jsonName": "deniesUnencryptedObjectUploads" } }, @@ -933,7 +981,7 @@ "allowsUnencryptedObjectUploads": { "target": "com.amazonaws.macie2#AllowsUnencryptedObjectUploads", "traits": { - "smithy.api#documentation": "Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include a valid server-side encryption header.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include a valid server-side encryption header.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Valid server-side encryption headers are: x-amz-server-side-encryption with a value of AES256 or aws:kms, and x-amz-server-side-encryption-customer-algorithm with a value of AES256.
", "smithy.api#jsonName": "allowsUnencryptedObjectUploads" } }, @@ -947,7 +995,7 @@ "bucketCreatedAt": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the bucket was created.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the bucket was created, or changes such as edits to the bucket's policy were most recently made to the bucket.
", "smithy.api#jsonName": "bucketCreatedAt" } }, @@ -995,6 +1043,13 @@ "smithy.api#jsonName": "jobDetails" } }, + "lastAutomatedDiscoveryTime": { + "target": "com.amazonaws.macie2#__timestampIso8601", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently performed automated sensitive data discovery for the bucket. This value is null if automated sensitive data discovery is currently disabled for your account.
", + "smithy.api#jsonName": "lastAutomatedDiscoveryTime" + } + }, "lastUpdated": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { @@ -1038,6 +1093,14 @@ "smithy.api#jsonName": "replicationDetails" } }, + "sensitivityScore": { + "target": "com.amazonaws.macie2#__integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). This value is null if automated sensitive data discovery is currently disabled for your account.
", + "smithy.api#jsonName": "sensitivityScore" + } + }, "serverSideEncryption": { "target": "com.amazonaws.macie2#BucketServerSideEncryption", "traits": { @@ -1099,19 +1162,21 @@ } }, "traits": { - "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
" + "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process metadata from Amazon S3 for the bucket and the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Key exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
" } }, "com.amazonaws.macie2#BucketMetadataErrorCode": { - "type": "string", - "traits": { - "smithy.api#documentation": "The error code for an error that prevented Amazon Macie from retrieving and processing information about an S3 bucket and the bucket's objects.
", - "smithy.api#enum": [ - { - "value": "ACCESS_DENIED", - "name": "ACCESS_DENIED" + "type": "enum", + "members": { + "ACCESS_DENIED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCESS_DENIED" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The error code for an error that prevented Amazon Macie from retrieving and processing metadata from Amazon S3 for an S3 bucket and the bucket's objects.
" } }, "com.amazonaws.macie2#BucketPermissionConfiguration": { @@ -1210,7 +1275,7 @@ "attributeName": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The name of the bucket property to sort the results by. This value can be one of the following properties that Amazon Macie defines as bucket metadata: accountId, bucketName, classifiableObjectCount, classifiableSizeInBytes, objectCount, or sizeInBytes.
", + "smithy.api#documentation": "The name of the bucket property to sort the results by. This value can be one of the following properties that Amazon Macie defines as bucket metadata: accountId, bucketName, classifiableObjectCount, classifiableSizeInBytes, objectCount, sensitivityScore, or sizeInBytes.
", "smithy.api#jsonName": "attributeName" } }, @@ -1226,6 +1291,42 @@ "smithy.api#documentation": "Specifies criteria for sorting the results of a query for information about S3 buckets.
" } }, + "com.amazonaws.macie2#BucketStatisticsBySensitivity": { + "type": "structure", + "members": { + "classificationError": { + "target": "com.amazonaws.macie2#SensitivityAggregations", + "traits": { + "smithy.api#documentation": "The aggregated statistical data for all buckets that have a sensitivity score of -1.
", + "smithy.api#jsonName": "classificationError" + } + }, + "notClassified": { + "target": "com.amazonaws.macie2#SensitivityAggregations", + "traits": { + "smithy.api#documentation": "The aggregated statistical data for all buckets that have a sensitivity score of 50.
", + "smithy.api#jsonName": "notClassified" + } + }, + "notSensitive": { + "target": "com.amazonaws.macie2#SensitivityAggregations", + "traits": { + "smithy.api#documentation": "The aggregated statistical data for all buckets that have a sensitivity score of 0-49.
", + "smithy.api#jsonName": "notSensitive" + } + }, + "sensitive": { + "target": "com.amazonaws.macie2#SensitivityAggregations", + "traits": { + "smithy.api#documentation": "The aggregated statistical data for all buckets that have a sensitivity score of 51-100.
", + "smithy.api#jsonName": "sensitive" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets, grouped by bucket sensitivity score (sensitivityScore). If automated sensitive data discovery is currently disabled for your account, the value for each metric is 0.
" + } + }, "com.amazonaws.macie2#Cell": { "type": "structure", "members": { @@ -1279,28 +1380,28 @@ "detailedResultsLocation": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The path to the folder or file (in Amazon S3) that contains the corresponding sensitive data discovery result for the finding. If a finding applies to a large archive or compressed file, this value is the path to a folder. Otherwise, this value is the path to a file.
", + "smithy.api#documentation": "The path to the folder or file in Amazon S3 that contains the corresponding sensitive data discovery result for the finding. If a finding applies to a large archive or compressed file, this value is the path to a folder. Otherwise, this value is the path to a file.
", "smithy.api#jsonName": "detailedResultsLocation" } }, "jobArn": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the classification job that produced the finding.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the classification job that produced the finding. This value is null if the origin of the finding (originType) is AUTOMATED_SENSITIVE_DATA_DISCOVERY.
", "smithy.api#jsonName": "jobArn" } }, "jobId": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The unique identifier for the classification job that produced the finding.
", + "smithy.api#documentation": "The unique identifier for the classification job that produced the finding. This value is null if the origin of the finding (originType) is AUTOMATED_SENSITIVE_DATA_DISCOVERY.
", "smithy.api#jsonName": "jobId" } }, "originType": { "target": "com.amazonaws.macie2#OriginType", "traits": { - "smithy.api#documentation": "Specifies how Amazon Macie found the sensitive data that produced the finding: SENSITIVE_DATA_DISCOVERY_JOB, for a classification job.
", + "smithy.api#documentation": "Specifies how Amazon Macie found the sensitive data that produced the finding. Possible values are: SENSITIVE_DATA_DISCOVERY_JOB, for a classification job; and, AUTOMATED_SENSITIVE_DATA_DISCOVERY, for automated sensitive data discovery.
", "smithy.api#jsonName": "originType" } }, @@ -1328,7 +1429,7 @@ } }, "traits": { - "smithy.api#documentation": "Specifies where to store data classification results, and the encryption settings to use when storing results in that location. Currently, you can store classification results only in an S3 bucket.
" + "smithy.api#documentation": "Specifies where to store data classification results, and the encryption settings to use when storing results in that location. The location must be an S3 bucket.
" } }, "com.amazonaws.macie2#ClassificationResult": { @@ -1405,6 +1506,68 @@ "smithy.api#documentation": "Provides information about the status of a sensitive data finding.
" } }, + "com.amazonaws.macie2#ClassificationScopeId": { + "type": "string", + "traits": { + "smithy.api#documentation": "The unique identifier the classification scope.
", + "smithy.api#pattern": "^[0-9a-z]*$" + } + }, + "com.amazonaws.macie2#ClassificationScopeName": { + "type": "string", + "traits": { + "smithy.api#documentation": "The name of the classification scope.
", + "smithy.api#pattern": "^[0-9a-zA-Z_\\\\-]*$" + } + }, + "com.amazonaws.macie2#ClassificationScopeSummary": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#ClassificationScopeId", + "traits": { + "smithy.api#documentation": "The unique identifier for the classification scope.
", + "smithy.api#jsonName": "id" + } + }, + "name": { + "target": "com.amazonaws.macie2#ClassificationScopeName", + "traits": { + "smithy.api#documentation": "The name of the classification scope.
", + "smithy.api#jsonName": "name" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides information about the classification scope for an Amazon Macie account. Macie uses the scope's settings when it performs automated sensitive data discovery for the account.
" + } + }, + "com.amazonaws.macie2#ClassificationScopeUpdateOperation": { + "type": "enum", + "members": { + "ADD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ADD" + } + }, + "REPLACE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REPLACE" + } + }, + "REMOVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REMOVE" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies how to apply changes to the S3 bucket exclusion list defined by the classification scope for an Amazon Macie account. Valid values are:
" + } + }, "com.amazonaws.macie2#ConflictException": { "type": "structure", "members": { @@ -1857,7 +2020,7 @@ "action": { "target": "com.amazonaws.macie2#FindingsFilterAction", "traits": { - "smithy.api#documentation": "The action to perform on findings that meet the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", + "smithy.api#documentation": "The action to perform on findings that match the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", "smithy.api#jsonName": "action", "smithy.api#required": {} } @@ -2248,15 +2411,17 @@ } }, "com.amazonaws.macie2#Currency": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of currency that the data for an Amazon Macie usage metric is reported in. Possible values are:
", - "smithy.api#enum": [ - { - "value": "USD", - "name": "USD" + "type": "enum", + "members": { + "USD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "USD" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of currency that the data for an Amazon Macie usage metric is reported in. Possible values are:
" } }, "com.amazonaws.macie2#CustomDataIdentifierSummary": { @@ -2379,58 +2544,96 @@ } }, "com.amazonaws.macie2#DataIdentifierSeverity": { - "type": "string", + "type": "enum", + "members": { + "LOW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOW" + } + }, + "MEDIUM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MEDIUM" + } + }, + "HIGH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "HIGH" + } + } + }, "traits": { - "smithy.api#documentation": "The severity of a finding, ranging from LOW, for least severe, to HIGH, for most severe. Valid values are:
", - "smithy.api#enum": [ - { - "value": "LOW", - "name": "LOW" - }, - { - "value": "MEDIUM", - "name": "MEDIUM" - }, - { - "value": "HIGH", - "name": "HIGH" + "smithy.api#documentation": "The severity of a finding, ranging from LOW, for least severe, to HIGH, for most severe. Valid values are:
" + } + }, + "com.amazonaws.macie2#DataIdentifierType": { + "type": "enum", + "members": { + "CUSTOM": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CUSTOM" + } + }, + "MANAGED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MANAGED" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of data identifier that detected a specific type of sensitive data in an S3 bucket. Possible values are:
" } }, "com.amazonaws.macie2#DayOfWeek": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "SUNDAY", - "name": "SUNDAY" - }, - { - "value": "MONDAY", - "name": "MONDAY" - }, - { - "value": "TUESDAY", - "name": "TUESDAY" - }, - { - "value": "WEDNESDAY", - "name": "WEDNESDAY" - }, - { - "value": "THURSDAY", - "name": "THURSDAY" - }, - { - "value": "FRIDAY", - "name": "FRIDAY" - }, - { - "value": "SATURDAY", - "name": "SATURDAY" + "type": "enum", + "members": { + "SUNDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SUNDAY" + } + }, + "MONDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MONDAY" + } + }, + "TUESDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TUESDAY" + } + }, + "WEDNESDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WEDNESDAY" + } + }, + "THURSDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "THURSDAY" + } + }, + "FRIDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FRIDAY" + } + }, + "SATURDAY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SATURDAY" } - ] + } } }, "com.amazonaws.macie2#DeclineInvitations": { @@ -2863,7 +3066,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes.
", + "smithy.api#documentation": "Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account.
", "smithy.api#http": { "method": "POST", "uri": "/datasources/s3", @@ -2917,7 +3120,7 @@ "buckets": { "target": "com.amazonaws.macie2#__listOfBucketMetadata", "traits": { - "smithy.api#documentation": "An array of objects, one for each bucket that meets the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each bucket that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "buckets" } }, @@ -3219,6 +3422,58 @@ "smithy.api#documentation": "Specifies 1-10 occurrences of a specific type of sensitive data reported by a finding.
" } }, + "com.amazonaws.macie2#Detection": { + "type": "structure", + "members": { + "arn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "If the sensitive data was detected by a custom data identifier, the Amazon Resource Name (ARN) of the custom data identifier that detected the data. Otherwise, this value is null.
", + "smithy.api#jsonName": "arn" + } + }, + "count": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of occurrences of the sensitive data.
", + "smithy.api#jsonName": "count" + } + }, + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the custom data identifier or managed data identifier that detected the sensitive data. For additional details about a specified managed data identifier, see Using managed data identifiers in the Amazon Macie User Guide.
", + "smithy.api#jsonName": "id" + } + }, + "name": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The name of the custom data identifier or managed data identifier that detected the sensitive data. For a managed data identifier, this value is the same as the unique identifier (id).
", + "smithy.api#jsonName": "name" + } + }, + "suppressed": { + "target": "com.amazonaws.macie2#__boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether occurrences of this type of sensitive data are excluded (true) or included (false) in the bucket's sensitivity score.
", + "smithy.api#jsonName": "suppressed" + } + }, + "type": { + "target": "com.amazonaws.macie2#DataIdentifierType", + "traits": { + "smithy.api#documentation": "The type of data identifier that detected the sensitive data. Possible values are: CUSTOM, for a custom data identifier; and, MANAGED, for a managed data identifier.
", + "smithy.api#jsonName": "type" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides information about a type of sensitive data that Amazon Macie found in an S3 bucket while performing automated sensitive data discovery for the bucket. The information also specifies the custom data identifier or managed data identifier that detected the data. This information is available only if automated sensitive data discovery is currently enabled for your account.
" + } + }, "com.amazonaws.macie2#DisableMacie": { "type": "operation", "input": { @@ -3493,22 +3748,26 @@ } }, "com.amazonaws.macie2#EffectivePermission": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "PUBLIC", - "name": "PUBLIC" - }, - { - "value": "NOT_PUBLIC", - "name": "NOT_PUBLIC" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "PUBLIC": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PUBLIC" + } + }, + "NOT_PUBLIC": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_PUBLIC" } - ] + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" + } + } } }, "com.amazonaws.macie2#EnableMacie": { @@ -3648,43 +3907,55 @@ "members": {} }, "com.amazonaws.macie2#EncryptionType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of server-side encryption that's used to encrypt an S3 object or objects in an S3 bucket. Valid values are:
", - "smithy.api#enum": [ - { - "value": "NONE", - "name": "NONE" - }, - { - "value": "AES256", - "name": "AES256" - }, - { - "value": "aws:kms", - "name": "aws_kms" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "NONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NONE" + } + }, + "AES256": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AES256" + } + }, + "aws_kms": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "aws:kms" + } + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of server-side encryption that's used to encrypt an S3 object or objects in an S3 bucket. Possible values are:
" } }, "com.amazonaws.macie2#ErrorCode": { - "type": "string", - "traits": { - "smithy.api#documentation": "The source of an issue or delay. Possible values are:
", - "smithy.api#enum": [ - { - "value": "ClientError", - "name": "ClientError" - }, - { - "value": "InternalError", - "name": "InternalError" + "type": "enum", + "members": { + "ClientError": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ClientError" } - ] + }, + "InternalError": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "InternalError" + } + } + }, + "traits": { + "smithy.api#documentation": "The source of an issue or delay. Possible values are:
" } }, "com.amazonaws.macie2#FederatedUser": { @@ -3766,14 +4037,14 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total number of occurrences of the finding. For sensitive data findings, this value is always 1. All sensitive data findings are considered new (unique) because they derive from individual classification jobs.
", + "smithy.api#documentation": "The total number of occurrences of the finding. For sensitive data findings, this value is always 1. All sensitive data findings are considered unique.
", "smithy.api#jsonName": "count" } }, "createdAt": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the finding was created.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie created the finding.
", "smithy.api#jsonName": "createdAt" } }, @@ -3858,7 +4129,7 @@ "updatedAt": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the finding was last updated. For sensitive data findings, this value is the same as the value for the createdAt property. All sensitive data findings are considered new (unique) because they derive from individual classification jobs.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie last updated the finding. For sensitive data findings, this value is the same as the value for the createdAt property. All sensitive data findings are considered new.
", "smithy.api#jsonName": "updatedAt" } } @@ -3890,15 +4161,17 @@ } }, "com.amazonaws.macie2#FindingActionType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of action that occurred for the resource and produced the policy finding:
", - "smithy.api#enum": [ - { - "value": "AWS_API_CALL", - "name": "AWS_API_CALL" + "type": "enum", + "members": { + "AWS_API_CALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWS_API_CALL" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of action that occurred for the resource and produced the policy finding:
" } }, "com.amazonaws.macie2#FindingActor": { @@ -3931,19 +4204,23 @@ } }, "com.amazonaws.macie2#FindingCategory": { - "type": "string", - "traits": { - "smithy.api#documentation": "The category of the finding. Valid values are:
", - "smithy.api#enum": [ - { - "value": "CLASSIFICATION", - "name": "CLASSIFICATION" - }, - { - "value": "POLICY", - "name": "POLICY" + "type": "enum", + "members": { + "CLASSIFICATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CLASSIFICATION" + } + }, + "POLICY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "POLICY" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The category of the finding. Possible values are:
" } }, "com.amazonaws.macie2#FindingCriteria": { @@ -3962,39 +4239,49 @@ } }, "com.amazonaws.macie2#FindingPublishingFrequency": { - "type": "string", - "traits": { - "smithy.api#documentation": "The frequency with which Amazon Macie publishes updates to policy findings for an account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For more information, see Monitoring and processing findings in the Amazon Macie User Guide. Valid values are:
", - "smithy.api#enum": [ - { - "value": "FIFTEEN_MINUTES", - "name": "FIFTEEN_MINUTES" - }, - { - "value": "ONE_HOUR", - "name": "ONE_HOUR" - }, - { - "value": "SIX_HOURS", - "name": "SIX_HOURS" + "type": "enum", + "members": { + "FIFTEEN_MINUTES": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FIFTEEN_MINUTES" + } + }, + "ONE_HOUR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONE_HOUR" + } + }, + "SIX_HOURS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SIX_HOURS" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The frequency with which Amazon Macie publishes updates to policy findings for an account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events). For more information, see Monitoring and processing findings in the Amazon Macie User Guide. Valid values are:
" } }, "com.amazonaws.macie2#FindingStatisticsSortAttributeName": { - "type": "string", - "traits": { - "smithy.api#documentation": "The grouping to sort the results by. Valid values are:
", - "smithy.api#enum": [ - { - "value": "groupKey", - "name": "groupKey" - }, - { - "value": "count", - "name": "count" + "type": "enum", + "members": { + "groupKey": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "groupKey" + } + }, + "count": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "count" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The grouping to sort the results by. Valid values are:
" } }, "com.amazonaws.macie2#FindingStatisticsSortCriteria": { @@ -4020,67 +4307,91 @@ } }, "com.amazonaws.macie2#FindingType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of finding. For details about each type, see Types of Amazon Macie findings in the Amazon Macie User Guide. Valid values are:
", - "smithy.api#enum": [ - { - "value": "SensitiveData:S3Object/Multiple", - "name": "SensitiveData_S3Object_Multiple" - }, - { - "value": "SensitiveData:S3Object/Financial", - "name": "SensitiveData_S3Object_Financial" - }, - { - "value": "SensitiveData:S3Object/Personal", - "name": "SensitiveData_S3Object_Personal" - }, - { - "value": "SensitiveData:S3Object/Credentials", - "name": "SensitiveData_S3Object_Credentials" - }, - { - "value": "SensitiveData:S3Object/CustomIdentifier", - "name": "SensitiveData_S3Object_CustomIdentifier" - }, - { - "value": "Policy:IAMUser/S3BucketPublic", - "name": "Policy_IAMUser_S3BucketPublic" - }, - { - "value": "Policy:IAMUser/S3BucketSharedExternally", - "name": "Policy_IAMUser_S3BucketSharedExternally" - }, - { - "value": "Policy:IAMUser/S3BucketReplicatedExternally", - "name": "Policy_IAMUser_S3BucketReplicatedExternally" - }, - { - "value": "Policy:IAMUser/S3BucketEncryptionDisabled", - "name": "Policy_IAMUser_S3BucketEncryptionDisabled" - }, - { - "value": "Policy:IAMUser/S3BlockPublicAccessDisabled", - "name": "Policy_IAMUser_S3BlockPublicAccessDisabled" + "type": "enum", + "members": { + "SensitiveData_S3Object_Multiple": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SensitiveData:S3Object/Multiple" + } + }, + "SensitiveData_S3Object_Financial": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SensitiveData:S3Object/Financial" + } + }, + "SensitiveData_S3Object_Personal": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SensitiveData:S3Object/Personal" + } + }, + "SensitiveData_S3Object_Credentials": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SensitiveData:S3Object/Credentials" + } + }, + "SensitiveData_S3Object_CustomIdentifier": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SensitiveData:S3Object/CustomIdentifier" + } + }, + "Policy_IAMUser_S3BucketPublic": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Policy:IAMUser/S3BucketPublic" + } + }, + "Policy_IAMUser_S3BucketSharedExternally": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Policy:IAMUser/S3BucketSharedExternally" + } + }, + "Policy_IAMUser_S3BucketReplicatedExternally": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Policy:IAMUser/S3BucketReplicatedExternally" + } + }, + "Policy_IAMUser_S3BucketEncryptionDisabled": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Policy:IAMUser/S3BucketEncryptionDisabled" + } + }, + "Policy_IAMUser_S3BlockPublicAccessDisabled": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Policy:IAMUser/S3BlockPublicAccessDisabled" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of finding. For details about each type, see Types of Amazon Macie findings in the Amazon Macie User Guide. Possible values are:
" } }, "com.amazonaws.macie2#FindingsFilterAction": { - "type": "string", - "traits": { - "smithy.api#documentation": "The action to perform on findings that meet the filter criteria. To suppress (automatically archive) findings that meet the criteria, set this value to ARCHIVE. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ARCHIVE", - "name": "ARCHIVE" - }, - { - "value": "NOOP", - "name": "NOOP" + "type": "enum", + "members": { + "ARCHIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ARCHIVE" } - ] + }, + "NOOP": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOOP" + } + } + }, + "traits": { + "smithy.api#documentation": "The action to perform on findings that match the filter criteria. To suppress (automatically archive) findings that match the criteria, set this value to ARCHIVE. Valid values are:
" } }, "com.amazonaws.macie2#FindingsFilterListItem": { @@ -4089,7 +4400,7 @@ "action": { "target": "com.amazonaws.macie2#FindingsFilterAction", "traits": { - "smithy.api#documentation": "The action that's performed on findings that meet the filter criteria. Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", + "smithy.api#documentation": "The action that's performed on findings that match the filter criteria. Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", "smithy.api#jsonName": "action" } }, @@ -4297,6 +4608,88 @@ } } }, + "com.amazonaws.macie2#GetAutomatedDiscoveryConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#GetAutomatedDiscoveryConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.macie2#GetAutomatedDiscoveryConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves the configuration settings and status of automated sensitive data discovery for an account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/automated-discovery/configuration", + "code": 200 + } + } + }, + "com.amazonaws.macie2#GetAutomatedDiscoveryConfigurationRequest": { + "type": "structure", + "members": {} + }, + "com.amazonaws.macie2#GetAutomatedDiscoveryConfigurationResponse": { + "type": "structure", + "members": { + "classificationScopeId": { + "target": "com.amazonaws.macie2#ClassificationScopeId", + "traits": { + "smithy.api#documentation": "The unique identifier for the classification scope that's used when performing automated sensitive data discovery for the account. The classification scope specifies S3 buckets to exclude from automated sensitive data discovery.
", + "smithy.api#jsonName": "classificationScopeId" + } + }, + "disabledAt": { + "target": "com.amazonaws.macie2#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was most recently disabled for the account. This value is null if automated sensitive data discovery wasn't enabled and subsequently disabled for the account.
", + "smithy.api#jsonName": "disabledAt" + } + }, + "firstEnabledAt": { + "target": "com.amazonaws.macie2#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was initially enabled for the account. This value is null if automated sensitive data discovery has never been enabled for the account.
", + "smithy.api#jsonName": "firstEnabledAt" + } + }, + "lastUpdatedAt": { + "target": "com.amazonaws.macie2#Timestamp", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when automated sensitive data discovery was most recently enabled or disabled for the account.
", + "smithy.api#jsonName": "lastUpdatedAt" + } + }, + "sensitivityInspectionTemplateId": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier for the sensitivity inspection template that's used when performing automated sensitive data discovery for the account. The template specifies which allow lists, custom data identifiers, and managed data identifiers to use when analyzing data.
", + "smithy.api#jsonName": "sensitivityInspectionTemplateId" + } + }, + "status": { + "target": "com.amazonaws.macie2#AutomatedDiscoveryStatus", + "traits": { + "smithy.api#documentation": "The current status of the automated sensitive data discovery configuration for the account. Possible values are: ENABLED, use the specified settings to perform automated sensitive data discovery activities for the account; and, DISABLED, don't perform automated sensitive data discovery activities for the account.
", + "smithy.api#jsonName": "status" + } + } + } + }, "com.amazonaws.macie2#GetBucketStatistics": { "type": "operation", "input": { @@ -4329,7 +4722,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves (queries) aggregated statistical data about S3 buckets that Amazon Macie monitors and analyzes.
", + "smithy.api#documentation": "Retrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account.
", "smithy.api#http": { "method": "POST", "uri": "/datasources/s3/statistics", @@ -4388,6 +4781,13 @@ "smithy.api#jsonName": "bucketCountBySharedAccessType" } }, + "bucketStatisticsBySensitivity": { + "target": "com.amazonaws.macie2#BucketStatisticsBySensitivity", + "traits": { + "smithy.api#documentation": "The aggregated sensitive data discovery statistics for the buckets. If automated sensitive data discovery is currently disabled for your account, the value for each statistic is 0.
", + "smithy.api#jsonName": "bucketStatisticsBySensitivity" + } + }, "classifiableObjectCount": { "target": "com.amazonaws.macie2#__long", "traits": { @@ -4400,7 +4800,7 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
", + "smithy.api#documentation": "The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
", "smithy.api#jsonName": "classifiableSizeInBytes" } }, @@ -4423,7 +4823,7 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each object in those buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
", + "smithy.api#documentation": "The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each object in the buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
", "smithy.api#jsonName": "sizeInBytes" } }, @@ -4431,7 +4831,7 @@ "target": "com.amazonaws.macie2#__long", "traits": { "smithy.api#default": 0, - "smithy.api#documentation": "The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.
If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.
", + "smithy.api#documentation": "The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.
", "smithy.api#jsonName": "sizeInBytesCompressed" } }, @@ -4507,6 +4907,79 @@ } } }, + "com.amazonaws.macie2#GetClassificationScope": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#GetClassificationScopeRequest" + }, + "output": { + "target": "com.amazonaws.macie2#GetClassificationScopeResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves the classification scope settings for an account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/classification-scopes/{id}", + "code": 200 + } + } + }, + "com.amazonaws.macie2#GetClassificationScopeRequest": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the Amazon Macie resource that the request applies to.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#GetClassificationScopeResponse": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#ClassificationScopeId", + "traits": { + "smithy.api#documentation": "The unique identifier for the classification scope.
", + "smithy.api#jsonName": "id" + } + }, + "name": { + "target": "com.amazonaws.macie2#ClassificationScopeName", + "traits": { + "smithy.api#documentation": "The name of the classification scope.
", + "smithy.api#jsonName": "name" + } + }, + "s3": { + "target": "com.amazonaws.macie2#S3ClassificationScope", + "traits": { + "smithy.api#documentation": "The S3 buckets that are excluded from automated sensitive data discovery.
", + "smithy.api#jsonName": "s3" + } + } + } + }, "com.amazonaws.macie2#GetCustomDataIdentifier": { "type": "operation", "input": { @@ -4732,7 +5205,7 @@ "countsByGroup": { "target": "com.amazonaws.macie2#__listOfGroupCount", "traits": { - "smithy.api#documentation": "An array of objects, one for each group of findings that meet the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each group of findings that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "countsByGroup" } } @@ -4837,7 +5310,7 @@ "action": { "target": "com.amazonaws.macie2#FindingsFilterAction", "traits": { - "smithy.api#documentation": "The action that's performed on findings that meet the filter criteria (findingCriteria). Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", + "smithy.api#documentation": "The action that's performed on findings that match the filter criteria (findingCriteria). Possible values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", "smithy.api#jsonName": "action" } }, @@ -4975,7 +5448,7 @@ "findings": { "target": "com.amazonaws.macie2#__listOfFinding", "traits": { - "smithy.api#documentation": "An array of objects, one for each finding that meets the criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each finding that matches the criteria specified in the request.
", "smithy.api#jsonName": "findings" } } @@ -5070,7 +5543,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves the current status and configuration settings for an Amazon Macie account.
", + "smithy.api#documentation": "Retrieves the status and configuration settings for an Amazon Macie account.
", "smithy.api#http": { "method": "GET", "uri": "/macie", @@ -5299,6 +5772,91 @@ } } }, + "com.amazonaws.macie2#GetResourceProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#GetResourceProfileRequest" + }, + "output": { + "target": "com.amazonaws.macie2#GetResourceProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves (queries) sensitive data discovery statistics and the sensitivity score for an S3 bucket.
", + "smithy.api#http": { + "method": "GET", + "uri": "/resource-profiles", + "code": 200 + } + } + }, + "com.amazonaws.macie2#GetResourceProfileRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
", + "smithy.api#httpQuery": "resourceArn", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#GetResourceProfileResponse": { + "type": "structure", + "members": { + "profileUpdatedAt": { + "target": "com.amazonaws.macie2#__timestampIso8601", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently recalculated sensitive data discovery statistics and details for the bucket. If the bucket's sensitivity score is calculated automatically, this includes the score.
", + "smithy.api#jsonName": "profileUpdatedAt" + } + }, + "sensitivityScore": { + "target": "com.amazonaws.macie2#__integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The current sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). By default, this score is calculated automatically based on the amount of data that Amazon Macie has analyzed in the bucket and the amount of sensitive data that Macie has found in the bucket.
", + "smithy.api#jsonName": "sensitivityScore" + } + }, + "sensitivityScoreOverridden": { + "target": "com.amazonaws.macie2#__boolean", + "traits": { + "smithy.api#default": false, + "smithy.api#documentation": "Specifies whether the bucket's current sensitivity score was set manually. If this value is true, the score was manually changed to 100. If this value is false, the score was calculated automatically by Amazon Macie.
", + "smithy.api#jsonName": "sensitivityScoreOverridden" + } + }, + "statistics": { + "target": "com.amazonaws.macie2#ResourceStatistics", + "traits": { + "smithy.api#documentation": "The sensitive data discovery statistics for the bucket. The statistics capture the results of automated sensitive data discovery activities that Amazon Macie has performed for the bucket.
", + "smithy.api#jsonName": "statistics" + } + } + } + }, "com.amazonaws.macie2#GetRevealConfiguration": { "type": "operation", "input": { @@ -5512,6 +6070,93 @@ } } }, + "com.amazonaws.macie2#GetSensitivityInspectionTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#GetSensitivityInspectionTemplateRequest" + }, + "output": { + "target": "com.amazonaws.macie2#GetSensitivityInspectionTemplateResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves the settings for the sensitivity inspection template for an account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/templates/sensitivity-inspections/{id}", + "code": 200 + } + } + }, + "com.amazonaws.macie2#GetSensitivityInspectionTemplateRequest": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the Amazon Macie resource that the request applies to.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#GetSensitivityInspectionTemplateResponse": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The custom description of the template.
", + "smithy.api#jsonName": "description" + } + }, + "excludes": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateExcludes", + "traits": { + "smithy.api#documentation": "The managed data identifiers that are explicitly excluded (not used) when analyzing data.
", + "smithy.api#jsonName": "excludes" + } + }, + "includes": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateIncludes", + "traits": { + "smithy.api#documentation": "The allow lists, custom data identifiers, and managed data identifiers that are included (used) when analyzing data.
", + "smithy.api#jsonName": "includes" + } + }, + "name": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The name of the template.
", + "smithy.api#jsonName": "name" + } + }, + "sensitivityInspectionTemplateId": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateId", + "traits": { + "smithy.api#documentation": "The unique identifier for the template.
", + "smithy.api#jsonName": "sensitivityInspectionTemplateId" + } + } + } + }, "com.amazonaws.macie2#GetUsageStatistics": { "type": "operation", "input": { @@ -5612,7 +6257,7 @@ "records": { "target": "com.amazonaws.macie2#__listOfUsageRecord", "traits": { - "smithy.api#documentation": "An array of objects that contains the results of the query. Each object contains the data for an account that meets the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of objects that contains the results of the query. Each object contains the data for an account that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "records" } }, @@ -5697,26 +6342,32 @@ } }, "com.amazonaws.macie2#GroupBy": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "resourcesAffected.s3Bucket.name", - "name": "resourcesAffected_s3Bucket_name" - }, - { - "value": "type", - "name": "type" - }, - { - "value": "classificationDetails.jobId", - "name": "classificationDetails_jobId" - }, - { - "value": "severity.description", - "name": "severity_description" + "type": "enum", + "members": { + "resourcesAffected_s3Bucket_name": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "resourcesAffected.s3Bucket.name" + } + }, + "type": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "type" + } + }, + "classificationDetails_jobId": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "classificationDetails.jobId" + } + }, + "severity_description": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "severity.description" } - ] + } } }, "com.amazonaws.macie2#GroupCount": { @@ -5972,81 +6623,105 @@ } }, "com.amazonaws.macie2#IsDefinedInJob": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "TRUE", - "name": "TRUE" - }, - { - "value": "FALSE", - "name": "FALSE" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "TRUE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRUE" + } + }, + "FALSE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FALSE" + } + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" } - ] + } } }, "com.amazonaws.macie2#IsMonitoredByJob": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "TRUE", - "name": "TRUE" - }, - { - "value": "FALSE", - "name": "FALSE" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "TRUE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRUE" + } + }, + "FALSE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FALSE" + } + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" } - ] + } } }, "com.amazonaws.macie2#JobComparator": { - "type": "string", - "traits": { - "smithy.api#documentation": "The operator to use in a condition. Depending on the type of condition, possible values are:
", - "smithy.api#enum": [ - { - "value": "EQ", - "name": "EQ" - }, - { - "value": "GT", - "name": "GT" - }, - { - "value": "GTE", - "name": "GTE" - }, - { - "value": "LT", - "name": "LT" - }, - { - "value": "LTE", - "name": "LTE" - }, - { - "value": "NE", - "name": "NE" - }, - { - "value": "CONTAINS", - "name": "CONTAINS" - }, - { - "value": "STARTS_WITH", - "name": "STARTS_WITH" + "type": "enum", + "members": { + "EQ": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EQ" + } + }, + "GT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GT" + } + }, + "GTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GTE" + } + }, + "LT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LT" + } + }, + "LTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LTE" + } + }, + "NE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NE" + } + }, + "CONTAINS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CONTAINS" } - ] + }, + "STARTS_WITH": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STARTS_WITH" + } + } + }, + "traits": { + "smithy.api#documentation": "The operator to use in a condition. Depending on the type of condition, possible values are:
" } }, "com.amazonaws.macie2#JobDetails": { @@ -6152,40 +6827,59 @@ } }, "com.amazonaws.macie2#JobStatus": { - "type": "string", - "traits": { - "smithy.api#documentation": "The status of a classification job. Possible values are:
", - "smithy.api#enum": [ - { - "value": "RUNNING", - "name": "RUNNING" - }, - { - "value": "PAUSED", - "name": "PAUSED" - }, - { - "value": "CANCELLED", - "name": "CANCELLED" - }, - { - "value": "COMPLETE", - "name": "COMPLETE" - }, - { - "value": "IDLE", - "name": "IDLE" - }, - { - "value": "USER_PAUSED", - "name": "USER_PAUSED" + "type": "enum", + "members": { + "RUNNING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RUNNING" + } + }, + "PAUSED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PAUSED" + } + }, + "CANCELLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CANCELLED" + } + }, + "COMPLETE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPLETE" } - ] + }, + "IDLE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IDLE" + } + }, + "USER_PAUSED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "USER_PAUSED" + } + } + }, + "traits": { + "smithy.api#documentation": "The status of a classification job. Possible values are:
" } }, "com.amazonaws.macie2#JobSummary": { "type": "structure", "members": { + "bucketCriteria": { + "target": "com.amazonaws.macie2#S3BucketCriteriaForJob", + "traits": { + "smithy.api#documentation": "The property- and tag-based conditions that determine which S3 buckets are included or excluded from the job's analysis. Each time the job runs, the job uses these criteria to determine which buckets to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
", + "smithy.api#jsonName": "bucketCriteria" + } + }, "bucketDefinitions": { "target": "com.amazonaws.macie2#__listOfS3BucketDefinitionForJob", "traits": { @@ -6241,13 +6935,6 @@ "smithy.api#documentation": "If the current status of the job is USER_PAUSED, specifies when the job was paused and when the job or job run will expire and be cancelled if it isn't resumed. This value is present only if the value for jobStatus is USER_PAUSED.
", "smithy.api#jsonName": "userPausedDetails" } - }, - "bucketCriteria": { - "target": "com.amazonaws.macie2#S3BucketCriteriaForJob", - "traits": { - "smithy.api#documentation": "The property- and tag-based conditions that determine which S3 buckets are included or excluded from the job's analysis. Each time the job runs, the job uses these criteria to determine which buckets to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
", - "smithy.api#jsonName": "bucketCriteria" - } } }, "traits": { @@ -6255,19 +6942,23 @@ } }, "com.amazonaws.macie2#JobType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The schedule for running a classification job. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ONE_TIME", - "name": "ONE_TIME" - }, - { - "value": "SCHEDULED", - "name": "SCHEDULED" + "type": "enum", + "members": { + "ONE_TIME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONE_TIME" } - ] + }, + "SCHEDULED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SCHEDULED" + } + } + }, + "traits": { + "smithy.api#documentation": "The schedule for running a classification job. Valid values are:
" } }, "com.amazonaws.macie2#KeyValuePair": { @@ -6317,19 +7008,23 @@ } }, "com.amazonaws.macie2#LastRunErrorStatusCode": { - "type": "string", - "traits": { - "smithy.api#documentation": "Specifies whether any account- or bucket-level access errors occurred during the run of a one-time classification job or the most recent run of a recurring classification job. Possible values are:
", - "smithy.api#enum": [ - { - "value": "NONE", - "name": "NONE" - }, - { - "value": "ERROR", - "name": "ERROR" + "type": "enum", + "members": { + "NONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NONE" + } + }, + "ERROR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ERROR" } - ] + } + }, + "traits": { + "smithy.api#documentation": "Specifies whether any account- or bucket-level access errors occurred during the run of a one-time classification job or the most recent run of a recurring classification job. Possible values are:
" } }, "com.amazonaws.macie2#ListAllowLists": { @@ -6360,6 +7055,12 @@ "method": "GET", "uri": "/allow-lists", "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "allowLists", + "pageSize": "maxResults" } } }, @@ -6488,7 +7189,7 @@ "items": { "target": "com.amazonaws.macie2#__listOfJobSummary", "traits": { - "smithy.api#documentation": "An array of objects, one for each job that meets the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each job that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "items" } }, @@ -6501,6 +7202,80 @@ } } }, + "com.amazonaws.macie2#ListClassificationScopes": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#ListClassificationScopesRequest" + }, + "output": { + "target": "com.amazonaws.macie2#ListClassificationScopesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves a subset of information about the classification scope for an account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/classification-scopes", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "classificationScopes" + } + } + }, + "com.amazonaws.macie2#ListClassificationScopesRequest": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The name of the classification scope to retrieve the unique identifier for.
", + "smithy.api#httpQuery": "name" + } + }, + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The nextToken string that specifies which page of results to return in a paginated response.
", + "smithy.api#httpQuery": "nextToken" + } + } + } + }, + "com.amazonaws.macie2#ListClassificationScopesResponse": { + "type": "structure", + "members": { + "classificationScopes": { + "target": "com.amazonaws.macie2#__listOfClassificationScopeSummary", + "traits": { + "smithy.api#documentation": "An array that specifies the unique identifier and name of the classification scope for the account.
", + "smithy.api#jsonName": "classificationScopes" + } + }, + "nextToken": { + "target": "com.amazonaws.macie2#NextToken", + "traits": { + "smithy.api#documentation": "The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
", + "smithy.api#jsonName": "nextToken" + } + } + } + }, "com.amazonaws.macie2#ListCustomDataIdentifiers": { "type": "operation", "input": { @@ -6757,7 +7532,7 @@ "findingIds": { "target": "com.amazonaws.macie2#__listOf__string", "traits": { - "smithy.api#documentation": "An array of strings, where each string is the unique identifier for a finding that meets the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of strings, where each string is the unique identifier for a finding that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "findingIds" } }, @@ -6878,27 +7653,35 @@ } }, "com.amazonaws.macie2#ListJobsFilterKey": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to use to filter the results. Valid values are:
", - "smithy.api#enum": [ - { - "value": "jobType", - "name": "jobType" - }, - { - "value": "jobStatus", - "name": "jobStatus" - }, - { - "value": "createdAt", - "name": "createdAt" - }, - { - "value": "name", - "name": "name" + "type": "enum", + "members": { + "jobType": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "jobType" + } + }, + "jobStatus": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "jobStatus" + } + }, + "createdAt": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "createdAt" + } + }, + "name": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "name" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The property to use to filter the results. Valid values are:
" } }, "com.amazonaws.macie2#ListJobsFilterTerm": { @@ -6931,27 +7714,35 @@ } }, "com.amazonaws.macie2#ListJobsSortAttributeName": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to sort the results by. Valid values are:
", - "smithy.api#enum": [ - { - "value": "createdAt", - "name": "createdAt" - }, - { - "value": "jobStatus", - "name": "jobStatus" - }, - { - "value": "name", - "name": "name" - }, - { - "value": "jobType", - "name": "jobType" + "type": "enum", + "members": { + "createdAt": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "createdAt" + } + }, + "jobStatus": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "jobStatus" + } + }, + "name": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "name" + } + }, + "jobType": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "jobType" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The property to sort the results by. Valid values are:
" } }, "com.amazonaws.macie2#ListJobsSortCriteria": { @@ -6990,6 +7781,11 @@ "method": "POST", "uri": "/managed-data-identifiers/list", "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "items" } } }, @@ -7103,7 +7899,7 @@ "members": { "target": "com.amazonaws.macie2#__listOfMember", "traits": { - "smithy.api#documentation": "An array of objects, one for each account that's associated with the administrator account and meets the criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each account that's associated with the administrator account and matches the criteria specified in the request.
", "smithy.api#jsonName": "members" } }, @@ -7201,81 +7997,328 @@ } } }, - "com.amazonaws.macie2#ListTagsForResource": { + "com.amazonaws.macie2#ListResourceProfileArtifacts": { "type": "operation", "input": { - "target": "com.amazonaws.macie2#ListTagsForResourceRequest" + "target": "com.amazonaws.macie2#ListResourceProfileArtifactsRequest" }, "output": { - "target": "com.amazonaws.macie2#ListTagsForResourceResponse" + "target": "com.amazonaws.macie2#ListResourceProfileArtifactsResponse" }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], "traits": { - "smithy.api#documentation": "Retrieves the tags (keys and values) that are associated with an Amazon Macie resource.
", + "smithy.api#documentation": "Retrieves information about objects that were selected from an S3 bucket for automated sensitive data discovery.
