@@ -53,4 +53,362 @@ servers:
5353 default : us-east-1
5454paths : {}
5555components :
56- schemas : {}
56+ schemas :
57+ AccessCheckPolicyDocument :
58+ type : string
59+ AccessCheckPolicyType :
60+ type : string
61+ enum :
62+ - IDENTITY_POLICY
63+ - RESOURCE_POLICY
64+ AccessCheckResourceType :
65+ type : string
66+ enum :
67+ - AWS::DynamoDB::Table
68+ - AWS::DynamoDB::Stream
69+ - AWS::EFS::FileSystem
70+ - AWS::OpenSearchService::Domain
71+ - AWS::Kinesis::Stream
72+ - AWS::Kinesis::StreamConsumer
73+ - AWS::KMS::Key
74+ - AWS::Lambda::Function
75+ - AWS::S3::Bucket
76+ - AWS::S3::AccessPoint
77+ - AWS::S3Express::DirectoryBucket
78+ - AWS::S3::Glacier
79+ - AWS::S3Outposts::Bucket
80+ - AWS::S3Outposts::AccessPoint
81+ - AWS::SecretsManager::Secret
82+ - AWS::SNS::Topic
83+ - AWS::SQS::Queue
84+ - AWS::IAM::AssumeRolePolicyDocument
85+ - AWS::S3Tables::TableBucket
86+ - AWS::ApiGateway::RestApi
87+ - AWS::CodeArtifact::Domain
88+ - AWS::Backup::BackupVault
89+ - AWS::CloudTrail::Dashboard
90+ - AWS::CloudTrail::EventDataStore
91+ - AWS::S3Tables::Table
92+ - AWS::S3Express::AccessPoint
93+ AccessPointArn :
94+ type : string
95+ pattern : ^arn:[^:]*:s3:[^:]*:[^:]*:accesspoint/.*$
96+ AccessPointPolicy :
97+ type : string
98+ AccessPreviewFindingId :
99+ type : string
100+ AccessPreviewId :
101+ type : string
102+ pattern : ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$
103+ AccessPreviewStatus :
104+ type : string
105+ enum :
106+ - COMPLETED
107+ - CREATING
108+ - FAILED
109+ AccessPreviewStatusReasonCode :
110+ type : string
111+ enum :
112+ - INTERNAL_ERROR
113+ - INVALID_CONFIGURATION
114+ AclCanonicalId :
115+ type : string
116+ AclPermission :
117+ type : string
118+ enum :
119+ - READ
120+ - WRITE
121+ - READ_ACP
122+ - WRITE_ACP
123+ - FULL_CONTROL
124+ AclUri :
125+ type : string
126+ Action :
127+ type : string
128+ AnalyzerArn :
129+ type : string
130+ pattern : ^[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:analyzer/.{1,255}$
131+ AnalyzerStatus :
132+ type : string
133+ enum :
134+ - ACTIVE
135+ - CREATING
136+ - DISABLED
137+ - FAILED
138+ CheckAccessNotGrantedResult :
139+ type : string
140+ enum :
141+ - PASS
142+ - FAIL
143+ CheckNoNewAccessResult :
144+ type : string
145+ enum :
146+ - PASS
147+ - FAIL
148+ CheckNoPublicAccessResult :
149+ type : string
150+ enum :
151+ - PASS
152+ - FAIL
153+ CloudTrailArn :
154+ type : string
155+ pattern : ^arn:[^:]*:cloudtrail:[^:]*:[^:]*:trail/.{1,576}$
156+ ConfigurationsMapKey :
157+ type : string
158+ DynamodbStreamPolicy :
159+ type : string
160+ DynamodbTablePolicy :
161+ type : string
162+ EbsGroup :
163+ type : string
164+ EbsSnapshotDataEncryptionKeyId :
165+ type : string
166+ EbsUserId :
167+ type : string
168+ EcrRepositoryPolicy :
169+ type : string
170+ EfsFileSystemPolicy :
171+ type : string
172+ FindingChangeType :
173+ type : string
174+ enum :
175+ - CHANGED
176+ - NEW
177+ - UNCHANGED
178+ FindingId :
179+ type : string
180+ FindingSourceType :
181+ type : string
182+ enum :
183+ - POLICY
184+ - BUCKET_ACL
185+ - S3_ACCESS_POINT
186+ - S3_ACCESS_POINT_ACCOUNT
187+ FindingStatus :
188+ type : string
189+ enum :
190+ - ACTIVE
191+ - ARCHIVED
192+ - RESOLVED
193+ FindingStatusUpdate :
194+ type : string
195+ enum :
196+ - ACTIVE
197+ - ARCHIVED
198+ FindingType :
199+ type : string
200+ enum :
201+ - ExternalAccess
202+ - UnusedIAMRole
203+ - UnusedIAMUserAccessKey
204+ - UnusedIAMUserPassword
205+ - UnusedPermission
206+ GranteePrincipal :
207+ type : string
208+ IamTrustPolicy :
209+ type : string
210+ IssueCode :
211+ type : string
212+ IssuingAccount :
213+ type : string
214+ JobErrorCode :
215+ type : string
216+ enum :
217+ - AUTHORIZATION_ERROR
218+ - RESOURCE_NOT_FOUND_ERROR
219+ - SERVICE_QUOTA_EXCEEDED_ERROR
220+ - SERVICE_ERROR
221+ JobId :
222+ type : string
223+ JobStatus :
224+ type : string
225+ enum :
226+ - IN_PROGRESS
227+ - SUCCEEDED
228+ - FAILED
229+ - CANCELED
230+ KmsConstraintsKey :
231+ type : string
232+ KmsConstraintsValue :
233+ type : string
234+ KmsGrantOperation :
235+ type : string
236+ enum :
237+ - CreateGrant
238+ - Decrypt
239+ - DescribeKey
240+ - Encrypt
241+ - GenerateDataKey
242+ - GenerateDataKeyPair
243+ - GenerateDataKeyPairWithoutPlaintext
244+ - GenerateDataKeyWithoutPlaintext
245+ - GetPublicKey
246+ - ReEncryptFrom
247+ - ReEncryptTo
248+ - RetireGrant
249+ - Sign
250+ - Verify
251+ KmsKeyPolicy :
252+ type : string
253+ LearnMoreLink :
254+ type : string
255+ Locale :
256+ type : string
257+ enum :
258+ - DE
259+ - EN
260+ - ES
261+ - FR
262+ - IT
263+ - JA
264+ - KO
265+ - PT_BR
266+ - ZH_CN
267+ - ZH_TW
268+ Name :
269+ type : string
270+ pattern : ^[A-Za-z][A-Za-z0-9_.-]*$
271+ minLength : 1
272+ maxLength : 255
273+ OrderBy :
274+ type : string
275+ enum :
276+ - ASC
277+ - DESC
278+ PolicyDocument :
279+ type : string
280+ PolicyName :
281+ type : string
282+ PolicyType :
283+ type : string
284+ enum :
285+ - IDENTITY_POLICY
286+ - RESOURCE_POLICY
287+ - SERVICE_CONTROL_POLICY
288+ - RESOURCE_CONTROL_POLICY
289+ PrincipalArn :
290+ type : string
291+ pattern : ^arn:[^:]*:iam::[^:]*:(role|user)/.{1,576}$
292+ RdsDbClusterSnapshotAccountId :
293+ type : string
294+ RdsDbClusterSnapshotAttributeName :
295+ type : string
296+ RdsDbClusterSnapshotKmsKeyId :
297+ type : string
298+ RdsDbSnapshotAccountId :
299+ type : string
300+ RdsDbSnapshotAttributeName :
301+ type : string
302+ RdsDbSnapshotKmsKeyId :
303+ type : string
304+ ReasonCode :
305+ type : string
306+ enum :
307+ - AWS_SERVICE_ACCESS_DISABLED
308+ - DELEGATED_ADMINISTRATOR_DEREGISTERED
309+ - ORGANIZATION_DELETED
310+ - SERVICE_LINKED_ROLE_CREATION_FAILED
311+ RecommendationType :
312+ type : string
313+ enum :
314+ - UnusedPermissionRecommendation
315+ RecommendedRemediationAction :
316+ type : string
317+ enum :
318+ - CREATE_POLICY
319+ - DETACH_POLICY
320+ Resource :
321+ type : string
322+ maxLength : 2048
323+ ResourceArn :
324+ type : string
325+ pattern : ^arn:[^:]*:[^:]*:[^:]*:[^:]*:.*$
326+ ResourceControlPolicyRestriction :
327+ type : string
328+ enum :
329+ - APPLICABLE
330+ - FAILED_TO_EVALUATE_RCP
331+ - NOT_APPLICABLE
332+ ResourceType :
333+ type : string
334+ enum :
335+ - AWS::S3::Bucket
336+ - AWS::IAM::Role
337+ - AWS::SQS::Queue
338+ - AWS::Lambda::Function
339+ - AWS::Lambda::LayerVersion
340+ - AWS::KMS::Key
341+ - AWS::SecretsManager::Secret
342+ - AWS::EFS::FileSystem
343+ - AWS::EC2::Snapshot
344+ - AWS::ECR::Repository
345+ - AWS::RDS::DBSnapshot
346+ - AWS::RDS::DBClusterSnapshot
347+ - AWS::SNS::Topic
348+ - AWS::S3Express::DirectoryBucket
349+ - AWS::DynamoDB::Table
350+ - AWS::DynamoDB::Stream
351+ - AWS::IAM::User
352+ RetiringPrincipal :
353+ type : string
354+ RoleArn :
355+ type : string
356+ pattern : ^arn:[^:]*:iam::[^:]*:role/.{1,576}$
357+ S3BucketPolicy :
358+ type : string
359+ S3ExpressDirectoryAccessPointArn :
360+ type : string
361+ pattern : ^arn:[^:]*:s3express:[^:]*:[^:]*:accesspoint/.*$
362+ S3ExpressDirectoryBucketPolicy :
363+ type : string
364+ SecretsManagerSecretKmsId :
365+ type : string
366+ SecretsManagerSecretPolicy :
367+ type : string
368+ SnsTopicPolicy :
369+ type : string
370+ maxLength : 30720
371+ SqsQueuePolicy :
372+ type : string
373+ Status :
374+ type : string
375+ enum :
376+ - SUCCEEDED
377+ - FAILED
378+ - IN_PROGRESS
379+ Token :
380+ type : string
381+ Type :
382+ type : string
383+ enum :
384+ - ACCOUNT
385+ - ORGANIZATION
386+ - ACCOUNT_UNUSED_ACCESS
387+ - ORGANIZATION_UNUSED_ACCESS
388+ ValidatePolicyFindingType :
389+ type : string
390+ enum :
391+ - ERROR
392+ - SECURITY_WARNING
393+ - SUGGESTION
394+ - WARNING
395+ ValidatePolicyResourceType :
396+ type : string
397+ enum :
398+ - AWS::S3::Bucket
399+ - AWS::S3::AccessPoint
400+ - AWS::S3::MultiRegionAccessPoint
401+ - AWS::S3ObjectLambda::AccessPoint
402+ - AWS::IAM::AssumeRolePolicyDocument
403+ - AWS::DynamoDB::Table
404+ ValidationExceptionReason :
405+ type : string
406+ enum :
407+ - unknownOperation
408+ - cannotParse
409+ - fieldValidationFailed
410+ - other
411+ - notSupported
412+ VpcId :
413+ type : string
414+ pattern : ^vpc-([0-9a-f]){8}(([0-9a-f]){9})?$
0 commit comments