|
2840 | 2840 | "kmsManaged": { |
2841 | 2841 | "shape": "__long", |
2842 | 2842 | "locationName": "kmsManaged", |
2843 | | - "documentation": " <p>The total number of buckets that use an Key Management Service (KMS) customer master key (CMK) to encrypt new objects by default. These buckets use Amazon Web Services managed KMS encryption (AWS-KMS) or customer managed KMS encryption (SSE-KMS) by default.</p>" |
| 2843 | + "documentation": " <p>The total number of buckets that use an KMS key to encrypt new objects by default, either an Amazon Web Services managed key or a customer managed key. These buckets use KMS encryption (SSE-KMS) by default.</p>" |
2844 | 2844 | }, |
2845 | 2845 | "s3Managed": { |
2846 | 2846 | "shape": "__long", |
|
2923 | 2923 | "eq": { |
2924 | 2924 | "shape": "__listOf__string", |
2925 | 2925 | "locationName": "eq", |
2926 | | - "documentation": "<p>The value for the property matches (equals) the specified value. If you specify multiple values, Macie uses OR logic to join the values.</p>" |
| 2926 | + "documentation": "<p>The value for the property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.</p>" |
2927 | 2927 | }, |
2928 | 2928 | "gt": { |
2929 | 2929 | "shape": "__long", |
|
3017 | 3017 | "locationName": "classifiableSizeInBytes", |
3018 | 3018 | "documentation": "<p>The total storage size, in bytes, of the objects that Amazon Macie can analyze in the bucket. These objects use a supported storage class and have a file name extension for a supported file or storage format.</p> <p>If versioning is enabled for the bucket, Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
3019 | 3019 | }, |
| 3020 | + "errorCode": { |
| 3021 | + "shape": "BucketMetadataErrorCode", |
| 3022 | + "locationName": "errorCode", |
| 3023 | + "documentation": "<p>Specifies the error code for an error that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. If this value is ACCESS_DENIED, Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request. If this value is null, Macie was able to retrieve and process the information.</p>" |
| 3024 | + }, |
| 3025 | + "errorMessage": { |
| 3026 | + "shape": "__string", |
| 3027 | + "locationName": "errorMessage", |
| 3028 | + "documentation": "<p>A brief description of the error (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.</p>" |
| 3029 | + }, |
3020 | 3030 | "jobDetails": { |
3021 | 3031 | "shape": "JobDetails", |
3022 | 3032 | "locationName": "jobDetails", |
|
3070 | 3080 | "sizeInBytesCompressed": { |
3071 | 3081 | "shape": "__long", |
3072 | 3082 | "locationName": "sizeInBytesCompressed", |
3073 | | - "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the bucket.</p> <p>If versioning is enabled for the bucket, Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
| 3083 | + "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the bucket.</p> <p>If versioning is enabled for the bucket, Amazon Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
3074 | 3084 | }, |
3075 | 3085 | "tags": { |
3076 | 3086 | "shape": "__listOfKeyValuePair", |
|
3093 | 3103 | "documentation": "<p>Specifies whether versioning is enabled for the bucket.</p>" |
3094 | 3104 | } |
3095 | 3105 | }, |
3096 | | - "documentation": "<p>Provides information about an S3 bucket that Amazon Macie monitors and analyzes.</p>" |
| 3106 | + "documentation": "<p>Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Exceptions are accountId, bucketArn, bucketCreatedAt, bucketName, lastUpdated, and region. To identify the cause of the error, refer to the errorCode and errorMessage values.</p>" |
| 3107 | + }, |
| 3108 | + "BucketMetadataErrorCode": { |
| 3109 | + "type": "string", |
| 3110 | + "documentation": "<p>The error code for an error that prevented Amazon Macie from retrieving and processing information about an S3 bucket and the bucket's objects.</p>", |
| 3111 | + "enum": [ |
| 3112 | + "ACCESS_DENIED" |
| 3113 | + ] |
3097 | 3114 | }, |
3098 | 3115 | "BucketPermissionConfiguration": { |
3099 | 3116 | "type": "structure", |
|
3149 | 3166 | "kmsMasterKeyId": { |
3150 | 3167 | "shape": "__string", |
3151 | 3168 | "locationName": "kmsMasterKeyId", |
3152 | | - "documentation": "<p>The Amazon Resource Name (ARN) or unique identifier (key ID) for the Key Management Service (KMS) customer master key (CMK) that's used by default to encrypt objects that are added to the bucket. This value is null if the bucket uses an Amazon S3 managed key to encrypt new objects or the bucket doesn't encrypt new objects by default.</p>" |
| 3169 | + "documentation": "<p>The Amazon Resource Name (ARN) or unique identifier (key ID) for the KMS key that's used by default to encrypt objects that are added to the bucket. This value is null if the bucket uses an Amazon S3 managed key to encrypt new objects or the bucket doesn't encrypt new objects by default.</p>" |
3153 | 3170 | }, |
3154 | 3171 | "type": { |
3155 | 3172 | "shape": "Type", |
3156 | 3173 | "locationName": "type", |
3157 | | - "documentation": "<p>The type of server-side encryption that's used by default when storing new objects in the bucket. Possible values are:</p> <ul><li><p>AES256 - New objects are encrypted with an Amazon S3 managed key and use Amazon S3 managed encryption (SSE-S3).</p></li> <li><p>aws:kms - New objects are encrypted with an KMS CMK, specified by the kmsMasterKeyId property, and use Amazon Web Services managed KMS encryption (AWS-KMS) or customer managed KMS encryption (SSE-KMS).</p></li> <li><p>NONE - New objects aren't encrypted by default. Default encryption is disabled for the bucket.</p></li></ul>" |
| 3174 | + "documentation": "<p>The type of server-side encryption that's used by default when storing new objects in the bucket. Possible values are:</p> <ul><li><p>AES256 - New objects are encrypted with an Amazon S3 managed key. They use SSE-S3 encryption.</p></li> <li><p>aws:kms - New objects are encrypted with an KMS key (kmsMasterKeyId), either an Amazon Web Services managed key or a customer managed key. They use SSE-KMS encryption.</p></li> <li><p>NONE - New objects aren't encrypted by default. Default encryption is disabled for the bucket.</p></li></ul>" |
3158 | 3175 | } |
3159 | 3176 | }, |
3160 | 3177 | "documentation": "<p>Provides information about the default server-side encryption settings for an S3 bucket. For detailed information about these settings, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html\">Setting default server-side encryption behavior for Amazon S3 buckets</a> in the <i>Amazon Simple Storage Service User Guide</i>.</p>" |
|
4583 | 4600 | "sizeInBytes": { |
4584 | 4601 | "shape": "__long", |
4585 | 4602 | "locationName": "sizeInBytes", |
4586 | | - "documentation": "<p>The total storage size, in bytes, of the buckets.</p> <p>If versioning is enabled for any of the buckets, Macie calculates this value based on the size of the latest version of each object in those buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.</p>" |
| 4603 | + "documentation": "<p>The total storage size, in bytes, of the buckets.</p> <p>If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each object in those buckets. This value doesn't reflect the storage size of all versions of the objects in the buckets.</p>" |
4587 | 4604 | }, |
4588 | 4605 | "sizeInBytesCompressed": { |
4589 | 4606 | "shape": "__long", |
4590 | 4607 | "locationName": "sizeInBytesCompressed", |
4591 | | - "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.</p> <p>If versioning is enabled for any of the buckets, Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.</p>" |
| 4608 | + "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the buckets.</p> <p>If versioning is enabled for any of the buckets, Amazon Macie calculates this value based on the size of the latest version of each applicable object in those buckets. This value doesn't reflect the storage size of all versions of the applicable objects in the buckets.</p>" |
4592 | 4609 | }, |
4593 | 4610 | "unclassifiableObjectCount": { |
4594 | 4611 | "shape": "ObjectLevelStatistics", |
|
5863 | 5880 | "locationName": "classifiableSizeInBytes", |
5864 | 5881 | "documentation": "<p>The total storage size, in bytes, of the objects that Amazon Macie can analyze in the bucket. These objects use a supported storage class and have a file name extension for a supported file or storage format.</p> <p>If versioning is enabled for the bucket, Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
5865 | 5882 | }, |
| 5883 | + "errorCode": { |
| 5884 | + "shape": "BucketMetadataErrorCode", |
| 5885 | + "locationName": "errorCode", |
| 5886 | + "documentation": "<p>Specifies the error code for an error that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. If this value is ACCESS_DENIED, Macie doesn't have permission to retrieve the information. For example, the bucket has a restrictive bucket policy and Amazon S3 denied the request. If this value is null, Macie was able to retrieve and process the information.</p>" |
| 5887 | + }, |
| 5888 | + "errorMessage": { |
| 5889 | + "shape": "__string", |
| 5890 | + "locationName": "errorMessage", |
| 5891 | + "documentation": "<p>A brief description of the error (errorCode) that prevented Amazon Macie from retrieving and processing information about the bucket and the bucket's objects. This value is null if Macie was able to retrieve and process the information.</p>" |
| 5892 | + }, |
5866 | 5893 | "jobDetails": { |
5867 | 5894 | "shape": "JobDetails", |
5868 | 5895 | "locationName": "jobDetails", |
|
5886 | 5913 | "sizeInBytesCompressed": { |
5887 | 5914 | "shape": "__long", |
5888 | 5915 | "locationName": "sizeInBytesCompressed", |
5889 | | - "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the bucket.</p> <p>If versioning is enabled for the bucket, Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
| 5916 | + "documentation": "<p>The total storage size, in bytes, of the objects that are compressed (.gz, .gzip, .zip) files in the bucket.</p> <p>If versioning is enabled for the bucket, Amazon Macie calculates this value based on the size of the latest version of each applicable object in the bucket. This value doesn't reflect the storage size of all versions of each applicable object in the bucket.</p>" |
5890 | 5917 | }, |
5891 | 5918 | "unclassifiableObjectCount": { |
5892 | 5919 | "shape": "ObjectLevelStatistics", |
|
5899 | 5926 | "documentation": "<p>The total storage size, in bytes, of the objects that Amazon Macie can't analyze in the bucket. These objects don't use a supported storage class or don't have a file name extension for a supported file or storage format.</p>" |
5900 | 5927 | } |
5901 | 5928 | }, |
5902 | | - "documentation": "<p>Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes.</p>" |
| 5929 | + "documentation": "<p>Provides statistical data and other information about an S3 bucket that Amazon Macie monitors and analyzes for your account. If an error occurs when Macie attempts to retrieve and process information about the bucket or the bucket's objects, the value for most of these properties is null. Exceptions are accountId and bucketName. To identify the cause of the error, refer to the errorCode and errorMessage values.</p>" |
5903 | 5930 | }, |
5904 | 5931 | "MatchingResource": { |
5905 | 5932 | "type": "structure", |
|
5910 | 5937 | "documentation": "<p>The details of an S3 bucket that Amazon Macie monitors and analyzes.</p>" |
5911 | 5938 | } |
5912 | 5939 | }, |
5913 | | - "documentation": "<p>Provides statistical data and other information about an Amazon Web Services resource that Amazon Macie monitors and analyzes.</p>" |
| 5940 | + "documentation": "<p>Provides statistical data and other information about an Amazon Web Services resource that Amazon Macie monitors and analyzes for your account.</p>" |
5914 | 5941 | }, |
5915 | 5942 | "MaxResults": { |
5916 | 5943 | "type": "integer", |
|
5985 | 6012 | "customerManaged": { |
5986 | 6013 | "shape": "__long", |
5987 | 6014 | "locationName": "customerManaged", |
5988 | | - "documentation": "<p>The total number of objects that are encrypted with a customer-managed key. The objects use customer-provided server-side encryption (SSE-C).</p>" |
| 6015 | + "documentation": "<p>The total number of objects that are encrypted with a customer-provided key. The objects use customer-provided server-side encryption (SSE-C).</p>" |
5989 | 6016 | }, |
5990 | 6017 | "kmsManaged": { |
5991 | 6018 | "shape": "__long", |
5992 | 6019 | "locationName": "kmsManaged", |
5993 | | - "documentation": "<p>The total number of objects that are encrypted with an Key Management Service (KMS) customer master key (CMK). The objects use Amazon Web Services managed KMS encryption (AWS-KMS) or customer managed KMS encryption (SSE-KMS).</p>" |
| 6020 | + "documentation": "<p>The total number of objects that are encrypted with an KMS key, either an Amazon Web Services managed key or a customer managed key. The objects use KMS encryption (SSE-KMS).</p>" |
5994 | 6021 | }, |
5995 | 6022 | "s3Managed": { |
5996 | 6023 | "shape": "__long", |
|
6029 | 6056 | "documentation": "<p>The total storage size (in bytes) or number of objects that Amazon Macie can't analyze because the objects use an unsupported storage class or don't have a file name extension for a supported file or storage format.</p>" |
6030 | 6057 | } |
6031 | 6058 | }, |
6032 | | - "documentation": "<p>Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for all the buckets in the query results. If versioning is enabled for a bucket, total storage size values are based on the size of the latest version of each applicable object in the bucket.</p>" |
| 6059 | + "documentation": "<p>Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata or MatchingBucket object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for the buckets in the query results. If versioning is enabled for a bucket, total storage size values are based on the size of the latest version of each applicable object in the bucket.</p>" |
6033 | 6060 | }, |
6034 | 6061 | "Occurrences": { |
6035 | 6062 | "type": "structure", |
|
6387 | 6414 | "kmsKeyArn": { |
6388 | 6415 | "shape": "__string", |
6389 | 6416 | "locationName": "kmsKeyArn", |
6390 | | - "documentation": "<p>The Amazon Resource Name (ARN) of the Key Management Service (KMS) customer master key (CMK) to use for encryption of the results. This must be the ARN of an existing CMK that's in the same Amazon Web Services Region as the bucket.</p>" |
| 6417 | + "documentation": "<p>The Amazon Resource Name (ARN) of the KMS key to use for encryption of the results. This must be the ARN of an existing, symmetric, customer managed KMS key that's in the same Amazon Web Services Region as the bucket.</p>" |
6391 | 6418 | } |
6392 | 6419 | }, |
6393 | 6420 | "documentation": "<p>Specifies an S3 bucket to store data classification results in, and the encryption settings to use when storing results in that bucket.</p>", |
|
6758 | 6785 | "kmsMasterKeyId": { |
6759 | 6786 | "shape": "__string", |
6760 | 6787 | "locationName": "kmsMasterKeyId", |
6761 | | - "documentation": "<p>The Amazon Resource Name (ARN) or unique identifier (key ID) for the Key Management Service (KMS) customer master key (CMK) that's used to encrypt data in the bucket or the object. If an KMS CMK isn't used, this value is null.</p>" |
| 6788 | + "documentation": "<p>The Amazon Resource Name (ARN) or unique identifier (key ID) for the KMS key that's used to encrypt data in the bucket or the object. This value is null if an KMS key isn't used to encrypt the data.</p>" |
6762 | 6789 | } |
6763 | 6790 | }, |
6764 | 6791 | "documentation": "<p>Provides information about the server-side encryption settings for an S3 bucket or S3 object.</p>" |
|
0 commit comments