-
Notifications
You must be signed in to change notification settings - Fork 594
/
types.go
1572 lines (1157 loc) · 53.2 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
// Code generated by smithy-go-codegen DO NOT EDIT.
package types
import (
smithydocument "github.com/aws/smithy-go/document"
"time"
)
// An entity that defines the scope of audit evidence collected by Audit Manager.
// An Audit Manager assessment is an implementation of an Audit Manager framework.
type Assessment struct {
// The Amazon Resource Name (ARN) of the assessment.
Arn *string
// The Amazon Web Services account that's associated with the assessment.
AwsAccount *AWSAccount
// The framework that the assessment was created from.
Framework *AssessmentFramework
// The metadata for the assessment.
Metadata *AssessmentMetadata
// The tags that are associated with the assessment.
Tags map[string]string
noSmithyDocumentSerde
}
// The control entity that represents a standard control or a custom control in an
// Audit Manager assessment.
type AssessmentControl struct {
// The amount of evidence in the assessment report.
AssessmentReportEvidenceCount int32
// The list of comments that's attached to the control.
Comments []ControlComment
// The description of the control.
Description *string
// The amount of evidence that's collected for the control.
EvidenceCount int32
// The list of data sources for the evidence.
EvidenceSources []string
// The identifier for the control.
Id *string
// The name of the control.
Name *string
// The response of the control.
Response ControlResponse
// The status of the control.
Status ControlStatus
noSmithyDocumentSerde
}
// Represents a set of controls in an Audit Manager assessment.
type AssessmentControlSet struct {
// The list of controls that's contained with the control set.
Controls []AssessmentControl
// The delegations that are associated with the control set.
Delegations []Delegation
// The description for the control set.
Description *string
// The identifier of the control set in the assessment. This is the control set
// name in a plain string format.
Id *string
// The total number of evidence objects that are uploaded manually to the control
// set.
ManualEvidenceCount int32
// The roles that are associated with the control set.
Roles []Role
// The current status of the control set.
Status ControlSetStatus
// The total number of evidence objects that are retrieved automatically for the
// control set.
SystemEvidenceCount int32
noSmithyDocumentSerde
}
// The folder where Audit Manager stores evidence for an assessment.
type AssessmentEvidenceFolder struct {
// The identifier for the assessment.
AssessmentId *string
// The total count of evidence that's included in the assessment report.
AssessmentReportSelectionCount int32
// The name of the user who created the evidence folder.
Author *string
// The unique identifier for the control.
ControlId *string
// The name of the control.
ControlName *string
// The identifier for the control set.
ControlSetId *string
// The Amazon Web Service that the evidence was collected from.
DataSource *string
// The date when the first evidence was added to the evidence folder.
Date *time.Time
// The total number of Amazon Web Services resources that were assessed to
// generate the evidence.
EvidenceAwsServiceSourceCount int32
// The number of evidence that falls under the compliance check category. This
// evidence is collected from Config or Security Hub.
EvidenceByTypeComplianceCheckCount int32
// The total number of issues that were reported directly from Security Hub,
// Config, or both.
EvidenceByTypeComplianceCheckIssuesCount int32
// The number of evidence that falls under the configuration data category. This
// evidence is collected from configuration snapshots of other Amazon Web Services
// such as Amazon EC2, Amazon S3, or IAM.
EvidenceByTypeConfigurationDataCount int32
// The number of evidence that falls under the manual category. This evidence is
// imported manually.
EvidenceByTypeManualCount int32
// The number of evidence that falls under the user activity category. This
// evidence is collected from CloudTrail logs.
EvidenceByTypeUserActivityCount int32
// The amount of evidence that's included in the evidence folder.
EvidenceResourcesIncludedCount int32
// The identifier for the folder that the evidence is stored in.
Id *string
// The name of the evidence folder.
Name *string
// The total amount of evidence in the evidence folder.
TotalEvidence int32
noSmithyDocumentSerde
}
// The file used to structure and automate Audit Manager assessments for a given
// compliance standard.
type AssessmentFramework struct {
// The Amazon Resource Name (ARN) of the framework.
Arn *string
// The control sets that are associated with the framework.
