1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package types 4 5import ( 6 "time" 7) 8 9// Provides information about the permissions settings of the bucket-level access 10// control list (ACL) for an S3 bucket. 11type AccessControlList struct { 12 13 // Specifies whether the ACL grants the general public with read access permissions 14 // for the bucket. 15 AllowsPublicReadAccess bool 16 17 // Specifies whether the ACL grants the general public with write access 18 // permissions for the bucket. 19 AllowsPublicWriteAccess bool 20} 21 22// Specifies details for an account to associate with an Amazon Macie administrator 23// account. 24type AccountDetail struct { 25 26 // The AWS account ID for the account. 27 // 28 // This member is required. 29 AccountId *string 30 31 // The email address for the account. 32 // 33 // This member is required. 34 Email *string 35} 36 37// Provides information about the account-level permissions settings that apply to 38// an S3 bucket. 39type AccountLevelPermissions struct { 40 41 // The block public access settings for the AWS account that owns the bucket. 42 BlockPublicAccess *BlockPublicAccess 43} 44 45// Provides information about the delegated Amazon Macie administrator account for 46// an AWS organization. 47type AdminAccount struct { 48 49 // The AWS account ID for the account. 50 AccountId *string 51 52 // The current status of the account as the delegated administrator of Amazon Macie 53 // for the organization. 54 Status AdminStatus 55} 56 57// Provides information about an API operation that an entity invoked for an 58// affected resource. 59type ApiCallDetails struct { 60 61 // The name of the operation that was invoked most recently and produced the 62 // finding. 63 Api *string 64 65 // The URL of the AWS service that provides the operation, for example: 66 // s3.amazonaws.com. 67 ApiServiceName *string 68 69 // The first date and time, in UTC and extended ISO 8601 format, when any operation 70 // was invoked and produced the finding. 71 FirstSeen *time.Time 72 73 // The most recent date and time, in UTC and extended ISO 8601 format, when the 74 // specified operation (api) was invoked and produced the finding. 75 LastSeen *time.Time 76} 77 78// Provides information about an identity that performed an action on an affected 79// resource by using temporary security credentials. The credentials were obtained 80// using the AssumeRole operation of the AWS Security Token Service (AWS STS) API. 81type AssumedRole struct { 82 83 // The AWS access key ID that identifies the credentials. 84 AccessKeyId *string 85 86 // The unique identifier for the AWS account that owns the entity that was used to 87 // get the credentials. 88 AccountId *string 89 90 // The Amazon Resource Name (ARN) of the entity that was used to get the 91 // credentials. 92 Arn *string 93 94 // The unique identifier for the entity that was used to get the credentials. 95 PrincipalId *string 96 97 // The details of the session that was created for the credentials, including the 98 // entity that issued the session. 99 SessionContext *SessionContext 100} 101 102// Provides information about an AWS account and entity that performed an action on 103// an affected resource. The action was performed using the credentials for an AWS 104// account other than your own account. 105type AwsAccount struct { 106 107 // The unique identifier for the AWS account. 108 AccountId *string 109 110 // The unique identifier for the entity that performed the action. 111 PrincipalId *string 112} 113 114// Provides information about an AWS service that performed an action on an 115// affected resource. 116type AwsService struct { 117 118 // The name of the AWS service that performed the action. 119 InvokedBy *string 120} 121 122// Provides information about a custom data identifier. 123type BatchGetCustomDataIdentifierSummary struct { 124 125 // The Amazon Resource Name (ARN) of the custom data identifier. 126 Arn *string 127 128 // The date and time, in UTC and extended ISO 8601 format, when the custom data 129 // identifier was created. 130 CreatedAt *time.Time 131 132 // Specifies whether the custom data identifier was deleted. If you delete a custom 133 // data identifier, Amazon Macie doesn't delete it permanently. Instead, it soft 134 // deletes the identifier. 135 Deleted bool 136 137 // The custom description of the custom data identifier. 138 Description *string 139 140 // The unique identifier for the custom data identifier. 141 Id *string 142 143 // The custom name of the custom data identifier. 144 Name *string 145} 146 147// Provides information about the block public access settings for an S3 bucket. 148// These settings can apply to a bucket at the account level or bucket level. For 149// detailed information about each setting, see Blocking public access to your 150// Amazon S3 storage 151// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) 152// in the Amazon Simple Storage Service User Guide. 153type BlockPublicAccess struct { 154 155 // Specifies whether Amazon S3 blocks public access control lists (ACLs) for the 156 // bucket and objects in the bucket. 157 BlockPublicAcls bool 158 159 // Specifies whether Amazon S3 blocks public bucket policies for the bucket. 160 BlockPublicPolicy bool 161 162 // Specifies whether Amazon S3 ignores public ACLs for the bucket and objects in 163 // the bucket. 164 IgnorePublicAcls bool 165 166 // Specifies whether Amazon S3 restricts public bucket policies for the bucket. 167 RestrictPublicBuckets bool 168} 169 170// Provides information about the number of S3 buckets that are publicly accessible 171// based on a combination of permissions settings for each bucket. 172type BucketCountByEffectivePermission struct { 173 174 // The total number of buckets that allow the general public to have read or write 175 // access to the bucket. 176 PubliclyAccessible int64 177 178 // The total number of buckets that allow the general public to have read access to 179 // the bucket. 180 PubliclyReadable int64 181 182 // The total number of buckets that allow the general public to have write access 183 // to the bucket. 184 PubliclyWritable int64 185 186 // The total number of buckets that Amazon Macie wasn't able to evaluate 187 // permissions settings for. Macie can't determine whether these buckets are 188 // publicly accessible. 189 Unknown int64 190} 191 192// Provides information about the number of S3 buckets that use certain types of 193// server-side encryption by default or don't encrypt new objects by default. 194type BucketCountByEncryptionType struct { 195 196 // The total number of buckets that use an AWS Key Management Service (AWS KMS) 197 // customer master key (CMK) to encrypt new objects by default. These buckets use 198 // AWS managed AWS KMS encryption (AWS-KMS) or customer managed AWS KMS encryption 199 // (SSE-KMS). 200 KmsManaged int64 201 202 // The total number of buckets that use an Amazon S3 managed key to encrypt new 203 // objects by default. These buckets use Amazon S3 managed encryption (SSE-S3). 204 S3Managed int64 205 206 // The total number of buckets that don't encrypt new objects by default. Default 207 // encryption is disabled for these buckets. 208 Unencrypted int64 209} 210 211// Provides information about the number of S3 buckets that are shared with other 212// AWS accounts. 213type BucketCountBySharedAccessType struct { 214 215 // The total number of buckets that are shared with an AWS account that isn't part 216 // of the same Amazon Macie organization. 217 External int64 218 219 // The total number of buckets that are shared with an AWS account that's part of 220 // the same Amazon Macie organization. 221 Internal int64 222 223 // The total number of buckets that aren't shared with other AWS accounts. 224 NotShared int64 225 226 // The total number of buckets that Amazon Macie wasn't able to evaluate shared 227 // access settings for. Macie can't determine whether these buckets are shared with 228 // other AWS accounts. 229 Unknown int64 230} 231 232// Specifies the operator to use in a property-based condition that filters the 233// results of a query for information about S3 buckets. 234type BucketCriteriaAdditionalProperties struct { 235 236 // The value for the property matches (equals) the specified value. If you specify 237 // multiple values, Macie uses OR logic to join the values. 238 Eq []string 239 240 // The value for the property is greater than the specified value. 241 Gt int64 242 243 // The value for the property is greater than or equal to the specified value. 244 Gte int64 245 246 // The value for the property is less than the specified value. 247 Lt int64 248 249 // The value for the property is less than or equal to the specified value. 250 Lte int64 251 252 // The value for the property doesn't match (doesn't equal) the specified value. If 253 // you specify multiple values, Amazon Macie uses OR logic to join the values. 254 Neq []string 255 256 // The name of the bucket begins with the specified value. 257 Prefix *string 258} 259 260// Provides information about the bucket-level permissions settings for an S3 261// bucket. 262type BucketLevelPermissions struct { 263 264 // The permissions settings of the access control list (ACL) for the bucket. This 265 // value is null if an ACL hasn't been defined for the bucket. 266 AccessControlList *AccessControlList 267 268 // The block public access settings for the bucket. 269 BlockPublicAccess *BlockPublicAccess 270 271 // The permissions settings of the bucket policy for the bucket. This value is null 272 // if a bucket policy hasn't been defined for the bucket. 273 BucketPolicy *BucketPolicy 274} 275 276// Provides information about an S3 bucket that Amazon Macie monitors and analyzes. 277type BucketMetadata struct { 278 279 // The unique identifier for the AWS account that owns the bucket. 280 AccountId *string 281 282 // The Amazon Resource Name (ARN) of the bucket. 283 BucketArn *string 284 285 // The date and time, in UTC and extended ISO 8601 format, when the bucket was 286 // created. 287 BucketCreatedAt *time.Time 288 289 // The name of the bucket. 