", "smithy.api#http": { "method": "GET", - "uri": "/tags/{resourceArn}", + "uri": "/resource-profiles/artifacts", "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "artifacts" } } }, - "com.amazonaws.macie2#ListTagsForResourceRequest": { + "com.amazonaws.macie2#ListResourceProfileArtifactsRequest": { "type": "structure", "members": { + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The nextToken string that specifies which page of results to return in a paginated response.
", + "smithy.api#httpQuery": "nextToken" + } + }, "resourceArn": { "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the resource.
", - "smithy.api#httpLabel": {}, + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
", + "smithy.api#httpQuery": "resourceArn", "smithy.api#required": {} } } } }, - "com.amazonaws.macie2#ListTagsForResourceResponse": { + "com.amazonaws.macie2#ListResourceProfileArtifactsResponse": { "type": "structure", "members": { - "tags": { - "target": "com.amazonaws.macie2#TagMap", + "artifacts": { + "target": "com.amazonaws.macie2#__listOfResourceProfileArtifact", "traits": { - "smithy.api#documentation": "A map of key-value pairs that specifies which tags (keys and values) are associated with the resource.
", - "smithy.api#jsonName": "tags" + "smithy.api#documentation": "An array of objects, one for each S3 object that Amazon Macie selected for analysis.
", + "smithy.api#jsonName": "artifacts" + } + }, + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
", + "smithy.api#jsonName": "nextToken" } } } }, - "com.amazonaws.macie2#Macie2": { - "type": "service", - "version": "2020-01-01", - "operations": [ - { - "target": "com.amazonaws.macie2#AcceptInvitation" - }, + "com.amazonaws.macie2#ListResourceProfileDetections": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#ListResourceProfileDetectionsRequest" + }, + "output": { + "target": "com.amazonaws.macie2#ListResourceProfileDetectionsResponse" + }, + "errors": [ { - "target": "com.amazonaws.macie2#BatchGetCustomDataIdentifiers" + "target": "com.amazonaws.macie2#AccessDeniedException" }, { - "target": "com.amazonaws.macie2#CreateAllowList" + "target": "com.amazonaws.macie2#InternalServerException" }, { - "target": "com.amazonaws.macie2#CreateClassificationJob" + "target": "com.amazonaws.macie2#ResourceNotFoundException" }, { - "target": "com.amazonaws.macie2#CreateCustomDataIdentifier" + "target": "com.amazonaws.macie2#ServiceQuotaExceededException" }, { - "target": "com.amazonaws.macie2#CreateFindingsFilter" + "target": "com.amazonaws.macie2#ThrottlingException" }, { - "target": "com.amazonaws.macie2#CreateInvitations" + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket.
", + "smithy.api#http": { + "method": "GET", + "uri": "/resource-profiles/detections", + "code": 200 }, - { - "target": "com.amazonaws.macie2#CreateMember" + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "detections", + "pageSize": "maxResults" + } + } + }, + "com.amazonaws.macie2#ListResourceProfileDetectionsRequest": { + "type": "structure", + "members": { + "maxResults": { + "target": "com.amazonaws.macie2#MaxResults", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of items to include in each page of a paginated response.
", + "smithy.api#httpQuery": "maxResults" + } }, - { - "target": "com.amazonaws.macie2#CreateSampleFindings" + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The nextToken string that specifies which page of results to return in a paginated response.
", + "smithy.api#httpQuery": "nextToken" + } }, - { - "target": "com.amazonaws.macie2#DeclineInvitations" + "resourceArn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
", + "smithy.api#httpQuery": "resourceArn", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#ListResourceProfileDetectionsResponse": { + "type": "structure", + "members": { + "detections": { + "target": "com.amazonaws.macie2#__listOfDetection", + "traits": { + "smithy.api#documentation": "An array of objects, one for each type of sensitive data that Amazon Macie found in the bucket. Each object reports the number of occurrences of the specified type and provides information about the custom data identifier or managed data identifier that detected the data.
", + "smithy.api#jsonName": "detections" + } + }, + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
", + "smithy.api#jsonName": "nextToken" + } + } + } + }, + "com.amazonaws.macie2#ListSensitivityInspectionTemplates": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#ListSensitivityInspectionTemplatesRequest" + }, + "output": { + "target": "com.amazonaws.macie2#ListSensitivityInspectionTemplatesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves a subset of information about the sensitivity inspection template for an account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/templates/sensitivity-inspections", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "sensitivityInspectionTemplates", + "pageSize": "maxResults" + } + } + }, + "com.amazonaws.macie2#ListSensitivityInspectionTemplatesRequest": { + "type": "structure", + "members": { + "maxResults": { + "target": "com.amazonaws.macie2#MaxResults", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The maximum number of items to include in each page of a paginated response.
", + "smithy.api#httpQuery": "maxResults" + } + }, + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The nextToken string that specifies which page of results to return in a paginated response.
", + "smithy.api#httpQuery": "nextToken" + } + } + } + }, + "com.amazonaws.macie2#ListSensitivityInspectionTemplatesResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.
", + "smithy.api#jsonName": "nextToken" + } + }, + "sensitivityInspectionTemplates": { + "target": "com.amazonaws.macie2#__listOfSensitivityInspectionTemplatesEntry", + "traits": { + "smithy.api#documentation": "An array that specifies the unique identifier and name of the sensitivity inspection template for the account.
", + "smithy.api#jsonName": "sensitivityInspectionTemplates" + } + } + } + }, + "com.amazonaws.macie2#ListTagsForResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#ListTagsForResourceRequest" + }, + "output": { + "target": "com.amazonaws.macie2#ListTagsForResourceResponse" + }, + "traits": { + "smithy.api#documentation": "Retrieves the tags (keys and values) that are associated with an Amazon Macie resource.
", + "smithy.api#http": { + "method": "GET", + "uri": "/tags/{resourceArn}", + "code": 200 + } + } + }, + "com.amazonaws.macie2#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the resource.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#ListTagsForResourceResponse": { + "type": "structure", + "members": { + "tags": { + "target": "com.amazonaws.macie2#TagMap", + "traits": { + "smithy.api#documentation": "A map of key-value pairs that specifies which tags (keys and values) are associated with the resource.
", + "smithy.api#jsonName": "tags" + } + } + } + }, + "com.amazonaws.macie2#Macie2": { + "type": "service", + "version": "2020-01-01", + "operations": [ + { + "target": "com.amazonaws.macie2#AcceptInvitation" + }, + { + "target": "com.amazonaws.macie2#BatchGetCustomDataIdentifiers" + }, + { + "target": "com.amazonaws.macie2#CreateAllowList" + }, + { + "target": "com.amazonaws.macie2#CreateClassificationJob" + }, + { + "target": "com.amazonaws.macie2#CreateCustomDataIdentifier" + }, + { + "target": "com.amazonaws.macie2#CreateFindingsFilter" + }, + { + "target": "com.amazonaws.macie2#CreateInvitations" + }, + { + "target": "com.amazonaws.macie2#CreateMember" + }, + { + "target": "com.amazonaws.macie2#CreateSampleFindings" + }, + { + "target": "com.amazonaws.macie2#DeclineInvitations" }, { "target": "com.amazonaws.macie2#DeleteAllowList" @@ -7328,12 +8371,18 @@ { "target": "com.amazonaws.macie2#GetAllowList" }, + { + "target": "com.amazonaws.macie2#GetAutomatedDiscoveryConfiguration" + }, { "target": "com.amazonaws.macie2#GetBucketStatistics" }, { "target": "com.amazonaws.macie2#GetClassificationExportConfiguration" }, + { + "target": "com.amazonaws.macie2#GetClassificationScope" + }, { "target": "com.amazonaws.macie2#GetCustomDataIdentifier" }, @@ -7361,6 +8410,9 @@ { "target": "com.amazonaws.macie2#GetMember" }, + { + "target": "com.amazonaws.macie2#GetResourceProfile" + }, { "target": "com.amazonaws.macie2#GetRevealConfiguration" }, @@ -7370,6 +8422,9 @@ { "target": "com.amazonaws.macie2#GetSensitiveDataOccurrencesAvailability" }, + { + "target": "com.amazonaws.macie2#GetSensitivityInspectionTemplate" + }, { "target": "com.amazonaws.macie2#GetUsageStatistics" }, @@ -7382,6 +8437,9 @@ { "target": "com.amazonaws.macie2#ListClassificationJobs" }, + { + "target": "com.amazonaws.macie2#ListClassificationScopes" + }, { "target": "com.amazonaws.macie2#ListCustomDataIdentifiers" }, @@ -7403,6 +8461,15 @@ { "target": "com.amazonaws.macie2#ListOrganizationAdminAccounts" }, + { + "target": "com.amazonaws.macie2#ListResourceProfileArtifacts" + }, + { + "target": "com.amazonaws.macie2#ListResourceProfileDetections" + }, + { + "target": "com.amazonaws.macie2#ListSensitivityInspectionTemplates" + }, { "target": "com.amazonaws.macie2#ListTagsForResource" }, @@ -7427,9 +8494,15 @@ { "target": "com.amazonaws.macie2#UpdateAllowList" }, + { + "target": "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfiguration" + }, { "target": "com.amazonaws.macie2#UpdateClassificationJob" }, + { + "target": "com.amazonaws.macie2#UpdateClassificationScope" + }, { "target": "com.amazonaws.macie2#UpdateFindingsFilter" }, @@ -7442,8 +8515,17 @@ { "target": "com.amazonaws.macie2#UpdateOrganizationConfiguration" }, + { + "target": "com.amazonaws.macie2#UpdateResourceProfile" + }, + { + "target": "com.amazonaws.macie2#UpdateResourceProfileDetections" + }, { "target": "com.amazonaws.macie2#UpdateRevealConfiguration" + }, + { + "target": "com.amazonaws.macie2#UpdateSensitivityInspectionTemplate" } ], "traits": { @@ -7458,14 +8540,14 @@ "name": "macie2" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Macie automates the discovery of sensitive data, such as PII and intellectual property, to provide you with insight into the data that your organization stores in AWS. Macie also provides an inventory of your Amazon S3 buckets, which it continually monitors for you. If Macie detects sensitive data or potential data access issues, it generates detailed findings for you to review and act upon as necessary.
", + "smithy.api#documentation": "Amazon Macie
", "smithy.api#title": "Amazon Macie 2", "smithy.rules#endpointRuleSet": { "version": "1.0", "parameters": { "Region": { "builtIn": "AWS::Region", - "required": false, + "required": true, "documentation": "The AWS region used to dispatch the request.", "type": "String" }, @@ -7786,8 +8868,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -7799,8 +8881,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -7812,8 +8894,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -7825,8 +8907,8 @@ }, "params": { "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -7838,8 +8920,8 @@ }, "params": { "Region": "eu-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -7851,8 +8933,8 @@ }, "params": { "Region": "eu-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -7864,8 +8946,8 @@ }, "params": { "Region": "eu-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -7877,8 +8959,8 @@ }, "params": { "Region": "eu-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -7890,8 +8972,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -7903,8 +8985,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -7916,8 +8998,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -7929,8 +9011,8 @@ }, "params": { "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -7942,8 +9024,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -7955,8 +9037,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -7968,8 +9050,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -7981,8 +9063,8 @@ }, "params": { "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -7994,8 +9076,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8007,8 +9089,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8020,8 +9102,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8033,8 +9115,8 @@ }, "params": { "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8046,8 +9128,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8059,8 +9141,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8072,8 +9154,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8085,8 +9167,8 @@ }, "params": { "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8098,8 +9180,8 @@ }, "params": { "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8111,8 +9193,8 @@ }, "params": { "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8124,8 +9206,8 @@ }, "params": { "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8137,8 +9219,8 @@ }, "params": { "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8150,8 +9232,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8163,8 +9245,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8176,8 +9258,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8189,8 +9271,8 @@ }, "params": { "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8202,8 +9284,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8215,8 +9297,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8228,8 +9310,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8241,8 +9323,8 @@ }, "params": { "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8254,8 +9336,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8267,8 +9349,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8280,8 +9362,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8293,8 +9375,8 @@ }, "params": { "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8306,8 +9388,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8319,8 +9401,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8332,8 +9414,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8345,8 +9427,8 @@ }, "params": { "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8358,8 +9440,8 @@ }, "params": { "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8371,8 +9453,8 @@ }, "params": { "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8384,8 +9466,8 @@ }, "params": { "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8397,8 +9479,8 @@ }, "params": { "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8410,8 +9492,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8423,8 +9505,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8436,8 +9518,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8449,8 +9531,8 @@ }, "params": { "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8462,8 +9544,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8475,8 +9557,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8488,8 +9570,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8501,8 +9583,8 @@ }, "params": { "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8514,8 +9596,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8527,8 +9609,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8540,8 +9622,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8553,8 +9635,8 @@ }, "params": { "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8566,8 +9648,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8579,8 +9661,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8592,8 +9674,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8605,8 +9687,8 @@ }, "params": { "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8618,8 +9700,8 @@ }, "params": { "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8631,8 +9713,8 @@ }, "params": { "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8644,8 +9726,8 @@ }, "params": { "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8657,8 +9739,8 @@ }, "params": { "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8670,8 +9752,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8683,8 +9765,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8696,8 +9778,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8709,8 +9791,8 @@ }, "params": { "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8722,8 +9804,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8735,8 +9817,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8748,8 +9830,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8761,8 +9843,8 @@ }, "params": { "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8774,8 +9856,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8787,8 +9869,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8800,8 +9882,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8813,8 +9895,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8826,8 +9908,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": true, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": true } }, { @@ -8839,8 +9921,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": true + "UseFIPS": true, + "UseDualStack": false } }, { @@ -8852,8 +9934,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": true, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": true } }, { @@ -8865,8 +9947,8 @@ }, "params": { "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "UseDualStack": false } }, { @@ -8878,8 +9960,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, "UseFIPS": false, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -8890,8 +9972,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": false, "UseFIPS": true, + "UseDualStack": false, "Endpoint": "https://example.com" } }, @@ -8902,8 +9984,8 @@ }, "params": { "Region": "us-east-1", - "UseDualStack": true, "UseFIPS": false, + "UseDualStack": true, "Endpoint": "https://example.com" } } @@ -8913,43 +9995,55 @@ } }, "com.amazonaws.macie2#MacieStatus": { - "type": "string", - "traits": { - "smithy.api#documentation": "The status of an Amazon Macie account. Valid values are:
", - "smithy.api#enum": [ - { - "value": "PAUSED", - "name": "PAUSED" - }, - { - "value": "ENABLED", - "name": "ENABLED" + "type": "enum", + "members": { + "PAUSED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PAUSED" + } + }, + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The status of an Amazon Macie account. Valid values are:
" } }, "com.amazonaws.macie2#ManagedDataIdentifierSelector": { - "type": "string", - "traits": { - "smithy.api#documentation": "The selection type that determines which managed data identifiers a classification job uses to analyze data. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ALL", - "name": "ALL" - }, - { - "value": "EXCLUDE", - "name": "EXCLUDE" - }, - { - "value": "INCLUDE", - "name": "INCLUDE" - }, - { - "value": "NONE", - "name": "NONE" + "type": "enum", + "members": { + "ALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ALL" + } + }, + "EXCLUDE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EXCLUDE" + } + }, + "INCLUDE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INCLUDE" + } + }, + "NONE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NONE" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The selection type that determines which managed data identifiers a classification job uses to analyze data. Valid values are:
" } }, "com.amazonaws.macie2#ManagedDataIdentifierSummary": { @@ -9028,6 +10122,13 @@ "smithy.api#jsonName": "jobDetails" } }, + "lastAutomatedDiscoveryTime": { + "target": "com.amazonaws.macie2#__timestampIso8601", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently performed automated sensitive data discovery for the bucket. This value is null if automated sensitive data discovery is currently disabled for your account.
", + "smithy.api#jsonName": "lastAutomatedDiscoveryTime" + } + }, "objectCount": { "target": "com.amazonaws.macie2#__long", "traits": { @@ -9039,10 +10140,18 @@ "objectCountByEncryptionType": { "target": "com.amazonaws.macie2#ObjectCountByEncryptionType", "traits": { - "smithy.api#documentation": "The total number of objects that are in the bucket, grouped by server-side encryption type. This includes a grouping that reports the total number of objects that aren't encrypted or use client-side encryption.
", + "smithy.api#documentation": "The total number of objects in the bucket, grouped by server-side encryption type. This includes a grouping that reports the total number of objects that aren't encrypted or use client-side encryption.
", "smithy.api#jsonName": "objectCountByEncryptionType" } }, + "sensitivityScore": { + "target": "com.amazonaws.macie2#__integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The current sensitivity score for the bucket, ranging from -1 (no analysis due to an error) to 100 (sensitive). This value is null if automated sensitive data discovery is currently disabled for your account.
", + "smithy.api#jsonName": "sensitivityScore" + } + }, "sizeInBytes": { "target": "com.amazonaws.macie2#__long", "traits": { @@ -9075,7 +10184,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
" + "smithy.api#documentation": "Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Key exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
" } }, "com.amazonaws.macie2#MatchingResource": { @@ -9190,6 +10299,13 @@ "smithy.api#documentation": "Specifies a monthly recurrence pattern for running a classification job.
" } }, + "com.amazonaws.macie2#NextToken": { + "type": "string", + "traits": { + "smithy.api#documentation": "Specifies which page of results to return in a paginated response.
", + "smithy.api#pattern": "^.*$" + } + }, "com.amazonaws.macie2#ObjectCountByEncryptionType": { "type": "structure", "members": { @@ -9267,7 +10383,7 @@ } }, "traits": { - "smithy.api#documentation": "Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for the buckets in the query results. If versioning is enabled for a bucket, total storage size values are based on the size of the latest version of each applicable object in the bucket.
" + "smithy.api#documentation": "Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for all the buckets in the query results. If versioning is enabled for a bucket, storage size values are based on the size of the latest version of each applicable object in the bucket.
" } }, "com.amazonaws.macie2#Occurrences": { @@ -9314,30 +10430,40 @@ } }, "com.amazonaws.macie2#OrderBy": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "ASC", - "name": "ASC" - }, - { - "value": "DESC", - "name": "DESC" + "type": "enum", + "members": { + "ASC": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASC" + } + }, + "DESC": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DESC" } - ] + } } }, "com.amazonaws.macie2#OriginType": { - "type": "string", - "traits": { - "smithy.api#documentation": "Specifies how Amazon Macie found the sensitive data that produced a finding. The only possible value is:
", - "smithy.api#enum": [ - { - "value": "SENSITIVE_DATA_DISCOVERY_JOB", - "name": "SENSITIVE_DATA_DISCOVERY_JOB" + "type": "enum", + "members": { + "SENSITIVE_DATA_DISCOVERY_JOB": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SENSITIVE_DATA_DISCOVERY_JOB" + } + }, + "AUTOMATED_SENSITIVE_DATA_DISCOVERY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AUTOMATED_SENSITIVE_DATA_DISCOVERY" } - ] + } + }, + "traits": { + "smithy.api#documentation": "Specifies how Amazon Macie found the sensitive data that produced a finding. Possible values are:
" } }, "com.amazonaws.macie2#Page": { @@ -9604,51 +10730,71 @@ } }, "com.amazonaws.macie2#RelationshipStatus": { - "type": "string", - "traits": { - "smithy.api#documentation": "The current status of the relationship between an account and an associated Amazon Macie administrator account. Possible values are:
", - "smithy.api#enum": [ - { - "value": "Enabled", - "name": "Enabled" - }, - { - "value": "Paused", - "name": "Paused" - }, - { - "value": "Invited", - "name": "Invited" - }, - { - "value": "Created", - "name": "Created" - }, - { - "value": "Removed", - "name": "Removed" - }, - { - "value": "Resigned", - "name": "Resigned" - }, - { - "value": "EmailVerificationInProgress", - "name": "EmailVerificationInProgress" - }, - { - "value": "EmailVerificationFailed", - "name": "EmailVerificationFailed" - }, - { - "value": "RegionDisabled", - "name": "RegionDisabled" - }, - { - "value": "AccountSuspended", - "name": "AccountSuspended" + "type": "enum", + "members": { + "Enabled": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Enabled" + } + }, + "Paused": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Paused" + } + }, + "Invited": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Invited" + } + }, + "Created": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Created" + } + }, + "Removed": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Removed" + } + }, + "Resigned": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Resigned" + } + }, + "EmailVerificationInProgress": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EmailVerificationInProgress" } - ] + }, + "EmailVerificationFailed": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EmailVerificationFailed" + } + }, + "RegionDisabled": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RegionDisabled" + } + }, + "AccountSuspended": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AccountSuspended" + } + } + }, + "traits": { + "smithy.api#documentation": "The current status of the relationship between an account and an associated Amazon Macie administrator account. Possible values are:
" } }, "com.amazonaws.macie2#ReplicationDetails": { @@ -9699,85 +10845,207 @@ "smithy.api#httpError": 404 } }, - "com.amazonaws.macie2#ResourcesAffected": { + "com.amazonaws.macie2#ResourceProfileArtifact": { "type": "structure", "members": { - "s3Bucket": { - "target": "com.amazonaws.macie2#S3Bucket", + "arn": { + "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The details of the S3 bucket that the finding applies to.
", - "smithy.api#jsonName": "s3Bucket" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the object.
", + "smithy.api#jsonName": "arn", + "smithy.api#required": {} } }, - "s3Object": { - "target": "com.amazonaws.macie2#S3Object", + "classificationResultStatus": { + "target": "com.amazonaws.macie2#__string", "traits": { - "smithy.api#documentation": "The details of the S3 object that the finding applies to.
", - "smithy.api#jsonName": "s3Object" + "smithy.api#documentation": "The status of the analysis. Possible values are:
COMPLETE - Amazon Macie successfully completed its analysis of the object.
PARTIAL - Macie analyzed only a subset of data in the object. For example, the object is an archive file that contains files in an unsupported format.
SKIPPED - Macie wasn't able to analyze the object. For example, the object is a malformed file.
Specifies whether Amazon Macie found sensitive data in the object.
", + "smithy.api#jsonName": "sensitive" } } }, "traits": { - "smithy.api#documentation": "Provides information about the resources that a finding applies to.
" + "smithy.api#documentation": "Provides information about an S3 object that Amazon Macie selected for analysis while performing automated sensitive data discovery for an S3 bucket, and the status and results of the analysis. This information is available only if automated sensitive data discovery is currently enabled for your account.
" } }, - "com.amazonaws.macie2#RevealConfiguration": { + "com.amazonaws.macie2#ResourceStatistics": { "type": "structure", "members": { - "kmsKeyId": { - "target": "com.amazonaws.macie2#__stringMin1Max2048", + "totalBytesClassified": { + "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN), ID, or alias of the KMS key to use to encrypt sensitive data that's retrieved. The key must be an existing, customer managed, symmetric encryption key that's in the same Amazon Web Services Region as the Amazon Macie account.
If this value specifies an alias, it must include the following prefix: alias/. If this value specifies a key that's owned by another Amazon Web Services account, it must specify the ARN of the key or the ARN of the key's alias.
", - "smithy.api#jsonName": "kmsKeyId" + "smithy.api#default": 0, + "smithy.api#documentation": "The total amount of data, in bytes, that Amazon Macie has analyzed in the bucket.
", + "smithy.api#jsonName": "totalBytesClassified" } }, - "status": { - "target": "com.amazonaws.macie2#RevealStatus", + "totalDetections": { + "target": "com.amazonaws.macie2#__long", "traits": { - "smithy.api#documentation": "The status of the configuration for the Amazon Macie account. In a request, valid values are: ENABLED, enable the configuration for the account; and, DISABLED, disable the configuration for the account. In a response, possible values are: ENABLED, the configuration is currently enabled for the account; and, DISABLED, the configuration is currently disabled for the account.
", - "smithy.api#jsonName": "status", - "smithy.api#required": {} + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of occurrences of sensitive data that Amazon Macie has found in the bucket's objects. This includes occurrences that are currently suppressed by the sensitivity scoring settings for the bucket (totalDetectionsSuppressed).
", + "smithy.api#jsonName": "totalDetections" } - } - }, - "traits": { - "smithy.api#documentation": "Specifies the configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account. When you enable the configuration for the first time, your request must specify an Key Management Service (KMS) key. Otherwise, an error occurs. Macie uses the specified key to encrypt the sensitive data that you retrieve.
" - } - }, - "com.amazonaws.macie2#RevealRequestStatus": { - "type": "string", - "traits": { - "smithy.api#documentation": "The status of a request to retrieve occurrences of sensitive data reported by a finding. Possible values are:
", - "smithy.api#enum": [ - { - "value": "SUCCESS", - "name": "SUCCESS" - }, - { - "value": "PROCESSING", - "name": "PROCESSING" - }, - { - "value": "ERROR", - "name": "ERROR" + }, + "totalDetectionsSuppressed": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of occurrences of sensitive data that are currently suppressed by the sensitivity scoring settings for the bucket. These represent occurrences of sensitive data that Amazon Macie found in the bucket's objects, but the occurrences were manually suppressed. By default, suppressed occurrences are excluded from the bucket's sensitivity score.
", + "smithy.api#jsonName": "totalDetectionsSuppressed" } - ] - } - }, - "com.amazonaws.macie2#RevealStatus": { - "type": "string", + }, + "totalItemsClassified": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of objects that Amazon Macie has analyzed in the bucket.
", + "smithy.api#jsonName": "totalItemsClassified" + } + }, + "totalItemsSensitive": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of the bucket's objects that Amazon Macie has found sensitive data in.
", + "smithy.api#jsonName": "totalItemsSensitive" + } + }, + "totalItemsSkipped": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of objects that Amazon Macie hasn't analyzed in the bucket due to an error or issue. For example, the object is a malformed file. This value includes objects that Macie hasn't analyzed for reasons reported by other statistics in the ResourceStatistics object.
", + "smithy.api#jsonName": "totalItemsSkipped" + } + }, + "totalItemsSkippedInvalidEncryption": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of objects that Amazon Macie hasn't analyzed in the bucket because the objects are encrypted with a key that Macie isn't allowed to use.
", + "smithy.api#jsonName": "totalItemsSkippedInvalidEncryption" + } + }, + "totalItemsSkippedInvalidKms": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of objects that Amazon Macie hasn't analyzed in the bucket because the objects are encrypted with an KMS key that was disabled or deleted.
", + "smithy.api#jsonName": "totalItemsSkippedInvalidKms" + } + }, + "totalItemsSkippedPermissionDenied": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of objects that Amazon Macie hasn't analyzed in the bucket because Macie isn't allowed to access the objects.
", + "smithy.api#jsonName": "totalItemsSkippedPermissionDenied" + } + } + }, "traits": { - "smithy.api#documentation": "The status of the configuration for retrieving occurrences of sensitive data reported by findings. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ENABLED", - "name": "ENABLED" - }, - { - "value": "DISABLED", - "name": "DISABLED" + "smithy.api#documentation": "Provides statistical data for sensitive data discovery metrics that apply to an S3 bucket that Amazon Macie monitors and analyzes for your account. The statistics capture the results of automated sensitive data discovery activities that Macie has performed for the bucket. The data is available only if automated sensitive data discovery is currently enabled for your account.
" + } + }, + "com.amazonaws.macie2#ResourcesAffected": { + "type": "structure", + "members": { + "s3Bucket": { + "target": "com.amazonaws.macie2#S3Bucket", + "traits": { + "smithy.api#documentation": "The details of the S3 bucket that the finding applies to.
", + "smithy.api#jsonName": "s3Bucket" + } + }, + "s3Object": { + "target": "com.amazonaws.macie2#S3Object", + "traits": { + "smithy.api#documentation": "The details of the S3 object that the finding applies to.
", + "smithy.api#jsonName": "s3Object" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides information about the resources that a finding applies to.
" + } + }, + "com.amazonaws.macie2#RevealConfiguration": { + "type": "structure", + "members": { + "kmsKeyId": { + "target": "com.amazonaws.macie2#__stringMin1Max2048", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN), ID, or alias of the KMS key to use to encrypt sensitive data that's retrieved. The key must be an existing, customer managed, symmetric encryption key that's in the same Amazon Web Services Region as the Amazon Macie account.
If this value specifies an alias, it must include the following prefix: alias/. If this value specifies a key that's owned by another Amazon Web Services account, it must specify the ARN of the key or the ARN of the key's alias.
", + "smithy.api#jsonName": "kmsKeyId" + } + }, + "status": { + "target": "com.amazonaws.macie2#RevealStatus", + "traits": { + "smithy.api#documentation": "The status of the configuration for the Amazon Macie account. In a request, valid values are: ENABLED, enable the configuration for the account; and, DISABLED, disable the configuration for the account. In a response, possible values are: ENABLED, the configuration is currently enabled for the account; and, DISABLED, the configuration is currently disabled for the account.
", + "smithy.api#jsonName": "status", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account. When you enable the configuration for the first time, your request must specify an Key Management Service (KMS) key. Otherwise, an error occurs. Macie uses the specified key to encrypt the sensitive data that you retrieve.
" + } + }, + "com.amazonaws.macie2#RevealRequestStatus": { + "type": "enum", + "members": { + "SUCCESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SUCCESS" + } + }, + "PROCESSING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PROCESSING" + } + }, + "ERROR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ERROR" + } + } + }, + "traits": { + "smithy.api#documentation": "The status of a request to retrieve occurrences of sensitive data reported by a finding. Possible values are:
" + } + }, + "com.amazonaws.macie2#RevealStatus": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The status of the configuration for retrieving occurrences of sensitive data reported by findings. Valid values are:
" } }, "com.amazonaws.macie2#S3Bucket": { @@ -9786,7 +11054,7 @@ "allowsUnencryptedObjectUploads": { "target": "com.amazonaws.macie2#AllowsUnencryptedObjectUploads", "traits": { - "smithy.api#documentation": "Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include the x-amz-server-side-encryption header and the value for that header must be AES256 or aws:kms.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include the x-amz-server-side-encryption header and it doesn't require the value for that header to be AES256 or aws:kms.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of objects.
Specifies whether the bucket policy for the bucket requires server-side encryption of objects when objects are uploaded to the bucket. Possible values are:
FALSE - The bucket policy requires server-side encryption of new objects. PutObject requests must include a valid server-side encryption header.
TRUE - The bucket doesn't have a bucket policy or it has a bucket policy that doesn't require server-side encryption of new objects. If a bucket policy exists, it doesn't require PutObject requests to include a valid server-side encryption header.
UNKNOWN - Amazon Macie can't determine whether the bucket policy requires server-side encryption of new objects.
Valid server-side encryption headers are: x-amz-server-side-encryption with a value of AES256 or aws:kms, and x-amz-server-side-encryption-customer-algorithm with a value of AES256.
", "smithy.api#jsonName": "allowsUnencryptedObjectUploads" } }, @@ -9890,6 +11158,13 @@ "smithy.api#documentation": "Specifies an Amazon Web Services account that owns S3 buckets for a classification job to analyze, and one or more specific buckets to analyze for that account.
" } }, + "com.amazonaws.macie2#S3BucketName": { + "type": "string", + "traits": { + "smithy.api#documentation": "The name of an S3 bucket.
", + "smithy.api#pattern": "^[A-Za-z0-9.\\-_]{3,255}$" + } + }, "com.amazonaws.macie2#S3BucketOwner": { "type": "structure", "members": { @@ -9912,6 +11187,78 @@ "smithy.api#documentation": "Provides information about the Amazon Web Services account that owns an S3 bucket.
" } }, + "com.amazonaws.macie2#S3ClassificationScope": { + "type": "structure", + "members": { + "excludes": { + "target": "com.amazonaws.macie2#S3ClassificationScopeExclusion", + "traits": { + "smithy.api#documentation": "The S3 buckets that are excluded.
", + "smithy.api#jsonName": "excludes", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the S3 buckets that are excluded from automated sensitive data discovery for an Amazon Macie account.
" + } + }, + "com.amazonaws.macie2#S3ClassificationScopeExclusion": { + "type": "structure", + "members": { + "bucketNames": { + "target": "com.amazonaws.macie2#__listOfS3BucketName", + "traits": { + "smithy.api#documentation": "An array of strings, one for each S3 bucket that is excluded. Each string is the full name of an excluded bucket.
", + "smithy.api#jsonName": "bucketNames", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies the names of the S3 buckets that are excluded from automated sensitive data discovery.
" + } + }, + "com.amazonaws.macie2#S3ClassificationScopeExclusionUpdate": { + "type": "structure", + "members": { + "bucketNames": { + "target": "com.amazonaws.macie2#__listOfS3BucketName", + "traits": { + "smithy.api#documentation": "Depending on the value specified for the update operation (ClassificationScopeUpdateOperation), an array of strings that: lists the names of buckets to add or remove from the list, or specifies a new set of bucket names that overwrites all existing names in the list. Each string must be the full name of an S3 bucket. Values are case sensitive.
", + "smithy.api#jsonName": "bucketNames", + "smithy.api#required": {} + } + }, + "operation": { + "target": "com.amazonaws.macie2#ClassificationScopeUpdateOperation", + "traits": { + "smithy.api#documentation": "Specifies how to apply the changes to the exclusion list. Valid values are:
ADD - Append the specified bucket names to the current list.
REMOVE - Remove the specified bucket names from the current list.
REPLACE - Overwrite the current list with the specified list of bucket names. If you specify this value, Amazon Macie removes all existing names from the list and adds all the specified names to the list.
Specifies S3 buckets to add or remove from the exclusion list defined by the classification scope for an Amazon Macie account.
" + } + }, + "com.amazonaws.macie2#S3ClassificationScopeUpdate": { + "type": "structure", + "members": { + "excludes": { + "target": "com.amazonaws.macie2#S3ClassificationScopeExclusionUpdate", + "traits": { + "smithy.api#documentation": "The names of the S3 buckets to add or remove from the list.
", + "smithy.api#jsonName": "excludes", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies changes to the list of S3 buckets that are excluded from automated sensitive data discovery for an Amazon Macie account.
" + } + }, "com.amazonaws.macie2#S3Destination": { "type": "structure", "members": { @@ -9946,6 +11293,13 @@ "com.amazonaws.macie2#S3JobDefinition": { "type": "structure", "members": { + "bucketCriteria": { + "target": "com.amazonaws.macie2#S3BucketCriteriaForJob", + "traits": { + "smithy.api#documentation": "The property- and tag-based conditions that determine which S3 buckets to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which buckets contain objects to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
", + "smithy.api#jsonName": "bucketCriteria" + } + }, "bucketDefinitions": { "target": "com.amazonaws.macie2#__listOfS3BucketDefinitionForJob", "traits": { @@ -9959,13 +11313,6 @@ "smithy.api#documentation": "The property- and tag-based conditions that determine which S3 objects to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which objects to analyze.
", "smithy.api#jsonName": "scoping" } - }, - "bucketCriteria": { - "target": "com.amazonaws.macie2#S3BucketCriteriaForJob", - "traits": { - "smithy.api#documentation": "The property- and tag-based conditions that determine which S3 buckets to include or exclude from the analysis. Each time the job runs, the job uses these criteria to determine which buckets contain objects to analyze. A job's definition can contain a bucketCriteria object or a bucketDefinitions array, not both.
", - "smithy.api#jsonName": "bucketCriteria" - } } }, "traits": { @@ -10091,27 +11438,35 @@ } }, "com.amazonaws.macie2#ScopeFilterKey": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to use in a condition that determines whether an S3 object is included or excluded from a classification job. Valid values are:
", - "smithy.api#enum": [ - { - "value": "OBJECT_EXTENSION", - "name": "OBJECT_EXTENSION" - }, - { - "value": "OBJECT_LAST_MODIFIED_DATE", - "name": "OBJECT_LAST_MODIFIED_DATE" - }, - { - "value": "OBJECT_SIZE", - "name": "OBJECT_SIZE" - }, - { - "value": "OBJECT_KEY", - "name": "OBJECT_KEY" + "type": "enum", + "members": { + "OBJECT_EXTENSION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OBJECT_EXTENSION" + } + }, + "OBJECT_LAST_MODIFIED_DATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OBJECT_LAST_MODIFIED_DATE" + } + }, + "OBJECT_SIZE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OBJECT_SIZE" + } + }, + "OBJECT_KEY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OBJECT_KEY" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The property to use in a condition that determines whether an S3 object is included or excluded from a classification job. Valid values are:
" } }, "com.amazonaws.macie2#Scoping": { @@ -10205,19 +11560,23 @@ } }, "com.amazonaws.macie2#SearchResourcesComparator": { - "type": "string", - "traits": { - "smithy.api#documentation": "The operator to use in a condition that filters the results of a query. Valid values are:
", - "smithy.api#enum": [ - { - "value": "EQ", - "name": "EQ" - }, - { - "value": "NE", - "name": "NE" + "type": "enum", + "members": { + "EQ": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EQ" + } + }, + "NE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NE" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The operator to use in a condition that filters the results of a query. Valid values are:
" } }, "com.amazonaws.macie2#SearchResourcesCriteria": { @@ -10297,7 +11656,7 @@ "matchingResources": { "target": "com.amazonaws.macie2#__listOfMatchingResource", "traits": { - "smithy.api#documentation": "An array of objects, one for each resource that meets the filter criteria specified in the request.
", + "smithy.api#documentation": "An array of objects, one for each resource that matches the filter criteria specified in the request.
", "smithy.api#jsonName": "matchingResources" } }, @@ -10340,51 +11699,67 @@ } }, "com.amazonaws.macie2#SearchResourcesSimpleCriterionKey": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to use in a condition that filters the query results. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ACCOUNT_ID", - "name": "ACCOUNT_ID" - }, - { - "value": "S3_BUCKET_NAME", - "name": "S3_BUCKET_NAME" - }, - { - "value": "S3_BUCKET_EFFECTIVE_PERMISSION", - "name": "S3_BUCKET_EFFECTIVE_PERMISSION" - }, - { - "value": "S3_BUCKET_SHARED_ACCESS", - "name": "S3_BUCKET_SHARED_ACCESS" + "type": "enum", + "members": { + "ACCOUNT_ID": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT_ID" + } + }, + "S3_BUCKET_NAME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_NAME" + } + }, + "S3_BUCKET_EFFECTIVE_PERMISSION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_EFFECTIVE_PERMISSION" + } + }, + "S3_BUCKET_SHARED_ACCESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_SHARED_ACCESS" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The property to use in a condition that filters the query results. Valid values are:
" } }, "com.amazonaws.macie2#SearchResourcesSortAttributeName": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to sort the query results by. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ACCOUNT_ID", - "name": "ACCOUNT_ID" - }, - { - "value": "RESOURCE_NAME", - "name": "RESOURCE_NAME" - }, - { - "value": "S3_CLASSIFIABLE_OBJECT_COUNT", - "name": "S3_CLASSIFIABLE_OBJECT_COUNT" - }, - { - "value": "S3_CLASSIFIABLE_SIZE_IN_BYTES", - "name": "S3_CLASSIFIABLE_SIZE_IN_BYTES" + "type": "enum", + "members": { + "ACCOUNT_ID": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT_ID" + } + }, + "RESOURCE_NAME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_NAME" + } + }, + "S3_CLASSIFIABLE_OBJECT_COUNT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_CLASSIFIABLE_OBJECT_COUNT" } - ] + }, + "S3_CLASSIFIABLE_SIZE_IN_BYTES": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_CLASSIFIABLE_SIZE_IN_BYTES" + } + } + }, + "traits": { + "smithy.api#documentation": "The property to sort the query results by. Valid values are:
" } }, "com.amazonaws.macie2#SearchResourcesSortCriteria": { @@ -10519,41 +11894,161 @@ } }, "com.amazonaws.macie2#SensitiveDataItemCategory": { - "type": "string", - "traits": { - "smithy.api#documentation": "For a finding, the category of sensitive data that was detected and produced the finding. For a managed data identifier, the category of sensitive data that the managed data identifier detects. Possible values are:
", - "smithy.api#enum": [ - { - "value": "FINANCIAL_INFORMATION", - "name": "FINANCIAL_INFORMATION" - }, - { - "value": "PERSONAL_INFORMATION", - "name": "PERSONAL_INFORMATION" - }, - { - "value": "CREDENTIALS", - "name": "CREDENTIALS" - }, - { - "value": "CUSTOM_IDENTIFIER", - "name": "CUSTOM_IDENTIFIER" + "type": "enum", + "members": { + "FINANCIAL_INFORMATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FINANCIAL_INFORMATION" } - ] - } - }, - "com.amazonaws.macie2#SensitiveDataOccurrences": { - "type": "map", - "key": { - "target": "com.amazonaws.macie2#__string" - }, - "value": { - "target": "com.amazonaws.macie2#__listOfDetectedDataDetails" - }, - "traits": { + }, + "PERSONAL_INFORMATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PERSONAL_INFORMATION" + } + }, + "CREDENTIALS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREDENTIALS" + } + }, + "CUSTOM_IDENTIFIER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CUSTOM_IDENTIFIER" + } + } + }, + "traits": { + "smithy.api#documentation": "For a finding, the category of sensitive data that was detected and produced the finding. For a managed data identifier, the category of sensitive data that the managed data identifier detects. Possible values are:
" + } + }, + "com.amazonaws.macie2#SensitiveDataOccurrences": { + "type": "map", + "key": { + "target": "com.amazonaws.macie2#__string" + }, + "value": { + "target": "com.amazonaws.macie2#__listOfDetectedDataDetails" + }, + "traits": { "smithy.api#documentation": "Specifies a type of sensitive data reported by a finding and provides occurrences of the specified type of sensitive data.
" } }, + "com.amazonaws.macie2#SensitivityAggregations": { + "type": "structure", + "members": { + "classifiableSizeInBytes": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported storage class and have a file name extension for a supported file or storage format.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each applicable object in the buckets. This value doesn't reflect the storage size of all versions of all applicable objects in the buckets.
", + "smithy.api#jsonName": "classifiableSizeInBytes" + } + }, + "publiclyAccessibleCount": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of buckets that are publicly accessible based on a combination of permissions settings for each bucket.
", + "smithy.api#jsonName": "publiclyAccessibleCount" + } + }, + "totalCount": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total number of buckets.
", + "smithy.api#jsonName": "totalCount" + } + }, + "totalSizeInBytes": { + "target": "com.amazonaws.macie2#__long", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The total storage size, in bytes, of the buckets.
If versioning is enabled for any of the buckets, this value is based on the size of the latest version of each object in the buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.
", + "smithy.api#jsonName": "totalSizeInBytes" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides aggregated statistical data for sensitive data discovery metrics that apply to S3 buckets. Each field contains aggregated data for all the buckets that have a sensitivity score (sensitivityScore) of a specified value or within a specified range (BucketStatisticsBySensitivity). If automated sensitive data discovery is currently disabled for your account, the value for each field is 0.
" + } + }, + "com.amazonaws.macie2#SensitivityInspectionTemplateExcludes": { + "type": "structure", + "members": { + "managedDataIdentifierIds": { + "target": "com.amazonaws.macie2#__listOf__string", + "traits": { + "smithy.api#documentation": "An array of unique identifiers, one for each managed data identifier to exclude. To retrieve a list of valid values, use the ListManagedDataIdentifiers operation.
", + "smithy.api#jsonName": "managedDataIdentifierIds" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies managed data identifiers to exclude (not use) when performing automated sensitive data discovery for an Amazon Macie account. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.
" + } + }, + "com.amazonaws.macie2#SensitivityInspectionTemplateId": { + "type": "string", + "traits": { + "smithy.api#documentation": "The unique identifier for the sensitivity inspection template.
" + } + }, + "com.amazonaws.macie2#SensitivityInspectionTemplateIncludes": { + "type": "structure", + "members": { + "allowListIds": { + "target": "com.amazonaws.macie2#__listOf__string", + "traits": { + "smithy.api#documentation": "An array of unique identifiers, one for each allow list to include.
", + "smithy.api#jsonName": "allowListIds" + } + }, + "customDataIdentifierIds": { + "target": "com.amazonaws.macie2#__listOf__string", + "traits": { + "smithy.api#documentation": "An array of unique identifiers, one for each custom data identifier to include.
", + "smithy.api#jsonName": "customDataIdentifierIds" + } + }, + "managedDataIdentifierIds": { + "target": "com.amazonaws.macie2#__listOf__string", + "traits": { + "smithy.api#documentation": "An array of unique identifiers, one for each managed data identifier to include.
Amazon Macie uses these managed data identifiers in addition to managed data identifiers that are subsequently released and recommended for automated sensitive data discovery. To retrieve a list of valid values for the managed data identifiers that are currently available, use the ListManagedDataIdentifiers operation.
Specifies the allow lists, custom data identifiers, and managed data identifiers to include (use) when performing automated sensitive data discovery for an Amazon Macie account. The configuration must specify at least one custom data identifier or managed data identifier. For information about the managed data identifiers that Amazon Macie currently provides, see Using managed data identifiers in the Amazon Macie User Guide.
" + } + }, + "com.amazonaws.macie2#SensitivityInspectionTemplatesEntry": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the sensitivity inspection template for the account.
", + "smithy.api#jsonName": "id" + } + }, + "name": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The name of the sensitivity inspection template for the account.
", + "smithy.api#jsonName": "name" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides information about the sensitivity inspection template for an Amazon Macie account. Macie uses the template's settings when it performs automated sensitive data discovery for the account.
" + } + }, "com.amazonaws.macie2#ServerSideEncryption": { "type": "structure", "members": { @@ -10736,23 +12231,29 @@ } }, "com.amazonaws.macie2#SeverityDescription": { - "type": "string", - "traits": { - "smithy.api#documentation": "The qualitative representation of the finding's severity. Possible values are:
", - "smithy.api#enum": [ - { - "value": "Low", - "name": "Low" - }, - { - "value": "Medium", - "name": "Medium" - }, - { - "value": "High", - "name": "High" + "type": "enum", + "members": { + "Low": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Low" + } + }, + "Medium": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Medium" + } + }, + "High": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "High" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The qualitative representation of the finding's severity. Possible values are:
" } }, "com.amazonaws.macie2#SeverityLevel": { @@ -10790,26 +12291,32 @@ } }, "com.amazonaws.macie2#SharedAccess": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "EXTERNAL", - "name": "EXTERNAL" - }, - { - "value": "INTERNAL", - "name": "INTERNAL" - }, - { - "value": "NOT_SHARED", - "name": "NOT_SHARED" - }, - { - "value": "UNKNOWN", - "name": "UNKNOWN" + "type": "enum", + "members": { + "EXTERNAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EXTERNAL" + } + }, + "INTERNAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INTERNAL" + } + }, + "NOT_SHARED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_SHARED" + } + }, + "UNKNOWN": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNKNOWN" } - ] + } } }, "com.amazonaws.macie2#SimpleCriterionForJob": { @@ -10842,27 +12349,35 @@ } }, "com.amazonaws.macie2#SimpleCriterionKeyForJob": { - "type": "string", - "traits": { - "smithy.api#documentation": "The property to use in a condition that determines whether an S3 bucket is included or excluded from a classification job. Valid values are:
", - "smithy.api#enum": [ - { - "value": "ACCOUNT_ID", - "name": "ACCOUNT_ID" - }, - { - "value": "S3_BUCKET_NAME", - "name": "S3_BUCKET_NAME" - }, - { - "value": "S3_BUCKET_EFFECTIVE_PERMISSION", - "name": "S3_BUCKET_EFFECTIVE_PERMISSION" - }, - { - "value": "S3_BUCKET_SHARED_ACCESS", - "name": "S3_BUCKET_SHARED_ACCESS" + "type": "enum", + "members": { + "ACCOUNT_ID": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT_ID" + } + }, + "S3_BUCKET_NAME": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_NAME" + } + }, + "S3_BUCKET_EFFECTIVE_PERMISSION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_EFFECTIVE_PERMISSION" + } + }, + "S3_BUCKET_SHARED_ACCESS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_BUCKET_SHARED_ACCESS" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The property to use in a condition that determines whether an S3 bucket is included or excluded from a classification job. Valid values are:
" } }, "com.amazonaws.macie2#SimpleScopeTerm": { @@ -10941,39 +12456,75 @@ } }, "com.amazonaws.macie2#StorageClass": { - "type": "string", + "type": "enum", + "members": { + "STANDARD": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STANDARD" + } + }, + "REDUCED_REDUNDANCY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REDUCED_REDUNDANCY" + } + }, + "STANDARD_IA": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STANDARD_IA" + } + }, + "INTELLIGENT_TIERING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INTELLIGENT_TIERING" + } + }, + "DEEP_ARCHIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DEEP_ARCHIVE" + } + }, + "ONEZONE_IA": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONEZONE_IA" + } + }, + "GLACIER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GLACIER" + } + } + }, "traits": { - "smithy.api#documentation": "The storage class of the S3 object. Possible values are:
", - "smithy.api#enum": [ - { - "value": "STANDARD", - "name": "STANDARD" - }, - { - "value": "REDUCED_REDUNDANCY", - "name": "REDUCED_REDUNDANCY" - }, - { - "value": "STANDARD_IA", - "name": "STANDARD_IA" - }, - { - "value": "INTELLIGENT_TIERING", - "name": "INTELLIGENT_TIERING" - }, - { - "value": "DEEP_ARCHIVE", - "name": "DEEP_ARCHIVE" - }, - { - "value": "ONEZONE_IA", - "name": "ONEZONE_IA" - }, - { - "value": "GLACIER", - "name": "GLACIER" + "smithy.api#documentation": "The storage class of the S3 object. Possible values are:
" + } + }, + "com.amazonaws.macie2#SuppressDataIdentifier": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the custom data identifier or managed data identifier that detected the type of sensitive data to exclude or include in the score.
", + "smithy.api#jsonName": "id" + } + }, + "type": { + "target": "com.amazonaws.macie2#DataIdentifierType", + "traits": { + "smithy.api#documentation": "The type of data identifier that detected the sensitive data. Possible values are: CUSTOM, for a custom data identifier; and, MANAGED, for a managed data identifier.
", + "smithy.api#jsonName": "type" } - ] + } + }, + "traits": { + "smithy.api#documentation": "Specifies a custom data identifier or managed data identifier that detected a type of sensitive data to start excluding or including in an S3 bucket's sensitivity score.
" } }, "com.amazonaws.macie2#TagCriterionForJob": { @@ -11111,15 +12662,17 @@ } }, "com.amazonaws.macie2#TagTarget": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of object to apply a tag-based condition to. Valid values are:
", - "smithy.api#enum": [ - { - "value": "S3_OBJECT", - "name": "S3_OBJECT" + "type": "enum", + "members": { + "S3_OBJECT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "S3_OBJECT" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The type of object to apply a tag-based condition to. Valid values are:
" } }, "com.amazonaws.macie2#TagValuePair": { @@ -11258,90 +12811,115 @@ } }, "com.amazonaws.macie2#TimeRange": { - "type": "string", - "traits": { - "smithy.api#documentation": "An inclusive time period that Amazon Macie usage data applies to. Possible values are:
", - "smithy.api#enum": [ - { - "value": "MONTH_TO_DATE", - "name": "MONTH_TO_DATE" - }, - { - "value": "PAST_30_DAYS", - "name": "PAST_30_DAYS" + "type": "enum", + "members": { + "MONTH_TO_DATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MONTH_TO_DATE" } - ] - } - }, - "com.amazonaws.macie2#Type": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "NONE", - "name": "NONE" - }, - { - "value": "AES256", - "name": "AES256" - }, - { - "value": "aws:kms", - "name": "aws_kms" + }, + "PAST_30_DAYS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PAST_30_DAYS" } - ] - } - }, - "com.amazonaws.macie2#UnavailabilityReasonCode": { - "type": "string", + } + }, "traits": { - "smithy.api#documentation": "Specifies why occurrences of sensitive data can't be retrieved for a finding. Possible values are:
", - "smithy.api#enum": [ - { - "value": "OBJECT_EXCEEDS_SIZE_QUOTA", - "name": "OBJECT_EXCEEDS_SIZE_QUOTA" - }, - { - "value": "UNSUPPORTED_OBJECT_TYPE", - "name": "UNSUPPORTED_OBJECT_TYPE" - }, - { - "value": "UNSUPPORTED_FINDING_TYPE", - "name": "UNSUPPORTED_FINDING_TYPE" - }, - { - "value": "INVALID_CLASSIFICATION_RESULT", - "name": "INVALID_CLASSIFICATION_RESULT" - }, - { - "value": "OBJECT_UNAVAILABLE", - "name": "OBJECT_UNAVAILABLE" - } - ] + "smithy.api#documentation": "An inclusive time period that Amazon Macie usage data applies to. Possible values are:
" } }, - "com.amazonaws.macie2#Unit": { - "type": "string", + "com.amazonaws.macie2#Timestamp": { + "type": "timestamp", "traits": { - "smithy.api#enum": [ - { - "value": "TERABYTES", - "name": "TERABYTES" - } - ] + "smithy.api#documentation": "Specifies a date and time in UTC and extended ISO 8601 format.
", + "smithy.api#timestampFormat": "date-time" } }, - "com.amazonaws.macie2#UnprocessableEntityException": { - "type": "structure", + "com.amazonaws.macie2#Type": { + "type": "enum", "members": { - "message": { - "target": "com.amazonaws.macie2#__string", + "NONE": { + "target": "smithy.api#Unit", "traits": { - "smithy.api#documentation": "The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
INVALID_CLASSIFICATION_RESULT - Amazon Macie can't verify the location of the sensitive data to retrieve. There isn't a corresponding sensitive data discovery result for the finding. Or the sensitive data discovery result specified by the ClassificationDetails.detailedResultsLocation field of the finding isn't available, is malformed or corrupted, or uses an unsupported storage format.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object might have been renamed, moved, or deleted. Or the object was changed after Macie created the finding.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
Specifies why occurrences of sensitive data can't be retrieved for a finding. Possible values are:
" + } + }, + "com.amazonaws.macie2#Unit": { + "type": "enum", + "members": { + "TERABYTES": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TERABYTES" + } + } + } + }, + "com.amazonaws.macie2#UnprocessableEntityException": { + "type": "structure", + "members": { + "message": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The type of error that occurred and prevented Amazon Macie from retrieving occurrences of sensitive data reported by the finding. Possible values are:
INVALID_CLASSIFICATION_RESULT - Amazon Macie can't verify the location of the sensitive data to retrieve. There isn't a corresponding sensitive data discovery result for the finding. Or the sensitive data discovery result specified by the ClassificationDetails.detailedResultsLocation field of the finding isn't available, is malformed or corrupted, or uses an unsupported storage format.
OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data.
OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object might have been renamed, moved, or deleted. Or the object was changed after Macie created the finding.
UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.
UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.
Provides information about an error that occurred due to an unprocessable entity.
", @@ -11509,6 +13087,54 @@ } } }, + "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfigurationRequest" + }, + "output": { + "target": "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfigurationResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Enables or disables automated sensitive data discovery for an account.
", + "smithy.api#http": { + "method": "PUT", + "uri": "/automated-discovery/configuration", + "code": 200 + } + } + }, + "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfigurationRequest": { + "type": "structure", + "members": { + "status": { + "target": "com.amazonaws.macie2#AutomatedDiscoveryStatus", + "traits": { + "smithy.api#documentation": "The new status of automated sensitive data discovery for the account. Valid values are: ENABLED, start or resume automated sensitive data discovery activities for the account; and, DISABLED, stop performing automated sensitive data discovery activities for the account.
When you enable automated sensitive data discovery for the first time, Amazon Macie uses default configuration settings to determine which data sources to analyze and which managed data identifiers to use. To change these settings, use the UpdateClassificationScope and UpdateSensitivityInspectionTemplate operations, respectively. If you change the settings and subsequently disable the configuration, Amazon Macie retains your changes.
", + "smithy.api#jsonName": "status", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.macie2#UpdateAutomatedDiscoveryConfigurationResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.macie2#UpdateClassificationJob": { "type": "operation", "input": { @@ -11574,6 +13200,64 @@ "type": "structure", "members": {} }, + "com.amazonaws.macie2#UpdateClassificationScope": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#UpdateClassificationScopeRequest" + }, + "output": { + "target": "com.amazonaws.macie2#UpdateClassificationScopeResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Updates the classification scope settings for an account.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/classification-scopes/{id}", + "code": 200 + } + } + }, + "com.amazonaws.macie2#UpdateClassificationScopeRequest": { + "type": "structure", + "members": { + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the Amazon Macie resource that the request applies to.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "s3": { + "target": "com.amazonaws.macie2#S3ClassificationScopeUpdate", + "traits": { + "smithy.api#documentation": "The S3 buckets to add or remove from the exclusion list defined by the classification scope.
", + "smithy.api#jsonName": "s3" + } + } + } + }, + "com.amazonaws.macie2#UpdateClassificationScopeResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.macie2#UpdateFindingsFilter": { "type": "operation", "input": { @@ -11620,10 +13304,18 @@ "action": { "target": "com.amazonaws.macie2#FindingsFilterAction", "traits": { - "smithy.api#documentation": "The action to perform on findings that meet the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", + "smithy.api#documentation": "The action to perform on findings that match the filter criteria (findingCriteria). Valid values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, don't perform any action on the findings.
", "smithy.api#jsonName": "action" } }, + "clientToken": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "A unique, case-sensitive token that you provide to ensure the idempotency of the request.
", + "smithy.api#idempotencyToken": {}, + "smithy.api#jsonName": "clientToken" + } + }, "description": { "target": "com.amazonaws.macie2#__string", "traits": { @@ -11660,14 +13352,6 @@ "smithy.api#documentation": "The position of the filter in the list of saved filters on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to the findings.
", "smithy.api#jsonName": "position" } - }, - "clientToken": { - "target": "com.amazonaws.macie2#__string", - "traits": { - "smithy.api#documentation": "A unique, case-sensitive token that you provide to ensure the idempotency of the request.
", - "smithy.api#idempotencyToken": {}, - "smithy.api#jsonName": "clientToken" - } } } }, @@ -11876,6 +13560,129 @@ "type": "structure", "members": {} }, + "com.amazonaws.macie2#UpdateResourceProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#UpdateResourceProfileRequest" + }, + "output": { + "target": "com.amazonaws.macie2#UpdateResourceProfileResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Updates the sensitivity score for an S3 bucket.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/resource-profiles", + "code": 200 + } + } + }, + "com.amazonaws.macie2#UpdateResourceProfileDetections": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#UpdateResourceProfileDetectionsRequest" + }, + "output": { + "target": "com.amazonaws.macie2#UpdateResourceProfileDetectionsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Updates the sensitivity scoring settings for an S3 bucket.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/resource-profiles/detections", + "code": 200 + } + } + }, + "com.amazonaws.macie2#UpdateResourceProfileDetectionsRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
", + "smithy.api#httpQuery": "resourceArn", + "smithy.api#required": {} + } + }, + "suppressDataIdentifiers": { + "target": "com.amazonaws.macie2#__listOfSuppressDataIdentifier", + "traits": { + "smithy.api#documentation": "An array of objects, one for each custom data identifier or managed data identifier that detected the type of sensitive data to start excluding or including in the bucket's score. To start including all sensitive data types in the score, don't specify any values for this array.
", + "smithy.api#jsonName": "suppressDataIdentifiers" + } + } + } + }, + "com.amazonaws.macie2#UpdateResourceProfileDetectionsResponse": { + "type": "structure", + "members": {} + }, + "com.amazonaws.macie2#UpdateResourceProfileRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the S3 bucket that the request applies to.
", + "smithy.api#httpQuery": "resourceArn", + "smithy.api#required": {} + } + }, + "sensitivityScoreOverride": { + "target": "com.amazonaws.macie2#__integer", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "The new sensitivity score for the bucket. Valid values are: 100, assign the maximum score and apply the Sensitive label to the bucket; and, null (empty), assign a score that Amazon Macie calculates automatically after you submit the request.
", + "smithy.api#jsonName": "sensitivityScoreOverride" + } + } + } + }, + "com.amazonaws.macie2#UpdateResourceProfileResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.macie2#UpdateRevealConfiguration": { "type": "operation", "input": { @@ -11932,6 +13739,78 @@ } } }, + "com.amazonaws.macie2#UpdateSensitivityInspectionTemplate": { + "type": "operation", + "input": { + "target": "com.amazonaws.macie2#UpdateSensitivityInspectionTemplateRequest" + }, + "output": { + "target": "com.amazonaws.macie2#UpdateSensitivityInspectionTemplateResponse" + }, + "errors": [ + { + "target": "com.amazonaws.macie2#AccessDeniedException" + }, + { + "target": "com.amazonaws.macie2#InternalServerException" + }, + { + "target": "com.amazonaws.macie2#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.macie2#ThrottlingException" + }, + { + "target": "com.amazonaws.macie2#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Updates the settings for the sensitivity inspection template for an account.
", + "smithy.api#http": { + "method": "PUT", + "uri": "/templates/sensitivity-inspections/{id}", + "code": 200 + } + } + }, + "com.amazonaws.macie2#UpdateSensitivityInspectionTemplateRequest": { + "type": "structure", + "members": { + "description": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "A custom description of the template.
", + "smithy.api#jsonName": "description" + } + }, + "excludes": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateExcludes", + "traits": { + "smithy.api#documentation": "The managed data identifiers to explicitly exclude (not use) when analyzing data.
To exclude an allow list or custom data identifier that's currently included by the template, update the values for the SensitivityInspectionTemplateIncludes.allowListIds and SensitivityInspectionTemplateIncludes.customDataIdentifierIds properties, respectively.
", + "smithy.api#jsonName": "excludes" + } + }, + "id": { + "target": "com.amazonaws.macie2#__string", + "traits": { + "smithy.api#documentation": "The unique identifier for the Amazon Macie resource that the request applies to.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "includes": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplateIncludes", + "traits": { + "smithy.api#documentation": "The allow lists, custom data identifiers, and managed data identifiers to include (use) when analyzing data.
", + "smithy.api#jsonName": "includes" + } + } + } + }, + "com.amazonaws.macie2#UpdateSensitivityInspectionTemplateResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.macie2#UsageByAccount": { "type": "structure", "members": { @@ -11959,7 +13838,7 @@ "type": { "target": "com.amazonaws.macie2#UsageType", "traits": { - "smithy.api#documentation": "The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects to detect sensitive data.
", + "smithy.api#documentation": "The name of the metric. Possible values are: AUTOMATED_OBJECT_MONITORING, to monitor S3 objects for automated sensitive data discovery; AUTOMATED_SENSITIVE_DATA_DISCOVERY, to analyze S3 objects for automated sensitive data discovery; DATA_INVENTORY_EVALUATION, to monitor S3 buckets; and, SENSITIVE_DATA_DISCOVERY, to run classification jobs.
", "smithy.api#jsonName": "type" } } @@ -11978,10 +13857,17 @@ "smithy.api#jsonName": "accountId" } }, + "automatedDiscoveryFreeTrialStartDate": { + "target": "com.amazonaws.macie2#__timestampIso8601", + "traits": { + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the free trial of automated sensitive data discovery started for the account. If the account is a member account in an organization, this value is the same as the value for the organization's Amazon Macie administrator account.
", + "smithy.api#jsonName": "automatedDiscoveryFreeTrialStartDate" + } + }, "freeTrialStartDate": { "target": "com.amazonaws.macie2#__timestampIso8601", "traits": { - "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the free trial started for the account.
", + "smithy.api#documentation": "The date and time, in UTC and extended ISO 8601 format, when the Amazon Macie free trial started for the account.
", "smithy.api#jsonName": "freeTrialStartDate" } }, @@ -12017,7 +13903,7 @@ "values": { "target": "com.amazonaws.macie2#__listOf__string", "traits": { - "smithy.api#documentation": "An array that lists values to use in the condition, based on the value for the field specified by the key property. If the value for the key property is accountId, this array can specify multiple values. Otherwise, this array can specify only one value.
Valid values for each supported field are:
accountId - The unique identifier for an Amazon Web Services account.
freeTrialStartDate - The date and time, in UTC and extended ISO 8601 format, when the free trial started for an account.
serviceLimit - A Boolean (true or false) value that indicates whether an account has reached its monthly quota.
total - A string that represents the current estimated cost for an account.
An array that lists values to use in the condition, based on the value for the field specified by the key property. If the value for the key property is accountId, this array can specify multiple values. Otherwise, this array can specify only one value.
Valid values for each supported field are:
accountId - The unique identifier for an Amazon Web Services account.
freeTrialStartDate - The date and time, in UTC and extended ISO 8601 format, when the Amazon Macie free trial started for an account.
serviceLimit - A Boolean (true or false) value that indicates whether an account has reached its monthly quota.
total - A string that represents the current estimated cost for an account.
The operator to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
", - "smithy.api#enum": [ - { - "value": "GT", - "name": "GT" - }, - { - "value": "GTE", - "name": "GTE" - }, - { - "value": "LT", - "name": "LT" - }, - { - "value": "LTE", - "name": "LTE" - }, - { - "value": "EQ", - "name": "EQ" - }, - { - "value": "NE", - "name": "NE" - }, - { - "value": "CONTAINS", - "name": "CONTAINS" + "type": "enum", + "members": { + "GT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GT" + } + }, + "GTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GTE" + } + }, + "LT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LT" } - ] + }, + "LTE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LTE" + } + }, + "EQ": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EQ" + } + }, + "NE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NE" + } + }, + "CONTAINS": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CONTAINS" + } + } + }, + "traits": { + "smithy.api#documentation": "The operator to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
" } }, "com.amazonaws.macie2#UsageStatisticsFilterKey": { - "type": "string", - "traits": { - "smithy.api#documentation": "The field to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
", - "smithy.api#enum": [ - { - "value": "accountId", - "name": "accountId" - }, - { - "value": "serviceLimit", - "name": "serviceLimit" - }, - { - "value": "freeTrialStartDate", - "name": "freeTrialStartDate" - }, - { - "value": "total", - "name": "total" + "type": "enum", + "members": { + "accountId": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "accountId" } - ] + }, + "serviceLimit": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "serviceLimit" + } + }, + "freeTrialStartDate": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "freeTrialStartDate" + } + }, + "total": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "total" + } + } + }, + "traits": { + "smithy.api#documentation": "The field to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
" } }, "com.amazonaws.macie2#UsageStatisticsSortBy": { @@ -12109,27 +14017,35 @@ } }, "com.amazonaws.macie2#UsageStatisticsSortKey": { - "type": "string", - "traits": { - "smithy.api#documentation": "The field to use to sort the results of a query for Amazon Macie account quotas and usage data. Valid values are:
", - "smithy.api#enum": [ - { - "value": "accountId", - "name": "accountId" - }, - { - "value": "total", - "name": "total" - }, - { - "value": "serviceLimitValue", - "name": "serviceLimitValue" - }, - { - "value": "freeTrialStartDate", - "name": "freeTrialStartDate" + "type": "enum", + "members": { + "accountId": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "accountId" + } + }, + "total": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "total" + } + }, + "serviceLimitValue": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "serviceLimitValue" + } + }, + "freeTrialStartDate": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "freeTrialStartDate" } - ] + } + }, + "traits": { + "smithy.api#documentation": "The field to use to sort the results of a query for Amazon Macie account quotas and usage data. Valid values are:
" } }, "com.amazonaws.macie2#UsageTotal": { @@ -12152,7 +14068,7 @@ "type": { "target": "com.amazonaws.macie2#UsageType", "traits": { - "smithy.api#documentation": "The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects to detect sensitive data.
", + "smithy.api#documentation": "The name of the metric. Possible values are: AUTOMATED_OBJECT_MONITORING, to monitor S3 objects for automated sensitive data discovery; AUTOMATED_SENSITIVE_DATA_DISCOVERY, to analyze S3 objects for automated sensitive data discovery; DATA_INVENTORY_EVALUATION, to monitor S3 buckets; and, SENSITIVE_DATA_DISCOVERY, to run classification jobs.
", "smithy.api#jsonName": "type" } } @@ -12162,19 +14078,35 @@ } }, "com.amazonaws.macie2#UsageType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The name of an Amazon Macie usage metric for an account. Possible values are:
", - "smithy.api#enum": [ - { - "value": "DATA_INVENTORY_EVALUATION", - "name": "DATA_INVENTORY_EVALUATION" - }, - { - "value": "SENSITIVE_DATA_DISCOVERY", - "name": "SENSITIVE_DATA_DISCOVERY" + "type": "enum", + "members": { + "DATA_INVENTORY_EVALUATION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DATA_INVENTORY_EVALUATION" + } + }, + "SENSITIVE_DATA_DISCOVERY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SENSITIVE_DATA_DISCOVERY" + } + }, + "AUTOMATED_SENSITIVE_DATA_DISCOVERY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AUTOMATED_SENSITIVE_DATA_DISCOVERY" } - ] + }, + "AUTOMATED_OBJECT_MONITORING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AUTOMATED_OBJECT_MONITORING" + } + } + }, + "traits": { + "smithy.api#documentation": "The name of an Amazon Macie usage metric for an account. Possible values are:
" } }, "com.amazonaws.macie2#UserIdentity": { @@ -12264,35 +14196,47 @@ } }, "com.amazonaws.macie2#UserIdentityType": { - "type": "string", - "traits": { - "smithy.api#documentation": "The type of entity that performed the action on the affected resource. Possible values are:
", - "smithy.api#enum": [ - { - "value": "AssumedRole", - "name": "AssumedRole" - }, - { - "value": "IAMUser", - "name": "IAMUser" - }, - { - "value": "FederatedUser", - "name": "FederatedUser" - }, - { - "value": "Root", - "name": "Root" - }, - { - "value": "AWSAccount", - "name": "AWSAccount" - }, - { - "value": "AWSService", - "name": "AWSService" + "type": "enum", + "members": { + "AssumedRole": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AssumedRole" } - ] + }, + "IAMUser": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IAMUser" + } + }, + "FederatedUser": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FederatedUser" + } + }, + "Root": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "Root" + } + }, + "AWSAccount": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSAccount" + } + }, + "AWSService": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSService" + } + } + }, + "traits": { + "smithy.api#documentation": "The type of entity that performed the action on the affected resource. Possible values are:
" } }, "com.amazonaws.macie2#UserPausedDetails": { @@ -12398,6 +14342,12 @@ "target": "com.amazonaws.macie2#BucketMetadata" } }, + "com.amazonaws.macie2#__listOfClassificationScopeSummary": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#ClassificationScopeSummary" + } + }, "com.amazonaws.macie2#__listOfCriteriaForJob": { "type": "list", "member": { @@ -12416,6 +14366,12 @@ "target": "com.amazonaws.macie2#DetectedDataDetails" } }, + "com.amazonaws.macie2#__listOfDetection": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#Detection" + } + }, "com.amazonaws.macie2#__listOfFinding": { "type": "list", "member": { @@ -12488,12 +14444,24 @@ "target": "com.amazonaws.macie2#Member" } }, + "com.amazonaws.macie2#__listOfResourceProfileArtifact": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#ResourceProfileArtifact" + } + }, "com.amazonaws.macie2#__listOfS3BucketDefinitionForJob": { "type": "list", "member": { "target": "com.amazonaws.macie2#S3BucketDefinitionForJob" } }, + "com.amazonaws.macie2#__listOfS3BucketName": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#S3BucketName" + } + }, "com.amazonaws.macie2#__listOfSearchResourcesCriteria": { "type": "list", "member": { @@ -12506,6 +14474,18 @@ "target": "com.amazonaws.macie2#SearchResourcesTagCriterionPair" } }, + "com.amazonaws.macie2#__listOfSensitivityInspectionTemplatesEntry": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#SensitivityInspectionTemplatesEntry" + } + }, + "com.amazonaws.macie2#__listOfSuppressDataIdentifier": { + "type": "list", + "member": { + "target": "com.amazonaws.macie2#SuppressDataIdentifier" + } + }, "com.amazonaws.macie2#__listOfTagCriterionPairForJob": { "type": "list", "member": { @@ -12659,4 +14639,4 @@ } } } -} \ No newline at end of file +}