ControlSets []AssessmentControlSet
// The unique identifier for the framework.
Id *string
// The metadata of a framework, such as the name, ID, or description.
Metadata *FrameworkMetadata
noSmithyDocumentSerde
}
// The metadata that's associated with a standard framework or a custom framework.
type AssessmentFrameworkMetadata struct {
// The Amazon Resource Name (ARN) of the framework.
Arn *string
// The compliance type that the new custom framework supports, such as CIS or
// HIPAA.
ComplianceType *string
// The number of control sets that are associated with the framework.
ControlSetsCount int32
// The number of controls that are associated with the framework.
ControlsCount int32
// The time when the framework was created.
CreatedAt *time.Time
// The description of the framework.
Description *string
// The unique identifier for the framework.
Id *string
// The time when the framework was most recently updated.
LastUpdatedAt *time.Time
// The logo that's associated with the framework.
Logo *string
// The name of the framework.
Name *string
// The framework type, such as a standard framework or a custom framework.
Type FrameworkType
noSmithyDocumentSerde
}
// Represents a share request for a custom framework in Audit Manager.
type AssessmentFrameworkShareRequest struct {
// An optional comment from the sender about the share request.
Comment *string
// The compliance type that the shared custom framework supports, such as CIS or
// HIPAA.
ComplianceType *string
// The time when the share request was created.
CreationTime *time.Time
// The number of custom controls that are part of the shared custom framework.
CustomControlsCount *int32
// The Amazon Web Services account of the recipient.
DestinationAccount *string
// The Amazon Web Services Region of the recipient.
DestinationRegion *string
// The time when the share request expires.
ExpirationTime *time.Time
// The description of the shared custom framework.
FrameworkDescription *string
// The unique identifier for the shared custom framework.
FrameworkId *string
// The name of the custom framework that the share request is for.
FrameworkName *string
// The unique identifier for the share request.
Id *string
// Specifies when the share request was last updated.
LastUpdated *time.Time
// The Amazon Web Services account of the sender.
SourceAccount *string
// The number of standard controls that are part of the shared custom framework.
StandardControlsCount *int32
// The status of the share request.
Status ShareRequestStatus
noSmithyDocumentSerde
}
// The metadata that's associated with the specified assessment.
type AssessmentMetadata struct {
// The destination that evidence reports are stored in for the assessment.
AssessmentReportsDestination *AssessmentReportsDestination
// The name of the compliance standard that's related to the assessment, such as
// PCI-DSS.
ComplianceType *string
// Specifies when the assessment was created.
CreationTime *time.Time
// The delegations that are associated with the assessment.
Delegations []Delegation
// The description of the assessment.
Description *string
// The unique identifier for the assessment.
Id *string
// The time of the most recent update.
LastUpdated *time.Time
// The name of the assessment.
Name *string
// The roles that are associated with the assessment.
Roles []Role
// The wrapper of Amazon Web Services accounts and services that are in scope for
// the assessment.
Scope *Scope
// The overall status of the assessment.
Status AssessmentStatus
noSmithyDocumentSerde
}
// A metadata object that's associated with an assessment in Audit Manager.
type AssessmentMetadataItem struct {
// The name of the compliance standard that's related to the assessment, such as
// PCI-DSS.
ComplianceType *string
// Specifies when the assessment was created.
CreationTime *time.Time
// The delegations that are associated with the assessment.
Delegations []Delegation
// The unique identifier for the assessment.
Id *string
// The time of the most recent update.
LastUpdated *time.Time
// The name of the assessment.
Name *string
// The roles that are associated with the assessment.
Roles []Role
// The current status of the assessment.
Status AssessmentStatus
noSmithyDocumentSerde
}
// A finalized document that's generated from an Audit Manager assessment. These
// reports summarize the relevant evidence that was collected for your audit, and
// link to the relevant evidence folders. These evidence folders are named and
// organized according to the controls that are specified in your assessment.
type AssessmentReport struct {
// The identifier for the specified assessment.
AssessmentId *string
// The name of the associated assessment.
AssessmentName *string
// The name of the user who created the assessment report.
Author *string
// The identifier for the specified Amazon Web Services account.
