aws-sdk-detective 1.24.0 → 1.41.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +88 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-detective/client.rb +479 -42
- data/lib/aws-sdk-detective/client_api.rb +298 -4
- data/lib/aws-sdk-detective/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-detective/endpoint_provider.rb +54 -0
- data/lib/aws-sdk-detective/endpoints.rb +352 -0
- data/lib/aws-sdk-detective/errors.rb +67 -0
- data/lib/aws-sdk-detective/plugins/endpoints.rb +116 -0
- data/lib/aws-sdk-detective/types.rb +533 -201
- data/lib/aws-sdk-detective.rb +5 -1
- metadata +8 -4
@@ -27,7 +27,11 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
|
27
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
28
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
29
|
require 'aws-sdk-core/plugins/http_checksum.rb'
|
30
|
-
require 'aws-sdk-core/plugins/
|
30
|
+
require 'aws-sdk-core/plugins/checksum_algorithm.rb'
|
31
|
+
require 'aws-sdk-core/plugins/request_compression.rb'
|
32
|
+
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
33
|
+
require 'aws-sdk-core/plugins/recursion_detection.rb'
|
34
|
+
require 'aws-sdk-core/plugins/sign.rb'
|
31
35
|
require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
32
36
|
|
33
37
|
Aws::Plugins::GlobalConfiguration.add_identifier(:detective)
|
@@ -73,8 +77,13 @@ module Aws::Detective
|
|
73
77
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
74
78
|
add_plugin(Aws::Plugins::TransferEncoding)
|
75
79
|
add_plugin(Aws::Plugins::HttpChecksum)
|
76
|
-
add_plugin(Aws::Plugins::
|
80
|
+
add_plugin(Aws::Plugins::ChecksumAlgorithm)
|
81
|
+
add_plugin(Aws::Plugins::RequestCompression)
|
82
|
+
add_plugin(Aws::Plugins::DefaultsMode)
|
83
|
+
add_plugin(Aws::Plugins::RecursionDetection)
|
84
|
+
add_plugin(Aws::Plugins::Sign)
|
77
85
|
add_plugin(Aws::Plugins::Protocols::RestJson)
|
86
|
+
add_plugin(Aws::Detective::Plugins::Endpoints)
