aws-sdk-detective 1.22.0 → 1.26.0

data/lib/aws-sdk-detective/types.rb

@@ -32,8 +32,8 @@ module Aws::Detective
       include Aws::Structure
     end
 
-    # An AWS account that is the administrator account of or a member of a
-    # behavior graph.
+    # An Amazon Web Services account that is the administrator account of or
+    # a member of a behavior graph.
     #
     # @note When making an API call, you may pass Account
     #   data as a hash:
@@ -44,11 +44,12 @@ module Aws::Detective
     #       }
     #
     # @!attribute [rw] account_id
-    #   The account identifier of the AWS account.
+    #   The account identifier of the Amazon Web Services account.
     #   @return [String]
     #
     # @!attribute [rw] email_address
-    #   The AWS account root user email address for the AWS account.
+    #   The Amazon Web Services account root user email address for the
+    #   Amazon Web Services account.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/Account AWS API Documentation
@@ -60,6 +61,34 @@ module Aws::Detective
       include Aws::Structure
     end
 
+    # Information about the Detective administrator account for an
+    # organization.
+    #
+    # @!attribute [rw] account_id
+    #   The Amazon Web Services account identifier of the Detective
+    #   administrator account for the organization.
+    #   @return [String]
+    #
+    # @!attribute [rw] graph_arn
+    #   The ARN of the organization behavior graph.
+    #   @return [String]
+    #
+    # @!attribute [rw] delegation_time
+    #   The date and time when the Detective administrator account was
+    #   enabled. The value is an ISO8601 formatted string. For example,
+    #   `2021-08-18T16:35:56.284Z`.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/Administrator AWS API Documentation
+    #
+    class Administrator < Struct.new(
+      :account_id,
+      :graph_arn,
+      :delegation_time)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The request attempted an invalid action.
     #
     # @!attribute [rw] message
@@ -125,8 +154,7 @@ module Aws::Detective
     #       }
     #
     # @!attribute [rw] graph_arn
-    #   The ARN of the behavior graph to invite the member accounts to
-    #   contribute their data to.
+    #   The ARN of the behavior graph.
     #   @return [String]
     #
     # @!attribute [rw] message
@@ -135,16 +163,21 @@ module Aws::Detective
     #   @return [String]
     #
     # @!attribute [rw] disable_email_notification
-    #   if set to `true`, then the member accounts do not receive email
-    #   notifications. By default, this is set to `false`, and the member
+    #   if set to `true`, then the invited accounts do not receive email
+    #   notifications. By default, this is set to `false`, and the invited
     #   accounts receive email notifications.
+    #
+    #   Organization accounts in the organization behavior graph do not
+    #   receive email notifications.
     #   @return [Boolean]
     #
     # @!attribute [rw] accounts
-    #   The list of AWS accounts to invite to become member accounts in the
-    #   behavior graph. You can invite up to 50 accounts at a time. For each
-    #   invited account, the account list contains the account identifier
-    #   and the AWS account root user email address.
+    #   The list of Amazon Web Services accounts to invite or to enable. You
+    #   can invite or enable up to 50 accounts at a time. For each invited
+    #   account, the account list contains the account identifier and the
+    #   Amazon Web Services account root user email address. For
+    #   organization accounts in the organization behavior graph, the email
+    #   address is not required.
     #   @return [Array<Types::Account>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/CreateMembersRequest AWS API Documentation
@@ -159,17 +192,18 @@ module Aws::Detective
     end
 
     # @!attribute [rw] members
-    #   The set of member account invitation requests that Detective was
-    #   able to process. This includes accounts that are being verified,
-    #   that failed verification, and that passed verification and are being
-    #   sent an invitation.
+    #   The set of member account invitation or enablement requests that
+    #   Detective was able to process. This includes accounts that are being
+    #   verified, that failed verification, and that passed verification and
+    #   are being sent an invitation or are being enabled.
     #   @return [Array<Types::MemberDetail>]
     #
     # @!attribute [rw] unprocessed_accounts
     #   The list of accounts for which Detective was unable to process the
-    #   invitation request. For each account, the list provides the reason
-    #   why the request could not be processed. The list includes accounts
-    #   that are already member accounts in the behavior graph.
+    #   invitation or enablement request. For each account, the list
+    #   provides the reason why the request could not be processed. The list
+    #   includes accounts that are already member accounts in the behavior
+    #   graph.
     #   @return [Array<Types::UnprocessedAccount>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/CreateMembersResponse AWS API Documentation
@@ -209,13 +243,13 @@ module Aws::Detective
     #       }
     #
     # @!attribute [rw] graph_arn
-    #   The ARN of the behavior graph to delete members from.
+    #   The ARN of the behavior graph to remove members from.
     #   @return [String]
     #
     # @!attribute [rw] account_ids
-    #   The list of AWS account identifiers for the member accounts to
-    #   delete from the behavior graph. You can delete up to 50 member
-    #   accounts at a time.
+    #   The list of Amazon Web Services account identifiers for the member
+    #   accounts to remove from the behavior graph. You can remove up to 50
+    #   member accounts at a time.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DeleteMembersRequest AWS API Documentation
@@ -228,12 +262,13 @@ module Aws::Detective
     end
 
