aws-sdk-guardduty 1.152.0 → 1.154.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +5 -29
- data/lib/aws-sdk-guardduty/client_api.rb +6 -0
- data/lib/aws-sdk-guardduty/types.rb +20 -29
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/sig/types.rbs +3 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 52bcf647e9275664f8705f5cf312175aea0f4de960cecb5e7be5e88cefb993f1
|
|
4
|
+
data.tar.gz: b707f5264aeec56481c7aefd48e6846f9847014a7cad5d9a05ba297ca9960f6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c9e426ff95aac71fd0f7847feb060d592115df28b7425dd70a46191c066aad140737f8fdd06adbd3c1a3d5f2fae02f82eeec3640b59e854f1562f2df716b5833
|
|
7
|
+
data.tar.gz: 16cc33db93b74f911e79dabbf60f4889a830140776502dbaf8fa2058cd061f92f8a2467c7e35564499db04a36660a45f875cb70f40004f5e0e737953f7908c22
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.154.0 (2026-06-04)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Remove unsupported RDS field for filter
|
|
8
|
+
|
|
9
|
+
1.153.0 (2026-06-02)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Amazon GuardDuty Runtime Monitoring now supports 3 new SensitiveFileModified finding types (Persistence, PrivilegeEscalation, DefenseEvasion) that detect when security-sensitive system files are modified on EC2 instances or containers, indicating potential compromise through file tampering.