AwsAccountId *string
// Specifies when the assessment report was created.
CreationTime *time.Time
// The description of the specified assessment report.
Description *string
// The unique identifier for the assessment report.
Id *string
// The name that's given to the assessment report.
Name *string
// The current status of the specified assessment report.
Status AssessmentReportStatus
noSmithyDocumentSerde
}
// An error entity for assessment report evidence errors. This is used to provide
// more meaningful errors than a simple string message.
type AssessmentReportEvidenceError struct {
// The error code that was returned.
ErrorCode *string
// The error message that was returned.
ErrorMessage *string
// The identifier for the evidence.
EvidenceId *string
noSmithyDocumentSerde
}
// The metadata objects that are associated with the specified assessment report.
type AssessmentReportMetadata struct {
// The unique identifier for the associated assessment.
AssessmentId *string
// The name of the associated assessment.
AssessmentName *string
// The name of the user who created the assessment report.
Author *string
// Specifies when the assessment report was created.
CreationTime *time.Time
// The description of the assessment report.
Description *string
// The unique identifier for the assessment report.
Id *string
// The name of the assessment report.
Name *string
// The current status of the assessment report.
Status AssessmentReportStatus
noSmithyDocumentSerde
}
// The location where Audit Manager saves assessment reports for the given
// assessment.
type AssessmentReportsDestination struct {
// The destination bucket where Audit Manager stores assessment reports.
Destination *string
// The destination type, such as Amazon S3.
DestinationType AssessmentReportDestinationType
noSmithyDocumentSerde
}
// The wrapper of Amazon Web Services account details, such as account ID or email
// address.
type AWSAccount struct {
// The email address that's associated with the Amazon Web Services account.
EmailAddress *string
// The identifier for the Amazon Web Services account.
Id *string
// The name of the Amazon Web Services account.
Name *string
noSmithyDocumentSerde
}
// An Amazon Web Service such as Amazon S3 or CloudTrail. For an example of how to
// find an Amazon Web Service name and how to define it in your assessment scope,
// see the following:
// - Finding an Amazon Web Service name to use in your assessment scope (https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetServicesInScope.html#API_GetServicesInScope_Example_2)
// - Defining an Amazon Web Service name in your assessment scope (https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_GetServicesInScope.html#API_GetServicesInScope_Example_3)
type AWSService struct {
// The name of the Amazon Web Service.
ServiceName *string
noSmithyDocumentSerde
}
// An error entity for the BatchCreateDelegationByAssessment API. This is used to
// provide more meaningful errors than a simple string message.
type BatchCreateDelegationByAssessmentError struct {
// The API request to batch create delegations in Audit Manager.
CreateDelegationRequest *CreateDelegationRequest
// The error code that the BatchCreateDelegationByAssessment API returned.
ErrorCode *string
// The error message that the BatchCreateDelegationByAssessment API returned.
ErrorMessage *string
noSmithyDocumentSerde
}
// An error entity for the BatchDeleteDelegationByAssessment API. This is used to
// provide more meaningful errors than a simple string message.
type BatchDeleteDelegationByAssessmentError struct {
// The identifier for the delegation.
DelegationId *string
// The error code that the BatchDeleteDelegationByAssessment API returned.
ErrorCode *string
// The error message that the BatchDeleteDelegationByAssessment API returned.
ErrorMessage *string
noSmithyDocumentSerde
}
// An error entity for the BatchImportEvidenceToAssessmentControl API. This is
// used to provide more meaningful errors than a simple string message.
type BatchImportEvidenceToAssessmentControlError struct {
// The error code that the BatchImportEvidenceToAssessmentControl API returned.
ErrorCode *string
// The error message that the BatchImportEvidenceToAssessmentControl API returned.
ErrorMessage *string
// Manual evidence that can't be collected automatically by Audit Manager.
ManualEvidence *ManualEvidence
noSmithyDocumentSerde
}
// The record of a change within Audit Manager. For example, this could be the
// status change of an assessment or the delegation of a control set.
type ChangeLog struct {
// The action that was performed.
Action ActionEnum
// The time when the action was performed and the changelog record was created.
CreatedAt *time.Time
// The user or role that performed the action.
CreatedBy *string
// The name of the object that changed. This could be the name of an assessment,
// control, or control set.
ObjectName *string
// The object that was changed, such as an assessment, control, or control set.
ObjectType ObjectTypeEnum
noSmithyDocumentSerde
}
// A control in Audit Manager.
type Control struct {
// The recommended actions to carry out if the control isn't fulfilled.
ActionPlanInstructions *string
// The title of the action plan for remediating the control.
ActionPlanTitle *string
// The Amazon Resource Name (ARN) of the control.
Arn *string
// The data mapping sources for the control.
ControlMappingSources []ControlMappingSource
// The data source types that determine where Audit Manager collects evidence from
// for the control.
ControlSources *string
// The time when the control was created.
CreatedAt *time.Time
// The user or role that created the control.
CreatedBy *string
// The description of the control.
Description *string
// The unique identifier for the control.
Id *string
// The time when the control was most recently updated.
LastUpdatedAt *time.Time
// The user or role that most recently updated the control.
LastUpdatedBy *string
// The name of the control.
Name *string
// The tags associated with the control.
Tags map[string]string
// The steps that you should follow to determine if the control has been satisfied.
TestingInformation *string
// Specifies whether the control is a standard control or a custom control.
Type ControlType
noSmithyDocumentSerde
}
// A comment that's posted by a user on a control. This includes the author's
// name, the comment text, and a timestamp.
type ControlComment struct {
// The name of the user who authored the comment.
AuthorName *string
// The body text of a control comment.
CommentBody *string
// The time when the comment was posted.
PostedDate *time.Time
noSmithyDocumentSerde
}
// A summary of the latest analytics data for a specific control domain. Control
// domain insights are grouped by control domain, and ranked by the highest total
// count of non-compliant evidence.
type ControlDomainInsights struct {
// The number of controls in the control domain that collected non-compliant
// evidence on the lastUpdated date.
ControlsCountByNoncompliantEvidence *int32
// A breakdown of the compliance check status for the evidence that’s associated
// with the control domain.
EvidenceInsights *EvidenceInsights
// The unique identifier for the control domain.
Id *string
// The time when the control domain insights were last updated.
LastUpdated *time.Time
// The name of the control domain.
Name *string
// The total number of controls in the control domain.
TotalControlsCount *int32
noSmithyDocumentSerde
}
// A summary of the latest analytics data for a specific control in a specific
// active assessment. Control insights are grouped by control domain, and ranked by
// the highest total count of non-compliant evidence.
type ControlInsightsMetadataByAssessmentItem struct {
// The name of the control set that the assessment control belongs to.
ControlSetName *string
// A breakdown of the compliance check status for the evidence that’s associated
// with the assessment control.
EvidenceInsights *EvidenceInsights
// The unique identifier for the assessment control.
Id *string
// The time when the assessment control insights were last updated.
LastUpdated *time.Time
// The name of the assessment control.
Name *string
noSmithyDocumentSerde
}
// A summary of the latest analytics data for a specific control. This data
// reflects the total counts for the specified control across all active
// assessments. Control insights are grouped by control domain, and ranked by the
// highest total count of non-compliant evidence.
type ControlInsightsMetadataItem struct {
// A breakdown of the compliance check status for the evidence that’s associated
// with the control.
EvidenceInsights *EvidenceInsights
// The unique identifier for the control.
Id *string
// The time when the control insights were last updated.
LastUpdated *time.Time
// The name of the control.
Name *string
noSmithyDocumentSerde
}
// The data source that determines where Audit Manager collects evidence from for
// the control.
type ControlMappingSource struct {
// The description of the source.
SourceDescription *string
// Specifies how often evidence is collected from the control mapping source.
SourceFrequency SourceFrequency
// The unique identifier for the source.
SourceId *string
// A keyword that relates to the control data source. For manual evidence, this
// keyword indicates if the manual evidence is a file or text. For automated
// evidence, this keyword identifies a specific CloudTrail event, Config rule,
// Security Hub control, or Amazon Web Services API name. To learn more about the
// supported keywords that you can use when mapping a control data source, see the
// following pages in the Audit Manager User Guide:
// - Config rules supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-config.html)
// - Security Hub controls supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-ash.html)
// - API calls supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html)
// - CloudTrail event names supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html)
SourceKeyword *SourceKeyword
// The name of the source.
SourceName *string
// The setup option for the data source. This option reflects if the evidence
// collection is automated or manual.
SourceSetUpOption SourceSetUpOption
// Specifies one of the five data source types for evidence collection.
SourceType SourceType
// The instructions for troubleshooting the control.
TroubleshootingText *string
noSmithyDocumentSerde
}
// The metadata that's associated with the standard control or custom control.
type ControlMetadata struct {
// The Amazon Resource Name (ARN) of the control.
Arn *string
// The data source that determines where Audit Manager collects evidence from for
// the control.
ControlSources *string
// The time when the control was created.
CreatedAt *time.Time
// The unique identifier for the control.
Id *string
// The time when the control was most recently updated.
LastUpdatedAt *time.Time
// The name of the control.
Name *string
noSmithyDocumentSerde
}
// A set of controls in Audit Manager.
type ControlSet struct {
// The list of controls within the control set.
Controls []Control
// The identifier of the control set in the assessment. This is the control set
// name in a plain string format.
Id *string
// The name of the control set.
Name *string
noSmithyDocumentSerde
}
// The control entity attributes that uniquely identify an existing control to be
// added to a framework in Audit Manager.
type CreateAssessmentFrameworkControl struct {
// The unique identifier of the control.
//
// This member is required.
Id *string
noSmithyDocumentSerde
}
// A controlSet entity that represents a collection of controls in Audit Manager.
// This doesn't contain the control set ID.
type CreateAssessmentFrameworkControlSet struct {
// The name of the control set.
//
// This member is required.
Name *string
// The list of controls within the control set. This doesn't contain the control
// set ID.
Controls []CreateAssessmentFrameworkControl
noSmithyDocumentSerde
}
// The control mapping fields that represent the source for evidence collection,
// along with related parameters and metadata. This doesn't contain mappingID .
type CreateControlMappingSource struct {
// The description of the data source that determines where Audit Manager collects
// evidence from for the control.
SourceDescription *string
// Specifies how often evidence is collected from the control mapping source.
SourceFrequency SourceFrequency
// A keyword that relates to the control data source. For manual evidence, this
// keyword indicates if the manual evidence is a file or text. For automated
// evidence, this keyword identifies a specific CloudTrail event, Config rule,
// Security Hub control, or Amazon Web Services API name. To learn more about the
// supported keywords that you can use when mapping a control data source, see the
// following pages in the Audit Manager User Guide:
// - Config rules supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-config.html)
// - Security Hub controls supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-ash.html)
// - API calls supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-api.html)
// - CloudTrail event names supported by Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/userguide/control-data-sources-cloudtrail.html)
SourceKeyword *SourceKeyword
// The name of the control mapping data source.
SourceName *string
// The setup option for the data source, which reflects if the evidence collection
// is automated or manual.
SourceSetUpOption SourceSetUpOption
// Specifies one of the five types of data sources for evidence collection.
SourceType SourceType
// The instructions for troubleshooting the control.
TroubleshootingText *string
noSmithyDocumentSerde
}
// A collection of attributes that's used to create a delegation for an assessment
// in Audit Manager.
type CreateDelegationRequest struct {
// A comment that's related to the delegation request.
Comment *string
// The unique identifier for the control set.
ControlSetId *string
// The Amazon Resource Name (ARN) of the IAM role.
RoleArn *string
// The type of customer persona. In CreateAssessment , roleType can only be
// PROCESS_OWNER . In UpdateSettings , roleType can only be PROCESS_OWNER . In
// BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .
RoleType RoleType
noSmithyDocumentSerde
}
// The default s3 bucket where Audit Manager saves the files that you export from
// evidence finder.
type DefaultExportDestination struct {
// The destination bucket where Audit Manager stores exported files.
Destination *string
// The destination type, such as Amazon S3.
DestinationType ExportDestinationType
noSmithyDocumentSerde
}
// The assignment of a control set to a delegate for review.
type Delegation struct {
// The identifier for the assessment that's associated with the delegation.