290 BucketName *string 291 292 // The total number of objects that Amazon Macie can analyze in the bucket. These 293 // objects use a supported storage class and have a file name extension for a 294 // supported file or storage format. 295 ClassifiableObjectCount int64 296 297 // The total storage size, in bytes, of the objects that Amazon Macie can analyze 298 // in the bucket. These objects use a supported storage class and have a file name 299 // extension for a supported file or storage format. If versioning is enabled for 300 // the bucket, Macie calculates this value based on the size of the latest version 301 // of each applicable object in the bucket. This value doesn't reflect the storage 302 // size of all versions of each applicable object in the bucket. 303 ClassifiableSizeInBytes int64 304 305 // Specifies whether any one-time or recurring classification jobs are configured 306 // to analyze data in the bucket, and, if so, the details of the job that ran most 307 // recently. 308 JobDetails *JobDetails 309 310 // The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most 311 // recently retrieved both bucket and object metadata from Amazon S3 for the 312 // bucket. 313 LastUpdated *time.Time 314 315 // The total number of objects in the bucket. 316 ObjectCount int64 317 318 // The total number of objects that are in the bucket, grouped by server-side 319 // encryption type. This includes a grouping that reports the total number of 320 // objects that aren't encrypted or use client-side encryption. 321 ObjectCountByEncryptionType *ObjectCountByEncryptionType 322 323 // Specifies whether the bucket is publicly accessible due to the combination of 324 // permissions settings that apply to the bucket, and provides information about 325 // those settings. 326 PublicAccess *BucketPublicAccess 327 328 // The AWS Region that hosts the bucket. 329 Region *string 330 331 // Specifies whether the bucket is configured to replicate one or more objects to 332 // buckets for other AWS accounts and, if so, which accounts. 333 ReplicationDetails *ReplicationDetails 334 335 // Specifies whether the bucket encrypts new objects by default and, if so, the 336 // type of server-side encryption that's used. 337 ServerSideEncryption *BucketServerSideEncryption 338 339 // Specifies whether the bucket is shared with another AWS account. Possible values 340 // are: 341 // 342 // * EXTERNAL - The bucket is shared with an AWS account that isn't part of 343 // the same Amazon Macie organization. 344 // 345 // * INTERNAL - The bucket is shared with an 346 // AWS account that's part of the same Amazon Macie organization. 347 // 348 // * NOT_SHARED - 349 // The bucket isn't shared with other AWS accounts. 350 // 351 // * UNKNOWN - Amazon Macie 352 // wasn't able to evaluate the shared access settings for the bucket. 353 SharedAccess SharedAccess 354 355 // The total storage size, in bytes, of the bucket. If versioning is enabled for 356 // the bucket, Amazon Macie calculates this value based on the size of the latest 357 // version of each object in the bucket. This value doesn't reflect the storage 358 // size of all versions of each object in the bucket. 359 SizeInBytes int64 360 361 // The total compressed storage size, in bytes, of the bucket. If versioning is 362 // enabled for the bucket, Macie calculates this value based on the size of the 363 // latest version of each object in the bucket. This value doesn't reflect the 364 // storage size of all versions of each object in the bucket. 365 SizeInBytesCompressed int64 366 367 // An array that specifies the tags (keys and values) that are associated with the 368 // bucket. 369 Tags []KeyValuePair 370 371 // The total number of objects that Amazon Macie can't analyze in the bucket. These 372 // objects don't use a supported storage class or don't have a file name extension 373 // for a supported file or storage format. 374 UnclassifiableObjectCount *ObjectLevelStatistics 375 376 // The total storage size, in bytes, of the objects that Amazon Macie can't analyze 377 // in the bucket. These objects don't use a supported storage class or don't have a 378 // file name extension for a supported file or storage format. 379 UnclassifiableObjectSizeInBytes *ObjectLevelStatistics 380 381 // Specifies whether versioning is enabled for the bucket. 382 Versioning bool 383} 384 385// Provides information about the account-level and bucket-level permissions 386// settings for an S3 bucket. 387type BucketPermissionConfiguration struct { 388 389 // The account-level permissions settings that apply to the bucket. 390 AccountLevelPermissions *AccountLevelPermissions 391 392 // The bucket-level permissions settings for the bucket. 393 BucketLevelPermissions *BucketLevelPermissions 394} 395 396// Provides information about the permissions settings of a bucket policy for an S3 397// bucket. 398type BucketPolicy struct { 399 400 // Specifies whether the bucket policy allows the general public to have read 401 // access to the bucket. 402 AllowsPublicReadAccess bool 403 404 // Specifies whether the bucket policy allows the general public to have write 405 // access to the bucket. 406 AllowsPublicWriteAccess bool 407} 408 409// Provides information about the permissions settings that determine whether an S3 410// bucket is publicly accessible. 411type BucketPublicAccess struct { 412 413 // Specifies whether the bucket is publicly accessible due to the combination of 414 // permissions settings that apply to the bucket. Possible values are: 415 // 416 // * 417 // NOT_PUBLIC - The bucket isn't publicly accessible. 418 // 419 // * PUBLIC - The bucket is 420 // publicly accessible. 421 // 422 // * UNKNOWN - Amazon Macie can't determine whether the 423 // bucket is publicly accessible. 424 EffectivePermission EffectivePermission 425 426 // The account-level and bucket-level permissions for the bucket. 427 PermissionConfiguration *BucketPermissionConfiguration 428} 429 430// Provides information about the default server-side encryption settings for an S3 431// bucket. For detailed information about these settings, see Setting default 432// server-side encryption behavior for Amazon S3 buckets 433// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html) 434// in the Amazon Simple Storage Service User Guide. 435type BucketServerSideEncryption struct { 436 437 // The Amazon Resource Name (ARN) or unique identifier (key ID) for the AWS Key 438 // Management Service (AWS KMS) customer master key (CMK) that's used by default to 439 // encrypt objects that are added to the bucket. This value is null if the bucket 440 // uses an Amazon S3 managed key to encrypt new objects or the bucket doesn't 441 // encrypt new objects by default. 442 KmsMasterKeyId *string 443 444 // The type of server-side encryption that's used by default when storing new 445 // objects in the bucket. Possible values are: 446 // 447 // * AES256 - New objects are 448 // encrypted with an Amazon S3 managed key and use Amazon S3 managed encryption 449 // (SSE-S3). 450 // 451 // * aws:kms - New objects are encrypted with an AWS KMS CMK, specified 452 // by the kmsMasterKeyId property, and use AWS managed AWS KMS encryption (AWS-KMS) 453 // or customer managed AWS KMS encryption (SSE-KMS). 454 // 455 // * NONE - New objects aren't 456 // encrypted by default. Default encryption is disabled for the bucket. 457 Type Type 458} 459 460// Specifies criteria for sorting the results of a query for information about S3 461// buckets. 462type BucketSortCriteria struct { 463 464 // The name of the bucket property to sort the results by. This value can be one of 465 // the following properties that Amazon Macie defines as bucket metadata: 466 // accountId, bucketName, classifiableObjectCount, classifiableSizeInBytes, 467 // objectCount, or sizeInBytes. 468 AttributeName *string 469 470 // The sort order to apply to the results, based on the value specified by the 471 // attributeName property. Valid values are: ASC, sort the results in ascending 472 // order; and, DESC, sort the results in descending order. 473 OrderBy OrderBy 474} 475 476// Specifies the location of an occurrence of sensitive data in a Microsoft Excel 477// workbook, CSV file, or TSV file. 478type Cell struct { 479 480 // The location of the cell, as an absolute cell reference, that contains the data. 481 // For example, Sheet2!C5 for cell C5 on Sheet2 in a Microsoft Excel workbook. This 482 // value is null for CSV and TSV files. 483 CellReference *string 484 485 // The column number of the column that contains the data. For a Microsoft Excel 486 // workbook, this value correlates to the alphabetical character(s) for a column 487 // identifier. For example, 1 for column A, 2 for column B, and so on. 488 Column int64 489 490 // The name of the column that contains the data, if available. This value is also 491 // null if Amazon Macie detects sensitive data in the name of any column in the 492 // file. 493 ColumnName *string 494 495 // The row number of the row that contains the data. 496 Row int64 497} 498 499// Provides information about a sensitive data finding, including the 500// classification job that produced the finding. 501type ClassificationDetails struct { 502 503 // The path to the folder or file (in Amazon S3) that contains the corresponding 504 // sensitive data discovery result for the finding. If a finding applies to a large 505 // archive or compressed file, this value is the path to a folder. Otherwise, this 506 // value is the path to a file. 507 DetailedResultsLocation *string 508 509 // The Amazon Resource Name (ARN) of the classification job that produced the 510 // finding. 511 JobArn *string 512 513 // The unique identifier for the classification job that produced the finding. 514 JobId *string 515 516 // The status and other details for the finding. 517 Result *ClassificationResult 518} 519 520// Specifies where to store data classification results, and the encryption 521// settings to use when storing results in that location. Currently, you can store 522// classification results only in an S3 bucket. 