|
|
13
|
+
|
|
4
14
|
1.152.0 (2026-05-26)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.154.0
|
|
@@ -764,8 +764,6 @@ module Aws::GuardDuty
|
|
|
764
764
|
#
|
|
765
765
|
# Type: Timestamp in Unix Epoch millisecond format. Ex: 1486685375000
|
|
766
766
|
#
|
|
767
|
-
# * description
|
|
768
|
-
#
|
|
769
767
|
# * id
|
|
770
768
|
#
|
|
771
769
|
# * partition
|
|
@@ -1100,10 +1098,6 @@ module Aws::GuardDuty
|
|
|
1100
1098
|
#
|
|
1101
1099
|
# * resource.rdsDbInstanceDetails.publiclyAccessible
|
|
1102
1100
|
#
|
|
1103
|
-
# * resource.rdsDbInstanceDetails.tags.key
|
|
1104
|
-
#
|
|
1105
|
-
# * resource.rdsDbInstanceDetails.tags.value
|
|
1106
|
-
#
|
|
1107
1101
|
# * resource.rdsDbInstanceDetails.vpcId
|
|
1108
1102
|
#
|
|
1109
1103
|
# * resource.rdsDbInstanceDetails.vpcSecurityGroups.status
|
|
@@ -1202,8 +1196,6 @@ module Aws::GuardDuty
|
|
|
1202
1196
|
#
|
|
1203
1197
|
# * service.action.actionType
|
|
1204
1198
|
#
|
|
1205
|
-
# * service.action.awsApiCallAction.affectedResources
|
|
1206
|
-
#
|
|
1207
1199
|
# * service.action.awsApiCallAction.api
|
|
1208
1200
|
#
|
|
1209
1201
|
# * service.action.awsApiCallAction.callerType
|
|
@@ -1492,10 +1484,6 @@ module Aws::GuardDuty
|
|
|
1492
1484
|
#
|
|
1493
1485
|
# * service.count
|
|
1494
1486
|
#
|
|
1495
|
-
# * service.detection.anomaly.profiles
|
|
1496
|
-
#
|
|
1497
|
-
# * service.detection.anomaly.unusual.behavior
|
|
1498
|
-
#
|
|
1499
1487
|
# * service.detection.sequence.actors.id
|
|
1500
1488
|
#
|
|
1501
1489
|
# * service.detection.sequence.actors.process.name
|
|
@@ -2069,8 +2057,6 @@ module Aws::GuardDuty
|
|
|
2069
2057
|
# For more information, see [Findings severity levels][2] in the
|
|
2070
2058
|
# *Amazon GuardDuty User Guide*.
|
|
2071
2059
|
#
|
|
2072
|
-
# * title
|
|
2073
|
-
#
|
|
2074
2060
|
# * type
|
|
2075
2061
|
#
|
|
2076
2062
|
# * updatedAt
|
|
@@ -4303,6 +4289,10 @@ module Aws::GuardDuty
|
|
|
4303
4289
|
# resp.findings[0].service.runtime_details.context.service_name #=> String
|
|
4304
4290
|
# resp.findings[0].service.runtime_details.context.command_line_example #=> String
|
|
4305
4291
|
# resp.findings[0].service.runtime_details.context.threat_file_path #=> String
|
|
4292
|
+
# resp.findings[0].service.runtime_details.context.file_operation #=> String
|
|
4293
|
+
# resp.findings[0].service.runtime_details.context.file_path #=> String
|
|
4294
|
+
# resp.findings[0].service.runtime_details.context.related_file_paths #=> Array
|
|
4295
|
+
# resp.findings[0].service.runtime_details.context.related_file_paths[0] #=> String
|
|
4306
4296
|
# resp.findings[0].service.detection.anomaly.profiles #=> Hash
|
|
4307
4297
|
# resp.findings[0].service.detection.anomaly.profiles["String"] #=> Hash
|
|
4308
4298
|
# resp.findings[0].service.detection.anomaly.profiles["String"]["String"] #=> Array
|
|
@@ -6945,8 +6935,6 @@ module Aws::GuardDuty
|
|
|
6945
6935
|
#
|
|
6946
6936
|
# Type: Timestamp in Unix Epoch millisecond format. Ex: 1486685375000
|
|
6947
6937
|
#
|
|
6948
|
-
# * description
|
|
6949
|
-
#
|
|
6950
6938
|
# * id
|
|
6951
6939
|
#
|
|
6952
6940
|
# * partition
|
|
@@ -7281,10 +7269,6 @@ module Aws::GuardDuty
|
|
|
7281
7269
|
#
|
|
7282
7270
|
# * resource.rdsDbInstanceDetails.publiclyAccessible
|
|
7283
7271
|
#
|
|
7284
|
-
# * resource.rdsDbInstanceDetails.tags.key
|
|
7285
|
-
#
|
|
7286
|
-
# * resource.rdsDbInstanceDetails.tags.value
|
|
7287
|
-
#
|
|
7288
7272
|
# * resource.rdsDbInstanceDetails.vpcId
|
|
7289
7273
|
#
|
|
7290
7274
|
# * resource.rdsDbInstanceDetails.vpcSecurityGroups.status
|
|
@@ -7383,8 +7367,6 @@ module Aws::GuardDuty
|
|
|
7383
7367
|
#
|
|
7384
7368
|
# * service.action.actionType
|
|
7385
7369
|
#
|
|
7386
|
-
# * service.action.awsApiCallAction.affectedResources
|
|
7387
|
-
#
|
|
7388
7370
|
# * service.action.awsApiCallAction.api
|
|
7389
7371
|
#
|
|
7390
7372
|
# * service.action.awsApiCallAction.callerType
|
|
@@ -7673,10 +7655,6 @@ module Aws::GuardDuty
|
|
|
7673
7655
|
#
|
|
7674
7656
|
# * service.count
|
|
7675
7657
|
#
|
|
7676
|
-
# * service.detection.anomaly.profiles
|
|
7677
|
-
#
|
|
7678
|
-
# * service.detection.anomaly.unusual.behavior
|
|
7679
|
-
#
|
|
7680
7658
|
# * service.detection.sequence.actors.id
|
|
7681
7659
|
#
|
|
7682
7660
|
# * service.detection.sequence.actors.process.name
|
|
@@ -8250,8 +8228,6 @@ module Aws::GuardDuty
|
|
|
8250
8228
|
# For more information, see [Findings severity levels][2] in the
|
|
8251
8229
|
# *Amazon GuardDuty User Guide*.
|
|
8252
8230
|
#
|
|
8253
|
-
# * title
|
|
8254
|
-
#
|
|
8255
8231
|
# * type
|
|
8256
8232
|
#
|
|
8257
8233
|
# * updatedAt
|
|
@@ -8968,7 +8944,7 @@ module Aws::GuardDuty
|
|
|
8968
8944
|
tracer: tracer
|
|
8969
8945
|
)
|
|
8970
8946
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
8971
|
-
context[:gem_version] = '1.
