Module aws_sdk_macie2::model
source · [−]Expand description
Data structures used by operation inputs/outputs.
Modules
Structs
Provides information about the permissions settings of the bucket-level access control list (ACL) for an S3 bucket.
Specifies the details of an account to associate with an Amazon Macie administrator account.
Provides information about the account-level permissions settings that apply to an S3 bucket.
Provides information about the delegated Amazon Macie administrator account for an organization in Organizations.
Provides information about an API operation that an entity invoked for an affected resource.
Provides information about an identity that performed an action on an affected resource by using temporary security credentials. The credentials were obtained using the AssumeRole operation of the Security Token Service (STS) API.
Provides information about an Amazon Web Services account and entity that performed an action on an affected resource. The action was performed using the credentials for an Amazon Web Services account other than your own account.
Provides information about an Amazon Web Service that performed an action on an affected resource.
Provides information about a custom data identifier.
Provides information about the block public access settings for an S3 bucket. These settings can apply to a bucket at the account level or bucket level. For detailed information about each setting, see Blocking public access to your Amazon S3 storage in the Amazon Simple Storage Service User Guide.
Provides information about the number of S3 buckets that are publicly accessible based on a combination of permissions settings for each bucket.
Provides information about the number of S3 buckets that use certain types of server-side encryption by default or don't encrypt new objects by default. For detailed information about these settings, see Setting default server-side encryption behavior for Amazon S3 buckets in the Amazon Simple Storage Service User Guide.
Provides information about the number of S3 buckets that are or aren't shared with other Amazon Web Services accounts.
Provides information about the number of S3 buckets whose bucket policies do or don't require server-side encryption of objects when objects are uploaded to the buckets.
Specifies the operator to use in a property-based condition that filters the results of a query for information about S3 buckets.
Provides information about the bucket-level permissions settings for an S3 bucket.
Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for the versioning property is false and the value for most other properties is null. Exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.
Provides information about the account-level and bucket-level permissions settings for an S3 bucket.
Provides information about the permissions settings of the bucket policy for an S3 bucket.
Provides information about the permissions settings that determine whether an S3 bucket is publicly accessible.
Provides information about the default server-side encryption settings for an S3 bucket. For detailed information about these settings, see Setting default server-side encryption behavior for Amazon S3 buckets in the Amazon Simple Storage Service User Guide.
Specifies criteria for sorting the results of a query for information about S3 buckets.
Specifies the location of an occurrence of sensitive data in a Microsoft Excel workbook, CSV file, or TSV file.
Provides information about a sensitive data finding, including the classification job that produced the finding.
Specifies where to store data classification results, and the encryption settings to use when storing results in that location. Currently, you can store classification results only in an S3 bucket.
Provides the details of a sensitive data finding, including the types, number of occurrences, and locations of the sensitive data that was detected.
Provides information about the status of a sensitive data finding.
Specifies one or more property- and tag-based conditions that define criteria for including or excluding S3 buckets from a classification job.
Specifies a property- or tag-based condition that defines criteria for including or excluding S3 buckets from a classification job.
Specifies the operator to use in a property-based condition that filters the results of a query for findings. For detailed information and examples of each operator, see Fundamentals of filtering findings in the Amazon Macie User Guide.
Provides information about a custom data identifier.
Provides information about custom data identifiers that produced a sensitive data finding, and the number of occurrences of the data that they detected for the finding.
Provides information about a custom data identifier that produced a sensitive data finding, and the sensitive data that it detected for the finding.
Specifies that a classification job runs once a day, every day. This is an empty object.
Provides information about a type of sensitive data that was detected by a managed data identifier and produced a sensitive data finding.
Provides information about the domain name of the device that an entity used to perform an action on an affected resource.
Provides information about an identity that performed an action on an affected resource by using temporary security credentials. The credentials were obtained using the GetFederationToken operation of the Security Token Service (STS) API.
Provides the details of a finding.
Provides information about an action that occurred for a resource and produced a policy finding.
Provides information about an entity that performed an action that produced a policy finding for a resource.
Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.
Specifies criteria for sorting the results of a query that retrieves aggregated statistical data about findings.
Provides information about a findings filter.
Provides a group of results for a query that retrieved aggregated statistical data about findings.
Provides information about an Identity and Access Management (IAM) user who performed an action on an affected resource.
Provides information about an Amazon Macie membership invitation.
Provides information about the IP address of the device that an entity used to perform an action on an affected resource.
Provides information about the city that an IP address originated from.
Provides information about the country that an IP address originated from.
Provides geographic coordinates that indicate where a specified IP address originated from.
Provides information about the registered owner of an IP address.
Specifies whether any one-time or recurring classification jobs are configured to analyze data in an S3 bucket, and, if so, the details of the job that ran most recently.
Specifies the recurrence pattern for running a classification job.
Specifies a property- or tag-based condition that defines criteria for including or excluding S3 objects from a classification job. A JobScopeTerm object can contain only one simpleScopeTerm object or one tagScopeTerm object.