523type ClassificationExportConfiguration struct { 524 525 // The S3 bucket to store data classification results in, and the encryption 526 // settings to use when storing results in that bucket. 527 S3Destination *S3Destination 528} 529 530// Provides the details of a sensitive data finding, including the types, number of 531// occurrences, and locations of the sensitive data that was detected. 532type ClassificationResult struct { 533 534 // Specifies whether Amazon Macie detected additional occurrences of sensitive data 535 // in the S3 object. A finding includes location data for a maximum of 15 536 // occurrences of sensitive data. This value can help you determine whether to 537 // investigate additional occurrences of sensitive data in an object. You can do 538 // this by referring to the corresponding sensitive data discovery result for the 539 // finding (ClassificationDetails.detailedResultsLocation). 540 AdditionalOccurrences bool 541 542 // The custom data identifiers that detected the sensitive data and the number of 543 // occurrences of the data that they detected. 544 CustomDataIdentifiers *CustomDataIdentifiers 545 546 // The type of content, as a MIME type, that the finding applies to. For example, 547 // application/gzip, for a GNU Gzip compressed archive file, or application/pdf, 548 // for an Adobe Portable Document Format file. 549 MimeType *string 550 551 // The category, types, and number of occurrences of the sensitive data that 552 // produced the finding. 553 SensitiveData []SensitiveDataItem 554 555 // The total size, in bytes, of the data that the finding applies to. 556 SizeClassified int64 557 558 // The status of the finding. 559 Status *ClassificationResultStatus 560} 561 562// Provides information about the status of a sensitive data finding. 563type ClassificationResultStatus struct { 564 565 // The status of the finding. Possible values are: 566 // 567 // * COMPLETE - Amazon Macie 568 // successfully completed its analysis of the object that the finding applies 569 // to. 570 // 571 // * PARTIAL - Macie analyzed only a subset of the data in the object that the 572 // finding applies to. For example, the object is an archive file that contains 573 // files in an unsupported format. 574 // 575 // * SKIPPED - Macie wasn't able to analyze the 576 // object that the finding applies to. For example, the object is a malformed file 577 // or a file that uses an unsupported format. 578 Code *string 579 580 // A brief description of the status of the finding. Amazon Macie uses this value 581 // to notify you of any errors, warnings, or considerations that might impact your 582 // analysis of the finding. 583 Reason *string 584} 585 586// Specifies the operator to use in a property-based condition that filters the 587// results of a query for findings. For detailed information and examples of each 588// operator, see Fundamentals of filtering findings 589// (https://docs.aws.amazon.com/macie/latest/user/findings-filter-basics.html) in 590// the Amazon Macie User Guide. 591type CriterionAdditionalProperties struct { 592 593 // The value for the property matches (equals) the specified value. If you specify 594 // multiple values, Macie uses OR logic to join the values. 595 Eq []string 596 597 // The value for the property exclusively matches (equals an exact match for) all 598 // the specified values. If you specify multiple values, Amazon Macie uses AND 599 // logic to join the values. You can use this operator with the following 600 // properties: customDataIdentifiers.detections.arn, 601 // customDataIdentifiers.detections.name, resourcesAffected.s3Bucket.tags.key, 602 // resourcesAffected.s3Bucket.tags.value, resourcesAffected.s3Object.tags.key, 603 // resourcesAffected.s3Object.tags.value, sensitiveData.category, and 604 // sensitiveData.detections.type. 605 EqExactMatch []string 606 607 // The value for the property is greater than the specified value. 608 Gt int64 609 610 // The value for the property is greater than or equal to the specified value. 611 Gte int64 612 613 // The value for the property is less than the specified value. 614 Lt int64 615 616 // The value for the property is less than or equal to the specified value. 617 Lte int64 618 619 // The value for the property doesn't match (doesn't equal) the specified value. If 620 // you specify multiple values, Macie uses OR logic to join the values. 621 Neq []string 622} 623 624// Provides information about custom data identifiers that produced a sensitive 625// data finding, and the number of occurrences of the data that they detected for 626// the finding. 627type CustomDataIdentifiers struct { 628 629 // The custom data identifiers that detected the data, and the number of 630 // occurrences of the data that each identifier detected. 631 Detections []CustomDetection 632 633 // The total number of occurrences of the data that was detected by the custom data 634 // identifiers and produced the finding. 635 TotalCount int64 636} 637 638// Provides information about a custom data identifier. 639type CustomDataIdentifierSummary struct { 640 641 // The Amazon Resource Name (ARN) of the custom data identifier. 642 Arn *string 643 644 // The date and time, in UTC and extended ISO 8601 format, when the custom data 645 // identifier was created. 646 CreatedAt *time.Time 647 648 // The custom description of the custom data identifier. 649 Description *string 650 651 // The unique identifier for the custom data identifier. 652 Id *string 653 654 // The custom name of the custom data identifier. 655 Name *string 656} 657 658// Provides information about a custom data identifier that produced a sensitive 659// data finding, and the sensitive data that it detected for the finding. 660type CustomDetection struct { 661 662 // The Amazon Resource Name (ARN) of the custom data identifier. 663 Arn *string 664 665 // The total number of occurrences of the sensitive data that the custom data 666 // identifier detected. 667 Count int64 668 669 // The name of the custom data identifier. 670 Name *string 671 672 // The location of 1-15 occurrences of the sensitive data that the custom data 673 // identifier detected. A finding includes location data for a maximum of 15 674 // occurrences of sensitive data. 675 Occurrences *Occurrences 676} 677 678// Specifies that a classification job runs once a day, every day. This is an empty 679// object. 680type DailySchedule struct { 681} 682 683// Provides information about a type of sensitive data that was detected by managed 684// data identifiers and produced a sensitive data finding. 685type DefaultDetection struct { 686 687 // The total number of occurrences of the type of sensitive data that was detected. 688 Count int64 689 690 // The location of 1-15 occurrences of the sensitive data that was detected. A 691 // finding includes location data for a maximum of 15 occurrences of sensitive 692 // data. 693 Occurrences *Occurrences 694 695 // The type of sensitive data that was detected. For example, AWS_CREDENTIALS, 696 // PHONE_NUMBER, or ADDRESS. 697 Type *string 698} 699 700// Provides information about the domain name of the device that an entity used to 701// perform an action on an affected resource. 702type DomainDetails struct { 703 704 // The name of the domain. 705 DomainName *string 706} 707 708// Provides information about an identity that performed an action on an affected 709// resource by using temporary security credentials. The credentials were obtained 710// using the GetFederationToken operation of the AWS Security Token Service (AWS 711// STS) API. 712type FederatedUser struct { 713 714 // The AWS access key ID that identifies the credentials. 715 AccessKeyId *string 716 717 // The unique identifier for the AWS account that owns the entity that was used to 718 // get the credentials. 719 AccountId *string 720 721 // The Amazon Resource Name (ARN) of the entity that was used to get the 722 // credentials. 723 Arn *string 724 725 // The unique identifier for the entity that was used to get the credentials. 726 PrincipalId *string 727 728 // The details of the session that was created for the credentials, including the 729 // entity that issued the session. 730 SessionContext *SessionContext 731} 732 733// Provides the details of a finding. 734type Finding struct { 735 736 // The unique identifier for the AWS account that the finding applies to. This is 737 // typically the account that owns the affected resource. 738 AccountId *string 739 740 // Specifies whether the finding is archived. 741 Archived bool 742 743 // The category of the finding. Possible values are: CLASSIFICATION, for a 744 // sensitive data finding; and, POLICY, for a policy finding. 745 Category FindingCategory 746 747 // The details of a sensitive data finding. This value is null for a policy 748 // finding. 749 ClassificationDetails *ClassificationDetails 750 751 // The total number of occurrences of the finding. For sensitive data findings, 752 // this value is always 1. All sensitive data findings are considered new (unique) 753 // because they derive from individual classification jobs. 754 Count int64 755 756 // The date and time, in UTC and extended ISO 8601 format, when the finding was 757 // created. 758 CreatedAt *time.Time 759 760 // The description of the finding. 761 Description *string 762 763 // The unique identifier for the finding. This is a random string that Amazon Macie 764 // generates and assigns to a finding when it creates the finding. 765 Id *string 766 767 // The AWS partition that Amazon Macie created the finding in. 768 Partition *string 769 770 // The details of a policy finding. This value is null for a sensitive data 771 // finding. 772 PolicyDetails *PolicyDetails 773 774 // The AWS Region that Amazon Macie created the finding in. 775 Region *string 776 777 // The resources that the finding applies to. 778 ResourcesAffected *ResourcesAffected 779 780 // Specifies whether the finding is a sample finding. A sample finding is a finding 781 // that uses example data to demonstrate what a finding might contain. 782 Sample bool 783 784 // The version of the schema that was used to define the data structures in the 785 // finding. 