aws-sdk-guardduty 1.151.0 → 1.153.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 968ac7495e15e2a99f1deac42b8069aa6600735fd17f7a4bc8270aae1a14f2eb
-  data.tar.gz: e85766b49cea51baea08cbfb99796e35744151eb916eb3e1dcecc87cfee503d4
+  metadata.gz: f6adcc24edb8288ec2a463559ce6322630686396de0fc99c1cdbdda4054d63bb
+  data.tar.gz: d23a697f2f89452fb21ed7e0723895483a55ef02e1cb8545507b6bde634e312b
 SHA512:
-  metadata.gz: 4e6389c6e37b35bb750db5b71c6f59d9aab5aa30a43534cd946eb0b7e3e37e8f5f33ab2e961e669e33b425beb65bcac2ada05c6885ff73233883ee888f93e7cc
-  data.tar.gz: 01ef7f3e3f8e430d778a512de25bdb1771c5ca05f3a749026d0c97b150fb09f989d8cb0798d1ba30b041bddfbe94914daa314966ef0fd999684a21df6958e921
+  metadata.gz: c523d3a7e9ef6a92c06ad91e2aba0b46ccf4c7cd80d3e1b5704914b4a74d77d3325ec31404f7e68b493ab29ba9a5d3c05b20bb71c5216170614111fae62a411f
+  data.tar.gz: 1cc71c945575b1e223b8f2b3f9b07debfd348729bd75a13e93d64d897bc1cd53e538a06d1b810b7747c9b0efa353571aa8bbd5340bd5a36aa91338e299a2a403

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.153.0 (2026-06-02)
+------------------
+
+* Feature - Amazon GuardDuty Runtime Monitoring now supports 3 new SensitiveFileModified finding types (Persistence, PrivilegeEscalation, DefenseEvasion) that detect when security-sensitive system files are modified on EC2 instances or containers, indicating potential compromise through file tampering.
+
+1.152.0 (2026-05-26)
+------------------
+
+* Feature - Add malware scan support for Continuous Backups, also known as Point-In-Time Recovery Points (PITR).
+
 1.151.0 (2026-05-21)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.151.0
+1.153.0