|
|
8947
|
+
context[:gem_version] = '1.154.0'
|
|
8972
8948
|
Seahorse::Client::Request.new(handlers, context)
|
|
8973
8949
|
end
|
|
8974
8950
|
|
|
@@ -510,6 +510,7 @@ module Aws::GuardDuty
|
|
|
510
510
|
RdsLoginAttemptAction = Shapes::StructureShape.new(name: 'RdsLoginAttemptAction')
|
|
511
511
|
RecoveryPoint = Shapes::StructureShape.new(name: 'RecoveryPoint')
|
|
512
512
|
RecoveryPointDetails = Shapes::StructureShape.new(name: 'RecoveryPointDetails')
|
|
513
|
+
RelatedFilePathsList = Shapes::ListShape.new(name: 'RelatedFilePathsList')
|
|
513
514
|
RemoteAccountDetails = Shapes::StructureShape.new(name: 'RemoteAccountDetails')
|
|
514
515
|
RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
|
|
515
516
|
RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
|
|
@@ -2456,6 +2457,8 @@ module Aws::GuardDuty
|
|
|
2456
2457
|
RecoveryPointDetails.add_member(:backup_vault_name, Shapes::ShapeRef.new(shape: String, location_name: "backupVaultName"))
|
|
2457
2458
|
RecoveryPointDetails.struct_class = Types::RecoveryPointDetails
|
|
2458
2459
|
|
|
2460
|
+
RelatedFilePathsList.member = Shapes::ShapeRef.new(shape: String)
|
|
2461
|
+
|
|
2459
2462
|
RemoteAccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: String, location_name: "accountId"))
|
|
2460
2463
|
RemoteAccountDetails.add_member(:affiliated, Shapes::ShapeRef.new(shape: Boolean, location_name: "affiliated"))
|
|
2461
2464
|
RemoteAccountDetails.struct_class = Types::RemoteAccountDetails
|
|
@@ -2564,6 +2567,9 @@ module Aws::GuardDuty
|
|
|
2564
2567
|
RuntimeContext.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
|
|
2565
2568
|
RuntimeContext.add_member(:command_line_example, Shapes::ShapeRef.new(shape: String, location_name: "commandLineExample"))
|
|
2566
2569
|
RuntimeContext.add_member(:threat_file_path, Shapes::ShapeRef.new(shape: String, location_name: "threatFilePath"))
|
|
2570
|
+
RuntimeContext.add_member(:file_operation, Shapes::ShapeRef.new(shape: String, location_name: "fileOperation"))
|
|
2571
|
+
RuntimeContext.add_member(:file_path, Shapes::ShapeRef.new(shape: String, location_name: "filePath"))
|
|
2572
|
+
RuntimeContext.add_member(:related_file_paths, Shapes::ShapeRef.new(shape: RelatedFilePathsList, location_name: "relatedFilePaths"))
|
|
2567
2573
|
RuntimeContext.struct_class = Types::RuntimeContext
|
|
2568
2574
|
|
|
2569
2575
|
RuntimeDetails.add_member(:process, Shapes::ShapeRef.new(shape: ProcessDetails, location_name: "process"))
|
|
@@ -1552,8 +1552,6 @@ module Aws::GuardDuty
|
|
|
1552
1552
|
# Type: Timestamp in Unix Epoch millisecond format. Ex:
|
|
1553
1553
|
# 1486685375000
|
|
1554
1554
|
#
|
|
1555
|
-
# * description
|
|
1556
|
-
#
|
|
1557
1555
|
# * id
|
|
1558
1556
|
#
|
|
1559
1557
|
# * partition
|
|
@@ -1893,10 +1891,6 @@ module Aws::GuardDuty
|
|
|
1893
1891
|
#
|
|
1894
1892
|
# * resource.rdsDbInstanceDetails.publiclyAccessible
|
|
1895
1893
|
#
|
|
1896
|
-
# * resource.rdsDbInstanceDetails.tags.key
|
|
1897
|
-
#
|
|
1898
|
-
# * resource.rdsDbInstanceDetails.tags.value
|
|
1899
|
-
#
|
|
1900
1894
|
# * resource.rdsDbInstanceDetails.vpcId
|
|
1901
1895
|
#
|
|
1902
1896
|
# * resource.rdsDbInstanceDetails.vpcSecurityGroups.status
|
|
@@ -1996,8 +1990,6 @@ module Aws::GuardDuty
|
|
|
1996
1990
|
#
|
|
1997
1991
|
# * service.action.actionType
|
|
1998
1992
|
#
|
|
1999
|
-
# * service.action.awsApiCallAction.affectedResources
|
|
2000
|
-
#
|
|
2001
1993
|
# * service.action.awsApiCallAction.api
|
|
2002
1994
|
#
|
|
2003
1995
|
# * service.action.awsApiCallAction.callerType
|
|
@@ -2286,10 +2278,6 @@ module Aws::GuardDuty
|
|
|
2286
2278
|
#
|
|
2287
2279
|
# * service.count
|
|
2288
2280
|
#
|
|
2289
|
-
# * service.detection.anomaly.profiles
|
|
2290
|
-
#
|
|
2291
|
-
# * service.detection.anomaly.unusual.behavior
|
|
2292
|
-
#
|
|
2293
2281
|
# * service.detection.sequence.actors.id
|
|
2294
2282
|
#
|
|
2295
2283
|
# * service.detection.sequence.actors.process.name
|
|
@@ -2882,8 +2870,6 @@ module Aws::GuardDuty
|
|
|
2882
2870
|
# For more information, see [Findings severity levels][2] in the
|
|
2883
2871
|
# *Amazon GuardDuty User Guide*.
|
|
2884
2872
|
#
|
|
2885
|
-
# * title
|
|
2886
|
-
#
|
|
2887
2873
|
# * type
|
|
2888
2874
|
#
|
|
2889
2875
|
# * updatedAt
|
|
@@ -10654,6 +10640,22 @@ module Aws::GuardDuty
|
|
|
10654
10640
|
# were found.
|
|
10655
10641
|
# @return [String]
|
|
10656
10642
|
#
|
|
10643
|
+
# @!attribute [rw] file_operation
|
|
10644
|
+
# Represents the type of file operation that triggered the finding,
|
|
10645
|
+
# such as Write, Delete, Rename, Link, or Symlink.
|
|
10646
|
+
# @return [String]
|
|
10647
|
+
#
|
|
10648
|
+
# @!attribute [rw] file_path
|
|
10649
|
+
# The path of the sensitive file that was modified. Modification
|
|
10650
|
+
# includes write, delete, rename, link, or symlink operations. This
|
|
10651
|
+
# field is indexed for filtering.
|
|
10652
|
+
# @return [String]
|
|
10653
|
+
#
|
|
10654
|
+
# @!attribute [rw] related_file_paths
|
|
10655
|
+
# All file paths modified by the same process that triggered the
|
|
10656
|
+
# finding, up to a maximum of 25 paths.
|
|
10657
|
+
# @return [Array<String>]
|
|
10658
|
+
#
|
|
10657
10659
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/RuntimeContext AWS API Documentation
|
|
10658
10660
|
#
|
|