786 SchemaVersion *string 787 788 // The severity level and score for the finding. 789 Severity *Severity 790 791 // The brief description of the finding. 792 Title *string 793 794 // The type of the finding. 795 Type FindingType 796 797 // The date and time, in UTC and extended ISO 8601 format, when the finding was 798 // last updated. For sensitive data findings, this value is the same as the value 799 // for the createdAt property. All sensitive data findings are considered new 800 // (unique) because they derive from individual classification jobs. 801 UpdatedAt *time.Time 802} 803 804// Provides information about an action that occurred for a resource and produced a 805// policy finding. 806type FindingAction struct { 807 808 // The type of action that occurred for the affected resource. This value is 809 // typically AWS_API_CALL, which indicates that an entity invoked an API operation 810 // for the resource. 811 ActionType FindingActionType 812 813 // The invocation details of the API operation that an entity invoked for the 814 // affected resource, if the value for the actionType property is AWS_API_CALL. 815 ApiCallDetails *ApiCallDetails 816} 817 818// Provides information about an entity that performed an action that produced a 819// policy finding for a resource. 820type FindingActor struct { 821 822 // The domain name of the device that the entity used to perform the action on the 823 // affected resource. 824 DomainDetails *DomainDetails 825 826 // The IP address of the device that the entity used to perform the action on the 827 // affected resource. This object also provides information such as the owner and 828 // geographic location for the IP address. 829 IpAddressDetails *IpAddressDetails 830 831 // The type and other characteristics of the entity that performed the action on 832 // the affected resource. 833 UserIdentity *UserIdentity 834} 835 836// Specifies, as a map, one or more property-based conditions that filter the 837// results of a query for findings. 838type FindingCriteria struct { 839 840 // A condition that specifies the property, operator, and one or more values to use 841 // to filter the results. 842 Criterion map[string]CriterionAdditionalProperties 843} 844 845// Provides information about a findings filter. 846type FindingsFilterListItem struct { 847 848 // The action that's performed on findings that meet the filter criteria. Possible 849 // values are: ARCHIVE, suppress (automatically archive) the findings; and, NOOP, 850 // don't perform any action on the findings. 851 Action FindingsFilterAction 852 853 // The Amazon Resource Name (ARN) of the filter. 854 Arn *string 855 856 // The unique identifier for the filter. 857 Id *string 858 859 // The custom name of the filter. 860 Name *string 861 862 // A map of key-value pairs that identifies the tags (keys and values) that are 863 // associated with the filter. 864 Tags map[string]string 865} 866 867// Specifies criteria for sorting the results of a query that retrieves aggregated 868// statistical data about findings. 869type FindingStatisticsSortCriteria struct { 870 871 // The grouping to sort the results by. Valid values are: count, sort the results 872 // by the number of findings in each group of results; and, groupKey, sort the 873 // results by the name of each group of results. 874 AttributeName FindingStatisticsSortAttributeName 875 876 // The sort order to apply to the results, based on the value for the property 877 // specified by the attributeName property. Valid values are: ASC, sort the results 878 // in ascending order; and, DESC, sort the results in descending order. 879 OrderBy OrderBy 880} 881 882// Provides a group of results for a query that retrieved aggregated statistical 883// data about findings. 884type GroupCount struct { 885 886 // The total number of findings in the group of query results. 887 Count int64 888 889 // The name of the property that defines the group in the query results, as 890 // specified by the groupBy property in the query request. 891 GroupKey *string 892} 893 894// Provides information about an AWS Identity and Access Management (IAM) user who 895// performed an action on an affected resource. 896type IamUser struct { 897 898 // The unique identifier for the AWS account that's associated with the IAM user 899 // who performed the action. 900 AccountId *string 901 902 // The Amazon Resource Name (ARN) of the principal that performed the action. The 903 // last section of the ARN contains the name of the user who performed the action. 904 Arn *string 905 906 // The unique identifier for the IAM user who performed the action. 907 PrincipalId *string 908 909 // The user name of the IAM user who performed the action. 910 UserName *string 911} 912 913// Provides information about an Amazon Macie membership invitation that was 914// received by an account. 915type Invitation struct { 916 917 // The AWS account ID for the account that sent the invitation. 918 AccountId *string 919 920 // The unique identifier for the invitation. Amazon Macie uses this identifier to 921 // validate the inviter account with the invitee account. 922 InvitationId *string 923 924 // The date and time, in UTC and extended ISO 8601 format, when the invitation was 925 // sent. 926 InvitedAt *time.Time 927 928 // The status of the relationship between the account that sent the invitation 929 // (inviter account) and the account that received the invitation (invitee 930 // account). 931 RelationshipStatus RelationshipStatus 932} 933 934// Provides information about the IP address of the device that an entity used to 935// perform an action on an affected resource. 936type IpAddressDetails struct { 937 938 // The Internet Protocol version 4 (IPv4) address of the device. 939 IpAddressV4 *string 940 941 // The city that the IP address originated from. 942 IpCity *IpCity 943 944 // The country that the IP address originated from. 945 IpCountry *IpCountry 946 947 // The geographic coordinates of the location that the IP address originated from. 948 IpGeoLocation *IpGeoLocation 949 950 // The registered owner of the IP address. 951 IpOwner *IpOwner 952} 953 954// Provides information about the city that an IP address originated from. 955type IpCity struct { 956 957 // The name of the city. 958 Name *string 959} 960 961// Provides information about the country that an IP address originated from. 962type IpCountry struct { 963 964 // The two-character code, in ISO 3166-1 alpha-2 format, for the country that the 965 // IP address originated from. For example, US for the United States. 966 Code *string 967 968 // The name of the country that the IP address originated from. 969 Name *string 970} 971 972// Provides geographic coordinates that indicate where a specified IP address 973// originated from. 974type IpGeoLocation struct { 975 976 // The latitude coordinate of the location, rounded to four decimal places. 977 Lat float64 978 979 // The longitude coordinate of the location, rounded to four decimal places. 980 Lon float64 981} 982 983// Provides information about the registered owner of an IP address. 984type IpOwner struct { 985 986 // The autonomous system number (ASN) for the autonomous system that included the 987 // IP address. 988 Asn *string 989 990 // The organization identifier that's associated with the autonomous system number 991 // (ASN) for the autonomous system that included the IP address. 992 AsnOrg *string 993 994 // The name of the internet service provider (ISP) that owned the IP address. 995 Isp *string 996 997 // The name of the organization that owned the IP address. 998 Org *string 999} 1000 1001// Specifies whether any one-time or recurring classification jobs are configured 1002// to analyze data in an S3 bucket, and, if so, the details of the job that ran 1003// most recently. 1004type JobDetails struct { 1005 1006 // Specifies whether any one-time or recurring jobs are configured to analyze data 1007 // in the bucket. Possible values are: 1008 // 1009 // * TRUE - One or more jobs is configured to 1010 // analyze data in the bucket, and at least one of those jobs has a status other 1011 // than CANCELLED. 1012 // 1013 // * FALSE - No jobs are configured to analyze data in the bucket, 1014 // or all the jobs that are configured to analyze data in the bucket have a status 1015 // of CANCELLED. 1016 // 1017 // * UNKNOWN - An exception occurred when Amazon Macie attempted to 1018 // retrieve job data for the bucket. 1019 IsDefinedInJob IsDefinedInJob 1020 1021 // Specifies whether any recurring jobs are configured to analyze data in the 1022 // bucket. Possible values are: 1023 // 1024 // * TRUE - One or more recurring jobs is configured 1025 // to analyze data in the bucket, and at least one of those jobs has a status other 1026 // than CANCELLED. 1027 // 1028 // * FALSE - No recurring jobs are configured to analyze data in 1029 // the bucket, or all the recurring jobs that are configured to analyze data in the 1030 // bucket have a status of CANCELLED. 1031 // 1032 // * UNKNOWN - An exception occurred when 1033 // Amazon Macie attempted to retrieve job data for the bucket. 1034 IsMonitoredByJob IsMonitoredByJob 1035 1036 // The unique identifier for the job that ran most recently (either the latest run 1037 // of a recurring job or the only run of a one-time job) and is configured to 1038 // analyze data in the bucket. This value is null if the value for the 1039 // isDefinedInJob property is FALSE or UNKNOWN. 1040 LastJobId *string 1041 1042 // The date and time, in UTC and extended ISO 8601 format, when the job (lastJobId) 1043 // started. If the job is a recurring job, this value indicates when the most 1044 // recent run started. This value is null if the value for the isDefinedInJob 1045 // property is FALSE or UNKNOWN. 1046 LastJobRunTime *time.Time 1047} 1048 1049// Specifies the recurrence pattern for running a classification job. 1050type JobScheduleFrequency struct { 1051 1052 // Specifies a daily recurrence pattern for running the job. 1053 DailySchedule *DailySchedule 1054 1055 // Specifies a monthly recurrence pattern for running the job. 1056 MonthlySchedule *MonthlySchedule 1057 1058 // Specifies a weekly recurrence pattern for running the job. 1059 WeeklySchedule *WeeklySchedule 1060} 1061 1062// Specifies a property- or tag-based condition that defines criteria for including 1063// or excluding objects from a classification job. 1064type JobScopeTerm struct { 1065 1066 // A property-based condition that defines a property, operator, and one or more 1067 // values for including or excluding an object from the job. 1068 SimpleScopeTerm *SimpleScopeTerm 1069 1070 // A tag-based condition that defines the operator and tag keys or tag key and 1071 // value pairs for including or excluding an object from the job. 1072 TagScopeTerm *TagScopeTerm 1073} 1074 1075// Specifies one or more property- and tag-based conditions that define criteria 1076// for including or excluding objects from a classification job. If you specify 1077// more than one condition, Amazon Macie uses an AND operator to join the 1078// conditions. 1079type JobScopingBlock struct { 1080 1081 // An array of conditions, one for each condition that determines which objects to 1082 // include or exclude from the job. 1083 And []JobScopeTerm 1084} 1085 1086// Provides information about a classification job, including the current status of 1087// the job. 1088type JobSummary struct { 1089 1090 // The S3 buckets that the job is configured to analyze. 1091 BucketDefinitions []S3BucketDefinitionForJob 1092 1093 // The date and time, in UTC and extended ISO 8601 format, when the job was 1094 // created. 1095 CreatedAt *time.Time 1096 1097 // The unique identifier for the job. 1098 JobId *string 1099 1100 // The current status of the job. Possible values are: 1101 // 1102 // * CANCELLED - You cancelled 1103 // the job or, if it's a one-time job, you paused the job and didn't resume it 1104 // within 30 days. 1105 // 1106 // * COMPLETE - For a one-time job, Amazon Macie finished 1107 // processing the data specified for the job. This value doesn't apply to recurring 1108 // jobs. 1109 // 1110 // * IDLE - For a recurring job, the previous scheduled run is complete and 1111 // the next scheduled run is pending. This value doesn't apply to one-time jobs. 1112 // 1113 // * 1114 // PAUSED - Amazon Macie started running the job but additional processing would 1115 // exceed the monthly sensitive data discovery quota for your account or one or 1116 // more member accounts that the job analyzes data for. 1117 // 1118 // * RUNNING - For a one-time 1119 // job, the job is in progress. For a recurring job, a scheduled run is in 1120 // progress. 1121 // 1122 // * USER_PAUSED - You paused the job. If you paused the job while it 1123 // had a status of RUNNING and you don't resume it within 30 days of pausing it, 1124 // the job or job run will expire and be cancelled, depending on the job's type. To 1125 // check the expiration date, refer to the UserPausedDetails.jobExpiresAt property. 1126 JobStatus JobStatus 1127 1128 // The schedule for running the job. Possible values are: 1129 // 1130 // * ONE_TIME - The job 1131 // runs only once. 1132 // 1133 // * SCHEDULED - The job runs on a daily, weekly, or monthly 1134 // basis. 1135 JobType JobType 1136 1137 // Specifies whether any account- or bucket-level access errors occurred when the 1138 // job ran. For a recurring job, this value indicates the error status of the job's 1139 // most recent run. 1140 LastRunErrorStatus *LastRunErrorStatus 1141 1142 // The custom name of the job. 1143 Name *string 1144 1145 // If the current status of the job is USER_PAUSED, specifies when the job was 1146 // paused and when the job or job run will expire and be cancelled if it isn't 1147 // resumed. This value is present only if the value for jobStatus is USER_PAUSED. 1148 UserPausedDetails *UserPausedDetails 1149} 1150 1151// Provides information about the tags that are associated with an S3 bucket or 1152// object. Each tag consists of a required tag key and an associated tag value. 1153type KeyValuePair struct { 1154 1155 // One part of a key-value pair that comprises a tag. A tag key is a general label 1156 // that acts as a category for more specific tag values. 1157 Key *string 1158 1159 // One part of a key-value pair that comprises a tag. A tag value acts as a 1160 // descriptor for a tag key. A tag value can be an empty string. 1161 Value *string 1162} 1163 1164// Specifies whether any account- or bucket-level access errors occurred when a 1165// classification job ran. For example, the job is configured to analyze data for a 1166// member account that was suspended, or the job is configured to analyze an S3 1167// bucket that Amazon Macie isn't allowed to access. 1168type LastRunErrorStatus struct { 1169 1170 // Specifies whether any account- or bucket-level access errors occurred when the 1171 // job ran. For a recurring job, this value indicates the error status of the job's 1172 // most recent run. Possible values are: 1173 // 1174 // * ERROR - One or more errors occurred. 1175 // Amazon Macie didn't process all the data specified for the job. 1176 // 1177 // * NONE - No 1178 // errors occurred. Macie processed all the data specified for the job. 1179 Code LastRunErrorStatusCode 1180} 1181 1182// Specifies criteria for filtering the results of a request for information about 1183// classification jobs. 1184type ListJobsFilterCriteria struct { 1185 1186 // An array of objects, one for each condition that determines which jobs to 1187 // exclude from the results. 1188 Excludes []ListJobsFilterTerm 1189 1190 // An array of objects, one for each condition that determines which jobs to 1191 // include in the results. 1192 Includes []ListJobsFilterTerm 1193} 1194 1195// Specifies a condition that filters the results of a request for information 1196// about classification jobs. Each condition consists of a property, an operator, 1197// and one or more values. 1198type ListJobsFilterTerm struct { 1199 1200 // The operator to use to filter the results. 1201 Comparator JobComparator 1202 1203 // The property to use to filter the results. 1204 Key ListJobsFilterKey 1205 1206 // An array that lists one or more values to use to filter the results. 1207 Values []string 1208} 1209 1210// Specifies criteria for sorting the results of a request for information about 1211// classification jobs. 1212type ListJobsSortCriteria struct { 1213 1214 // The property to sort the results by. 1215 AttributeName ListJobsSortAttributeName 1216 1217 // The sort order to apply to the results, based on the value for the property 1218 // specified by the attributeName property. Valid values are: ASC, sort the results 1219 // in ascending order; and, DESC, sort the results in descending order. 1220 OrderBy OrderBy 1221} 1222 1223// Provides information about an account that's associated with an Amazon Macie 1224// administrator account. 1225type Member struct { 1226 1227 // The AWS account ID for the account. 1228 AccountId *string 1229 1230 // The AWS account ID for the administrator account. 1231 AdministratorAccountId *string 1232 1233 // The Amazon Resource Name (ARN) of the account. 1234 Arn *string 1235 1236 // The email address for the account. 1237 Email *string 1238 1239 // The date and time, in UTC and extended ISO 8601 format, when an Amazon Macie 1240 // membership invitation was last sent to the account. This value is null if a 1241 // Macie invitation hasn't been sent to the account. 1242 InvitedAt *time.Time 1243 1244 // (Deprecated) The AWS account ID for the administrator account. This property has 1245 // been replaced by the administratorAccountId property and is retained only for 1246 // backward compatibility. 1247 MasterAccountId *string 1248 1249 // The current status of the relationship between the account and the administrator 1250 // account. 1251 RelationshipStatus RelationshipStatus 1252 1253 // A map of key-value pairs that identifies the tags (keys and values) that are 1254 // associated with the account in Amazon Macie. 1255 Tags map[string]string 1256 1257 // The date and time, in UTC and extended ISO 8601 format, of the most recent 1258 // change to the status of the relationship between the account and the 1259 // administrator account. 1260 UpdatedAt *time.Time 1261} 1262 1263// Specifies a monthly recurrence pattern for running a classification job. 1264type MonthlySchedule struct { 1265 1266 // The numeric day of the month when Amazon Macie runs the job. This value can be 1267 // an integer from 1 through 31. If this value exceeds the number of days in a 1268 // certain month, Macie doesn't run the job that month. Macie runs the job only 1269 // during months that have the specified day. For example, if this value is 31 and 1270 // a month has only 30 days, Macie doesn't run the job that month. To run the job 1271 // every month, specify a value that's less than 29. 1272 DayOfMonth int32 1273} 1274 1275// Provides information about the number of objects that are in an S3 bucket and 1276// use certain types of server-side encryption, use client-side encryption, or 1277// aren't encrypted. 1278type ObjectCountByEncryptionType struct { 1279 1280 // The total number of objects that are encrypted using a customer-managed key. The 1281 // objects use customer-provided server-side encryption (SSE-C). 1282 CustomerManaged int64 1283 1284 // The total number of objects that are encrypted using an AWS Key Management 1285 // Service (AWS KMS) customer master key (CMK). The objects use AWS managed AWS KMS 1286 // encryption (AWS-KMS) or customer managed AWS KMS encryption (SSE-KMS). 1287 KmsManaged int64 1288 1289 // The total number of objects that are encrypted using an Amazon S3 managed key. 1290 // The objects use Amazon S3 managed encryption (SSE-S3). 1291 S3Managed int64 1292 1293 // The total number of objects that aren't encrypted or use client-side encryption. 1294 Unencrypted int64 1295} 1296 1297// Provides information about the total storage size (in bytes) or number of 1298// objects that Amazon Macie can't analyze in one or more S3 buckets. In a 1299// BucketMetadata object, this data is for a specific bucket. In a 1300// GetBucketStatisticsResponse object, this data is aggregated for all the buckets 1301// in the query results. If versioning is enabled for a bucket, total storage size 1302// values are based on the size of the latest version of each applicable object in 1303// the bucket. 