aws-sdk-detective 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ee1a7bbeffe3d431255df3cafeb44ea7ff68ed31
-  data.tar.gz: 98ac8b58916926100aef86fefabdd532abe0453b
+  metadata.gz: ff8356ea5aef364ae355f722f6ce5fff85a183b7
+  data.tar.gz: d950366ee45879b264aa09f17beca99855077c10
 SHA512:
-  metadata.gz: 4c8242aa3dd8947b3d5ae83c28ddfb672d2e073ec6cca68451a11bf289994b7d4891b999f528708bb2f8e22913f828be4fc789a0b7bf99b17d912dd401e171b2
-  data.tar.gz: c31c7c2fe842050294bc74c112e5790f0d30a01ecda84fa650e23124203e8666a06288e4ec9de2884be766e1fbe58be3adcdff4845113da2be37f3fa9d4164a2
+  metadata.gz: 24e729b1c6554e2ddd3a3e57a5ee86656463dc91435ef49edd42dbbb8b4ebd9d14bece314944a2d6cd55e6ac762bb522ceaf3d8a4e027d2c524dac3710ba3534
+  data.tar.gz: b8d102075199688b53f097daa571075e0988fe4372d6d74f642d7f54424d2c1986a60a3a56451780711fc8f089ae341ebf1fda91a5708fa1fb97e1381f28ac75

data/lib/aws-sdk-detective.rb

@@ -45,6 +45,6 @@ require_relative 'aws-sdk-detective/customizations'
 # @service
 module Aws::Detective
 
-  GEM_VERSION = '1.2.0'
+  GEM_VERSION = '1.3.0'
 
 end

data/lib/aws-sdk-detective/client.rb

@@ -32,11 +32,11 @@ Aws::Plugins::GlobalConfiguration.add_identifier(:detective)
 module Aws::Detective
   # An API client for Detective.  To construct a client, you need to configure a `:region` and `:credentials`.
   #
-  #   client = Aws::Detective::Client.new(
-  #     region: region_name,
-  #     credentials: credentials,
-  #     # ...
-  #   )
+  #     client = Aws::Detective::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
   #
   # For details on configuring region and credentials see
   # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
@@ -229,15 +229,19 @@ module Aws::Detective
     #
     #   @option options [String] :retry_mode ("legacy")
     #     Specifies which retry algorithm to use. Values are:
-    #       * `legacy` - The pre-existing retry behavior.  This is default value if
-    #         no retry mode is provided.
-    #       * `standard` - A standardized set of retry rules across the AWS SDKs.
-    #         This includes support for retry quotas, which limit the number of
-    #         unsuccessful retries a client can make.
-    #       * `adaptive` - An experimental retry mode that includes all the
-    #         functionality of `standard` mode along with automatic client side
-    #         throttling.  This is a provisional mode that may change behavior
-    #         in the future.
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -265,8 +269,7 @@ module Aws::Detective
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yielded by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
     #     seconds a connection is allowed to sit idle before it is
@@ -278,7 +281,7 @@ module Aws::Detective
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yielded by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -344,6 +347,13 @@ module Aws::Detective
     # account as the master account. This operation is called by the account
     # that is enabling Detective.
     #
+    # Before you try to enable Detective, make sure that your account has
+    # been enrolled in Amazon GuardDuty for at least 48 hours. If you do not
+    # meet this requirement, you cannot enable Detective. If you do meet the
+    # GuardDuty prerequisite, then when you make the request to enable
+    # Detective, it checks whether your data volume is within the Detective
+    # quota. If it exceeds the quota, then you cannot enable Detective.
+    #
     # The operation also enables Detective for the calling account in the
     # currently selected Region. It returns the ARN of the new behavior
     # graph.
@@ -434,9 +444,12 @@ module Aws::Detective
     #   resp.members[0].email_address #=> String
     #   resp.members[0].graph_arn #=> String
     #   resp.members[0].master_id #=> String
-    #   resp.members[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED"
+    #   resp.members[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
+    #   resp.members[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
     #   resp.members[0].invited_time #=> Time
     #   resp.members[0].updated_time #=> Time
+    #   resp.members[0].percent_of_graph_utilization #=> Float
+    #   resp.members[0].percent_of_graph_utilization_updated_time #=> Time
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].reason #=> String
@@ -586,9 +599,12 @@ module Aws::Detective
     #   resp.member_details[0].email_address #=> String
     #   resp.member_details[0].graph_arn #=> String
     #   resp.member_details[0].master_id #=> String
-    #   resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED"
+    #   resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
+    #   resp.member_details[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
     #   resp.member_details[0].invited_time #=> Time
     #   resp.member_details[0].updated_time #=> Time
+    #   resp.member_details[0].percent_of_graph_utilization #=> Float
+    #   resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].reason #=> String
@@ -625,6 +641,8 @@ module Aws::Detective
     #   * {Types::ListGraphsResponse#graph_list #graph_list} => Array<Types::Graph>
     #   * {Types::ListGraphsResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_graphs({
@@ -677,6 +695,8 @@ module Aws::Detective
     #   * {Types::ListInvitationsResponse#invitations #invitations} => Array<Types::MemberDetail>
     #   * {Types::ListInvitationsResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_invitations({
@@ -691,9 +711,12 @@ module Aws::Detective
     #   resp.invitations[0].email_address #=> String
     #   resp.invitations[0].graph_arn #=> String
     #   resp.invitations[0].master_id #=> String
-    #   resp.invitations[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED"
+    #   resp.invitations[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
+    #   resp.invitations[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
     #   resp.invitations[0].invited_time #=> Time
     #   resp.invitations[0].updated_time #=> Time
+    #   resp.invitations[0].percent_of_graph_utilization #=> Float
+    #   resp.invitations[0].percent_of_graph_utilization_updated_time #=> Time
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListInvitations AWS API Documentation
@@ -729,6 +752,8 @@ module Aws::Detective
     #   * {Types::ListMembersResponse#member_details #member_details} => Array<Types::MemberDetail>
     #   * {Types::ListMembersResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_members({
@@ -744,9 +769,12 @@ module Aws::Detective
     #   resp.member_details[0].email_address #=> String
     #   resp.member_details[0].graph_arn #=> String
     #   resp.member_details[0].master_id #=> String
-    #   resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED"
+    #   resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
+    #   resp.member_details[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
     #   resp.member_details[0].invited_time #=> Time
     #   resp.member_details[0].updated_time #=> Time
+    #   resp.member_details[0].percent_of_graph_utilization #=> Float
+    #   resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListMembers AWS API Documentation
@@ -787,6 +815,44 @@ module Aws::Detective
       req.send_request(options)
     end
 
+    # Sends a request to enable data ingest for a member account that has a
+    # status of `ACCEPTED_BUT_DISABLED`.
+    #
+    # For valid member accounts, the status is updated as follows.
+    #
+    # * If Detective enabled the member account, then the new status is
+    #   `ENABLED`.
+    #
+    # * If Detective cannot enable the member account, the status remains
+    #   `ACCEPTED_BUT_DISABLED`.
+    #
+    # @option params [required, String] :graph_arn
+    #   The ARN of the behavior graph.
+    #
+    # @option params [required, String] :account_id
+    #   The account ID of the member account to try to enable.
+    #
+    #   The account must be an invited member account with a status of
+    #   `ACCEPTED_BUT_DISABLED`.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.start_monitoring_member({
+    #     graph_arn: "GraphArn", # required
+    #     account_id: "AccountId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/StartMonitoringMember AWS API Documentation
+    #
+    # @overload start_monitoring_member(params = {})
+    # @param [Hash] params ({})
+    def start_monitoring_member(params = {}, options = {})
+      req = build_request(:start_monitoring_member, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -800,7 +866,7 @@ module Aws::Detective
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-detective'
-      context[:gem_version] = '1.2.0'
+      context[:gem_version] = '1.3.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-detective/client_api.rb

@@ -41,12 +41,15 @@ module Aws::Detective
     ListMembersResponse = Shapes::StructureShape.new(name: 'ListMembersResponse')
     MemberDetail = Shapes::StructureShape.new(name: 'MemberDetail')
     MemberDetailList = Shapes::ListShape.new(name: 'MemberDetailList')
+    MemberDisabledReason = Shapes::StringShape.new(name: 'MemberDisabledReason')
     MemberResultsLimit = Shapes::IntegerShape.new(name: 'MemberResultsLimit')
     MemberStatus = Shapes::StringShape.new(name: 'MemberStatus')
     PaginationToken = Shapes::StringShape.new(name: 'PaginationToken')
+    Percentage = Shapes::FloatShape.new(name: 'Percentage')
     RejectInvitationRequest = Shapes::StructureShape.new(name: 'RejectInvitationRequest')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     ServiceQuotaExceededException = Shapes::StructureShape.new(name: 'ServiceQuotaExceededException')
+    StartMonitoringMemberRequest = Shapes::StructureShape.new(name: 'StartMonitoringMemberRequest')
     Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
     UnprocessedAccount = Shapes::StructureShape.new(name: 'UnprocessedAccount')
     UnprocessedAccountList = Shapes::ListShape.new(name: 'UnprocessedAccountList')
@@ -140,8 +143,11 @@ module Aws::Detective
     MemberDetail.add_member(:graph_arn, Shapes::ShapeRef.new(shape: GraphArn, location_name: "GraphArn"))
     MemberDetail.add_member(:master_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "MasterId"))
     MemberDetail.add_member(:status, Shapes::ShapeRef.new(shape: MemberStatus, location_name: "Status"))
+    MemberDetail.add_member(:disabled_reason, Shapes::ShapeRef.new(shape: MemberDisabledReason, location_name: "DisabledReason"))
     MemberDetail.add_member(:invited_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "InvitedTime"))
     MemberDetail.add_member(:updated_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "UpdatedTime"))
+    MemberDetail.add_member(:percent_of_graph_utilization, Shapes::ShapeRef.new(shape: Percentage, location_name: "PercentOfGraphUtilization"))
+    MemberDetail.add_member(:percent_of_graph_utilization_updated_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "PercentOfGraphUtilizationUpdatedTime"))
     MemberDetail.struct_class = Types::MemberDetail
 
     MemberDetailList.member = Shapes::ShapeRef.new(shape: MemberDetail)
@@ -155,6 +161,10 @@ module Aws::Detective
     ServiceQuotaExceededException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
     ServiceQuotaExceededException.struct_class = Types::ServiceQuotaExceededException
 
+    StartMonitoringMemberRequest.add_member(:graph_arn, Shapes::ShapeRef.new(shape: GraphArn, required: true, location_name: "GraphArn"))
+    StartMonitoringMemberRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
+    StartMonitoringMemberRequest.struct_class = Types::StartMonitoringMemberRequest
+
     UnprocessedAccount.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "AccountId"))
     UnprocessedAccount.add_member(:reason, Shapes::ShapeRef.new(shape: UnprocessedReason, location_name: "Reason"))
     UnprocessedAccount.struct_class = Types::UnprocessedAccount
@@ -202,6 +212,7 @@ module Aws::Detective
         o.output = Shapes::ShapeRef.new(shape: CreateGraphResponse)
         o.errors << Shapes::ShapeRef.new(shape: ConflictException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
       end)
 
       api.add_operation(:create_members, Seahorse::Model::Operation.new.tap do |o|
@@ -322,6 +333,19 @@ module Aws::Detective
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: ValidationException)
       end)
+
+      api.add_operation(:start_monitoring_member, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "StartMonitoringMember"
+        o.http_method = "POST"
+        o.http_request_uri = "/graph/member/monitoringstate"
+        o.input = Shapes::ShapeRef.new(shape: StartMonitoringMemberRequest)
+        o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+      end)
     end
 
   end

data/lib/aws-sdk-detective/resource.rb

@@ -6,13 +6,7 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::Detective
-  # This class provides a resource oriented interface for Detective.
-  # To create a resource object:
-  #     resource = Aws::Detective::Resource.new(region: 'us-west-2')
-  # You can supply a client object with custom configuration that will be used for all resource operations.
-  # If you do not pass +:client+, a default client will be constructed.
-  #     client = Aws::Detective::Client.new(region: 'us-west-2')
-  #     resource = Aws::Detective::Resource.new(client: client)
+
   class Resource
 
     # @param options ({})

data/lib/aws-sdk-detective/types.rb

@@ -502,10 +502,29 @@ module Aws::Detective
     #   * `ENABLED` - Indicates that the member account accepted the
     #     invitation to contribute to the behavior graph.
     #
+    #   * `ACCEPTED_BUT_DISABLED` - Indicates that the member account
+    #     accepted the invitation, but is blocked from contributing data to
+    #     the behavior graph. `DisabledReason` provides the reason why the
+    #     member account is blocked.
+    #
     #   Member accounts that declined an invitation or that were removed
     #   from the behavior graph are not included.
     #   @return [String]
     #
+    # @!attribute [rw] disabled_reason
+    #   For member accounts with a status of `ACCEPTED_BUT_DISABLED`, the
+    #   reason that the member account is blocked.
+    #
+    #   The reason can have one of the following values:
+    #
+    #   * `VOLUME_TOO_HIGH` - Indicates that adding the member account would
+    #     cause the data rate for the behavior graph to be too high.
+    #
+    #   * `VOLUME_UNKNOWN` - Indicates that Detective is unable to verify
+    #     the data rate for the member account. This is usually because the
+    #     member account is not enrolled in Amazon GuardDuty.
+    #   @return [String]
+    #
     # @!attribute [rw] invited_time
     #   The date and time that Detective sent the invitation to the member
     #   account. The value is in milliseconds since the epoch.
@@ -516,6 +535,26 @@ module Aws::Detective
     #   value is in milliseconds since the epoch.
     #   @return [Time]
     #
+    # @!attribute [rw] percent_of_graph_utilization
+    #   The member account data volume as a percentage of the maximum
+    #   allowed data volume. 0 indicates 0 percent, and 100 indicates 100
+    #   percent.
+    #
+    #   Note that this is not the percentage of the behavior graph data
+    #   volume.
+    #
+    #   For example, the data volume for the behavior graph is 80 GB per
+    #   day. The maximum data volume is 160 GB per day. If the data volume
+    #   for the member account is 40 GB per day, then
+    #   `PercentOfGraphUtilization` is 25. It represents 25% of the maximum
+    #   allowed data volume.
+    #   @return [Float]
+    #
+    # @!attribute [rw] percent_of_graph_utilization_updated_time
+    #   The date and time when the graph utilization percentage was last
+    #   updated.
+    #   @return [Time]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/MemberDetail AWS API Documentation
     #
     class MemberDetail < Struct.new(
@@ -524,8 +563,11 @@ module Aws::Detective
       :graph_arn,
       :master_id,
       :status,
+      :disabled_reason,
       :invited_time,
-      :updated_time)
+      :updated_time,
+      :percent_of_graph_utilization,
+      :percent_of_graph_utilization_updated_time)
       include Aws::Structure
     end
 
@@ -562,9 +604,18 @@ module Aws::Detective
       include Aws::Structure
     end
 
-    # This request would cause the number of member accounts in the behavior
-    # graph to exceed the maximum allowed. A behavior graph cannot have more
-    # than 1000 member accounts.
+    # This request cannot be completed for one of the following reasons.
+    #
+    # * The request would cause the number of member accounts in the
+    #   behavior graph to exceed the maximum allowed. A behavior graph
+    #   cannot have more than 1000 member accounts.
+    #
+    # * The request would cause the data rate for the behavior graph to
+    #   exceed the maximum allowed.
+    #
+    # * Detective is unable to verify the data rate for the member account.
+    #   This is usually because the member account is not enrolled in Amazon
+    #   GuardDuty.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -576,6 +627,33 @@ module Aws::Detective
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass StartMonitoringMemberRequest
+    #   data as a hash:
+    #
+    #       {
+    #         graph_arn: "GraphArn", # required
+    #         account_id: "AccountId", # required
+    #       }
+    #
+    # @!attribute [rw] graph_arn
+    #   The ARN of the behavior graph.
+    #   @return [String]
+    #
+    # @!attribute [rw] account_id
+    #   The account ID of the member account to try to enable.
+    #
+    #   The account must be an invited member account with a status of
+    #   `ACCEPTED_BUT_DISABLED`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/StartMonitoringMemberRequest AWS API Documentation
+    #
+    class StartMonitoringMemberRequest < Struct.new(
+      :graph_arn,
+      :account_id)
+      include Aws::Structure
+    end
+
     # Amazon Detective is currently in preview.
     #
     # A member account that was included in a request but for which the

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-detective
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-09 00:00:00.000000000 Z
+date: 2020-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core