10659
10661
|
class RuntimeContext < Struct.new(
|
|
@@ -10681,7 +10683,10 @@ module Aws::GuardDuty
|
|
|
10681
10683
|
:tool_category,
|
|
10682
10684
|
:service_name,
|
|
10683
10685
|
:command_line_example,
|
|
10684
|
-
:threat_file_path
|
|
10686
|
+
:threat_file_path,
|
|
10687
|
+
:file_operation,
|
|
10688
|
+
:file_path,
|
|
10689
|
+
:related_file_paths)
|
|
10685
10690
|
SENSITIVE = []
|
|
10686
10691
|
include Aws::Structure
|
|
10687
10692
|
end
|
|
@@ -12399,8 +12404,6 @@ module Aws::GuardDuty
|
|
|
12399
12404
|
# Type: Timestamp in Unix Epoch millisecond format. Ex:
|
|
12400
12405
|
# 1486685375000
|
|
12401
12406
|
#
|
|
12402
|
-
# * description
|
|
12403
|
-
#
|
|
12404
12407
|
# * id
|
|
12405
12408
|
#
|
|
12406
12409
|
# * partition
|
|
@@ -12740,10 +12743,6 @@ module Aws::GuardDuty
|
|
|
12740
12743
|
#
|
|
12741
12744
|
# * resource.rdsDbInstanceDetails.publiclyAccessible
|
|
12742
12745
|
#
|
|
12743
|
-
# * resource.rdsDbInstanceDetails.tags.key
|
|
12744
|
-
#
|
|
12745
|
-
# * resource.rdsDbInstanceDetails.tags.value
|
|
12746
|
-
#
|
|
12747
12746
|
# * resource.rdsDbInstanceDetails.vpcId
|
|
12748
12747
|
#
|
|
12749
12748
|
# * resource.rdsDbInstanceDetails.vpcSecurityGroups.status
|
|
@@ -12843,8 +12842,6 @@ module Aws::GuardDuty
|
|
|
12843
12842
|
#
|
|
12844
12843
|
# * service.action.actionType
|
|
12845
12844
|
#
|
|
12846
|
-
# * service.action.awsApiCallAction.affectedResources
|
|
12847
|
-
#
|
|
12848
12845
|
# * service.action.awsApiCallAction.api
|
|
12849
12846
|
#
|
|
12850
12847
|
# * service.action.awsApiCallAction.callerType
|
|
@@ -13133,10 +13130,6 @@ module Aws::GuardDuty
|
|
|
13133
13130
|
#
|
|
13134
13131
|
# * service.count
|
|
13135
13132
|
#
|
|
13136
|
-
# * service.detection.anomaly.profiles
|
|
13137
|
-
#
|
|
13138
|
-
# * service.detection.anomaly.unusual.behavior
|
|
13139
|
-
#
|
|
13140
13133
|
# * service.detection.sequence.actors.id
|
|
13141
13134
|
#
|
|
13142
13135
|
# * service.detection.sequence.actors.process.name
|
|
@@ -13729,8 +13722,6 @@ module Aws::GuardDuty
|
|
|
13729
13722
|
# For more information, see [Findings severity levels][2] in the
|
|
13730
13723
|
# *Amazon GuardDuty User Guide*.
|
|
13731
13724
|
#
|
|
13732
|
-
# * title
|
|
13733
|
-
#
|
|
13734
13725
|
# * type
|
|
13735
13726
|
#
|
|
13736
13727
|
# * updatedAt
|
data/lib/aws-sdk-guardduty.rb
CHANGED
data/sig/types.rbs
CHANGED
|
@@ -2348,6 +2348,9 @@ module Aws::GuardDuty
|
|
|
2348
2348
|
attr_accessor service_name: ::String
|
|
2349
2349
|
attr_accessor command_line_example: ::String
|
|
2350
2350
|
attr_accessor threat_file_path: ::String
|
|
2351
|
+
attr_accessor file_operation: ::String
|
|
2352
|
+
attr_accessor file_path: ::String
|
|
2353
|
+
attr_accessor related_file_paths: ::Array[::String]
|
|
2351
2354
|
SENSITIVE: []
|
|
2352
2355
|
end
|
|
2353
2356
|
|