1304type ObjectLevelStatistics struct { 1305 1306 // The total storage size (in bytes) or number of objects that Amazon Macie can't 1307 // analyze because the objects don't have a file name extension for a supported 1308 // file or storage format. 1309 FileType int64 1310 1311 // The total storage size (in bytes) or number of objects that Amazon Macie can't 1312 // analyze because the objects use an unsupported storage class. 1313 StorageClass int64 1314 1315 // The total storage size (in bytes) or number of objects that Amazon Macie can't 1316 // analyze because the objects use an unsupported storage class or don't have a 1317 // file name extension for a supported file or storage format. 1318 Total int64 1319} 1320 1321// Provides the location of 1-15 occurrences of sensitive data that was detected by 1322// managed data identifiers or a custom data identifier and produced a sensitive 1323// data finding. 1324type Occurrences struct { 1325 1326 // An array of objects, one for each occurrence of sensitive data in a Microsoft 1327 // Excel workbook, CSV file, or TSV file. Each object specifies the cell or field 1328 // that contains the data. This value is null for all other types of files. 1329 Cells []Cell 1330 1331 // An array of objects, one for each occurrence of sensitive data in a Microsoft 1332 // Word document or non-binary text file, such as an HTML, JSON, TXT, or XML file. 1333 // Each object specifies the line that contains the data, and the position of the 1334 // data on that line. This value is often null for file types that are supported by 1335 // Cell, Page, or Record objects. Exceptions are the locations of data in: 1336 // unstructured sections of an otherwise structured file, such as a comment in a 1337 // file; a malformed file that Amazon Macie analyzes as plain text; and, a CSV or 1338 // TSV file that has any column names that contain sensitive data. 1339 LineRanges []Range 1340 1341 // An array of objects, one for each occurrence of sensitive data in a binary text 1342 // file. Each object specifies the position of the data relative to the beginning 1343 // of the file. This value is typically null. For binary text files, Amazon Macie 1344 // adds location data to a lineRanges.Range or Page object, depending on the file 1345 // type. 1346 OffsetRanges []Range 1347 1348 // An array of objects, one for each occurrence of sensitive data in an Adobe 1349 // Portable Document Format file. Each object specifies the page that contains the 1350 // data, and the position of the data on that page. This value is null for all 1351 // other types of files. 1352 Pages []Page 1353 1354 // An array of objects, one for each occurrence of sensitive data in an Apache Avro 1355 // object container or Apache Parquet file. Each object specifies the record index 1356 // and the path to the field in the record that contains the data. This value is 1357 // null for all other types of files. 1358 Records []Record 1359} 1360 1361// Specifies the location of an occurrence of sensitive data in an Adobe Portable 1362// Document Format file. 1363type Page struct { 1364 1365 // The line that contains the data, and the position of the data on that line. 1366 LineRange *Range 1367 1368 // The position of the data on the page, relative to the beginning of the page. 1369 OffsetRange *Range 1370 1371 // The page number of the page that contains the data. 1372 PageNumber int64 1373} 1374 1375// Provides the details of a policy finding. 1376type PolicyDetails struct { 1377 1378 // The action that produced the finding. 1379 Action *FindingAction 1380 1381 // The entity that performed the action that produced the finding. 1382 Actor *FindingActor 1383} 1384 1385// Provides details about the location of an occurrence of sensitive data in an 1386// Adobe Portable Document Format file, Microsoft Word document, or non-binary text 1387// file. 1388type Range struct { 1389 1390 // Possible values are: 1391 // 1392 // * In an Occurrences.lineRanges array, the number of lines 1393 // from the beginning of the file to the end of the sensitive data. 1394 // 1395 // * In an 1396 // Occurrences.offsetRanges array, the number of characters from the beginning of 1397 // the file to the end of the sensitive data. 1398 // 1399 // * In a Page object, the number of 1400 // lines (lineRange) or characters (offsetRange) from the beginning of the page to 1401 // the end of the sensitive data. 1402 End int64 1403 1404 // Possible values are: 1405 // 1406 // * In an Occurrences.lineRanges array, the number of lines 1407 // from the beginning of the file to the beginning of the sensitive data. 1408 // 1409 // * In an 1410 // Occurrences.offsetRanges array, the number of characters from the beginning of 1411 // the file to the beginning of the sensitive data. 1412 // 1413 // * In a Page object, the number 1414 // of lines (lineRange) or characters (offsetRange) from the beginning of the page 1415 // to the beginning of the sensitive data. 1416 Start int64 1417 1418 // The column number for the column that contains the data, if the file contains 1419 // structured data. 1420 StartColumn int64 1421} 1422 1423// Specifies the location of an occurrence of sensitive data in an Apache Avro 1424// object container or Apache Parquet file. 1425type Record struct { 1426 1427 // The path, as a JSONPath expression, to the field in the record that contains the 1428 // data. If Amazon Macie detects sensitive data in the name of any element in the 1429 // path, Macie omits this field. If the name of an element exceeds 20 characters, 1430 // Macie truncates the name by removing characters from the beginning of the name. 1431 // If the resulting full path exceeds 250 characters, Macie also truncates the 1432 // path, starting with the first element in the path, until the path contains 250 1433 // or fewer characters. 1434 JsonPath *string 1435 1436 // The record index, starting from 0, for the record that contains the data. 1437 RecordIndex int64 1438} 1439 1440// Provides information about settings that define whether one or more objects in 1441// an S3 bucket are replicated to S3 buckets for other AWS accounts and, if so, 1442// which accounts. 1443type ReplicationDetails struct { 1444 1445 // Specifies whether the bucket is configured to replicate one or more objects to 1446 // any destination. 1447 Replicated bool 1448 1449 // Specifies whether the bucket is configured to replicate one or more objects to 1450 // an AWS account that isn't part of the same Amazon Macie organization. 1451 ReplicatedExternally bool 1452 1453 // An array of AWS account IDs, one for each AWS account that the bucket is 1454 // configured to replicate one or more objects to. 1455 ReplicationAccounts []string 1456} 1457 1458// Provides information about the resources that a finding applies to. 1459type ResourcesAffected struct { 1460 1461 // An array of objects, one for each S3 bucket that the finding applies to. Each 1462 // object provides a set of metadata about an affected S3 bucket. 1463 S3Bucket *S3Bucket 1464 1465 // An array of objects, one for each S3 object that the finding applies to. Each 1466 // object provides a set of metadata about an affected S3 object. 1467 S3Object *S3Object 1468} 1469 1470// Provides information about an S3 bucket that a finding applies to. 1471type S3Bucket struct { 1472 1473 // The Amazon Resource Name (ARN) of the bucket. 1474 Arn *string 1475 1476 // The date and time, in UTC and extended ISO 8601 format, when the bucket was 1477 // created. 1478 CreatedAt *time.Time 1479 1480 // The type of server-side encryption that's used by default to encrypt objects in 1481 // the bucket. 1482 DefaultServerSideEncryption *ServerSideEncryption 1483 1484 // The name of the bucket. 1485 Name *string 1486 1487 // The display name and account identifier for the user who owns the bucket. 1488 Owner *S3BucketOwner 1489 1490 // The permissions settings that determine whether the bucket is publicly 1491 // accessible. 1492 PublicAccess *BucketPublicAccess 1493 1494 // The tags that are associated with the bucket. 1495 Tags []KeyValuePair 1496} 1497 1498// Specifies which AWS account owns the S3 buckets that a classification job 1499// analyzes, and the buckets to analyze for the account. 1500type S3BucketDefinitionForJob struct { 1501 1502 // The unique identifier for the AWS account that owns the buckets. 1503 // 1504 // This member is required. 1505 AccountId *string 1506 1507 // An array that lists the names of the buckets. 1508 // 1509 // This member is required. 1510 Buckets []string 1511} 1512 1513// Provides information about the user who owns an S3 bucket. 1514type S3BucketOwner struct { 1515 1516 // The display name of the user who owns the bucket. 1517 DisplayName *string 1518 1519 // The AWS account ID for the user who owns the bucket. 1520 Id *string 1521} 1522 1523// Specifies an S3 bucket to store data classification results in, and the 1524// encryption settings to use when storing results in that bucket. 1525type S3Destination struct { 1526 1527 // The name of the bucket. 1528 // 1529 // This member is required. 1530 BucketName *string 1531 1532 // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) 1533 // customer master key (CMK) to use for encryption of the results. This must be the 1534 // ARN of an existing CMK that's in the same AWS Region as the bucket. 1535 // 1536 // This member is required. 1537 KmsKeyArn *string 1538 1539 // The path prefix to use in the path to the location in the bucket. This prefix 1540 // specifies where to store classification results in the bucket. 1541 KeyPrefix *string 1542} 1543 1544// Specifies which S3 buckets contain the objects that a classification job 1545// analyzes, and the scope of that analysis. 1546type S3JobDefinition struct { 1547 1548 // An array of objects, one for each AWS account that owns buckets to analyze. Each 1549 // object specifies the account ID for an account and one or more buckets to 1550 // analyze for the account. 1551 BucketDefinitions []S3BucketDefinitionForJob 1552 1553 // The property- and tag-based conditions that determine which objects to include 1554 // or exclude from the analysis. 1555 Scoping *Scoping 1556} 1557 1558// Provides information about an S3 object that a finding applies to. 1559type S3Object struct { 1560 1561 // The Amazon Resource Name (ARN) of the bucket that contains the object. 1562 BucketArn *string 1563 1564 // The entity tag (ETag) that identifies the affected version of the object. If the 1565 // object was overwritten or changed after Amazon Macie produced the finding, this 1566 // value might be different from the current ETag for the object. 1567 ETag *string 1568 1569 // The file name extension of the object. If the object doesn't have a file name 1570 // extension, this value is "". 1571 Extension *string 1572 1573 // The full key (name) that's assigned to the object. 1574 Key *string 1575 1576 // The date and time, in UTC and extended ISO 8601 format, when the object was last 1577 // modified. 1578 LastModified *time.Time 1579 1580 // The path to the object, including the full key (name). 1581 Path *string 1582 1583 // Specifies whether the object is publicly accessible due to the combination of 1584 // permissions settings that apply to the object. 1585 PublicAccess bool 1586 1587 // The type of server-side encryption that's used to encrypt the object. 1588 ServerSideEncryption *ServerSideEncryption 1589 1590 // The total storage size, in bytes, of the object. 1591 Size int64 1592 1593 // The storage class of the object. 1594 StorageClass StorageClass 1595 1596 // The tags that are associated with the object. 1597 Tags []KeyValuePair 1598 1599 // The identifier for the affected version of the object. 1600 VersionId *string 1601} 1602 1603// Specifies one or more property- and tag-based conditions that refine the scope 1604// of a classification job. These conditions define criteria that determine which 1605// objects a job analyzes. Exclude conditions take precedence over include 1606// conditions. 1607type Scoping struct { 1608 1609 // The property- or tag-based conditions that determine which objects to exclude 1610 // from the analysis. 1611 Excludes *JobScopingBlock 1612 1613 // The property- or tag-based conditions that determine which objects to include in 1614 // the analysis. 1615 Includes *JobScopingBlock 1616} 1617 1618// Specifies configuration settings that determine which findings are published to 1619// AWS Security Hub automatically. For information about how Macie publishes 1620// findings to Security Hub, see Amazon Macie integration with Security Hub 1621// (https://docs.aws.amazon.com/macie/latest/user/securityhub-integration.html) in 1622// the Amazon Macie User Guide. 1623type SecurityHubConfiguration struct { 1624 1625 // Specifies whether to publish sensitive data findings to AWS Security Hub. If you 1626 // set this value to true, Amazon Macie automatically publishes all sensitive data 1627 // findings that weren't suppressed by a findings filter. The default value is 1628 // false. 1629 // 1630 // This member is required. 1631 PublishClassificationFindings bool 1632 1633 // Specifies whether to publish policy findings to AWS Security Hub. If you set 1634 // this value to true, Amazon Macie automatically publishes all new and updated 1635 // policy findings that weren't suppressed by a findings filter. The default value 1636 // is true. 1637 // 1638 // This member is required. 1639 PublishPolicyFindings bool 1640} 1641 1642// Provides information about the category, types, and occurrences of sensitive 1643// data that produced a sensitive data finding. 1644type SensitiveDataItem struct { 1645 1646 // The category of sensitive data that was detected. For example: CREDENTIALS, for 1647 // credentials data such as private keys or AWS secret keys; FINANCIAL_INFORMATION, 1648 // for financial data such as credit card numbers; or, PERSONAL_INFORMATION, for 1649 // personal health information, such as health insurance identification numbers, or 1650 // personally identifiable information, such as driver's license identification 1651 // numbers. 1652 Category SensitiveDataItemCategory 1653 1654 // An array of objects, one for each type of sensitive data that was detected. Each 1655 // object reports the number of occurrences of a specific type of sensitive data 1656 // that was detected, and the location of up to 15 of those occurrences. 1657 Detections []DefaultDetection 1658 1659 // The total number of occurrences of the sensitive data that was detected. 1660 TotalCount int64 1661} 1662 1663// Provides information about the server-side encryption settings for an S3 bucket 1664// or S3 object. 1665type ServerSideEncryption struct { 1666 1667 // The server-side encryption algorithm that's used when storing data in the bucket 1668 // or object. If default encryption is disabled for the bucket or the object isn't 1669 // encrypted using server-side encryption, this value is NONE. 1670 EncryptionType EncryptionType 1671 1672 // The Amazon Resource Name (ARN) or unique identifier (key ID) for the AWS Key 1673 // Management Service (AWS KMS) customer master key (CMK) that's used to encrypt 1674 // data in the bucket or the object. If an AWS KMS CMK isn't used, this value is 1675 // null. 1676 KmsMasterKeyId *string 1677} 1678 1679// Specifies a current quota for an Amazon Macie account. 1680type ServiceLimit struct { 1681 1682 // Specifies whether the account has met the quota that corresponds to the metric 1683 // specified by the UsageByAccount.type field in the response. 1684 IsServiceLimited bool 1685 1686 // The unit of measurement for the value specified by the value field. 1687 Unit Unit 1688 1689 // The value for the metric specified by the UsageByAccount.type field in the 1690 // response. 1691 Value int64 1692} 1693 1694// Provides information about a session that was created for an entity that 1695// performed an action by using temporary security credentials. 1696type SessionContext struct { 1697 1698 // The date and time when the credentials were issued, and whether the credentials 1699 // were authenticated with a multi-factor authentication (MFA) device. 1700 Attributes *SessionContextAttributes 1701 1702 // The source and type of credentials that were issued to the entity. 1703 SessionIssuer *SessionIssuer 1704} 1705 1706// Provides information about the context in which temporary security credentials 1707// were issued to an entity. 1708type SessionContextAttributes struct { 1709 1710 // The date and time, in UTC and ISO 8601 format, when the credentials were issued. 1711 CreationDate *time.Time 1712 1713 // Specifies whether the credentials were authenticated with a multi-factor 1714 // authentication (MFA) device. 1715 MfaAuthenticated bool 1716} 1717 1718// Provides information about the source and type of temporary security credentials 1719// that were issued to an entity. 1720type SessionIssuer struct { 1721 1722 // The unique identifier for the AWS account that owns the entity that was used to 1723 // get the credentials. 1724 AccountId *string 1725 1726 // The Amazon Resource Name (ARN) of the source account, IAM user, or role that was 1727 // used to get the credentials. 1728 Arn *string 1729 1730 // The unique identifier for the entity that was used to get the credentials. 1731 PrincipalId *string 1732 1733 // The source of the temporary security credentials, such as Root, IAMUser, or 1734 // Role. 1735 Type *string 1736 1737 // The name or alias of the user or role that issued the session. This value is 1738 // null if the credentials were obtained from a root account that doesn't have an 1739 // alias. 1740 UserName *string 1741} 1742 1743// Provides the numerical and qualitative representations of a finding's severity. 1744type Severity struct { 1745 1746 // The qualitative representation of the finding's severity, ranging from Low 1747 // (least severe) to High (most severe). 1748 Description SeverityDescription 1749 1750 // The numerical representation of the finding's severity, ranging from 1 (least 1751 // severe) to 3 (most severe). 1752 Score int64 1753} 1754 1755// Specifies a property-based condition that determines whether an object is 1756// included or excluded from a classification job. 1757type SimpleScopeTerm struct { 1758 1759 // The operator to use in the condition. Valid operators for each supported 1760 // property (key) are: 1761 // 1762 // * OBJECT_EXTENSION - EQ (equals) or NE (not equals) 1763 // 1764 // * 1765 // OBJECT_KEY - STARTS_WITH 1766 // 1767 // * OBJECT_LAST_MODIFIED_DATE - Any operator except 1768 // CONTAINS 1769 // 1770 // * OBJECT_SIZE - Any operator except CONTAINS 1771 // 1772 // * TAG - EQ (equals) or 1773 // NE (not equals) 1774 Comparator JobComparator 1775 1776 // The object property to use in the condition. 1777 Key ScopeFilterKey 1778 1779 // An array that lists the values to use in the condition. If the value for the key 1780 // property is OBJECT_EXTENSION or OBJECT_KEY, this array can specify multiple 1781 // values and Amazon Macie uses an OR operator to join the values. Otherwise, this 1782 // array can specify only one value. Valid values for each supported property (key) 1783 // are: 1784 // 1785 // * OBJECT_EXTENSION - A string that represents the file name extension of 1786 // an object. For example: docx or pdf 1787 // 1788 // * OBJECT_KEY - A string that represents the 1789 // key prefix (folder name or path) of an object. For example: logs or 1790 // awslogs/eventlogs. This value applies a condition to objects whose keys (names) 1791 // begin with the specified value. 1792 // 1793 // * OBJECT_LAST_MODIFIED_DATE - The date and time 1794 // (in UTC and extended ISO 8601 format) when an object was created or last 1795 // changed, whichever is latest. For example: 2020-09-28T14:31:13Z 1796 // 1797 // * OBJECT_SIZE - 1798 // An integer that represents the storage size (in bytes) of an object. 1799 // 1800 // * TAG - A 1801 // string that represents a tag key for an object. For advanced options, use a 1802 // TagScopeTerm object, instead of a SimpleScopeTerm object, to define a tag-based 1803 // condition for the job. 1804 // 1805 // Macie doesn't support use of wildcard characters in 1806 // values. Also, string values are case sensitive. 1807 Values []string 1808} 1809 1810// Specifies criteria for sorting the results of a request for findings. 1811type SortCriteria struct { 1812 1813 // The name of the property to sort the results by. This value can be the name of 1814 // any property that Amazon Macie defines for a finding. 1815 AttributeName *string 1816 1817 // The sort order to apply to the results, based on the value for the property 1818 // specified by the attributeName property. Valid values are: ASC, sort the results 1819 // in ascending order; and, DESC, sort the results in descending order. 1820 OrderBy OrderBy 1821} 1822 1823// Provides processing statistics for a classification job. 1824type Statistics struct { 1825 1826 // The approximate number of objects that the job has yet to process during its 1827 // current run. 1828 ApproximateNumberOfObjectsToProcess float64 1829 1830 // The number of times that the job has run. 1831 NumberOfRuns float64 1832} 1833 1834// Specifies a tag-based condition that determines whether an object is included or 1835// excluded from a classification job. 1836type TagScopeTerm struct { 1837 1838 // The operator to use in the condition. Valid operators are EQ (equals) or NE (not 1839 // equals). 1840 Comparator JobComparator 1841 1842 // The tag key to use in the condition. 1843 Key *string 1844 1845 // The tag keys or tag key and value pairs to use in the condition. 1846 TagValues []TagValuePair 1847 1848 // The type of object to apply the condition to. 1849 Target TagTarget 1850} 1851 1852// Specifies a tag key or tag key and value pair to use in a tag-based condition 1853// for a classification job. 1854type TagValuePair struct { 1855 1856 // The value for the tag key to use in the condition. 1857 Key *string 1858 1859 // The tag value, associated with the specified tag key (key), to use in the 1860 // condition. To specify only a tag key for a condition, specify the tag key for 1861 // the key property and set this value to an empty string. 1862 Value *string 1863} 1864 1865// Provides information about an account-related request that hasn't been 1866// processed. 1867type UnprocessedAccount struct { 1868 1869 // The AWS account ID for the account that the request applies to. 1870 AccountId *string 1871 1872 // The source of the issue or delay in processing the request. 1873 ErrorCode ErrorCode 1874 1875 // The reason why the request hasn't been processed. 1876 ErrorMessage *string 1877} 1878 1879// Provides data for a specific usage metric and the corresponding quota for an 1880// Amazon Macie account. 1881type UsageByAccount struct { 1882 1883 // The type of currency that the value for the metric (estimatedCost) is reported 1884 // in. 1885 Currency Currency 1886 1887 // The estimated value for the metric. 1888 EstimatedCost *string 1889 1890 // The current value for the quota that corresponds to the metric specified by the 1891 // type field. 1892 ServiceLimit *ServiceLimit 1893 1894 // The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for 1895 // monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects 1896 // to detect sensitive data. 1897 Type UsageType 1898} 1899 1900// Provides quota and aggregated usage data for an Amazon Macie account. 1901type UsageRecord struct { 1902 1903 // The unique identifier for the AWS account that the data applies to. 1904 AccountId *string 1905 1906 // The date and time, in UTC and extended ISO 8601 format, when the free trial 1907 // started for the account. 1908 FreeTrialStartDate *time.Time 1909 1910 // An array of objects that contains usage data and quotas for the account. Each 1911 // object contains the data for a specific usage metric and the corresponding 1912 // quota. 1913 Usage []UsageByAccount 1914} 1915 1916// Specifies a condition for filtering the results of a query for quota and usage 1917// data for one or more Amazon Macie accounts. 1918type UsageStatisticsFilter struct { 1919 1920 // The operator to use in the condition. If the value for the key property is 1921 // accountId, this value must be CONTAINS. If the value for the key property is any 1922 // other supported field, this value can be EQ, GT, GTE, LT, LTE, or NE. 1923 Comparator UsageStatisticsFilterComparator 1924 1925 // The field to use in the condition. 1926 Key UsageStatisticsFilterKey 1927 1928 // An array that lists values to use in the condition, based on the value for the 1929 // field specified by the key property. If the value for the key property is 1930 // accountId, this array can specify multiple values. Otherwise, this array can 1931 // specify only one value. Valid values for each supported field are: 1932 // 1933 // * accountId 1934 // - The unique identifier for an AWS account. 1935 // 1936 // * freeTrialStartDate - The date and 1937 // time, in UTC and extended ISO 8601 format, when the free trial started for an 1938 // account. 1939 // 1940 // * serviceLimit - A Boolean (true or false) value that indicates 1941 // whether an account has reached its monthly quota. 1942 // 1943 // * total - A string that 1944 // represents the current estimated cost for an account. 1945 Values []string 1946} 1947 1948// Specifies criteria for sorting the results of a query for Amazon Macie account 1949// quotas and usage data. 1950type UsageStatisticsSortBy struct { 1951 1952 // The field to sort the results by. 1953 Key UsageStatisticsSortKey 1954 1955 // The sort order to apply to the results, based on the value for the field 1956 // specified by the key property. Valid values are: ASC, sort the results in 1957 // ascending order; and, DESC, sort the results in descending order. 1958 OrderBy OrderBy 1959} 1960 1961// Provides aggregated data for an Amazon Macie usage metric. The value for the 1962// metric reports estimated usage data for an account for the preceding 30 days or 1963// the current calendar month to date, depending on the time period (timeRange) 1964// specified in the request. 1965type UsageTotal struct { 1966 1967 // The type of currency that the value for the metric (estimatedCost) is reported 1968 // in. 1969 Currency Currency 1970 1971 // The estimated value for the metric. 1972 EstimatedCost *string 1973 1974 // The name of the metric. Possible values are: DATA_INVENTORY_EVALUATION, for 1975 // monitoring S3 buckets; and, SENSITIVE_DATA_DISCOVERY, for analyzing S3 objects 1976 // to detect sensitive data. 1977 Type UsageType 1978} 1979 1980// Provides information about the type and other characteristics of an entity that 1981// performed an action on an affected resource. 1982type UserIdentity struct { 1983 1984 // If the action was performed with temporary security credentials that were 1985 // obtained using the AssumeRole operation of the AWS Security Token Service (AWS 1986 // STS) API, the identifiers, session context, and other details about the 1987 // identity. 1988 AssumedRole *AssumedRole 1989 1990 // If the action was performed using the credentials for another AWS account, the 1991 // details of that account. 1992 AwsAccount *AwsAccount 1993 1994 // If the action was performed by an AWS account that belongs to an AWS service, 1995 // the name of the service. 1996 AwsService *AwsService 1997 1998 // If the action was performed with temporary security credentials that were 1999 // obtained using the GetFederationToken operation of the AWS Security Token 2000 // Service (AWS STS) API, the identifiers, session context, and other details about 2001 // the identity. 2002 FederatedUser *FederatedUser 2003 2004 // If the action was performed using the credentials for an AWS Identity and Access 2005 // Management (IAM) user, the name and other details about the user. 2006 IamUser *IamUser 2007 2008 // If the action was performed using the credentials for your AWS account, the 2009 // details of your account. 2010 Root *UserIdentityRoot 2011 2012 // The type of entity that performed the action. 2013 Type UserIdentityType 2014} 2015 2016// Provides information about an AWS account and entity that performed an action on 2017// an affected resource. The action was performed using the credentials for your 2018// AWS account. 2019type UserIdentityRoot struct { 2020 2021 // The unique identifier for the AWS account. 2022 AccountId *string 2023 2024 // The Amazon Resource Name (ARN) of the principal that performed the action. The 2025 // last section of the ARN contains the name of the user or role that performed the 2026 // action. 2027 Arn *string 2028 2029 // The unique identifier for the entity that performed the action. 2030 PrincipalId *string 2031} 2032 2033// Provides information about when a classification job was paused. For a one-time 2034// job, this object also specifies when the job will expire and be cancelled if it 2035// isn't resumed. For a recurring job, this object also specifies when the paused 2036// job run will expire and be cancelled if it isn't resumed. This object is present 2037// only if a job's current status (jobStatus) is USER_PAUSED. The information in 2038// this object applies only to a job that was paused while it had a status of 2039// RUNNING. 2040type UserPausedDetails struct { 2041 2042 // The date and time, in UTC and extended ISO 8601 format, when the job or job run 2043 // will expire and be cancelled if you don't resume it first. 2044 JobExpiresAt *time.Time 2045 2046 // The Amazon Resource Name (ARN) of the AWS Health event that Amazon Macie sent to 2047 // notify you of the job or job run's pending expiration and cancellation. This 2048 // value is null if a job has been paused for less than 23 days. 2049 JobImminentExpirationHealthEventArn *string 2050 2051 // The date and time, in UTC and extended ISO 8601 format, when you paused the job. 2052 JobPausedAt *time.Time 2053} 2054 2055// Specifies a weekly recurrence pattern for running a classification job. 2056type WeeklySchedule struct { 2057 2058 // The day of the week when Amazon Macie runs the job. 2059 DayOfWeek DayOfWeek 2060} 2061