|
78
87
|
|
79
88
|
# @overload initialize(options)
|
80
89
|
# @param [Hash] options
|
@@ -175,10 +184,18 @@ module Aws::Detective
|
|
175
184
|
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
176
185
|
# a clock skew correction and retry requests with skewed client clocks.
|
177
186
|
#
|
187
|
+
# @option options [String] :defaults_mode ("legacy")
|
188
|
+
# See {Aws::DefaultsModeConfiguration} for a list of the
|
189
|
+
# accepted modes and the configuration defaults that are included.
|
190
|
+
#
|
178
191
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
179
192
|
# Set to true to disable SDK automatically adding host prefix
|
180
193
|
# to default service endpoint when available.
|
181
194
|
#
|
195
|
+
# @option options [Boolean] :disable_request_compression (false)
|
196
|
+
# When set to 'true' the request body will not be compressed
|
197
|
+
# for supported operations.
|
198
|
+
#
|
182
199
|
# @option options [String] :endpoint
|
183
200
|
# The client endpoint is normally constructed from the `:region`
|
184
201
|
# option. You should only configure an `:endpoint` when connecting
|
@@ -199,6 +216,10 @@ module Aws::Detective
|
|
199
216
|
# @option options [Boolean] :endpoint_discovery (false)
|
200
217
|
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
201
218
|
#
|
219
|
+
# @option options [Boolean] :ignore_configured_endpoint_urls
|
220
|
+
# Setting to true disables use of endpoint URLs provided via environment
|
221
|
+
# variables and the shared configuration file.
|
222
|
+
#
|
202
223
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
203
224
|
# The log formatter.
|
204
225
|
#
|
@@ -219,6 +240,11 @@ module Aws::Detective
|
|
219
240
|
# Used when loading credentials from the shared credentials file
|
220
241
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
221
242
|
#
|
243
|
+
# @option options [Integer] :request_min_compression_size_bytes (10240)
|
244
|
+
# The minimum size in bytes that triggers compression for request
|
245
|
+
# bodies. The value must be non-negative integer value between 0
|
246
|
+
# and 10485780 bytes inclusive.
|
247
|
+
#
|
222
248
|
# @option options [Proc] :retry_backoff
|
223
249
|
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
224
250
|
# This option is only used in the `legacy` retry mode.
|
@@ -264,6 +290,11 @@ module Aws::Detective
|
|
264
290
|
# in the future.
|
265
291
|
#
|
266
292
|
#
|
293
|
+
# @option options [String] :sdk_ua_app_id
|
294
|
+
# A unique and opaque application ID that is appended to the
|
295
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
296
|
+
# maximum length of 50.
|
297
|
+
#
|
267
298
|
# @option options [String] :secret_access_key
|
268
299
|
#
|
269
300
|
# @option options [String] :session_token
|
@@ -277,6 +308,19 @@ module Aws::Detective
|
|
277
308
|
# ** Please note ** When response stubbing is enabled, no HTTP
|
278
309
|
# requests are made, and retries are disabled.
|
279
310
|
#
|
311
|
+
# @option options [Aws::TokenProvider] :token_provider
|
312
|
+
# A Bearer Token Provider. This can be an instance of any one of the
|
313
|
+
# following classes:
|
314
|
+
#
|
315
|
+
# * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
|
316
|
+
# tokens.
|
317
|
+
#
|
318
|
+
# * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
|
319
|
+
# access token generated from `aws login`.
|
320
|
+
#
|
321
|
+
# When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
|
322
|
+
# will be used to search for tokens configured for your profile in shared configuration files.
|
323
|
+
#
|
280
324
|
# @option options [Boolean] :use_dualstack_endpoint
|
281
325
|
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
282
326
|
# will be used if available.
|
@@ -290,6 +334,9 @@ module Aws::Detective
|
|
290
334
|
# When `true`, request parameters are validated before
|
291
335
|
# sending the request.
|
292
336
|
#
|
337
|
+
# @option options [Aws::Detective::EndpointProvider] :endpoint_provider
|
338
|
+
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::Detective::EndpointParameters`
|
339
|
+
#
|
293
340
|
# @option options [URI::HTTP,String] :http_proxy A proxy to send
|
294
341
|
# requests through. Formatted like 'http://proxy.com:123'.
|
295
342
|
#
|
@@ -297,7 +344,7 @@ module Aws::Detective
|
|
297
344
|
# seconds to wait when opening a HTTP session before raising a
|
298
345
|
# `Timeout::Error`.
|
299
346
|
#
|
300
|
-
# @option options [
|
347
|
+
# @option options [Float] :http_read_timeout (60) The default
|
301
348
|
# number of seconds to wait for response data. This value can
|
302
349
|
# safely be set per-request on the session.
|
303
350
|
#
|
@@ -313,6 +360,9 @@ module Aws::Detective
|
|
313
360
|
# disables this behaviour. This value can safely be set per
|
314
361
|
# request on the session.
|
315
362
|
#
|
363
|
+
# @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
|
364
|
+
# in seconds.
|
365
|
+
#
|
316
366
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
317
367
|
# HTTP debug output will be sent to the `:logger`.
|
318
368
|
#
|
@@ -369,6 +419,85 @@ module Aws::Detective
|
|
369
419
|
req.send_request(options)
|
370
420
|
end
|
371
421
|
|
422
|
+
# Gets data source package information for the behavior graph.
|
423
|
+
#
|
424
|
+
# @option params [required, String] :graph_arn
|
425
|
+
# The ARN of the behavior graph.
|
426
|
+
#
|
427
|
+
# @option params [required, Array<String>] :account_ids
|
428
|
+
# The list of Amazon Web Services accounts to get data source package
|
429
|
+
# information on.
|
430
|
+
#
|
431
|
+
# @return [Types::BatchGetGraphMemberDatasourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
432
|
+
#
|
433
|
+
# * {Types::BatchGetGraphMemberDatasourcesResponse#member_datasources #member_datasources} => Array<Types::MembershipDatasources>
|
434
|
+
# * {Types::BatchGetGraphMemberDatasourcesResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::UnprocessedAccount>
|
435
|
+
#
|
436
|
+
# @example Request syntax with placeholder values
|
437
|
+
#
|
438
|
+
# resp = client.batch_get_graph_member_datasources({
|
439
|
+
# graph_arn: "GraphArn", # required
|
440
|
+
# account_ids: ["AccountId"], # required
|
441
|
+
# })
|
442
|
+
#
|
443
|
+
# @example Response structure
|
444
|
+
#
|
445
|
+
# resp.member_datasources #=> Array
|
446
|
+
# resp.member_datasources[0].account_id #=> String
|
447
|
+
# resp.member_datasources[0].graph_arn #=> String
|
448
|
+
# resp.member_datasources[0].datasource_package_ingest_history #=> Hash
|
449
|
+
# resp.member_datasources[0].datasource_package_ingest_history["DatasourcePackage"] #=> Hash
|
450
|
+
# resp.member_datasources[0].datasource_package_ingest_history["DatasourcePackage"]["DatasourcePackageIngestState"].timestamp #=> Time
|
451
|
+
# resp.unprocessed_accounts #=> Array
|
452
|
+
# resp.unprocessed_accounts[0].account_id #=> String
|
453
|
+
# resp.unprocessed_accounts[0].reason #=> String
|
454
|
+
#
|
455
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/BatchGetGraphMemberDatasources AWS API Documentation
|
456
|
+
#
|
457
|
+
# @overload batch_get_graph_member_datasources(params = {})
|
458
|
+
# @param [Hash] params ({})
|
459
|
+
def batch_get_graph_member_datasources(params = {}, options = {})
|
460
|
+
req = build_request(:batch_get_graph_member_datasources, params)
|
461
|
+
req.send_request(options)
|
462
|
+
end
|
463
|
+
|
464
|
+
# Gets information on the data source package history for an account.
|
465
|
+
#
|
466
|
+
# @option params [required, Array<String>] :graph_arns
|
467
|
+
# The ARN of the behavior graph.
|
468
|
+
#
|
469
|
+
# @return [Types::BatchGetMembershipDatasourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
470
|
+
#
|
471
|
+
# * {Types::BatchGetMembershipDatasourcesResponse#membership_datasources #membership_datasources} => Array<Types::MembershipDatasources>
|
472
|
+
# * {Types::BatchGetMembershipDatasourcesResponse#unprocessed_graphs #unprocessed_graphs} => Array<Types::UnprocessedGraph>
|
473
|
+
#
|
474
|
+
# @example Request syntax with placeholder values
|
475
|
+
#
|
476
|
+
# resp = client.batch_get_membership_datasources({
|
477
|
+
# graph_arns: ["GraphArn"], # required
|
478
|
+
# })
|
479
|
+
#
|
480
|
+
# @example Response structure
|
481
|
+
#
|
482
|
+
# resp.membership_datasources #=> Array
|
483
|
+
# resp.membership_datasources[0].account_id #=> String
|
484
|
+
# resp.membership_datasources[0].graph_arn #=> String
|
485
|
+
# resp.membership_datasources[0].datasource_package_ingest_history #=> Hash
|
486
|
+
# resp.membership_datasources[0].datasource_package_ingest_history["DatasourcePackage"] #=> Hash
|
487
|
+
# resp.membership_datasources[0].datasource_package_ingest_history["DatasourcePackage"]["DatasourcePackageIngestState"].timestamp #=> Time
|
488
|
+
# resp.unprocessed_graphs #=> Array
|
489
|
+
# resp.unprocessed_graphs[0].graph_arn #=> String
|
490
|
+
# resp.unprocessed_graphs[0].reason #=> String
|
491
|
+
#
|
492
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/BatchGetMembershipDatasources AWS API Documentation
|
493
|
+
#
|
494
|
+
# @overload batch_get_membership_datasources(params = {})
|
495
|
+
# @param [Hash] params ({})
|
496
|
+
def batch_get_membership_datasources(params = {}, options = {})
|
497
|
+
req = build_request(:batch_get_membership_datasources, params)
|
498
|
+
req.send_request(options)
|
499
|
+
end
|
500
|
+
|
372
501
|
# Creates a new behavior graph for the calling account, and sets that
|
373
502
|
# account as the administrator account. This operation is called by the
|
374
503
|
# account that is enabling Detective.
|
@@ -423,47 +552,62 @@ module Aws::Detective
|
|
423
552
|
req.send_request(options)
|
424
553
|
end
|
425
554
|
|
426
|
-
#
|
427
|
-
#
|
428
|
-
#
|
555
|
+
# `CreateMembers` is used to send invitations to accounts. For the
|
556
|
+
# organization behavior graph, the Detective administrator account uses
|
557
|
+
# `CreateMembers` to enable organization accounts as member accounts.
|
558
|
+
#
|
559
|
+
# For invited accounts, `CreateMembers` sends a request to invite the
|
560
|
+
# specified Amazon Web Services accounts to be member accounts in the
|
561
|
+
# behavior graph. This operation can only be called by the administrator
|
562
|
+
# account for a behavior graph.
|
429
563
|
#
|
430
564
|
# `CreateMembers` verifies the accounts and then invites the verified
|
431
565
|
# accounts. The administrator can optionally specify to not send
|
432
566
|
# invitation emails to the member accounts. This would be used when the
|
433
567
|
# administrator manages their member accounts centrally.
|
434
568
|
#
|
569
|
+
# For organization accounts in the organization behavior graph,
|
570
|
+
# `CreateMembers` attempts to enable the accounts. The organization
|
571
|
+
# accounts do not receive invitations.
|
572
|
+
#
|
435
573
|
# The request provides the behavior graph ARN and the list of accounts
|
436
|
-
# to invite.
|
574
|
+
# to invite or to enable.
|
437
575
|
#
|
438
576
|
# The response separates the requested accounts into two lists:
|
439
577
|
#
|
440
|
-
# * The accounts that `CreateMembers` was able to
|
441
|
-
#
|
442
|
-
#
|
443
|
-
#
|
578
|
+
# * The accounts that `CreateMembers` was able to process. For invited
|
579
|
+
# accounts, includes member accounts that are being verified, that
|
580
|
+
# have passed verification and are to be invited, and that have failed
|
581
|
+
# verification. For organization accounts in the organization behavior
|
582
|
+
# graph, includes accounts that can be enabled and that cannot be
|
583
|
+
# enabled.
|
444
584
|
#
|
445
585
|
# * The accounts that `CreateMembers` was unable to process. This list
|
446
586
|
# includes accounts that were already invited to be member accounts in
|
447
587
|
# the behavior graph.
|
448
588
|
#
|
449
589
|
# @option params [required, String] :graph_arn
|
450
|
-
# The ARN of the behavior graph
|
451
|
-
# contribute their data to.
|
590
|
+
# The ARN of the behavior graph.
|
452
591
|
#
|
453
592
|
# @option params [String] :message
|
454
593
|
# Customized message text to include in the invitation email message to
|
455
594
|
# the invited member accounts.
|
456
595
|
#
|
457
596
|
# @option params [Boolean] :disable_email_notification
|
458
|
-
# if set to `true`, then the
|
459
|
-
# notifications. By default, this is set to `false`, and the
|
597
|
+
# if set to `true`, then the invited accounts do not receive email
|
598
|
+
# notifications. By default, this is set to `false`, and the invited
|
460
599
|
# accounts receive email notifications.
|
461
600
|
#
|
601
|
+
# Organization accounts in the organization behavior graph do not
|
602
|
+
# receive email notifications.
|
603
|
+
#
|
462
604
|
# @option params [required, Array<Types::Account>] :accounts
|
463
|
-
# The list of
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
605
|
+
# The list of Amazon Web Services accounts to invite or to enable. You
|
606
|
+
# can invite or enable up to 50 accounts at a time. For each invited
|
607
|
+
# account, the account list contains the account identifier and the
|
608
|
+
# Amazon Web Services account root user email address. For organization
|
609
|
+
# accounts in the organization behavior graph, the email address is not
|
610
|
+
# required.
|
467
611
|
#
|
468
612
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
469
613
|
#
|
@@ -500,6 +644,12 @@ module Aws::Detective
|
|
500
644
|
# resp.members[0].volume_usage_updated_time #=> Time
|
501
645
|
# resp.members[0].percent_of_graph_utilization #=> Float
|
502
646
|
# resp.members[0].percent_of_graph_utilization_updated_time #=> Time
|
647
|
+
# resp.members[0].invitation_type #=> String, one of "INVITATION", "ORGANIZATION"
|
648
|
+
# resp.members[0].volume_usage_by_datasource_package #=> Hash
|
649
|
+
# resp.members[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_in_bytes #=> Integer
|
650
|
+
# resp.members[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_update_time #=> Time
|
651
|
+
# resp.members[0].datasource_package_ingest_states #=> Hash
|
652
|
+
# resp.members[0].datasource_package_ingest_states["DatasourcePackage"] #=> String, one of "STARTED", "STOPPED", "DISABLED"
|
503
653
|
# resp.unprocessed_accounts #=> Array
|
504
654
|
# resp.unprocessed_accounts[0].account_id #=> String
|
505
655
|
# resp.unprocessed_accounts[0].reason #=> String
|
@@ -514,8 +664,8 @@ module Aws::Detective
|
|
514
664
|
end
|
515
665
|
|
516
666
|
# Disables the specified behavior graph and queues it to be deleted.
|
517
|
-
# This operation removes the graph from each member account's
|
518
|
-
# behavior graphs.
|
667
|
+
# This operation removes the behavior graph from each member account's
|
668
|
+
# list of behavior graphs.
|
519
669
|
#
|
520
670
|
# `DeleteGraph` can only be called by the administrator account for a
|
521
671
|
# behavior graph.
|
@@ -540,20 +690,32 @@ module Aws::Detective
|
|
540
690
|
req.send_request(options)
|
541
691
|
end
|
542
692
|
|
543
|
-
#
|
544
|
-
#
|
545
|
-
#
|
546
|
-
#
|
547
|
-
#
|
548
|
-
#
|
693
|
+
# Removes the specified member accounts from the behavior graph. The
|
694
|
+
# removed accounts no longer contribute data to the behavior graph. This
|
695
|
+
# operation can only be called by the administrator account for the
|
696
|
+
# behavior graph.
|
697
|
+
#
|
698
|
+
# For invited accounts, the removed accounts are deleted from the list
|
699
|
+
# of accounts in the behavior graph. To restore the account, the
|
700
|
+
# administrator account must send another invitation.
|
701
|
+
#
|
702
|
+
# For organization accounts in the organization behavior graph, the
|
703
|
+
# Detective administrator account can always enable the organization
|
704
|
+
# account again. Organization accounts that are not enabled as member
|
705
|
+
# accounts are not included in the `ListMembers` results for the
|
706
|
+
# organization behavior graph.
|
707
|
+
#
|
708
|
+
# An administrator account cannot use `DeleteMembers` to remove their
|
709
|
+
# own account from the behavior graph. To disable a behavior graph, the
|
710
|
+
# administrator account uses the `DeleteGraph` API method.
|
549
711
|
#
|
550
712
|
# @option params [required, String] :graph_arn
|
551
|
-
# The ARN of the behavior graph to
|
713
|
+
# The ARN of the behavior graph to remove members from.
|
552
714
|
#
|
553
715
|
# @option params [required, Array<String>] :account_ids
|
554
|
-
# The list of
|
555
|
-
# from the behavior graph. You can
|
556
|
-
# time.
|
716
|
+
# The list of Amazon Web Services account identifiers for the member
|
717
|
+
# accounts to remove from the behavior graph. You can remove up to 50
|
718
|
+
# member accounts at a time.
|
557
719
|
#
|
558
720
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
559
721
|
#
|
@@ -584,10 +746,73 @@ module Aws::Detective
|
|
584
746
|
req.send_request(options)
|
585
747
|
end
|
586
748
|
|
749
|
+
# Returns information about the configuration for the organization
|
750
|
+
# behavior graph. Currently indicates whether to automatically enable
|
751
|
+
# new organization accounts as member accounts.
|
752
|
+
#
|
753
|
+
# Can only be called by the Detective administrator account for the
|
754
|
+
# organization.
|
755
|
+
#
|
756
|
+
# @option params [required, String] :graph_arn
|
757
|
+
# The ARN of the organization behavior graph.
|
758
|
+
#
|
759
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
760
|
+
#
|
761
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
762
|
+
#
|
763
|
+
# @example Request syntax with placeholder values
|
764
|
+
#
|
765
|
+
# resp = client.describe_organization_configuration({
|
766
|
+
# graph_arn: "GraphArn", # required
|
767
|
+
# })
|
768
|
+
#
|
769
|
+
# @example Response structure
|
770
|
+
#
|
771
|
+
# resp.auto_enable #=> Boolean
|
772
|
+
#
|
773
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
774
|
+
#
|
775
|
+
# @overload describe_organization_configuration(params = {})
|
776
|
+
# @param [Hash] params ({})
|
777
|
+
def describe_organization_configuration(params = {}, options = {})
|
778
|
+
req = build_request(:describe_organization_configuration, params)
|
779
|
+
req.send_request(options)
|
780
|
+
end
|
781
|
+
|
782
|
+
# Removes the Detective administrator account in the current Region.
|
783
|
+
# Deletes the organization behavior graph.
|
784
|
+
#
|
785
|
+
# Can only be called by the organization management account.
|
786
|
+
#
|
787
|
+
# Removing the Detective administrator account does not affect the
|
788
|
+
# delegated administrator account for Detective in Organizations.
|
789
|
+
#
|
790
|
+
# To remove the delegated administrator account in Organizations, use
|
791
|
+
# the Organizations API. Removing the delegated administrator account
|
792
|
+
# also removes the Detective administrator account in all Regions,
|
793
|
+
# except for Regions where the Detective administrator account is the
|
794
|
+
# organization management account.
|
795
|
+
#
|
796
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
797
|
+
#
|
798
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
799
|
+
#
|
800
|
+
# @overload disable_organization_admin_account(params = {})
|
801
|
+
# @param [Hash] params ({})
|
802
|
+
def disable_organization_admin_account(params = {}, options = {})
|
803
|
+
req = build_request(:disable_organization_admin_account, params)
|
804
|
+
req.send_request(options)
|
805
|
+
end
|
806
|
+
|
587
807
|
# Removes the member account from the specified behavior graph. This
|
588
|
-
# operation can only be called by
|
808
|
+
# operation can only be called by an invited member account that has the
|
589
809
|
# `ENABLED` status.
|
590
810
|
#
|
811
|
+
# `DisassociateMembership` cannot be called by an organization account
|
812
|
+
# in the organization behavior graph. For the organization behavior
|
813
|
+
# graph, the Detective administrator account determines which
|
814
|
+
# organization accounts to enable or disable as member accounts.
|
815
|
+
#
|
591
816
|
# @option params [required, String] :graph_arn
|
592
817
|
# The ARN of the behavior graph to remove the member account from.
|
593
818
|
#
|
@@ -611,6 +836,47 @@ module Aws::Detective
|
|
611
836
|
req.send_request(options)
|
612
837
|
end
|
613
838
|
|
839
|
+
# Designates the Detective administrator account for the organization in
|
840
|
+
# the current Region.
|
841
|
+
#
|
842
|
+
# If the account does not have Detective enabled, then enables Detective
|
843
|
+
# for that account and creates a new behavior graph.
|
844
|
+
#
|
845
|
+
# Can only be called by the organization management account.
|
846
|
+
#
|
847
|
+
# If the organization has a delegated administrator account in
|
848
|
+
# Organizations, then the Detective administrator account must be either
|
849
|
+
# the delegated administrator account or the organization management
|
850
|
+
# account.
|
851
|
+
#
|
852
|
+
# If the organization does not have a delegated administrator account in
|
853
|
+
# Organizations, then you can choose any account in the organization. If
|
854
|
+
# you choose an account other than the organization management account,
|
855
|
+
# Detective calls Organizations to make that account the delegated
|
856
|
+
# administrator account for Detective. The organization management
|
857
|
+
# account cannot be the delegated administrator account.
|
858
|
+
#
|
859
|
+
# @option params [required, String] :account_id
|
860
|
+
# The Amazon Web Services account identifier of the account to designate
|
861
|
+
# as the Detective administrator account for the organization.
|
862
|
+
#
|
863
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
864
|
+
#
|
865
|
+
# @example Request syntax with placeholder values
|
866
|
+
#
|
867
|
+
# resp = client.enable_organization_admin_account({
|
868
|
+
# account_id: "AccountId", # required
|
869
|
+
# })
|
870
|
+
#
|
871
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
872
|
+
#
|
873
|
+
# @overload enable_organization_admin_account(params = {})
|
874
|
+
# @param [Hash] params ({})
|
875
|
+
def enable_organization_admin_account(params = {}, options = {})
|
876
|
+
req = build_request(:enable_organization_admin_account, params)
|
877
|
+
req.send_request(options)
|
878
|
+
end
|
879
|
+
|
614
880
|
# Returns the membership details for specified member accounts for a
|
615
881
|
# behavior graph.
|
616
882
|
#
|
@@ -618,9 +884,9 @@ module Aws::Detective
|
|
618
884
|
# The ARN of the behavior graph for which to request the member details.
|
619
885
|
#
|
620
886
|
# @option params [required, Array<String>] :account_ids
|
621
|
-
# The list of
|
622
|
-
# to return member details. You can request details
|
623
|
-
# accounts at a time.
|
887
|
+
# The list of Amazon Web Services account identifiers for the member
|
888
|
+
# account for which to return member details. You can request details
|
889
|
+
# for up to 50 member accounts at a time.
|
624
890
|
#
|
625
891
|
# You cannot use `GetMembers` to retrieve information about member
|
626
892
|
# accounts that were removed from the behavior graph.
|
@@ -653,6 +919,12 @@ module Aws::Detective
|
|
653
919
|
# resp.member_details[0].volume_usage_updated_time #=> Time
|
654
920
|
# resp.member_details[0].percent_of_graph_utilization #=> Float
|
655
921
|
# resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
|
922
|
+
# resp.member_details[0].invitation_type #=> String, one of "INVITATION", "ORGANIZATION"
|
923
|
+
# resp.member_details[0].volume_usage_by_datasource_package #=> Hash
|
924
|
+
# resp.member_details[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_in_bytes #=> Integer
|
925
|
+
# resp.member_details[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_update_time #=> Time
|
926
|
+
# resp.member_details[0].datasource_package_ingest_states #=> Hash
|
927
|
+
# resp.member_details[0].datasource_package_ingest_states["DatasourcePackage"] #=> String, one of "STARTED", "STOPPED", "DISABLED"
|
656
928
|
# resp.unprocessed_accounts #=> Array
|
657
929
|
# resp.unprocessed_accounts[0].account_id #=> String
|
658
930
|
# resp.unprocessed_accounts[0].reason #=> String
|
@@ -666,6 +938,51 @@ module Aws::Detective
|
|
666
938
|
req.send_request(options)
|
667
939
|
end
|
668
940
|
|
941
|
+
# Lists data source packages in the behavior graph.
|
942
|
+
#
|
943
|
+
# @option params [required, String] :graph_arn
|
944
|
+
# The ARN of the behavior graph.
|
945
|
+
#
|
946
|
+
# @option params [String] :next_token
|
947
|
+
# For requests to get the next page of results, the pagination token
|
948
|
+
# that was returned with the previous set of results. The initial
|
949
|
+
# request does not include a pagination token.
|
950
|
+
#
|
951
|
+
# @option params [Integer] :max_results
|
952
|
+
# The maximum number of results to return.
|
953
|
+
#
|
954
|
+
# @return [Types::ListDatasourcePackagesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
955
|
+
#
|
956
|
+
# * {Types::ListDatasourcePackagesResponse#datasource_packages #datasource_packages} => Hash<String,Types::DatasourcePackageIngestDetail>
|
957
|
+
# * {Types::ListDatasourcePackagesResponse#next_token #next_token} => String
|
958
|
+
#
|
959
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
960
|
+
#
|
961
|
+
# @example Request syntax with placeholder values
|
962
|
+
#
|
963
|
+
# resp = client.list_datasource_packages({
|
964
|
+
# graph_arn: "GraphArn", # required
|
965
|
+
# next_token: "PaginationToken",
|
966
|
+
# max_results: 1,
|
967
|
+
# })
|
968
|
+
#
|
969
|
+
# @example Response structure
|
970
|
+
#
|
971
|
+
# resp.datasource_packages #=> Hash
|
972
|
+
# resp.datasource_packages["DatasourcePackage"].datasource_package_ingest_state #=> String, one of "STARTED", "STOPPED", "DISABLED"
|
973
|
+
# resp.datasource_packages["DatasourcePackage"].last_ingest_state_change #=> Hash
|
974
|
+
# resp.datasource_packages["DatasourcePackage"].last_ingest_state_change["DatasourcePackageIngestState"].timestamp #=> Time
|
975
|
+
# resp.next_token #=> String
|
976
|
+
#
|
977
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListDatasourcePackages AWS API Documentation
|
978
|
+
#
|
979
|
+
# @overload list_datasource_packages(params = {})
|
980
|
+
# @param [Hash] params ({})
|
981
|
+
def list_datasource_packages(params = {}, options = {})
|
982
|
+
req = build_request(:list_datasource_packages, params)
|
983
|
+
req.send_request(options)
|
984
|
+
end
|
985
|
+
|
669
986
|
# Returns the list of behavior graphs that the calling account is an
|
670
987
|
# administrator account of. This operation can only be called by an
|
671
988
|
# administrator account.
|
@@ -715,8 +1032,8 @@ module Aws::Detective
|
|
715
1032
|
end
|
716
1033
|
|
717
1034
|
# Retrieves the list of open and accepted behavior graph invitations for
|
718
|
-
# the member account. This operation can only be called by
|
719
|
-
# account.
|
1035
|
+
# the member account. This operation can only be called by an invited
|
1036
|
+
# member account.
|
720
1037
|
#
|
721
1038
|
# Open invitations are invitations that the member account has not
|
722
1039
|
# responded to.
|
@@ -766,6 +1083,12 @@ module Aws::Detective
|
|
766
1083
|
# resp.invitations[0].volume_usage_updated_time #=> Time
|
767
1084
|
# resp.invitations[0].percent_of_graph_utilization #=> Float
|
768
1085
|
# resp.invitations[0].percent_of_graph_utilization_updated_time #=> Time
|
1086
|
+
# resp.invitations[0].invitation_type #=> String, one of "INVITATION", "ORGANIZATION"
|
1087
|
+
# resp.invitations[0].volume_usage_by_datasource_package #=> Hash
|
1088
|
+
# resp.invitations[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_in_bytes #=> Integer
|
1089
|
+
# resp.invitations[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_update_time #=> Time
|
1090
|
+
# resp.invitations[0].datasource_package_ingest_states #=> Hash
|
1091
|
+
# resp.invitations[0].datasource_package_ingest_states["DatasourcePackage"] #=> String, one of "STARTED", "STOPPED", "DISABLED"
|
769
1092
|
# resp.next_token #=> String
|
770
1093
|
#
|
771
1094
|
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListInvitations AWS API Documentation
|
@@ -777,8 +1100,14 @@ module Aws::Detective
|
|
777
1100
|
req.send_request(options)
|
778
1101
|
end
|
779
1102
|
|
780
|
-
# Retrieves the list of member accounts for a behavior graph.
|
781
|
-
#
|
1103
|
+
# Retrieves the list of member accounts for a behavior graph.
|
1104
|
+
#
|
1105
|
+
# For invited accounts, the results do not include member accounts that
|
1106
|
+
# were removed from the behavior graph.
|
1107
|
+
#
|
1108
|
+
# For the organization behavior graph, the results do not include
|
1109
|
+
# organization accounts that the Detective administrator account has not
|
1110
|
+
# enabled as member accounts.
|
782
1111
|
#
|
783
1112
|
# @option params [required, String] :graph_arn
|
784
1113
|
# The ARN of the behavior graph for which to retrieve the list of member
|
@@ -825,6 +1154,12 @@ module Aws::Detective
|
|
825
1154
|
# resp.member_details[0].volume_usage_updated_time #=> Time
|
826
1155
|
# resp.member_details[0].percent_of_graph_utilization #=> Float
|
827
1156
|
# resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
|
1157
|
+
# resp.member_details[0].invitation_type #=> String, one of "INVITATION", "ORGANIZATION"
|
1158
|
+
# resp.member_details[0].volume_usage_by_datasource_package #=> Hash
|
1159
|
+
# resp.member_details[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_in_bytes #=> Integer
|
1160
|
+
# resp.member_details[0].volume_usage_by_datasource_package["DatasourcePackage"].volume_usage_update_time #=> Time
|
1161
|
+
# resp.member_details[0].datasource_package_ingest_states #=> Hash
|
1162
|
+
# resp.member_details[0].datasource_package_ingest_states["DatasourcePackage"] #=> String, one of "STARTED", "STOPPED", "DISABLED"
|
828
1163
|
# resp.next_token #=> String
|
829
1164
|
#
|
830
1165
|
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListMembers AWS API Documentation
|
@@ -836,6 +1171,49 @@ module Aws::Detective
|
|
836
1171
|
req.send_request(options)
|
837
1172
|
end
|
838
1173
|
|
1174
|
+
# Returns information about the Detective administrator account for an
|
1175
|
+
# organization. Can only be called by the organization management
|
1176
|
+
# account.
|
1177
|
+
#
|
1178
|
+
# @option params [String] :next_token
|
1179
|
+
# For requests to get the next page of results, the pagination token
|
1180
|
+
# that was returned with the previous set of results. The initial
|
1181
|
+
# request does not include a pagination token.
|
1182
|
+
#
|
1183
|
+
# @option params [Integer] :max_results
|
1184
|
+
# The maximum number of results to return.
|
1185
|
+
#
|
1186
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1187
|
+
#
|
1188
|
+
# * {Types::ListOrganizationAdminAccountsResponse#administrators #administrators} => Array<Types::Administrator>
|
1189
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
1190
|
+
#
|
1191
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1192
|
+
#
|
1193
|
+
# @example Request syntax with placeholder values
|
1194
|
+
#
|
1195
|
+
# resp = client.list_organization_admin_accounts({
|
1196
|
+
# next_token: "PaginationToken",
|
1197
|
+
# max_results: 1,
|
1198
|
+
# })
|
1199
|
+
#
|
1200
|
+
# @example Response structure
|
1201
|
+
#
|
1202
|
+
# resp.administrators #=> Array
|
1203
|
+
# resp.administrators[0].account_id #=> String
|
1204
|
+
# resp.administrators[0].graph_arn #=> String
|
1205
|
+
# resp.administrators[0].delegation_time #=> Time
|
1206
|
+
# resp.next_token #=> String
|
1207
|
+
#
|
1208
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
1209
|
+
#
|
1210
|
+
# @overload list_organization_admin_accounts(params = {})
|
1211
|
+
# @param [Hash] params ({})
|
1212
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
1213
|
+
req = build_request(:list_organization_admin_accounts, params)
|
1214
|
+
req.send_request(options)
|
1215
|
+
end
|
1216
|
+
|
839
1217
|
# Returns the tag values that are assigned to a behavior graph.
|
840
1218
|
#
|
841
1219
|
# @option params [required, String] :resource_arn
|
@@ -866,8 +1244,12 @@ module Aws::Detective
|
|
866
1244
|
end
|
867
1245
|
|
868
1246
|
# Rejects an invitation to contribute the account data to a behavior
|
869
|
-
# graph. This operation must be called by
|
870
|
-
# `INVITED` status.
|
1247
|
+
# graph. This operation must be called by an invited member account that
|
1248
|
+
# has the `INVITED` status.
|
1249
|
+
#
|
1250
|
+
# `RejectInvitation` cannot be called by an organization account in the
|
1251
|
+
# organization behavior graph. In the organization behavior graph,
|
1252
|
+
# organization accounts do not receive an invitation.
|
871
1253
|
#
|
872
1254
|
# @option params [required, String] :graph_arn
|
873
1255
|
# The ARN of the behavior graph to reject the invitation to.
|
@@ -988,6 +1370,61 @@ module Aws::Detective
|
|
988
1370
|
req.send_request(options)
|
989
1371
|
end
|
990
1372
|
|
1373
|
+
# Starts a data source packages for the behavior graph.
|
1374
|
+
#
|
1375
|
+
# @option params [required, String] :graph_arn
|
1376
|
+
# The ARN of the behavior graph.
|
1377
|
+
#
|
1378
|
+
# @option params [required, Array<String>] :datasource_packages
|
1379
|
+
# The data source package start for the behavior graph.
|
1380
|
+
#
|
1381
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1382
|
+
#
|
1383
|
+
# @example Request syntax with placeholder values
|
1384
|
+
#
|
1385
|
+
# resp = client.update_datasource_packages({
|
1386
|
+
# graph_arn: "GraphArn", # required
|
1387
|
+
# datasource_packages: ["DETECTIVE_CORE"], # required, accepts DETECTIVE_CORE, EKS_AUDIT, ASFF_SECURITYHUB_FINDING
|
1388
|
+
# })
|
1389
|
+
#
|
1390
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/UpdateDatasourcePackages AWS API Documentation
|
1391
|
+
#
|
1392
|
+
# @overload update_datasource_packages(params = {})
|
1393
|
+
# @param [Hash] params ({})
|
1394
|
+
def update_datasource_packages(params = {}, options = {})
|
1395
|
+
req = build_request(:update_datasource_packages, params)
|
1396
|
+
req.send_request(options)
|
1397
|
+
end
|
1398
|
+
|
1399
|
+
# Updates the configuration for the Organizations integration in the
|
1400
|
+
# current Region. Can only be called by the Detective administrator
|
1401
|
+
# account for the organization.
|
1402
|
+
#
|
1403
|
+
# @option params [required, String] :graph_arn
|
1404
|
+
# The ARN of the organization behavior graph.
|
1405
|
+
#
|
1406
|
+
# @option params [Boolean] :auto_enable
|
1407
|
+
# Indicates whether to automatically enable new organization accounts as
|
1408
|
+
# member accounts in the organization behavior graph.
|
1409
|
+
#
|
1410
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1411
|
+
#
|
1412
|
+
# @example Request syntax with placeholder values
|
1413
|
+
#
|
1414
|
+
# resp = client.update_organization_configuration({
|
1415
|
+
# graph_arn: "GraphArn", # required
|
1416
|
+
# auto_enable: false,
|
1417
|
+
# })
|
1418
|
+
#
|
1419
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/detective-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
1420
|
+
#
|
1421
|
+
# @overload update_organization_configuration(params = {})
|
1422
|
+
# @param [Hash] params ({})
|
1423
|
+
def update_organization_configuration(params = {}, options = {})
|
1424
|
+
req = build_request(:update_organization_configuration, params)
|
1425
|
+
req.send_request(options)
|
1426
|
+
end
|
1427
|
+
|
991
1428
|
# @!endgroup
|
992
1429
|
|
993
1430
|
# @param params ({})
|
@@ -1001,7 +1438,7 @@ module Aws::Detective
|
|
1001
1438
|
params: params,
|
1002
1439
|
config: config)
|
1003
1440
|
context[:gem_name] = 'aws-sdk-detective'
|
1004
|
-
context[:gem_version] = '1.
|
1441
|
+
context[:gem_version] = '1.41.0'
|
1005
1442
|
Seahorse::Client::Request.new(handlers, context)
|
1006
1443
|
end
|
1007
1444
|
|