AssessmentId *string
// The name of the assessment that's associated with the delegation.
AssessmentName *string
// The comment that's related to the delegation.
Comment *string
// The identifier for the control set that's associated with the delegation.
ControlSetId *string
// The user or role that created the delegation.
CreatedBy *string
// Specifies when the delegation was created.
CreationTime *time.Time
// The unique identifier for the delegation.
Id *string
// Specifies when the delegation was last updated.
LastUpdated *time.Time
// The Amazon Resource Name (ARN) of the IAM role.
RoleArn *string
// The type of customer persona. In CreateAssessment , roleType can only be
// PROCESS_OWNER . In UpdateSettings , roleType can only be PROCESS_OWNER . In
// BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .
RoleType RoleType
// The status of the delegation.
Status DelegationStatus
noSmithyDocumentSerde
}
// The metadata that's associated with the delegation.
type DelegationMetadata struct {
// The unique identifier for the assessment.
AssessmentId *string
// The name of the associated assessment.
AssessmentName *string
// Specifies the name of the control set that was delegated for review.
ControlSetName *string
// Specifies when the delegation was created.
CreationTime *time.Time
// The unique identifier for the delegation.
Id *string
// The Amazon Resource Name (ARN) of the IAM role.
RoleArn *string
// The current status of the delegation.
Status DelegationStatus
noSmithyDocumentSerde
}
// The deregistration policy for the data that's stored in Audit Manager. You can
// use this attribute to determine how your data is handled when you deregister
// Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_DeregisterAccount.html)
// . By default, Audit Manager retains evidence data for two years from the time of
// its creation. Other Audit Manager resources (including assessments, custom
// controls, and custom frameworks) remain in Audit Manager indefinitely, and are
// available if you re-register Audit Manager (https://docs.aws.amazon.com/audit-manager/latest/APIReference/API_RegisterAccount.html)
// in the future. For more information about data retention, see Data Protection (https://docs.aws.amazon.com/audit-manager/latest/userguide/data-protection.html)
// in the Audit Manager User Guide. If you choose to delete all data, this action
// permanently deletes all evidence data in your account within seven days. It also
// deletes all of the Audit Manager resources that you created, including
// assessments, custom controls, and custom frameworks. Your data will not be
// available if you re-register Audit Manager in the future.
type DeregistrationPolicy struct {
// Specifies which Audit Manager data will be deleted when you deregister Audit
// Manager.
// - If you set the value to ALL , all of your data is deleted within seven days
// of deregistration.
// - If you set the value to DEFAULT , none of your data is deleted at the time
// of deregistration. However, keep in mind that the Audit Manager data retention
// policy still applies. As a result, any evidence data will be deleted two years
// after its creation date. Your other Audit Manager resources will continue to
// exist indefinitely.
DeleteResources DeleteResources
noSmithyDocumentSerde
}
// A record that contains the information needed to demonstrate compliance with
// the requirements specified by a control. Examples of evidence include change
// activity invoked by a user, or a system configuration snapshot.
type Evidence struct {
// Specifies whether the evidence is included in the assessment report.
AssessmentReportSelection *string
// The names and values that are used by the evidence event. This includes an
// attribute name (such as allowUsersToChangePassword ) and value (such as true or
// false ).
Attributes map[string]string
// The identifier for the Amazon Web Services account.
AwsAccountId *string
// The Amazon Web Services account that the evidence is collected from, and its
// organization path.
AwsOrganization *string
// The evaluation status for automated evidence that falls under the compliance
// check category.
// - Audit Manager classes evidence as non-compliant if Security Hub reports a
// Fail result, or if Config reports a Non-compliant result.
// - Audit Manager classes evidence as compliant if Security Hub reports a Pass
// result, or if Config reports a Compliant result.
// - If a compliance check isn't available or applicable, then no compliance
// evaluation can be made for that evidence. This is the case if the evidence uses
// Config or Security Hub as the underlying data source type, but those services
// aren't enabled. This is also the case if the evidence uses an underlying data
// source type that doesn't support compliance checks (such as manual evidence,
// Amazon Web Services API calls, or CloudTrail).
ComplianceCheck *string
// The data source where the evidence was collected from.