     # @!attribute [rw] account_ids
-    #   The list of AWS account identifiers for the member accounts that
-    #   Detective successfully deleted from the behavior graph.
+    #   The list of Amazon Web Services account identifiers for the member
+    #   accounts that Detective successfully removed from the behavior
+    #   graph.
     #   @return [Array<String>]
     #
     # @!attribute [rw] unprocessed_accounts
-    #   The list of member accounts that Detective was not able to delete
+    #   The list of member accounts that Detective was not able to remove
     #   from the behavior graph. For each member account, provides the
     #   reason that the deletion could not be processed.
     #   @return [Array<Types::UnprocessedAccount>]
@@ -247,6 +282,38 @@ module Aws::Detective
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DescribeOrganizationConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         graph_arn: "GraphArn", # required
+    #       }
+    #
+    # @!attribute [rw] graph_arn
+    #   The ARN of the organization behavior graph.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DescribeOrganizationConfigurationRequest AWS API Documentation
+    #
+    class DescribeOrganizationConfigurationRequest < Struct.new(
+      :graph_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] auto_enable
+    #   Indicates whether to automatically enable new organization accounts
+    #   as member accounts in the organization behavior graph.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
+    #
+    class DescribeOrganizationConfigurationResponse < Struct.new(
+      :auto_enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DisassociateMembershipRequest
     #   data as a hash:
     #
@@ -269,6 +336,27 @@ module Aws::Detective
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
+    #   data as a hash:
+    #
+    #       {
+    #         account_id: "AccountId", # required
+    #       }
+    #
+    # @!attribute [rw] account_id
+    #   The Amazon Web Services account identifier of the account to
+    #   designate as the Detective administrator account for the
+    #   organization.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/EnableOrganizationAdminAccountRequest AWS API Documentation
+    #
+    class EnableOrganizationAdminAccountRequest < Struct.new(
+      :account_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetMembersRequest
     #   data as a hash:
     #
@@ -283,9 +371,9 @@ module Aws::Detective
     #   @return [String]
     #
     # @!attribute [rw] account_ids
-    #   The list of AWS account identifiers for the member account for which
-    #   to return member details. You can request details for up to 50
-    #   member accounts at a time.
+    #   The list of Amazon Web Services account identifiers for the member
+    #   account for which to return member details. You can request details
+    #   for up to 50 member accounts at a time.
     #
     #   You cannot use `GetMembers` to retrieve information about member
     #   accounts that were removed from the behavior graph.
@@ -330,7 +418,8 @@ module Aws::Detective
     #
     # @!attribute [rw] created_time
     #   The date and time that the behavior graph was created. The value is
-    #   in milliseconds since the epoch.
+    #   an ISO8601 formatted string. For example,
+    #   `2021-08-18T16:35:56.284Z`.
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/Graph AWS API Documentation
@@ -493,16 +582,19 @@ module Aws::Detective
     # @!attribute [rw] member_details
     #   The list of member accounts in the behavior graph.
     #
-    #   The results include member accounts that did not pass verification
-    #   and member accounts that have not yet accepted the invitation to the
-    #   behavior graph. The results do not include member accounts that were
-    #   removed from the behavior graph.
+    #   For invited accounts, the results include member accounts that did
+    #   not pass verification and member accounts that have not yet accepted
+    #   the invitation to the behavior graph. The results do not include
+    #   member accounts that were removed from the behavior graph.
+    #
+    #   For the organization behavior graph, the results do not include
+    #   organization accounts that the Detective administrator account has
+    #   not enabled as member accounts.
     #   @return [Array<Types::MemberDetail>]
     #
     # @!attribute [rw] next_token
-    #   If there are more member accounts remaining in the results, then
-    #   this is the pagination token to use to request the next page of
-    #   member accounts.
+    #   If there are more member accounts remaining in the results, then use
+    #   this pagination token to request the next page of member accounts.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListMembersResponse AWS API Documentation
@@ -514,6 +606,51 @@ module Aws::Detective
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         next_token: "PaginationToken",
+    #         max_results: 1,
+    #       }
+    #
+    # @!attribute [rw] next_token
+    #   For requests to get the next page of results, the pagination token
+    #   that was returned with the previous set of results. The initial
+    #   request does not include a pagination token.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListOrganizationAdminAccountsRequest AWS API Documentation
+    #
+    class ListOrganizationAdminAccountsRequest < Struct.new(
+      :next_token,
+      :max_results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] administrators
+    #   The list of delegated administrator accounts.
+    #   @return [Array<Types::Administrator>]
+    #
+    # @!attribute [rw] next_token
+    #   If there are more accounts remaining in the results, then this is
+    #   the pagination token to use to request the next page of accounts.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListOrganizationAdminAccountsResponse AWS API Documentation
+    #
+    class ListOrganizationAdminAccountsResponse < Struct.new(
+      :administrators,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListTagsForResourceRequest
     #   data as a hash:
     #
@@ -546,59 +683,70 @@ module Aws::Detective
       include Aws::Structure
     end
 
-    # Details about a member account that was invited to contribute to a
-    # behavior graph.
+    # Details about a member account in a behavior graph.
     #
     # @!attribute [rw] account_id
-    #   The AWS account identifier for the member account.
+    #   The Amazon Web Services account identifier for the member account.
     #   @return [String]
     #
     # @!attribute [rw] email_address
-    #   The AWS account root user email address for the member account.
+    #   The Amazon Web Services account root user email address for the
+    #   member account.
     #   @return [String]
     #
     # @!attribute [rw] graph_arn
-    #   The ARN of the behavior graph that the member account was invited
-    #   to.
+    #   The ARN of the behavior graph.
     #   @return [String]
     #
     # @!attribute [rw] master_id
-    #   The AWS account identifier of the administrator account for the
-    #   behavior graph.
+    #   The Amazon Web Services account identifier of the administrator
+    #   account for the behavior graph.
     #   @return [String]
     #
     # @!attribute [rw] administrator_id
-    #   The AWS account identifier of the administrator account for the
-    #   behavior graph.
+    #   The Amazon Web Services account identifier of the administrator
+    #   account for the behavior graph.
     #   @return [String]
     #
     # @!attribute [rw] status
     #   The current membership status of the member account. The status can
     #   have one of the following values:
     #
-    #   * `INVITED` - Indicates that the member was sent an invitation but
-    #     has not yet responded.
-    #
-    #   * `VERIFICATION_IN_PROGRESS` - Indicates that Detective is verifying
-    #     that the account identifier and email address provided for the
-    #     member account match. If they do match, then Detective sends the
-    #     invitation. If the email address and account identifier don't
-    #     match, then the member cannot be added to the behavior graph.
-    #
-    #   * `VERIFICATION_FAILED` - Indicates that the account and email
-    #     address provided for the member account do not match, and
-    #     Detective did not send an invitation to the account.
-    #
-    #   * `ENABLED` - Indicates that the member account accepted the
-    #     invitation to contribute to the behavior graph.
-    #
-    #   * `ACCEPTED_BUT_DISABLED` - Indicates that the member account
-    #     accepted the invitation but is prevented from contributing data to
-    #     the behavior graph. `DisabledReason` provides the reason why the
-    #     member account is not enabled.
-    #
-    #   Member accounts that declined an invitation or that were removed
-    #   from the behavior graph are not included.
+    #   * `INVITED` - For invited accounts only. Indicates that the member
+    #     was sent an invitation but has not yet responded.
+    #
+    #   * `VERIFICATION_IN_PROGRESS` - For invited accounts only, indicates
+    #     that Detective is verifying that the account identifier and email
+    #     address provided for the member account match. If they do match,
+    #     then Detective sends the invitation. If the email address and
+    #     account identifier don't match, then the member cannot be added
+    #     to the behavior graph.
+    #
+    #     For organization accounts in the organization behavior graph,
+    #     indicates that Detective is verifying that the account belongs to
+    #     the organization.
+    #
+    #   * `VERIFICATION_FAILED` - For invited accounts only. Indicates that
+    #     the account and email address provided for the member account do
+    #     not match, and Detective did not send an invitation to the
+    #     account.
+    #
+    #   * `ENABLED` - Indicates that the member account currently
+    #     contributes data to the behavior graph. For invited accounts, the
+    #     member account accepted the invitation. For organization accounts
+    #     in the organization behavior graph, the Detective administrator
+    #     account enabled the organization account as a member account.
+    #
+    #   * `ACCEPTED_BUT_DISABLED` - The account accepted the invitation, or
+    #     was enabled by the Detective administrator account, but is
+    #     prevented from contributing data to the behavior graph.
+    #     `DisabledReason` provides the reason why the member account is not
+    #     enabled.
+    #
+    #   Invited accounts that declined an invitation or that were removed
+    #   from the behavior graph are not included. In the organization
+    #   behavior graph, organization accounts that the Detective
+    #   administrator account did not enable are not included.
     #   @return [String]
     #
     # @!attribute [rw] disabled_reason
@@ -616,13 +764,15 @@ module Aws::Detective
     #   @return [String]
     #
     # @!attribute [rw] invited_time
-    #   The date and time that Detective sent the invitation to the member
-    #   account. The value is in milliseconds since the epoch.
+    #   For invited accounts, the date and time that Detective sent the
+    #   invitation to the account. The value is an ISO8601 formatted string.
+    #   For example, `2021-08-18T16:35:56.284Z`.
     #   @return [Time]
     #
     # @!attribute [rw] updated_time
     #   The date and time that the member account was last updated. The
-    #   value is in milliseconds since the epoch.
+    #   value is an ISO8601 formatted string. For example,
+    #   `2021-08-18T16:35:56.284Z`.
     #   @return [Time]
     #
     # @!attribute [rw] volume_usage_in_bytes
@@ -631,7 +781,8 @@ module Aws::Detective
     #
     # @!attribute [rw] volume_usage_updated_time
     #   The data and time when the member account data volume was last
-    #   updated.
+    #   updated. The value is an ISO8601 formatted string. For example,
+    #   `2021-08-18T16:35:56.284Z`.
     #   @return [Time]
     #
     # @!attribute [rw] percent_of_graph_utilization
@@ -651,9 +802,20 @@ module Aws::Detective
     #
     # @!attribute [rw] percent_of_graph_utilization_updated_time
     #   The date and time when the graph utilization percentage was last
-    #   updated.
+    #   updated. The value is an ISO8601 formatted string. For example,
+    #   `2021-08-18T16:35:56.284Z`.
     #   @return [Time]
     #
+    # @!attribute [rw] invitation_type
+    #   The type of behavior graph membership.
+    #
+    #   For an organization account in the organization behavior graph, the
+    #   type is `ORGANIZATION`.
+    #
+    #   For an account that was invited to a behavior graph, the type is
+    #   `INVITATION`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/MemberDetail AWS API Documentation
     #
     class MemberDetail < Struct.new(
@@ -669,7 +831,8 @@ module Aws::Detective
       :volume_usage_in_bytes,
       :volume_usage_updated_time,
       :percent_of_graph_utilization,
-      :percent_of_graph_utilization_updated_time)
+      :percent_of_graph_utilization_updated_time,
+      :invitation_type)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -713,7 +876,7 @@ module Aws::Detective
     #
     # * The request would cause the number of member accounts in the
     #   behavior graph to exceed the maximum allowed. A behavior graph
-    #   cannot have more than 1000 member accounts.
+    #   cannot have more than 1200 member accounts.
     #
     # * The request would cause the data rate for the behavior graph to
     #   exceed the maximum allowed.
@@ -795,12 +958,26 @@ module Aws::Detective
     #
     class TagResourceResponse < Aws::EmptyStructure; end
 