Specifies one or more property- and tag-based conditions that define criteria for including or excluding S3 objects from a classification job.
Provides information about a classification job, including the current status of the job.
Provides information about the tags that are associated with an S3 bucket or object. Each tag consists of a required tag key and an associated tag value.
Specifies whether any account- or bucket-level access errors occurred when a classification job ran. For information about using logging data to investigate these errors, see Monitoring sensitive data discovery jobs in the Amazon Macie User Guide.
Specifies criteria for filtering the results of a request for information about classification jobs.
Specifies a condition that filters the results of a request for information about classification jobs. Each condition consists of a property, an operator, and one or more values.
Specifies criteria for sorting the results of a request for information about classification jobs.
Provides information about a managed data identifier. For additional information, see Using managed data identifiers in the Amazon Macie User Guide.
Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.
Provides statistical data and other information about an Amazon Web Services resource that Amazon Macie monitors and analyzes for your account.
Provides information about an account that's associated with an Amazon Macie administrator account.
Specifies a monthly recurrence pattern for running a classification job.
Provides information about the number of objects that are in an S3 bucket and use certain types of server-side encryption, use client-side encryption, or aren't encrypted.
Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for the buckets in the query results. If versioning is enabled for a bucket, total storage size values are based on the size of the latest version of each applicable object in the bucket.
Specifies the location of 1-15 occurrences of sensitive data that was detected by a managed data identifier or a custom data identifier and produced a sensitive data finding.
Specifies the location of an occurrence of sensitive data in an Adobe Portable Document Format file.
Provides the details of a policy finding.
Specifies the location of an occurrence of sensitive data in a non-binary text file, such as an HTML, TXT, or XML file.
Specifies the location of an occurrence of sensitive data in an Apache Avro object container, Apache Parquet file, JSON file, or JSON Lines file.
Provides information about settings that define whether one or more objects in an S3 bucket are replicated to S3 buckets for other Amazon Web Services accounts and, if so, which accounts.
Provides information about the resources that a finding applies to.
Provides information about the S3 bucket that a finding applies to.
Specifies property- and tag-based conditions that define criteria for including or excluding S3 buckets from a classification job. Exclude conditions take precedence over include conditions.
Specifies an Amazon Web Services account that owns S3 buckets for a classification job to analyze, and one or more specific buckets to analyze for that account.
Provides information about the Amazon Web Services account that owns an S3 bucket.
Specifies an S3 bucket to store data classification results in, and the encryption settings to use when storing results in that bucket.
Specifies which S3 buckets contain the objects that a classification job analyzes, and the scope of that analysis. The bucket specification can be static (bucketDefinitions) or dynamic (bucketCriteria). If it's static, the job analyzes objects in the same predefined set of buckets each time the job runs. If it's dynamic, the job analyzes objects in any buckets that match the specified criteria each time the job starts to run.
Provides information about the S3 object that a finding applies to.
Specifies one or more property- and tag-based conditions that define criteria for including or excluding S3 objects from a classification job. Exclude conditions take precedence over include conditions.
Specifies property- and tag-based conditions that define filter criteria for including or excluding S3 buckets from the query results. Exclude conditions take precedence over include conditions.
Specifies a property- or tag-based filter condition for including or excluding Amazon Web Services resources from the query results.
Specifies property- and tag-based conditions that define filter criteria for including or excluding Amazon Web Services resources from the query results.
Specifies a property-based filter condition that determines which Amazon Web Services resources are included or excluded from the query results.
Specifies criteria for sorting the results of a query for information about Amazon Web Services resources that Amazon Macie monitors and analyzes.
Specifies a tag-based filter condition that determines which Amazon Web Services resources are included or excluded from the query results.
Specifies a tag key, a tag value, or a tag key and value (as a pair) to use in a tag-based filter condition for a query. Tag keys and values are case sensitive. Also, Amazon Macie doesn't support use of partial values or wildcard characters in tag-based filter conditions.
Specifies configuration settings that determine which findings are published to Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.
Provides information about the category, types, and occurrences of sensitive data that produced a sensitive data finding.
Provides information about the server-side encryption settings for an S3 bucket or S3 object.
Specifies a current quota for an Amazon Macie account.
Provides information about a session that was created for an entity that performed an action by using temporary security credentials.
Provides information about the context in which temporary security credentials were issued to an entity.
Provides information about the source and type of temporary security credentials that were issued to an entity.
Provides the numerical and qualitative representations of a finding's severity.
Specifies a severity level for findings that a custom data identifier produces. A severity level determines which severity is assigned to the findings, based on the number of occurrences of text that matches the custom data identifier's detection criteria.
Specifies a property-based condition that determines whether an S3 bucket is included or excluded from a classification job.
Specifies a property-based condition that determines whether an S3 object is included or excluded from a classification job.
Specifies criteria for sorting the results of a request for findings.
Provides processing statistics for a classification job.
Specifies a tag-based condition that determines whether an S3 bucket is included or excluded from a classification job.
Specifies a tag key, a tag value, or a tag key and value (as a pair) to use in a tag-based condition that determines whether an S3 bucket is included or excluded from a classification job. Tag keys and values are case sensitive. Also, Amazon Macie doesn't support use of partial values or wildcard characters in tag-based conditions.
Specifies a tag-based condition that determines whether an S3 object is included or excluded from a classification job.
Specifies a tag key or tag key and value pair to use in a tag-based condition that determines whether an S3 object is included or excluded from a classification job. Tag keys and values are case sensitive. Also, Amazon Macie doesn't support use of partial values or wildcard characters in tag-based conditions.
Provides information about an account-related request that hasn't been processed.
Provides data for a specific usage metric and the corresponding quota for an Amazon Macie account.
Provides quota and aggregated usage data for an Amazon Macie account.
Specifies a condition for filtering the results of a query for quota and usage data for one or more Amazon Macie accounts.
Specifies criteria for sorting the results of a query for Amazon Macie account quotas and usage data.
Provides aggregated data for an Amazon Macie usage metric. The value for the metric reports estimated usage data for an account for the preceding 30 days or the current calendar month to date, depending on the time period (timeRange) specified in the request.
Provides information about the type and other characteristics of an entity that performed an action on an affected resource.
Provides information about an Amazon Web Services account and entity that performed an action on an affected resource. The action was performed using the credentials for your Amazon Web Services account.
Provides information about when a classification job was paused. For a one-time job, this object also specifies when the job will expire and be cancelled if it isn't resumed. For a recurring job, this object also specifies when the paused job run will expire and be cancelled if it isn't resumed. This object is present only if a job's current status (jobStatus) is USER_PAUSED. The information in this object applies only to a job that was paused while it had a status of RUNNING.
Specifies a weekly recurrence pattern for running a classification job.
Enums
The current status of an account as the delegated Amazon Macie administrator account for an organization in Organizations. Possible values are:
Note: AllowsUnencryptedObjectUploads::Unknown has been renamed to ::UnknownValue.
The error code for an error that prevented Amazon Macie from retrieving and processing information about an S3 bucket and the bucket's objects.
The type of currency that the data for an Amazon Macie usage metric is reported in. Possible values are:
The severity of a finding, ranging from LOW, for least severe, to HIGH, for most severe. Valid values are:
Note: EffectivePermission::Unknown has been renamed to ::UnknownValue.
The type of server-side encryption that's used to encrypt an S3 object or objects in an S3 bucket. Valid values are:
The source of an issue or delay. Possible values are:
The type of action that occurred for the resource and produced the policy finding:
The category of the finding. Valid values are:
The frequency with which Amazon Macie publishes updates to policy findings for an account. This includes publishing updates to Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). For more information, see Monitoring and processing findings in the Amazon Macie User Guide. Valid values are:
The grouping to sort the results by. Valid values are:
The type of finding. For details about each type, see Types of Amazon Macie findings in the Amazon Macie User Guide. Valid values are:
The action to perform on findings that meet the filter criteria. To suppress (automatically archive) findings that meet the criteria, set this value to ARCHIVE. Valid values are:
Note: IsDefinedInJob::Unknown has been renamed to ::UnknownValue.
Note: IsMonitoredByJob::Unknown has been renamed to ::UnknownValue.
The operator to use in a condition. Valid values are:
The status of a classification job. Possible values are:
The schedule for running a classification job. Valid values are:
Specifies whether any account- or bucket-level access errors occurred during the run of a one-time classification job or the most recent run of a recurring classification job. Possible values are:
The property to use to filter the results. Valid values are:
The property to sort the results by. Valid values are:
The status of an Amazon Macie account. Valid values are:
The selection type that determines which managed data identifiers a classification job uses to analyze data. Valid values are:
The current status of the relationship between an account and an associated Amazon Macie administrator account. Possible values are:
The property to use in a condition that determines whether an S3 object is included or excluded from a classification job. Valid values are:
The operator to use in a condition that filters the results of a query. Valid values are:
The property to use in a condition that filters the query results. Valid values are:
The property to sort the query results by. Valid values are:
For a finding, the category of sensitive data that was detected and produced the finding. For a managed data identifier, the category of sensitive data that the managed data identifier detects. Possible values are:
The qualitative representation of the finding's severity. Possible values are:
Note: SharedAccess::Unknown has been renamed to ::UnknownValue.
The property to use in a condition that determines whether an S3 bucket is included or excluded from a classification job. Valid values are:
The storage class of the S3 object. Possible values are:
The type of object to apply a tag-based condition to. Valid values are:
An inclusive time period that Amazon Macie usage data applies to. Possible values are:
The operator to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
The field to use in a condition that filters the results of a query for Amazon Macie account quotas and usage data. Valid values are:
The field to use to sort the results of a query for Amazon Macie account quotas and usage data. Valid values are:
The name of an Amazon Macie usage metric for an account. Possible values are:
The type of entity that performed the action on the affected resource. Possible values are: