The ARN of the analyzer that generated the findings to update.
" } }, + "AnalyzerStatus": { + "base": null, + "refs": { + "AnalyzerSummary$status": "The status of the analyzer. An Active analyzer successfully monitors supported resources and generates new findings. The analyzer is Disabled when a user action, such as removing trusted access for IAM Access Analyzer from AWS Organizations, causes the analyzer to stop generating new findings. The status is Creating when the analyzer creation is in progress and Failed when the analyzer creation has failed.
Contains information about the analyzer.
", "refs": { @@ -352,6 +358,12 @@ "FindingSummary$principal": "The external principal that has access to a resource within the zone of trust.
" } }, + "ReasonCode": { + "base": null, + "refs": { + "StatusReason$code": "The reason code for the current status of the analyzer.
" + } + }, "ResourceArn": { "base": null, "refs": { @@ -399,12 +411,20 @@ "refs": { } }, + "StatusReason": { + "base": "Provides more details about the current status of the analyzer. For example, if the creation for the analyzer fails, a Failed status is displayed. For an analyzer with organization as the type, this failure can be due to an issue with creating the service-linked roles required in the member accounts of the AWS organization.
The statusReason provides more details about the current status of the analyzer. For example, if the creation for the analyzer fails, a Failed status is displayed. For an analyzer with organization as the type, this failure can be due to an issue with creating the service-linked roles required in the member accounts of the AWS organization.
An error message.
", + "AnalyzedResource$resourceOwnerAccount": "The AWS account ID that owns the resource.
", + "AnalyzedResourceSummary$resourceOwnerAccount": "The AWS account ID that owns the resource.
", "AnalyzerSummary$lastResourceAnalyzed": "The resource that was most recently analyzed by the analyzer.
", "ConditionKeyMap$key": null, "ConditionKeyMap$value": null, @@ -418,8 +438,10 @@ "FilterCriteriaMap$key": null, "Finding$error": "An error.
", "Finding$resource": "The resource that an external principal has access to.
", + "Finding$resourceOwnerAccount": "The AWS account ID that owns the resource.
", "FindingSummary$error": "The error that resulted in an Error finding.
", "FindingSummary$resource": "The resource that the external principal has access to.
", + "FindingSummary$resourceOwnerAccount": "The AWS account ID that owns the resource.
", "InternalServerException$message": null, "ListTagsForResourceRequest$resourceArn": "The ARN of the resource to retrieve tags from.
", "PrincipalMap$key": null, diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 2e6276df0d..713bb9cfdc 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -1679,6 +1679,30 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "fips-us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "elasticbeanstalk-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "hostname" : "elasticbeanstalk-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "hostname" : "elasticbeanstalk-fips.us-west-1.amazonaws.com" + }, + "fips-us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "hostname" : "elasticbeanstalk-fips.us-west-2.amazonaws.com" + }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { }, @@ -1938,6 +1962,30 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "fips-us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "firehose-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "hostname" : "firehose-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "hostname" : "firehose-fips.us-west-1.amazonaws.com" + }, + "fips-us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "hostname" : "firehose-fips.us-west-2.amazonaws.com" + }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { }, @@ -2089,6 +2137,7 @@ }, "fsx" : { "endpoints" : { + "ap-east-1" : { }, "ap-northeast-1" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, @@ -2539,6 +2588,30 @@ "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, + "fips-us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "kinesis-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "hostname" : "kinesis-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "hostname" : "kinesis-fips.us-west-1.amazonaws.com" + }, + "fips-us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "hostname" : "kinesis-fips.us-west-2.amazonaws.com" + }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { }, @@ -4397,25 +4470,25 @@ "credentialScope" : { "region" : "us-east-1" }, - "hostname" : "#ssm-facade-fips.us-east-1.amazonaws.com" + "hostname" : "ssm-facade-fips.us-east-1.amazonaws.com" }, "ssm-facade-fips-us-east-2" : { "credentialScope" : { "region" : "us-east-2" }, - "hostname" : "#ssm-facade-fips.us-east-2.amazonaws.com" + "hostname" : "ssm-facade-fips.us-east-2.amazonaws.com" }, "ssm-facade-fips-us-west-1" : { "credentialScope" : { "region" : "us-west-1" }, - "hostname" : "#ssm-facade-fips.us-west-1.amazonaws.com" + "hostname" : "ssm-facade-fips.us-west-1.amazonaws.com" }, "ssm-facade-fips-us-west-2" : { "credentialScope" : { "region" : "us-west-2" }, - "hostname" : "#ssm-facade-fips.us-west-2.amazonaws.com" + "hostname" : "ssm-facade-fips.us-west-2.amazonaws.com" }, "us-east-1" : { }, "us-east-2" : { }, @@ -4808,6 +4881,12 @@ }, "waf" : { "endpoints" : { + "aws-fips" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "waf-fips.amazonaws.com" + }, "aws-global" : { "credentialScope" : { "region" : "us-east-1" @@ -4820,22 +4899,198 @@ }, "waf-regional" : { "endpoints" : { - "ap-northeast-1" : { }, - "ap-northeast-2" : { }, - "ap-south-1" : { }, - "ap-southeast-1" : { }, - "ap-southeast-2" : { }, - "ca-central-1" : { }, - "eu-central-1" : { }, - "eu-north-1" : { }, - "eu-west-1" : { }, - "eu-west-2" : { }, - "eu-west-3" : { }, - "sa-east-1" : { }, - "us-east-1" : { }, - "us-east-2" : { }, - "us-west-1" : { }, - "us-west-2" : { } + "ap-northeast-1" : { + "credentialScope" : { + "region" : "ap-northeast-1" + }, + "hostname" : "waf-regional.ap-northeast-1.amazonaws.com" + }, + "ap-northeast-2" : { + "credentialScope" : { + "region" : "ap-northeast-2" + }, + "hostname" : "waf-regional.ap-northeast-2.amazonaws.com" + }, + "ap-south-1" : { + "credentialScope" : { + "region" : "ap-south-1" + }, + "hostname" : "waf-regional.ap-south-1.amazonaws.com" + }, + "ap-southeast-1" : { + "credentialScope" : { + "region" : "ap-southeast-1" + }, + "hostname" : "waf-regional.ap-southeast-1.amazonaws.com" + }, + "ap-southeast-2" : { + "credentialScope" : { + "region" : "ap-southeast-2" + }, + "hostname" : "waf-regional.ap-southeast-2.amazonaws.com" + }, + "ca-central-1" : { + "credentialScope" : { + "region" : "ca-central-1" + }, + "hostname" : "waf-regional.ca-central-1.amazonaws.com" + }, + "eu-central-1" : { + "credentialScope" : { + "region" : "eu-central-1" + }, + "hostname" : "waf-regional.eu-central-1.amazonaws.com" + }, + "eu-north-1" : { + "credentialScope" : { + "region" : "eu-north-1" + }, + "hostname" : "waf-regional.eu-north-1.amazonaws.com" + }, + "eu-west-1" : { + "credentialScope" : { + "region" : "eu-west-1" + }, + "hostname" : "waf-regional.eu-west-1.amazonaws.com" + }, + "eu-west-2" : { + "credentialScope" : { + "region" : "eu-west-2" + }, + "hostname" : "waf-regional.eu-west-2.amazonaws.com" + }, + "eu-west-3" : { + "credentialScope" : { + "region" : "eu-west-3" + }, + "hostname" : "waf-regional.eu-west-3.amazonaws.com" + }, + "fips-ap-northeast-1" : { + "credentialScope" : { + "region" : "ap-northeast-1" + }, + "hostname" : "waf-regional-fips.ap-northeast-1.amazonaws.com" + }, + "fips-ap-northeast-2" : { + "credentialScope" : { + "region" : "ap-northeast-2" + }, + "hostname" : "waf-regional-fips.ap-northeast-2.amazonaws.com" + }, + "fips-ap-south-1" : { + "credentialScope" : { + "region" : "ap-south-1" + }, + "hostname" : "waf-regional-fips.ap-south-1.amazonaws.com" + }, + "fips-ap-southeast-1" : { + "credentialScope" : { + "region" : "ap-southeast-1" + }, + "hostname" : "waf-regional-fips.ap-southeast-1.amazonaws.com" + }, + "fips-ap-southeast-2" : { + "credentialScope" : { + "region" : "ap-southeast-2" + }, + "hostname" : "waf-regional-fips.ap-southeast-2.amazonaws.com" + }, + "fips-ca-central-1" : { + "credentialScope" : { + "region" : "ca-central-1" + }, + "hostname" : "waf-regional-fips.ca-central-1.amazonaws.com" + }, + "fips-eu-central-1" : { + "credentialScope" : { + "region" : "eu-central-1" + }, + "hostname" : "waf-regional-fips.eu-central-1.amazonaws.com" + }, + "fips-eu-north-1" : { + "credentialScope" : { + "region" : "eu-north-1" + }, + "hostname" : "waf-regional-fips.eu-north-1.amazonaws.com" + }, + "fips-eu-west-1" : { + "credentialScope" : { + "region" : "eu-west-1" + }, + "hostname" : "waf-regional-fips.eu-west-1.amazonaws.com" + }, + "fips-eu-west-2" : { + "credentialScope" : { + "region" : "eu-west-2" + }, + "hostname" : "waf-regional-fips.eu-west-2.amazonaws.com" + }, + "fips-eu-west-3" : { + "credentialScope" : { + "region" : "eu-west-3" + }, + "hostname" : "waf-regional-fips.eu-west-3.amazonaws.com" + }, + "fips-sa-east-1" : { + "credentialScope" : { + "region" : "sa-east-1" + }, + "hostname" : "waf-regional-fips.sa-east-1.amazonaws.com" + }, + "fips-us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "waf-regional-fips.us-east-1.amazonaws.com" + }, + "fips-us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "hostname" : "waf-regional-fips.us-east-2.amazonaws.com" + }, + "fips-us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "hostname" : "waf-regional-fips.us-west-1.amazonaws.com" + }, + "fips-us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "hostname" : "waf-regional-fips.us-west-2.amazonaws.com" + }, + "sa-east-1" : { + "credentialScope" : { + "region" : "sa-east-1" + }, + "hostname" : "waf-regional.sa-east-1.amazonaws.com" + }, + "us-east-1" : { + "credentialScope" : { + "region" : "us-east-1" + }, + "hostname" : "waf-regional.us-east-1.amazonaws.com" + }, + "us-east-2" : { + "credentialScope" : { + "region" : "us-east-2" + }, + "hostname" : "waf-regional.us-east-2.amazonaws.com" + }, + "us-west-1" : { + "credentialScope" : { + "region" : "us-west-1" + }, + "hostname" : "waf-regional.us-west-1.amazonaws.com" + }, + "us-west-2" : { + "credentialScope" : { + "region" : "us-west-2" + }, + "hostname" : "waf-regional.us-west-2.amazonaws.com" + } } }, "workdocs" : { @@ -5807,8 +6062,18 @@ }, "elasticbeanstalk" : { "endpoints" : { - "us-gov-east-1" : { }, - "us-gov-west-1" : { } + "us-gov-east-1" : { + "credentialScope" : { + "region" : "us-gov-east-1" + }, + "hostname" : "elasticbeanstalk.us-gov-east-1.amazonaws.com" + }, + "us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "elasticbeanstalk.us-gov-west-1.amazonaws.com" + } } }, "elasticfilesystem" : { @@ -5853,6 +6118,18 @@ }, "firehose" : { "endpoints" : { + "fips-us-gov-east-1" : { + "credentialScope" : { + "region" : "us-gov-east-1" + }, + "hostname" : "firehose-fips.us-gov-east-1.amazonaws.com" + }, + "fips-us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "firehose-fips.us-gov-west-1.amazonaws.com" + }, "us-gov-east-1" : { }, "us-gov-west-1" : { } } @@ -6413,7 +6690,18 @@ }, "waf-regional" : { "endpoints" : { - "us-gov-west-1" : { } + "fips-us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "waf-regional-fips.us-gov-west-1.amazonaws.com" + }, + "us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "hostname" : "waf-regional.us-gov-west-1.amazonaws.com" + } } }, "workspaces" : { diff --git a/service/accessanalyzer/api.go b/service/accessanalyzer/api.go index b4c25eb450..a5bf35a28b 100644 --- a/service/accessanalyzer/api.go +++ b/service/accessanalyzer/api.go @@ -1986,6 +1986,11 @@ type AnalyzedResource struct { // ResourceArn is a required field ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"` + // The AWS account ID that owns the resource. + // + // ResourceOwnerAccount is a required field + ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"` + // The type of the resource that was analyzed. // // ResourceType is a required field @@ -2049,6 +2054,12 @@ func (s *AnalyzedResource) SetResourceArn(v string) *AnalyzedResource { return s } +// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value. +func (s *AnalyzedResource) SetResourceOwnerAccount(v string) *AnalyzedResource { + s.ResourceOwnerAccount = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *AnalyzedResource) SetResourceType(v string) *AnalyzedResource { s.ResourceType = &v @@ -2082,6 +2093,11 @@ type AnalyzedResourceSummary struct { // ResourceArn is a required field ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"` + // The AWS account ID that owns the resource. + // + // ResourceOwnerAccount is a required field + ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"` + // The type of resource that was analyzed. // // ResourceType is a required field @@ -2104,6 +2120,12 @@ func (s *AnalyzedResourceSummary) SetResourceArn(v string) *AnalyzedResourceSumm return s } +// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value. +func (s *AnalyzedResourceSummary) SetResourceOwnerAccount(v string) *AnalyzedResourceSummary { + s.ResourceOwnerAccount = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *AnalyzedResourceSummary) SetResourceType(v string) *AnalyzedResourceSummary { s.ResourceType = &v @@ -2135,6 +2157,23 @@ type AnalyzerSummary struct { // Name is a required field Name *string `locationName:"name" min:"1" type:"string" required:"true"` + // The status of the analyzer. An Active analyzer successfully monitors supported + // resources and generates new findings. The analyzer is Disabled when a user + // action, such as removing trusted access for IAM Access Analyzer from AWS + // Organizations, causes the analyzer to stop generating new findings. The status + // is Creating when the analyzer creation is in progress and Failed when the + // analyzer creation has failed. + // + // Status is a required field + Status *string `locationName:"status" type:"string" required:"true" enum:"AnalyzerStatus"` + + // The statusReason provides more details about the current status of the analyzer. + // For example, if the creation for the analyzer fails, a Failed status is displayed. + // For an analyzer with organization as the type, this failure can be due to + // an issue with creating the service-linked roles required in the member accounts + // of the AWS organization. + StatusReason *StatusReason `locationName:"statusReason" type:"structure"` + // The tags added to the analyzer. Tags map[string]*string `locationName:"tags" type:"map"` @@ -2185,6 +2224,18 @@ func (s *AnalyzerSummary) SetName(v string) *AnalyzerSummary { return s } +// SetStatus sets the Status field's value. +func (s *AnalyzerSummary) SetStatus(v string) *AnalyzerSummary { + s.Status = &v + return s +} + +// SetStatusReason sets the StatusReason field's value. +func (s *AnalyzerSummary) SetStatusReason(v *StatusReason) *AnalyzerSummary { + s.StatusReason = v + return s +} + // SetTags sets the Tags field's value. func (s *AnalyzerSummary) SetTags(v map[string]*string) *AnalyzerSummary { s.Tags = v @@ -2805,6 +2856,11 @@ type Finding struct { // The resource that an external principal has access to. Resource *string `locationName:"resource" type:"string"` + // The AWS account ID that owns the resource. + // + // ResourceOwnerAccount is a required field + ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"` + // The type of the resource reported in the finding. // // ResourceType is a required field @@ -2885,6 +2941,12 @@ func (s *Finding) SetResource(v string) *Finding { return s } +// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value. +func (s *Finding) SetResourceOwnerAccount(v string) *Finding { + s.ResourceOwnerAccount = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *Finding) SetResourceType(v string) *Finding { s.ResourceType = &v @@ -2945,6 +3007,11 @@ type FindingSummary struct { // The resource that the external principal has access to. Resource *string `locationName:"resource" type:"string"` + // The AWS account ID that owns the resource. + // + // ResourceOwnerAccount is a required field + ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"` + // The type of the resource that the external principal has access to. // // ResourceType is a required field @@ -3025,6 +3092,12 @@ func (s *FindingSummary) SetResource(v string) *FindingSummary { return s } +// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value. +func (s *FindingSummary) SetResourceOwnerAccount(v string) *FindingSummary { + s.ResourceOwnerAccount = &v + return s +} + // SetResourceType sets the ResourceType field's value. func (s *FindingSummary) SetResourceType(v string) *FindingSummary { s.ResourceType = &v @@ -4173,6 +4246,36 @@ func (s StartResourceScanOutput) GoString() string { return s.String() } +// Provides more details about the current status of the analyzer. For example, +// if the creation for the analyzer fails, a Failed status is displayed. For +// an analyzer with organization as the type, this failure can be due to an +// issue with creating the service-linked roles required in the member accounts +// of the AWS organization. +type StatusReason struct { + _ struct{} `type:"structure"` + + // The reason code for the current status of the analyzer. + // + // Code is a required field + Code *string `locationName:"code" type:"string" required:"true" enum:"ReasonCode"` +} + +// String returns the string representation +func (s StatusReason) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StatusReason) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *StatusReason) SetCode(v string) *StatusReason { + s.Code = &v + return s +} + // Adds a tag to the specified resource. type TagResourceInput struct { _ struct{} `type:"structure"` @@ -4678,6 +4781,20 @@ func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField { return s } +const ( + // AnalyzerStatusActive is a AnalyzerStatus enum value + AnalyzerStatusActive = "ACTIVE" + + // AnalyzerStatusCreating is a AnalyzerStatus enum value + AnalyzerStatusCreating = "CREATING" + + // AnalyzerStatusDisabled is a AnalyzerStatus enum value + AnalyzerStatusDisabled = "DISABLED" + + // AnalyzerStatusFailed is a AnalyzerStatus enum value + AnalyzerStatusFailed = "FAILED" +) + const ( // FindingStatusActive is a FindingStatus enum value FindingStatusActive = "ACTIVE" @@ -4705,6 +4822,20 @@ const ( OrderByDesc = "DESC" ) +const ( + // ReasonCodeAwsServiceAccessDisabled is a ReasonCode enum value + ReasonCodeAwsServiceAccessDisabled = "AWS_SERVICE_ACCESS_DISABLED" + + // ReasonCodeDelegatedAdministratorDeregistered is a ReasonCode enum value + ReasonCodeDelegatedAdministratorDeregistered = "DELEGATED_ADMINISTRATOR_DEREGISTERED" + + // ReasonCodeOrganizationDeleted is a ReasonCode enum value + ReasonCodeOrganizationDeleted = "ORGANIZATION_DELETED" + + // ReasonCodeServiceLinkedRoleCreationFailed is a ReasonCode enum value + ReasonCodeServiceLinkedRoleCreationFailed = "SERVICE_LINKED_ROLE_CREATION_FAILED" +) + const ( // ResourceTypeAwsIamRole is a ResourceType enum value ResourceTypeAwsIamRole = "AWS::IAM::Role" @@ -4728,6 +4859,9 @@ const ( const ( // TypeAccount is a Type enum value TypeAccount = "ACCOUNT" + + // TypeOrganization is a Type enum value + TypeOrganization = "ORGANIZATION" ) const (