data/lib/aws-sdk-guardduty/client.rb

@@ -4303,6 +4303,10 @@ module Aws::GuardDuty
     #   resp.findings[0].service.runtime_details.context.service_name #=> String
     #   resp.findings[0].service.runtime_details.context.command_line_example #=> String
     #   resp.findings[0].service.runtime_details.context.threat_file_path #=> String
+    #   resp.findings[0].service.runtime_details.context.file_operation #=> String
+    #   resp.findings[0].service.runtime_details.context.file_path #=> String
+    #   resp.findings[0].service.runtime_details.context.related_file_paths #=> Array
+    #   resp.findings[0].service.runtime_details.context.related_file_paths[0] #=> String
     #   resp.findings[0].service.detection.anomaly.profiles #=> Hash
     #   resp.findings[0].service.detection.anomaly.profiles["String"] #=> Hash
     #   resp.findings[0].service.detection.anomaly.profiles["String"]["String"] #=> Array
@@ -4789,13 +4793,13 @@ module Aws::GuardDuty
     #   resp.detector_id #=> String
     #   resp.admin_detector_id #=> String
     #   resp.resource_arn #=> String
-    #   resp.resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET", "S3_POINT_IN_TIME_RECOVERY"
     #   resp.scanned_resources_count #=> Integer
     #   resp.skipped_resources_count #=> Integer
     #   resp.failed_resources_count #=> Integer
     #   resp.scanned_resources #=> Array
     #   resp.scanned_resources[0].scanned_resource_arn #=> String
-    #   resp.scanned_resources[0].scanned_resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.scanned_resources[0].scanned_resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET", "S3_POINT_IN_TIME_RECOVERY"
     #   resp.scanned_resources[0].scanned_resource_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
     #   resp.scanned_resources[0].scan_status_reason #=> String, one of "ACCESS_DENIED", "RESOURCE_NOT_FOUND", "SNAPSHOT_SIZE_LIMIT_EXCEEDED", "RESOURCE_UNAVAILABLE", "INCONSISTENT_SOURCE", "INCREMENTAL_NO_DIFFERENCE", "NO_EBS_VOLUMES_FOUND", "UNSUPPORTED_PRODUCT_CODE_TYPE", "AMI_SNAPSHOT_LIMIT_EXCEEDED", "UNRELATED_RESOURCES", "BASE_RESOURCE_NOT_SCANNED", "BASE_CREATED_AFTER_TARGET", "UNSUPPORTED_FOR_INCREMENTAL", "UNSUPPORTED_AMI", "UNSUPPORTED_SNAPSHOT", "UNSUPPORTED_COMPOSITE_RECOVERY_POINT", "ALL_FILES_SKIPPED_OR_FAILED"
     #   resp.scanned_resources[0].resource_details.ebs_volume.volume_arn #=> String
@@ -4812,6 +4816,8 @@ module Aws::GuardDuty
     #   resp.scan_configuration.trigger_details.trigger_type #=> String, one of "BACKUP", "GUARDDUTY"
     #   resp.scan_configuration.incremental_scan_details.baseline_resource_arn #=> String
     #   resp.scan_configuration.recovery_point.backup_vault_name #=> String
+    #   resp.scan_configuration.recovery_point.continuous_scan_details.start_time #=> Time
+    #   resp.scan_configuration.recovery_point.continuous_scan_details.end_time #=> Time
     #   resp.scan_category #=> String, one of "FULL_SCAN", "INCREMENTAL_SCAN"
     #   resp.scan_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
     #   resp.scan_status_reason #=> String, one of "ACCESS_DENIED", "RESOURCE_NOT_FOUND", "SNAPSHOT_SIZE_LIMIT_EXCEEDED", "RESOURCE_UNAVAILABLE", "INCONSISTENT_SOURCE", "INCREMENTAL_NO_DIFFERENCE", "NO_EBS_VOLUMES_FOUND", "UNSUPPORTED_PRODUCT_CODE_TYPE", "AMI_SNAPSHOT_LIMIT_EXCEEDED", "UNRELATED_RESOURCES", "BASE_RESOURCE_NOT_SCANNED", "BASE_CREATED_AFTER_TARGET", "UNSUPPORTED_FOR_INCREMENTAL", "UNSUPPORTED_AMI", "UNSUPPORTED_SNAPSHOT", "UNSUPPORTED_COMPOSITE_RECOVERY_POINT", "ALL_FILES_SKIPPED_OR_FAILED"
@@ -6109,7 +6115,7 @@ module Aws::GuardDuty
     #
     #   resp.scans #=> Array
     #   resp.scans[0].resource_arn #=> String
-    #   resp.scans[0].resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.scans[0].resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET", "S3_POINT_IN_TIME_RECOVERY"
     #   resp.scans[0].scan_id #=> String
     #   resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
     #   resp.scans[0].scan_result_status #=> String, one of "NO_THREATS_FOUND", "THREATS_FOUND"
@@ -6591,6 +6597,10 @@ module Aws::GuardDuty
     #       },
     #       recovery_point: {
     #         backup_vault_name: "String", # required
+    #         continuous_scan_details: {
+    #           start_time: Time.now,
+    #           end_time: Time.now, # required
+    #         },
     #       },
     #     },
     #   })
@@ -8962,7 +8972,7 @@ module Aws::GuardDuty
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.151.0'
+      context[:gem_version] = '1.153.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-guardduty/client_api.rb

@@ -78,6 +78,7 @@ module Aws::GuardDuty
     ContainerUid = Shapes::StringShape.new(name: 'ContainerUid')
     ContainerUids = Shapes::ListShape.new(name: 'ContainerUids')
     Containers = Shapes::ListShape.new(name: 'Containers')
+    ContinuousScanDetails = Shapes::StructureShape.new(name: 'ContinuousScanDetails')
     CountByCoverageStatus = Shapes::MapShape.new(name: 'CountByCoverageStatus')
     CountByResourceType = Shapes::MapShape.new(name: 'CountByResourceType')
     CountBySeverity = Shapes::MapShape.new(name: 'CountBySeverity')
@@ -509,6 +510,7 @@ module Aws::GuardDuty
     RdsLoginAttemptAction = Shapes::StructureShape.new(name: 'RdsLoginAttemptAction')
     RecoveryPoint = Shapes::StructureShape.new(name: 'RecoveryPoint')
     RecoveryPointDetails = Shapes::StructureShape.new(name: 'RecoveryPointDetails')
+    RelatedFilePathsList = Shapes::ListShape.new(name: 'RelatedFilePathsList')
     RemoteAccountDetails = Shapes::StructureShape.new(name: 'RemoteAccountDetails')
     RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
     RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
@@ -540,6 +542,7 @@ module Aws::GuardDuty
     ScanCondition = Shapes::StructureShape.new(name: 'ScanCondition')
     ScanConditionPair = Shapes::StructureShape.new(name: 'ScanConditionPair')
     ScanConfiguration = Shapes::StructureShape.new(name: 'ScanConfiguration')
+    ScanConfigurationContinuousScanDetails = Shapes::StructureShape.new(name: 'ScanConfigurationContinuousScanDetails')
     ScanConfigurationRecoveryPoint = Shapes::StructureShape.new(name: 'ScanConfigurationRecoveryPoint')
     ScanCriterion = Shapes::MapShape.new(name: 'ScanCriterion')
     ScanCriterionKey = Shapes::StringShape.new(name: 'ScanCriterionKey')
@@ -912,6 +915,10 @@ module Aws::GuardDuty
 
     Containers.member = Shapes::ShapeRef.new(shape: Container)
 
+    ContinuousScanDetails.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "startTime"))
+    ContinuousScanDetails.add_member(:end_time, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "endTime"))
+    ContinuousScanDetails.struct_class = Types::ContinuousScanDetails
+
     CountByCoverageStatus.key = Shapes::ShapeRef.new(shape: CoverageStatus)
     CountByCoverageStatus.value = Shapes::ShapeRef.new(shape: Long)
 
@@ -2443,12 +2450,15 @@ module Aws::GuardDuty
     RdsLoginAttemptAction.struct_class = Types::RdsLoginAttemptAction
 
     RecoveryPoint.add_member(:backup_vault_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "backupVaultName"))
+    RecoveryPoint.add_member(:continuous_scan_details, Shapes::ShapeRef.new(shape: ContinuousScanDetails, location_name: "continuousScanDetails"))
     RecoveryPoint.struct_class = Types::RecoveryPoint
 
     RecoveryPointDetails.add_member(:recovery_point_arn, Shapes::ShapeRef.new(shape: String, location_name: "recoveryPointArn"))
     RecoveryPointDetails.add_member(:backup_vault_name, Shapes::ShapeRef.new(shape: String, location_name: "backupVaultName"))
     RecoveryPointDetails.struct_class = Types::RecoveryPointDetails
 
+    RelatedFilePathsList.member = Shapes::ShapeRef.new(shape: String)
+
     RemoteAccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: String, location_name: "accountId"))
     RemoteAccountDetails.add_member(:affiliated, Shapes::ShapeRef.new(shape: Boolean, location_name: "affiliated"))
     RemoteAccountDetails.struct_class = Types::RemoteAccountDetails
@@ -2557,6 +2567,9 @@ module Aws::GuardDuty
     RuntimeContext.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
     RuntimeContext.add_member(:command_line_example, Shapes::ShapeRef.new(shape: String, location_name: "commandLineExample"))
     RuntimeContext.add_member(:threat_file_path, Shapes::ShapeRef.new(shape: String, location_name: "threatFilePath"))
+    RuntimeContext.add_member(:file_operation, Shapes::ShapeRef.new(shape: String, location_name: "fileOperation"))
+    RuntimeContext.add_member(:file_path, Shapes::ShapeRef.new(shape: String, location_name: "filePath"))
+    RuntimeContext.add_member(:related_file_paths, Shapes::ShapeRef.new(shape: RelatedFilePathsList, location_name: "relatedFilePaths"))
     RuntimeContext.struct_class = Types::RuntimeContext
 
     RuntimeDetails.add_member(:process, Shapes::ShapeRef.new(shape: ProcessDetails, location_name: "process"))
@@ -2645,7 +2658,12 @@ module Aws::GuardDuty
     ScanConfiguration.add_member(:recovery_point, Shapes::ShapeRef.new(shape: ScanConfigurationRecoveryPoint, location_name: "recoveryPoint"))
     ScanConfiguration.struct_class = Types::ScanConfiguration
 
+    ScanConfigurationContinuousScanDetails.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "startTime"))
+    ScanConfigurationContinuousScanDetails.add_member(:end_time, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "endTime"))
+    ScanConfigurationContinuousScanDetails.struct_class = Types::ScanConfigurationContinuousScanDetails
+
     ScanConfigurationRecoveryPoint.add_member(:backup_vault_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "backupVaultName"))
+    ScanConfigurationRecoveryPoint.add_member(:continuous_scan_details, Shapes::ShapeRef.new(shape: ScanConfigurationContinuousScanDetails, location_name: "continuousScanDetails"))
     ScanConfigurationRecoveryPoint.struct_class = Types::ScanConfigurationRecoveryPoint
 
     ScanCriterion.key = Shapes::ShapeRef.new(shape: ScanCriterionKey)

data/lib/aws-sdk-guardduty/types.rb

@@ -1082,6 +1082,28 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Contains information about the time range within the continuous backup
+    # in Amazon Web Services Backup to scan for a point-in-time recovery
+    # resource.
+    #
+    # @!attribute [rw] start_time
+    #   The timestamp representing the start of the time range to scan.
+    #   Reserved for internal use.
+    #   @return [Time]
+    #
+    # @!attribute [rw] end_time
+    #   The timestamp representing the end of the time range to scan.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ContinuousScanDetails AWS API Documentation
+    #
+    class ContinuousScanDetails < Struct.new(
+      :start_time,
+      :end_time)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about the country where the remote IP address is
     # located.
     #
@@ -10044,10 +10066,16 @@ module Aws::GuardDuty
     #   name of the recovery point to be scanned.
     #   @return [String]
     #
+    # @!attribute [rw] continuous_scan_details
+    #   Contains information about the time range within the continuous
+    #   backup in Amazon Web Services Backup to scan.
+    #   @return [Types::ContinuousScanDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/RecoveryPoint AWS API Documentation
     #
     class RecoveryPoint < Struct.new(
-      :backup_vault_name)
+      :backup_vault_name,
+      :continuous_scan_details)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -10626,6 +10654,22 @@ module Aws::GuardDuty
     #   were found.
     #   @return [String]
     #
+    # @!attribute [rw] file_operation
+    #   Represents the type of file operation that triggered the finding,
+    #   such as Write, Delete, Rename, Link, or Symlink.
+    #   @return [String]
+    #
+    # @!attribute [rw] file_path
+    #   The path of the sensitive file that was modified. Modification
+    #   includes write, delete, rename, link, or symlink operations. This
+    #   field is indexed for filtering.
+    #   @return [String]
+    #
+    # @!attribute [rw] related_file_paths
+    #   All file paths modified by the same process that triggered the
+    #   finding, up to a maximum of 25 paths.
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/RuntimeContext AWS API Documentation
     #
     class RuntimeContext < Struct.new(
@@ -10653,7 +10697,10 @@ module Aws::GuardDuty
       :tool_category,
       :service_name,
       :command_line_example,
-      :threat_file_path)
+      :threat_file_path,
+      :file_operation,
+      :file_path,
+      :related_file_paths)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -11091,6 +11138,29 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Contains information about the time range within the continuous backup
+    # in Amazon Web Services Backup that was scanned for a point-in-time
+    # recovery resource.
+    #
+    # @!attribute [rw] start_time
+    #   The timestamp representing the start of the time range that was
+    #   scanned.
+    #   @return [Time]
+    #
+    # @!attribute [rw] end_time
+    #   The timestamp representing the end of the time range that was
+    #   scanned.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ScanConfigurationContinuousScanDetails AWS API Documentation
+    #
+    class ScanConfigurationContinuousScanDetails < Struct.new(
+      :start_time,
+      :end_time)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about the recovery point configuration used in
     # the scan.
     #
@@ -11099,10 +11169,16 @@ module Aws::GuardDuty
     #   recovery point for the scanned.
     #   @return [String]
     #
+    # @!attribute [rw] continuous_scan_details
+    #   The time range within the continuous backup in Amazon Web Services
+    #   Backup that was scanned for a point-in-time recovery resource.
+    #   @return [Types::ScanConfigurationContinuousScanDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ScanConfigurationRecoveryPoint AWS API Documentation
     #
     class ScanConfigurationRecoveryPoint < Struct.new(
-      :backup_vault_name)
+      :backup_vault_name,
+      :continuous_scan_details)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-guardduty.rb

@@ -54,7 +54,7 @@ module Aws::GuardDuty
   autoload :EndpointProvider, 'aws-sdk-guardduty/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-guardduty/endpoints'
 
-  GEM_VERSION = '1.151.0'
+  GEM_VERSION = '1.153.0'
 
 end
 

data/sig/client.rbs

@@ -628,7 +628,7 @@ module Aws
         def detector_id: () -> ::String
         def admin_detector_id: () -> ::String
         def resource_arn: () -> ::String
-        def resource_type: () -> ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET")
+        def resource_type: () -> ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET" | "S3_POINT_IN_TIME_RECOVERY")
         def scanned_resources_count: () -> ::Integer
         def skipped_resources_count: () -> ::Integer
         def failed_resources_count: () -> ::Integer
@@ -1041,7 +1041,11 @@ module Aws
                                     baseline_resource_arn: ::String
                                   }?,
                                   recovery_point: {
-                                    backup_vault_name: ::String
+                                    backup_vault_name: ::String,
+                                    continuous_scan_details: {
+                                      start_time: ::Time?,
+                                      end_time: ::Time
+                                    }?
                                   }?
                                 }
                               ) -> _StartMalwareScanResponseSuccess

data/sig/types.rbs

@@ -286,6 +286,12 @@ module Aws::GuardDuty
       SENSITIVE: []
     end
 
+    class ContinuousScanDetails
+      attr_accessor start_time: ::Time
+      attr_accessor end_time: ::Time
+      SENSITIVE: []
+    end
+
     class Country
       attr_accessor country_code: ::String
       attr_accessor country_name: ::String
@@ -1185,7 +1191,7 @@ module Aws::GuardDuty
       attr_accessor detector_id: ::String
       attr_accessor admin_detector_id: ::String
       attr_accessor resource_arn: ::String
-      attr_accessor resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET")
+      attr_accessor resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET" | "S3_POINT_IN_TIME_RECOVERY")
       attr_accessor scanned_resources_count: ::Integer
       attr_accessor skipped_resources_count: ::Integer
       attr_accessor failed_resources_count: ::Integer
@@ -1839,7 +1845,7 @@ module Aws::GuardDuty
 
     class MalwareScan
       attr_accessor resource_arn: ::String
-      attr_accessor resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET")
+      attr_accessor resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET" | "S3_POINT_IN_TIME_RECOVERY")
       attr_accessor scan_id: ::String
       attr_accessor scan_status: ("RUNNING" | "COMPLETED" | "COMPLETED_WITH_ISSUES" | "FAILED" | "SKIPPED")
       attr_accessor scan_result_status: ("NO_THREATS_FOUND" | "THREATS_FOUND")
@@ -2211,6 +2217,7 @@ module Aws::GuardDuty
 
     class RecoveryPoint
       attr_accessor backup_vault_name: ::String
+      attr_accessor continuous_scan_details: Types::ContinuousScanDetails
       SENSITIVE: []
     end
 
@@ -2341,6 +2348,9 @@ module Aws::GuardDuty
       attr_accessor service_name: ::String
       attr_accessor command_line_example: ::String
       attr_accessor threat_file_path: ::String
+      attr_accessor file_operation: ::String
+      attr_accessor file_path: ::String
+      attr_accessor related_file_paths: ::Array[::String]
       SENSITIVE: []
     end
 
@@ -2448,8 +2458,15 @@ module Aws::GuardDuty
       SENSITIVE: []
     end
 
+    class ScanConfigurationContinuousScanDetails
+      attr_accessor start_time: ::Time
+      attr_accessor end_time: ::Time
+      SENSITIVE: []
+    end
+
     class ScanConfigurationRecoveryPoint
       attr_accessor backup_vault_name: ::String
+      attr_accessor continuous_scan_details: Types::ScanConfigurationContinuousScanDetails
       SENSITIVE: []
     end
 
@@ -2516,7 +2533,7 @@ module Aws::GuardDuty
 
     class ScannedResource
       attr_accessor scanned_resource_arn: ::String
-      attr_accessor scanned_resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET")
+      attr_accessor scanned_resource_type: ("EBS_RECOVERY_POINT" | "EBS_SNAPSHOT" | "EBS_VOLUME" | "EC2_AMI" | "EC2_INSTANCE" | "EC2_RECOVERY_POINT" | "S3_RECOVERY_POINT" | "S3_BUCKET" | "S3_POINT_IN_TIME_RECOVERY")
       attr_accessor scanned_resource_status: ("RUNNING" | "COMPLETED" | "COMPLETED_WITH_ISSUES" | "FAILED" | "SKIPPED")
       attr_accessor scan_status_reason: ("ACCESS_DENIED" | "RESOURCE_NOT_FOUND" | "SNAPSHOT_SIZE_LIMIT_EXCEEDED" | "RESOURCE_UNAVAILABLE" | "INCONSISTENT_SOURCE" | "INCREMENTAL_NO_DIFFERENCE" | "NO_EBS_VOLUMES_FOUND" | "UNSUPPORTED_PRODUCT_CODE_TYPE" | "AMI_SNAPSHOT_LIMIT_EXCEEDED" | "UNRELATED_RESOURCES" | "BASE_RESOURCE_NOT_SCANNED" | "BASE_CREATED_AFTER_TARGET" | "UNSUPPORTED_FOR_INCREMENTAL" | "UNSUPPORTED_AMI" | "UNSUPPORTED_SNAPSHOT" | "UNSUPPORTED_COMPOSITE_RECOVERY_POINT" | "ALL_FILES_SKIPPED_OR_FAILED")
       attr_accessor resource_details: Types::ScannedResourceDetails

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-guardduty
 version: !ruby/object:Gem::Version
-  version: 1.151.0
+  version: 1.153.0
 platform: ruby
 authors:
 - Amazon Web Services