+    # The request cannot be completed because too many other requests are
+    # occurring at the same time.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/TooManyRequestsException AWS API Documentation
+    #
+    class TooManyRequestsException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # A member account that was included in a request but for which the
     # request could not be processed.
     #
     # @!attribute [rw] account_id
-    #   The AWS account identifier of the member account that was not
-    #   processed.
+    #   The Amazon Web Services account identifier of the member account
+    #   that was not processed.
     #   @return [String]
     #
     # @!attribute [rw] reason
@@ -846,6 +1023,32 @@ module Aws::Detective
     #
     class UntagResourceResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         graph_arn: "GraphArn", # required
+    #         auto_enable: false,
+    #       }
+    #
+    # @!attribute [rw] graph_arn
+    #   The ARN of the organization behavior graph.
+    #   @return [String]
+    #
+    # @!attribute [rw] auto_enable
+    #   Indicates whether to automatically enable new organization accounts
+    #   as member accounts in the organization behavior graph.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
+    #
+    class UpdateOrganizationConfigurationRequest < Struct.new(
+      :graph_arn,
+      :auto_enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The request parameters are invalid.
     #
     # @!attribute [rw] message

data/lib/aws-sdk-detective.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-detective/customizations'
 # @!group service
 module Aws::Detective
 
-  GEM_VERSION = '1.22.0'
+  GEM_VERSION = '1.26.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-detective
 version: !ruby/object:Gem::Version
-  version: 1.22.0
+  version: 1.26.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-10-18 00:00:00.000000000 Z
+date: 2022-01-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.121.2
+        version: 3.125.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.121.2
+        version: 3.125.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement