aws-sdk-guardduty 1.17.0 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +381 -236
- data/lib/aws-sdk-guardduty/client_api.rb +262 -274
- data/lib/aws-sdk-guardduty/types.rb +558 -590
- metadata +2 -2
@@ -8,23 +8,17 @@
|
|
8
8
|
module Aws::GuardDuty
|
9
9
|
module Types
|
10
10
|
|
11
|
-
# AcceptInvitation request body.
|
12
|
-
#
|
13
11
|
# @note When making an API call, you may pass AcceptInvitationRequest
|
14
12
|
# data as a hash:
|
15
13
|
#
|
16
14
|
# {
|
17
|
-
# detector_id: "
|
18
|
-
#
|
19
|
-
#
|
15
|
+
# detector_id: "DetectorId", # required
|
16
|
+
# master_id: "String", # required
|
17
|
+
# invitation_id: "String", # required
|
20
18
|
# }
|
21
19
|
#
|
22
20
|
# @!attribute [rw] detector_id
|
23
|
-
#
|
24
|
-
#
|
25
|
-
# @!attribute [rw] invitation_id
|
26
|
-
# This value is used to validate the master account to the member
|
27
|
-
# account.
|
21
|
+
# The unique ID of the detector of the GuardDuty member account.
|
28
22
|
# @return [String]
|
29
23
|
#
|
30
24
|
# @!attribute [rw] master_id
|
@@ -32,12 +26,17 @@ module Aws::GuardDuty
|
|
32
26
|
# you're accepting.
|
33
27
|
# @return [String]
|
34
28
|
#
|
29
|
+
# @!attribute [rw] invitation_id
|
30
|
+
# This value is used to validate the master account to the member
|
31
|
+
# account.
|
32
|
+
# @return [String]
|
33
|
+
#
|
35
34
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AcceptInvitationRequest AWS API Documentation
|
36
35
|
#
|
37
36
|
class AcceptInvitationRequest < Struct.new(
|
38
37
|
:detector_id,
|
39
|
-
:
|
40
|
-
:
|
38
|
+
:master_id,
|
39
|
+
:invitation_id)
|
41
40
|
include Aws::Structure
|
42
41
|
end
|
43
42
|
|
@@ -45,9 +44,6 @@ module Aws::GuardDuty
|
|
45
44
|
#
|
46
45
|
class AcceptInvitationResponse < Aws::EmptyStructure; end
|
47
46
|
|
48
|
-
# The IAM access key details (IAM user information) of a user that
|
49
|
-
# engaged in the activity that prompted GuardDuty to generate a finding.
|
50
|
-
#
|
51
47
|
# @!attribute [rw] access_key_id
|
52
48
|
# Access key ID of the user.
|
53
49
|
# @return [String]
|
@@ -74,8 +70,6 @@ module Aws::GuardDuty
|
|
74
70
|
include Aws::Structure
|
75
71
|
end
|
76
72
|
|
77
|
-
# An object containing the member's accountId and email address.
|
78
|
-
#
|
79
73
|
# @note When making an API call, you may pass AccountDetail
|
80
74
|
# data as a hash:
|
81
75
|
#
|
@@ -100,8 +94,6 @@ module Aws::GuardDuty
|
|
100
94
|
include Aws::Structure
|
101
95
|
end
|
102
96
|
|
103
|
-
# Information about the activity described in a finding.
|
104
|
-
#
|
105
97
|
# @!attribute [rw] action_type
|
106
98
|
# GuardDuty Finding activity type.
|
107
99
|
# @return [String]
|
@@ -135,17 +127,17 @@ module Aws::GuardDuty
|
|
135
127
|
include Aws::Structure
|
136
128
|
end
|
137
129
|
|
138
|
-
# Archive Findings Request
|
139
|
-
#
|
140
130
|
# @note When making an API call, you may pass ArchiveFindingsRequest
|
141
131
|
# data as a hash:
|
142
132
|
#
|
143
133
|
# {
|
144
|
-
# detector_id: "
|
134
|
+
# detector_id: "DetectorId", # required
|
145
135
|
# finding_ids: ["FindingId"], # required
|
146
136
|
# }
|
147
137
|
#
|
148
138
|
# @!attribute [rw] detector_id
|
139
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
140
|
+
# findings you want to archive.
|
149
141
|
# @return [String]
|
150
142
|
#
|
151
143
|
# @!attribute [rw] finding_ids
|
@@ -164,8 +156,6 @@ module Aws::GuardDuty
|
|
164
156
|
#
|
165
157
|
class ArchiveFindingsResponse < Aws::EmptyStructure; end
|
166
158
|
|
167
|
-
# Information about the AWS\_API\_CALL action described in this finding.
|
168
|
-
#
|
169
159
|
# @!attribute [rw] api
|
170
160
|
# AWS API name.
|
171
161
|
# @return [String]
|
@@ -197,12 +187,14 @@ module Aws::GuardDuty
|
|
197
187
|
include Aws::Structure
|
198
188
|
end
|
199
189
|
|
200
|
-
#
|
190
|
+
# Bad request exception object.
|
201
191
|
#
|
202
192
|
# @!attribute [rw] message
|
193
|
+
# The error message.
|
203
194
|
# @return [String]
|
204
195
|
#
|
205
196
|
# @!attribute [rw] type
|
197
|
+
# The error type.
|
206
198
|
# @return [String]
|
207
199
|
#
|
208
200
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BadRequestException AWS API Documentation
|
@@ -213,8 +205,6 @@ module Aws::GuardDuty
|
|
213
205
|
include Aws::Structure
|
214
206
|
end
|
215
207
|
|
216
|
-
# City information of the remote IP address.
|
217
|
-
#
|
218
208
|
# @!attribute [rw] city_name
|
219
209
|
# City name of the remote IP address.
|
220
210
|
# @return [String]
|
@@ -226,19 +216,22 @@ module Aws::GuardDuty
|
|
226
216
|
include Aws::Structure
|
227
217
|
end
|
228
218
|
|
229
|
-
# Finding attribute (for example, accountId) for which conditions and
|
230
|
-
# values must be specified when querying findings.
|
231
|
-
#
|
232
219
|
# @note When making an API call, you may pass Condition
|
233
220
|
# data as a hash:
|
234
221
|
#
|
235
222
|
# {
|
236
|
-
# eq: ["
|
223
|
+
# eq: ["String"],
|
224
|
+
# neq: ["String"],
|
237
225
|
# gt: 1,
|
238
226
|
# gte: 1,
|
239
227
|
# lt: 1,
|
240
228
|
# lte: 1,
|
241
|
-
#
|
229
|
+
# equals: ["String"],
|
230
|
+
# not_equals: ["String"],
|
231
|
+
# greater_than: 1,
|
232
|
+
# greater_than_or_equal: 1,
|
233
|
+
# less_than: 1,
|
234
|
+
# less_than_or_equal: 1,
|
242
235
|
# }
|
243
236
|
#
|
244
237
|
# @!attribute [rw] eq
|
@@ -246,45 +239,75 @@ module Aws::GuardDuty
|
|
246
239
|
# querying for findings.
|
247
240
|
# @return [Array<String>]
|
248
241
|
#
|
242
|
+
# @!attribute [rw] neq
|
243
|
+
# Represents the not equal condition to be applied to a single field
|
244
|
+
# when querying for findings.
|
245
|
+
# @return [Array<String>]
|
246
|
+
#
|
249
247
|
# @!attribute [rw] gt
|
250
|
-
# Represents
|
251
|
-
#
|
248
|
+
# Represents a greater than condition to be applied to a single field
|
249
|
+
# when querying for findings.
|
252
250
|
# @return [Integer]
|
253
251
|
#
|
254
252
|
# @!attribute [rw] gte
|
255
|
-
# Represents
|
256
|
-
#
|
253
|
+
# Represents a greater than equal condition to be applied to a single
|
254
|
+
# field when querying for findings.
|
257
255
|
# @return [Integer]
|
258
256
|
#
|
259
257
|
# @!attribute [rw] lt
|
260
|
-
# Represents
|
258
|
+
# Represents a less than condition to be applied to a single field
|
261
259
|
# when querying for findings.
|
262
260
|
# @return [Integer]
|
263
261
|
#
|
264
262
|
# @!attribute [rw] lte
|
265
|
-
# Represents
|
263
|
+
# Represents a less than equal condition to be applied to a single
|
266
264
|
# field when querying for findings.
|
267
265
|
# @return [Integer]
|
268
266
|
#
|
269
|
-
# @!attribute [rw]
|
270
|
-
#
|
271
|
-
#
|
267
|
+
# @!attribute [rw] equals
|
268
|
+
# @return [Array<String>]
|
269
|
+
#
|
270
|
+
# @!attribute [rw] not_equals
|
272
271
|
# @return [Array<String>]
|
273
272
|
#
|
273
|
+
# @!attribute [rw] greater_than
|
274
|
+
# Represents a greater than condition to be applied to a single field
|
275
|
+
# when querying for findings.
|
276
|
+
# @return [Integer]
|
277
|
+
#
|
278
|
+
# @!attribute [rw] greater_than_or_equal
|
279
|
+
# Represents a greater than equal condition to be applied to a single
|
280
|
+
# field when querying for findings.
|
281
|
+
# @return [Integer]
|
282
|
+
#
|
283
|
+
# @!attribute [rw] less_than
|
284
|
+
# Represents a less than condition to be applied to a single field
|
285
|
+
# when querying for findings.
|
286
|
+
# @return [Integer]
|
287
|
+
#
|
288
|
+
# @!attribute [rw] less_than_or_equal
|
289
|
+
# Represents a less than equal condition to be applied to a single
|
290
|
+
# field when querying for findings.
|
291
|
+
# @return [Integer]
|
292
|
+
#
|
274
293
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Condition AWS API Documentation
|
275
294
|
#
|
276
295
|
class Condition < Struct.new(
|
277
296
|
:eq,
|
297
|
+
:neq,
|
278
298
|
:gt,
|
279
299
|
:gte,
|
280
300
|
:lt,
|
281
301
|
:lte,
|
282
|
-
:
|
302
|
+
:equals,
|
303
|
+
:not_equals,
|
304
|
+
:greater_than,
|
305
|
+
:greater_than_or_equal,
|
306
|
+
:less_than,
|
307
|
+
:less_than_or_equal)
|
283
308
|
include Aws::Structure
|
284
309
|
end
|
285
310
|
|
286
|
-
# Country information of the remote IP address.
|
287
|
-
#
|
288
311
|
# @!attribute [rw] country_code
|
289
312
|
# Country code of the remote IP address.
|
290
313
|
# @return [String]
|
@@ -301,27 +324,27 @@ module Aws::GuardDuty
|
|
301
324
|
include Aws::Structure
|
302
325
|
end
|
303
326
|
|
304
|
-
# Create Detector Request
|
305
|
-
#
|
306
327
|
# @note When making an API call, you may pass CreateDetectorRequest
|
307
328
|
# data as a hash:
|
308
329
|
#
|
309
330
|
# {
|
310
|
-
# client_token: "__stringMin0Max64",
|
311
331
|
# enable: false, # required
|
332
|
+
# client_token: "ClientToken",
|
312
333
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
313
334
|
# }
|
314
335
|
#
|
315
|
-
# @!attribute [rw] client_token
|
316
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
317
|
-
# not need to pass this option.
|
318
|
-
# @return [String]
|
319
|
-
#
|
320
336
|
# @!attribute [rw] enable
|
321
337
|
# A boolean value that specifies whether the detector is to be
|
322
338
|
# enabled.
|
323
339
|
# @return [Boolean]
|
324
340
|
#
|
341
|
+
# @!attribute [rw] client_token
|
342
|
+
# The idempotency token for the create request.
|
343
|
+
#
|
344
|
+
# **A suitable default value is auto-generated.** You should normally
|
345
|
+
# not need to pass this option.
|
346
|
+
# @return [String]
|
347
|
+
#
|
325
348
|
# @!attribute [rw] finding_publishing_frequency
|
326
349
|
# A enum value that specifies how frequently customer got Finding
|
327
350
|
# updates published.
|
@@ -330,14 +353,12 @@ module Aws::GuardDuty
|
|
330
353
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateDetectorRequest AWS API Documentation
|
331
354
|
#
|
332
355
|
class CreateDetectorRequest < Struct.new(
|
333
|
-
:client_token,
|
334
356
|
:enable,
|
357
|
+
:client_token,
|
335
358
|
:finding_publishing_frequency)
|
336
359
|
include Aws::Structure
|
337
360
|
end
|
338
361
|
|
339
|
-
# CreateDetector response object.
|
340
|
-
#
|
341
362
|
# @!attribute [rw] detector_id
|
342
363
|
# The unique ID of the created detector.
|
343
364
|
# @return [String]
|
@@ -349,79 +370,85 @@ module Aws::GuardDuty
|
|
349
370
|
include Aws::Structure
|
350
371
|
end
|
351
372
|
|
352
|
-
# CreateFilter request object.
|
353
|
-
#
|
354
373
|
# @note When making an API call, you may pass CreateFilterRequest
|
355
374
|
# data as a hash:
|
356
375
|
#
|
357
376
|
# {
|
358
|
-
#
|
359
|
-
#
|
377
|
+
# detector_id: "DetectorId", # required
|
378
|
+
# name: "FilterName", # required
|
360
379
|
# description: "FilterDescription",
|
361
|
-
#
|
380
|
+
# action: "NOOP", # accepts NOOP, ARCHIVE
|
381
|
+
# rank: 1,
|
362
382
|
# finding_criteria: { # required
|
363
383
|
# criterion: {
|
364
|
-
# "
|
365
|
-
# eq: ["
|
384
|
+
# "String" => {
|
385
|
+
# eq: ["String"],
|
386
|
+
# neq: ["String"],
|
366
387
|
# gt: 1,
|
367
388
|
# gte: 1,
|
368
389
|
# lt: 1,
|
369
390
|
# lte: 1,
|
370
|
-
#
|
391
|
+
# equals: ["String"],
|
392
|
+
# not_equals: ["String"],
|
393
|
+
# greater_than: 1,
|
394
|
+
# greater_than_or_equal: 1,
|
395
|
+
# less_than: 1,
|
396
|
+
# less_than_or_equal: 1,
|
371
397
|
# },
|
372
398
|
# },
|
373
399
|
# },
|
374
|
-
#
|
375
|
-
# rank: 1,
|
400
|
+
# client_token: "ClientToken",
|
376
401
|
# }
|
377
402
|
#
|
378
|
-
# @!attribute [rw]
|
379
|
-
#
|
380
|
-
#
|
403
|
+
# @!attribute [rw] detector_id
|
404
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
405
|
+
# want to create a filter.
|
381
406
|
# @return [String]
|
382
407
|
#
|
383
|
-
# @!attribute [rw]
|
384
|
-
# The
|
385
|
-
# not need to pass this option.
|
408
|
+
# @!attribute [rw] name
|
409
|
+
# The name of the filter.
|
386
410
|
# @return [String]
|
387
411
|
#
|
388
412
|
# @!attribute [rw] description
|
389
413
|
# The description of the filter.
|
390
414
|
# @return [String]
|
391
415
|
#
|
392
|
-
# @!attribute [rw]
|
416
|
+
# @!attribute [rw] action
|
417
|
+
# Specifies the action that is to be applied to the findings that
|
418
|
+
# match the filter.
|
393
419
|
# @return [String]
|
394
420
|
#
|
421
|
+
# @!attribute [rw] rank
|
422
|
+
# Specifies the position of the filter in the list of current filters.
|
423
|
+
# Also specifies the order in which this filter is applied to the
|
424
|
+
# findings.
|
425
|
+
# @return [Integer]
|
426
|
+
#
|
395
427
|
# @!attribute [rw] finding_criteria
|
396
428
|
# Represents the criteria to be used in the filter for querying
|
397
429
|
# findings.
|
398
430
|
# @return [Types::FindingCriteria]
|
399
431
|
#
|
400
|
-
# @!attribute [rw]
|
401
|
-
# The
|
402
|
-
# @return [String]
|
432
|
+
# @!attribute [rw] client_token
|
433
|
+
# The idempotency token for the create request.
|
403
434
|
#
|
404
|
-
#
|
405
|
-
#
|
406
|
-
#
|
407
|
-
# findings.
|
408
|
-
# @return [Integer]
|
435
|
+
# **A suitable default value is auto-generated.** You should normally
|
436
|
+
# not need to pass this option.
|
437
|
+
# @return [String]
|
409
438
|
#
|
410
439
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateFilterRequest AWS API Documentation
|
411
440
|
#
|
412
441
|
class CreateFilterRequest < Struct.new(
|
413
|
-
:action,
|
414
|
-
:client_token,
|
415
|
-
:description,
|
416
442
|
:detector_id,
|
417
|
-
:finding_criteria,
|
418
443
|
:name,
|
419
|
-
:
|
444
|
+
:description,
|
445
|
+
:action,
|
446
|
+
:rank,
|
447
|
+
:finding_criteria,
|
448
|
+
:client_token)
|
420
449
|
include Aws::Structure
|
421
450
|
end
|
422
451
|
|
423
|
-
# CreateFilter response object.
|
424
|
-
#
|
425
452
|
# @!attribute [rw] name
|
426
453
|
# The name of the successfully created filter.
|
427
454
|
# @return [String]
|
@@ -433,31 +460,27 @@ module Aws::GuardDuty
|
|
433
460
|
include Aws::Structure
|
434
461
|
end
|
435
462
|
|
436
|
-
# Create IP Set Request
|
437
|
-
#
|
438
463
|
# @note When making an API call, you may pass CreateIPSetRequest
|
439
464
|
# data as a hash:
|
440
465
|
#
|
441
466
|
# {
|
442
|
-
#
|
443
|
-
#
|
444
|
-
# detector_id: "__string", # required
|
467
|
+
# detector_id: "DetectorId", # required
|
468
|
+
# name: "Name", # required
|
445
469
|
# format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
|
446
470
|
# location: "Location", # required
|
447
|
-
#
|
471
|
+
# activate: false, # required
|
472
|
+
# client_token: "ClientToken",
|
448
473
|
# }
|
449
474
|
#
|
450
|
-
# @!attribute [rw]
|
451
|
-
#
|
452
|
-
#
|
453
|
-
# @return [Boolean]
|
454
|
-
#
|
455
|
-
# @!attribute [rw] client_token
|
456
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
457
|
-
# not need to pass this option.
|
475
|
+
# @!attribute [rw] detector_id
|
476
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
477
|
+
# want to create an IPSet.
|
458
478
|
# @return [String]
|
459
479
|
#
|
460
|
-
# @!attribute [rw]
|
480
|
+
# @!attribute [rw] name
|
481
|
+
# The user friendly name to identify the IPSet. This name is displayed
|
482
|
+
# in all findings that are triggered by activity that involves IP
|
483
|
+
# addresses included in this IPSet.
|
461
484
|
# @return [String]
|
462
485
|
#
|
463
486
|
# @!attribute [rw] format
|
@@ -469,28 +492,32 @@ module Aws::GuardDuty
|
|
469
492
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
470
493
|
# @return [String]
|
471
494
|
#
|
472
|
-
# @!attribute [rw]
|
473
|
-
#
|
474
|
-
#
|
475
|
-
#
|
495
|
+
# @!attribute [rw] activate
|
496
|
+
# A boolean value that indicates whether GuardDuty is to start using
|
497
|
+
# the uploaded IPSet.
|
498
|
+
# @return [Boolean]
|
499
|
+
#
|
500
|
+
# @!attribute [rw] client_token
|
501
|
+
# The idempotency token for the create request.
|
502
|
+
#
|
503
|
+
# **A suitable default value is auto-generated.** You should normally
|
504
|
+
# not need to pass this option.
|
476
505
|
# @return [String]
|
477
506
|
#
|
478
507
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateIPSetRequest AWS API Documentation
|
479
508
|
#
|
480
509
|
class CreateIPSetRequest < Struct.new(
|
481
|
-
:activate,
|
482
|
-
:client_token,
|
483
510
|
:detector_id,
|
511
|
+
:name,
|
484
512
|
:format,
|
485
513
|
:location,
|
486
|
-
:
|
514
|
+
:activate,
|
515
|
+
:client_token)
|
487
516
|
include Aws::Structure
|
488
517
|
end
|
489
518
|
|
490
|
-
# CreateIPSet response object.
|
491
|
-
#
|
492
519
|
# @!attribute [rw] ip_set_id
|
493
|
-
# The
|
520
|
+
# The ID of the IPSet resource.
|
494
521
|
# @return [String]
|
495
522
|
#
|
496
523
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateIPSetResponse AWS API Documentation
|
@@ -500,39 +527,37 @@ module Aws::GuardDuty
|
|
500
527
|
include Aws::Structure
|
501
528
|
end
|
502
529
|
|
503
|
-
# CreateMembers body
|
504
|
-
#
|
505
530
|
# @note When making an API call, you may pass CreateMembersRequest
|
506
531
|
# data as a hash:
|
507
532
|
#
|
508
533
|
# {
|
534
|
+
# detector_id: "DetectorId", # required
|
509
535
|
# account_details: [ # required
|
510
536
|
# {
|
511
537
|
# account_id: "AccountId", # required
|
512
538
|
# email: "Email", # required
|
513
539
|
# },
|
514
540
|
# ],
|
515
|
-
# detector_id: "__string", # required
|
516
541
|
# }
|
517
542
|
#
|
543
|
+
# @!attribute [rw] detector_id
|
544
|
+
# The unique ID of the detector of the GuardDuty account with which
|
545
|
+
# you want to associate member accounts.
|
546
|
+
# @return [String]
|
547
|
+
#
|
518
548
|
# @!attribute [rw] account_details
|
519
549
|
# A list of account ID and email address pairs of the accounts that
|
520
550
|
# you want to associate with the master GuardDuty account.
|
521
551
|
# @return [Array<Types::AccountDetail>]
|
522
552
|
#
|
523
|
-
# @!attribute [rw] detector_id
|
524
|
-
# @return [String]
|
525
|
-
#
|
526
553
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateMembersRequest AWS API Documentation
|
527
554
|
#
|
528
555
|
class CreateMembersRequest < Struct.new(
|
529
|
-
:
|
530
|
-
:
|
556
|
+
:detector_id,
|
557
|
+
:account_details)
|
531
558
|
include Aws::Structure
|
532
559
|
end
|
533
560
|
|
534
|
-
# CreateMembers response object.
|
535
|
-
#
|
536
561
|
# @!attribute [rw] unprocessed_accounts
|
537
562
|
# A list of objects containing the unprocessed account and a result
|
538
563
|
# string explaining why it was unprocessed.
|
@@ -545,17 +570,16 @@ module Aws::GuardDuty
|
|
545
570
|
include Aws::Structure
|
546
571
|
end
|
547
572
|
|
548
|
-
# Create Sample Findings Request
|
549
|
-
#
|
550
573
|
# @note When making an API call, you may pass CreateSampleFindingsRequest
|
551
574
|
# data as a hash:
|
552
575
|
#
|
553
576
|
# {
|
554
|
-
# detector_id: "
|
577
|
+
# detector_id: "DetectorId", # required
|
555
578
|
# finding_types: ["FindingType"],
|
556
579
|
# }
|
557
580
|
#
|
558
581
|
# @!attribute [rw] detector_id
|
582
|
+
# The ID of the detector to create sample findings for.
|
559
583
|
# @return [String]
|
560
584
|
#
|
561
585
|
# @!attribute [rw] finding_types
|
@@ -574,31 +598,27 @@ module Aws::GuardDuty
|
|
574
598
|
#
|
575
599
|
class CreateSampleFindingsResponse < Aws::EmptyStructure; end
|
576
600
|
|
577
|
-
# Create Threat Intel Set Request
|
578
|
-
#
|
579
601
|
# @note When making an API call, you may pass CreateThreatIntelSetRequest
|
580
602
|
# data as a hash:
|
581
603
|
#
|
582
604
|
# {
|
583
|
-
#
|
584
|
-
#
|
585
|
-
# detector_id: "__string", # required
|
605
|
+
# detector_id: "DetectorId", # required
|
606
|
+
# name: "Name", # required
|
586
607
|
# format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
|
587
608
|
# location: "Location", # required
|
588
|
-
#
|
609
|
+
# activate: false, # required
|
610
|
+
# client_token: "ClientToken",
|
589
611
|
# }
|
590
612
|
#
|
591
|
-
# @!attribute [rw]
|
592
|
-
#
|
593
|
-
#
|
594
|
-
# @return [Boolean]
|
595
|
-
#
|
596
|
-
# @!attribute [rw] client_token
|
597
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
598
|
-
# not need to pass this option.
|
613
|
+
# @!attribute [rw] detector_id
|
614
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
615
|
+
# want to create a threatIntelSet.
|
599
616
|
# @return [String]
|
600
617
|
#
|
601
|
-
# @!attribute [rw]
|
618
|
+
# @!attribute [rw] name
|
619
|
+
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
620
|
+
# generated by activity that involves IP addresses included in this
|
621
|
+
# ThreatIntelSet.
|
602
622
|
# @return [String]
|
603
623
|
#
|
604
624
|
# @!attribute [rw] format
|
@@ -610,28 +630,32 @@ module Aws::GuardDuty
|
|
610
630
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
611
631
|
# @return [String]
|
612
632
|
#
|
613
|
-
# @!attribute [rw]
|
614
|
-
# A
|
615
|
-
#
|
616
|
-
#
|
633
|
+
# @!attribute [rw] activate
|
634
|
+
# A boolean value that indicates whether GuardDuty is to start using
|
635
|
+
# the uploaded ThreatIntelSet.
|
636
|
+
# @return [Boolean]
|
637
|
+
#
|
638
|
+
# @!attribute [rw] client_token
|
639
|
+
# The idempotency token for the create request.
|
640
|
+
#
|
641
|
+
# **A suitable default value is auto-generated.** You should normally
|
642
|
+
# not need to pass this option.
|
617
643
|
# @return [String]
|
618
644
|
#
|
619
645
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateThreatIntelSetRequest AWS API Documentation
|
620
646
|
#
|
621
647
|
class CreateThreatIntelSetRequest < Struct.new(
|
622
|
-
:activate,
|
623
|
-
:client_token,
|
624
648
|
:detector_id,
|
649
|
+
:name,
|
625
650
|
:format,
|
626
651
|
:location,
|
627
|
-
:
|
652
|
+
:activate,
|
653
|
+
:client_token)
|
628
654
|
include Aws::Structure
|
629
655
|
end
|
630
656
|
|
631
|
-
# CreateThreatIntelSet response object.
|
632
|
-
#
|
633
657
|
# @!attribute [rw] threat_intel_set_id
|
634
|
-
# The
|
658
|
+
# The ID of the ThreatIntelSet resource.
|
635
659
|
# @return [String]
|
636
660
|
#
|
637
661
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateThreatIntelSetResponse AWS API Documentation
|
@@ -641,13 +665,11 @@ module Aws::GuardDuty
|
|
641
665
|
include Aws::Structure
|
642
666
|
end
|
643
667
|
|
644
|
-
# DeclineInvitations request body.
|
645
|
-
#
|
646
668
|
# @note When making an API call, you may pass DeclineInvitationsRequest
|
647
669
|
# data as a hash:
|
648
670
|
#
|
649
671
|
# {
|
650
|
-
# account_ids: ["
|
672
|
+
# account_ids: ["AccountId"], # required
|
651
673
|
# }
|
652
674
|
#
|
653
675
|
# @!attribute [rw] account_ids
|
@@ -663,8 +685,6 @@ module Aws::GuardDuty
|
|
663
685
|
include Aws::Structure
|
664
686
|
end
|
665
687
|
|
666
|
-
# DeclineInvitations response object.
|
667
|
-
#
|
668
688
|
# @!attribute [rw] unprocessed_accounts
|
669
689
|
# A list of objects containing the unprocessed account and a result
|
670
690
|
# string explaining why it was unprocessed.
|
@@ -681,10 +701,11 @@ module Aws::GuardDuty
|
|
681
701
|
# data as a hash:
|
682
702
|
#
|
683
703
|
# {
|
684
|
-
# detector_id: "
|
704
|
+
# detector_id: "DetectorId", # required
|
685
705
|
# }
|
686
706
|
#
|
687
707
|
# @!attribute [rw] detector_id
|
708
|
+
# The unique ID of the detector that you want to delete.
|
688
709
|
# @return [String]
|
689
710
|
#
|
690
711
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteDetectorRequest AWS API Documentation
|
@@ -702,14 +723,16 @@ module Aws::GuardDuty
|
|
702
723
|
# data as a hash:
|
703
724
|
#
|
704
725
|
# {
|
705
|
-
# detector_id: "
|
706
|
-
# filter_name: "
|
726
|
+
# detector_id: "DetectorId", # required
|
727
|
+
# filter_name: "String", # required
|
707
728
|
# }
|
708
729
|
#
|
709
730
|
# @!attribute [rw] detector_id
|
731
|
+
# The unique ID of the detector the filter is associated with.
|
710
732
|
# @return [String]
|
711
733
|
#
|
712
734
|
# @!attribute [rw] filter_name
|
735
|
+
# The name of the filter you want to delete.
|
713
736
|
# @return [String]
|
714
737
|
#
|
715
738
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteFilterRequest AWS API Documentation
|
@@ -728,14 +751,16 @@ module Aws::GuardDuty
|
|
728
751
|
# data as a hash:
|
729
752
|
#
|
730
753
|
# {
|
731
|
-
# detector_id: "
|
732
|
-
# ip_set_id: "
|
754
|
+
# detector_id: "DetectorId", # required
|
755
|
+
# ip_set_id: "String", # required
|
733
756
|
# }
|
734
757
|
#
|
735
758
|
# @!attribute [rw] detector_id
|
759
|
+
# The unique ID of the detector the ipSet is associated with.
|
736
760
|
# @return [String]
|
737
761
|
#
|
738
762
|
# @!attribute [rw] ip_set_id
|
763
|
+
# The unique ID of the ipSet you want to delete.
|
739
764
|
# @return [String]
|
740
765
|
#
|
741
766
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteIPSetRequest AWS API Documentation
|
@@ -750,13 +775,11 @@ module Aws::GuardDuty
|
|
750
775
|
#
|
751
776
|
class DeleteIPSetResponse < Aws::EmptyStructure; end
|
752
777
|
|
753
|
-
# DeleteInvitations request body.
|
754
|
-
#
|
755
778
|
# @note When making an API call, you may pass DeleteInvitationsRequest
|
756
779
|
# data as a hash:
|
757
780
|
#
|
758
781
|
# {
|
759
|
-
# account_ids: ["
|
782
|
+
# account_ids: ["AccountId"], # required
|
760
783
|
# }
|
761
784
|
#
|
762
785
|
# @!attribute [rw] account_ids
|
@@ -771,8 +794,6 @@ module Aws::GuardDuty
|
|
771
794
|
include Aws::Structure
|
772
795
|
end
|
773
796
|
|
774
|
-
# DeleteInvitations response object.
|
775
|
-
#
|
776
797
|
# @!attribute [rw] unprocessed_accounts
|
777
798
|
# A list of objects containing the unprocessed account and a result
|
778
799
|
# string explaining why it was unprocessed.
|
@@ -785,34 +806,32 @@ module Aws::GuardDuty
|
|
785
806
|
include Aws::Structure
|
786
807
|
end
|
787
808
|
|
788
|
-
# DeleteMembers request body.
|
789
|
-
#
|
790
809
|
# @note When making an API call, you may pass DeleteMembersRequest
|
791
810
|
# data as a hash:
|
792
811
|
#
|
793
812
|
# {
|
794
|
-
#
|
795
|
-
#
|
813
|
+
# detector_id: "DetectorId", # required
|
814
|
+
# account_ids: ["AccountId"], # required
|
796
815
|
# }
|
797
816
|
#
|
817
|
+
# @!attribute [rw] detector_id
|
818
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
819
|
+
# you want to delete.
|
820
|
+
# @return [String]
|
821
|
+
#
|
798
822
|
# @!attribute [rw] account_ids
|
799
823
|
# A list of account IDs of the GuardDuty member accounts that you want
|
800
824
|
# to delete.
|
801
825
|
# @return [Array<String>]
|
802
826
|
#
|
803
|
-
# @!attribute [rw] detector_id
|
804
|
-
# @return [String]
|
805
|
-
#
|
806
827
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteMembersRequest AWS API Documentation
|
807
828
|
#
|
808
829
|
class DeleteMembersRequest < Struct.new(
|
809
|
-
:
|
810
|
-
:
|
830
|
+
:detector_id,
|
831
|
+
:account_ids)
|
811
832
|
include Aws::Structure
|
812
833
|
end
|
813
834
|
|
814
|
-
# DeleteMembers response object.
|
815
|
-
#
|
816
835
|
# @!attribute [rw] unprocessed_accounts
|
817
836
|
# A list of objects containing the unprocessed account and a result
|
818
837
|
# string explaining why it was unprocessed.
|
@@ -829,14 +848,16 @@ module Aws::GuardDuty
|
|
829
848
|
# data as a hash:
|
830
849
|
#
|
831
850
|
# {
|
832
|
-
# detector_id: "
|
833
|
-
# threat_intel_set_id: "
|
851
|
+
# detector_id: "DetectorId", # required
|
852
|
+
# threat_intel_set_id: "String", # required
|
834
853
|
# }
|
835
854
|
#
|
836
855
|
# @!attribute [rw] detector_id
|
856
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
837
857
|
# @return [String]
|
838
858
|
#
|
839
859
|
# @!attribute [rw] threat_intel_set_id
|
860
|
+
# The unique ID of the threatIntelSet you want to delete.
|
840
861
|
# @return [String]
|
841
862
|
#
|
842
863
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteThreatIntelSetRequest AWS API Documentation
|
@@ -855,10 +876,11 @@ module Aws::GuardDuty
|
|
855
876
|
# data as a hash:
|
856
877
|
#
|
857
878
|
# {
|
858
|
-
# detector_id: "
|
879
|
+
# detector_id: "DetectorId", # required
|
859
880
|
# }
|
860
881
|
#
|
861
882
|
# @!attribute [rw] detector_id
|
883
|
+
# The unique ID of the detector of the GuardDuty member account.
|
862
884
|
# @return [String]
|
863
885
|
#
|
864
886
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisassociateFromMasterAccountRequest AWS API Documentation
|
@@ -872,34 +894,32 @@ module Aws::GuardDuty
|
|
872
894
|
#
|
873
895
|
class DisassociateFromMasterAccountResponse < Aws::EmptyStructure; end
|
874
896
|
|
875
|
-
# DisassociateMembers request body.
|
876
|
-
#
|
877
897
|
# @note When making an API call, you may pass DisassociateMembersRequest
|
878
898
|
# data as a hash:
|
879
899
|
#
|
880
900
|
# {
|
881
|
-
#
|
882
|
-
#
|
901
|
+
# detector_id: "DetectorId", # required
|
902
|
+
# account_ids: ["AccountId"], # required
|
883
903
|
# }
|
884
904
|
#
|
905
|
+
# @!attribute [rw] detector_id
|
906
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
907
|
+
# you want to disassociate from master.
|
908
|
+
# @return [String]
|
909
|
+
#
|
885
910
|
# @!attribute [rw] account_ids
|
886
911
|
# A list of account IDs of the GuardDuty member accounts that you want
|
887
912
|
# to disassociate from master.
|
888
913
|
# @return [Array<String>]
|
889
914
|
#
|
890
|
-
# @!attribute [rw] detector_id
|
891
|
-
# @return [String]
|
892
|
-
#
|
893
915
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisassociateMembersRequest AWS API Documentation
|
894
916
|
#
|
895
917
|
class DisassociateMembersRequest < Struct.new(
|
896
|
-
:
|
897
|
-
:
|
918
|
+
:detector_id,
|
919
|
+
:account_ids)
|
898
920
|
include Aws::Structure
|
899
921
|
end
|
900
922
|
|
901
|
-
# DisassociateMembers response object.
|
902
|
-
#
|
903
923
|
# @!attribute [rw] unprocessed_accounts
|
904
924
|
# A list of objects containing the unprocessed account and a result
|
905
925
|
# string explaining why it was unprocessed.
|
@@ -912,8 +932,6 @@ module Aws::GuardDuty
|
|
912
932
|
include Aws::Structure
|
913
933
|
end
|
914
934
|
|
915
|
-
# Information about the DNS\_REQUEST action described in this finding.
|
916
|
-
#
|
917
935
|
# @!attribute [rw] domain
|
918
936
|
# Domain information for the DNS request.
|
919
937
|
# @return [String]
|
@@ -925,32 +943,17 @@ module Aws::GuardDuty
|
|
925
943
|
include Aws::Structure
|
926
944
|
end
|
927
945
|
|
928
|
-
#
|
929
|
-
#
|
930
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DomainDetails AWS API Documentation
|
931
|
-
#
|
932
|
-
class DomainDetails < Aws::EmptyStructure; end
|
933
|
-
|
934
|
-
# Error response object.
|
935
|
-
#
|
936
|
-
# @!attribute [rw] message
|
937
|
-
# The error message.
|
938
|
-
# @return [String]
|
939
|
-
#
|
940
|
-
# @!attribute [rw] type
|
941
|
-
# The error type.
|
946
|
+
# @!attribute [rw] domain
|
947
|
+
# Domain information for the AWS API call.
|
942
948
|
# @return [String]
|
943
949
|
#
|
944
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/
|
950
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DomainDetails AWS API Documentation
|
945
951
|
#
|
946
|
-
class
|
947
|
-
:
|
948
|
-
:type)
|
952
|
+
class DomainDetails < Struct.new(
|
953
|
+
:domain)
|
949
954
|
include Aws::Structure
|
950
955
|
end
|
951
956
|
|
952
|
-
# Representation of a abnormal or suspicious activity.
|
953
|
-
#
|
954
957
|
# @!attribute [rw] account_id
|
955
958
|
# AWS account ID where the activity occurred that prompted GuardDuty
|
956
959
|
# to generate a finding.
|
@@ -1037,20 +1040,24 @@ module Aws::GuardDuty
|
|
1037
1040
|
include Aws::Structure
|
1038
1041
|
end
|
1039
1042
|
|
1040
|
-
# Represents the criteria used for querying findings.
|
1041
|
-
#
|
1042
1043
|
# @note When making an API call, you may pass FindingCriteria
|
1043
1044
|
# data as a hash:
|
1044
1045
|
#
|
1045
1046
|
# {
|
1046
1047
|
# criterion: {
|
1047
|
-
# "
|
1048
|
-
# eq: ["
|
1048
|
+
# "String" => {
|
1049
|
+
# eq: ["String"],
|
1050
|
+
# neq: ["String"],
|
1049
1051
|
# gt: 1,
|
1050
1052
|
# gte: 1,
|
1051
1053
|
# lt: 1,
|
1052
1054
|
# lte: 1,
|
1053
|
-
#
|
1055
|
+
# equals: ["String"],
|
1056
|
+
# not_equals: ["String"],
|
1057
|
+
# greater_than: 1,
|
1058
|
+
# greater_than_or_equal: 1,
|
1059
|
+
# less_than: 1,
|
1060
|
+
# less_than_or_equal: 1,
|
1054
1061
|
# },
|
1055
1062
|
# },
|
1056
1063
|
# }
|
@@ -1067,8 +1074,6 @@ module Aws::GuardDuty
|
|
1067
1074
|
include Aws::Structure
|
1068
1075
|
end
|
1069
1076
|
|
1070
|
-
# Finding statistics object.
|
1071
|
-
#
|
1072
1077
|
# @!attribute [rw] count_by_severity
|
1073
1078
|
# Represents a map of severity to count statistic for a set of
|
1074
1079
|
# findings
|
@@ -1081,8 +1086,6 @@ module Aws::GuardDuty
|
|
1081
1086
|
include Aws::Structure
|
1082
1087
|
end
|
1083
1088
|
|
1084
|
-
# Location information of the remote IP address.
|
1085
|
-
#
|
1086
1089
|
# @!attribute [rw] lat
|
1087
1090
|
# Latitude information of remote IP address.
|
1088
1091
|
# @return [Float]
|
@@ -1103,10 +1106,11 @@ module Aws::GuardDuty
|
|
1103
1106
|
# data as a hash:
|
1104
1107
|
#
|
1105
1108
|
# {
|
1106
|
-
# detector_id: "
|
1109
|
+
# detector_id: "DetectorId", # required
|
1107
1110
|
# }
|
1108
1111
|
#
|
1109
1112
|
# @!attribute [rw] detector_id
|
1113
|
+
# The unique ID of the detector that you want to get.
|
1110
1114
|
# @return [String]
|
1111
1115
|
#
|
1112
1116
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetectorRequest AWS API Documentation
|
@@ -1116,27 +1120,24 @@ module Aws::GuardDuty
|
|
1116
1120
|
include Aws::Structure
|
1117
1121
|
end
|
1118
1122
|
|
1119
|
-
# GetDetector response object.
|
1120
|
-
#
|
1121
1123
|
# @!attribute [rw] created_at
|
1122
|
-
#
|
1124
|
+
# Detector creation timestamp.
|
1123
1125
|
# @return [String]
|
1124
1126
|
#
|
1125
1127
|
# @!attribute [rw] finding_publishing_frequency
|
1126
|
-
#
|
1127
|
-
# updates published.
|
1128
|
+
# Finding publishing frequency.
|
1128
1129
|
# @return [String]
|
1129
1130
|
#
|
1130
1131
|
# @!attribute [rw] service_role
|
1131
|
-
#
|
1132
|
+
# The GuardDuty service role.
|
1132
1133
|
# @return [String]
|
1133
1134
|
#
|
1134
1135
|
# @!attribute [rw] status
|
1135
|
-
# The status
|
1136
|
+
# The detector status.
|
1136
1137
|
# @return [String]
|
1137
1138
|
#
|
1138
1139
|
# @!attribute [rw] updated_at
|
1139
|
-
#
|
1140
|
+
# Detector last update timestamp.
|
1140
1141
|
# @return [String]
|
1141
1142
|
#
|
1142
1143
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetectorResponse AWS API Documentation
|
@@ -1154,14 +1155,16 @@ module Aws::GuardDuty
|
|
1154
1155
|
# data as a hash:
|
1155
1156
|
#
|
1156
1157
|
# {
|
1157
|
-
# detector_id: "
|
1158
|
-
# filter_name: "
|
1158
|
+
# detector_id: "DetectorId", # required
|
1159
|
+
# filter_name: "String", # required
|
1159
1160
|
# }
|
1160
1161
|
#
|
1161
1162
|
# @!attribute [rw] detector_id
|
1163
|
+
# The unique ID of the detector the filter is associated with.
|
1162
1164
|
# @return [String]
|
1163
1165
|
#
|
1164
1166
|
# @!attribute [rw] filter_name
|
1167
|
+
# The name of the filter you want to get.
|
1165
1168
|
# @return [String]
|
1166
1169
|
#
|
1167
1170
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFilterRequest AWS API Documentation
|
@@ -1172,58 +1175,56 @@ module Aws::GuardDuty
|
|
1172
1175
|
include Aws::Structure
|
1173
1176
|
end
|
1174
1177
|
|
1175
|
-
#
|
1178
|
+
# @!attribute [rw] name
|
1179
|
+
# The name of the filter.
|
1180
|
+
# @return [String]
|
1181
|
+
#
|
1182
|
+
# @!attribute [rw] description
|
1183
|
+
# The description of the filter.
|
1184
|
+
# @return [String]
|
1176
1185
|
#
|
1177
1186
|
# @!attribute [rw] action
|
1178
1187
|
# Specifies the action that is to be applied to the findings that
|
1179
1188
|
# match the filter.
|
1180
1189
|
# @return [String]
|
1181
1190
|
#
|
1182
|
-
# @!attribute [rw]
|
1183
|
-
#
|
1184
|
-
#
|
1191
|
+
# @!attribute [rw] rank
|
1192
|
+
# Specifies the position of the filter in the list of current filters.
|
1193
|
+
# Also specifies the order in which this filter is applied to the
|
1194
|
+
# findings.
|
1195
|
+
# @return [Integer]
|
1185
1196
|
#
|
1186
1197
|
# @!attribute [rw] finding_criteria
|
1187
1198
|
# Represents the criteria to be used in the filter for querying
|
1188
1199
|
# findings.
|
1189
1200
|
# @return [Types::FindingCriteria]
|
1190
1201
|
#
|
1191
|
-
# @!attribute [rw] name
|
1192
|
-
# The name of the filter.
|
1193
|
-
# @return [String]
|
1194
|
-
#
|
1195
|
-
# @!attribute [rw] rank
|
1196
|
-
# Specifies the position of the filter in the list of current filters.
|
1197
|
-
# Also specifies the order in which this filter is applied to the
|
1198
|
-
# findings.
|
1199
|
-
# @return [Integer]
|
1200
|
-
#
|
1201
1202
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFilterResponse AWS API Documentation
|
1202
1203
|
#
|
1203
1204
|
class GetFilterResponse < Struct.new(
|
1204
|
-
:action,
|
1205
|
-
:description,
|
1206
|
-
:finding_criteria,
|
1207
1205
|
:name,
|
1208
|
-
:
|
1206
|
+
:description,
|
1207
|
+
:action,
|
1208
|
+
:rank,
|
1209
|
+
:finding_criteria)
|
1209
1210
|
include Aws::Structure
|
1210
1211
|
end
|
1211
1212
|
|
1212
|
-
# Get Findings Request
|
1213
|
-
#
|
1214
1213
|
# @note When making an API call, you may pass GetFindingsRequest
|
1215
1214
|
# data as a hash:
|
1216
1215
|
#
|
1217
1216
|
# {
|
1218
|
-
# detector_id: "
|
1217
|
+
# detector_id: "DetectorId", # required
|
1219
1218
|
# finding_ids: ["FindingId"], # required
|
1220
1219
|
# sort_criteria: {
|
1221
|
-
# attribute_name: "
|
1220
|
+
# attribute_name: "String",
|
1222
1221
|
# order_by: "ASC", # accepts ASC, DESC
|
1223
1222
|
# },
|
1224
1223
|
# }
|
1225
1224
|
#
|
1226
1225
|
# @!attribute [rw] detector_id
|
1226
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1227
|
+
# findings you want to retrieve.
|
1227
1228
|
# @return [String]
|
1228
1229
|
#
|
1229
1230
|
# @!attribute [rw] finding_ids
|
@@ -1243,8 +1244,6 @@ module Aws::GuardDuty
|
|
1243
1244
|
include Aws::Structure
|
1244
1245
|
end
|
1245
1246
|
|
1246
|
-
# GetFindings response object.
|
1247
|
-
#
|
1248
1247
|
# @!attribute [rw] findings
|
1249
1248
|
# A list of findings.
|
1250
1249
|
# @return [Array<Types::Finding>]
|
@@ -1256,50 +1255,54 @@ module Aws::GuardDuty
|
|
1256
1255
|
include Aws::Structure
|
1257
1256
|
end
|
1258
1257
|
|
1259
|
-
# Get Findings Statistics Request
|
1260
|
-
#
|
1261
1258
|
# @note When making an API call, you may pass GetFindingsStatisticsRequest
|
1262
1259
|
# data as a hash:
|
1263
1260
|
#
|
1264
1261
|
# {
|
1265
|
-
# detector_id: "
|
1262
|
+
# detector_id: "DetectorId", # required
|
1263
|
+
# finding_statistic_types: ["COUNT_BY_SEVERITY"], # required, accepts COUNT_BY_SEVERITY
|
1266
1264
|
# finding_criteria: {
|
1267
1265
|
# criterion: {
|
1268
|
-
# "
|
1269
|
-
# eq: ["
|
1266
|
+
# "String" => {
|
1267
|
+
# eq: ["String"],
|
1268
|
+
# neq: ["String"],
|
1270
1269
|
# gt: 1,
|
1271
1270
|
# gte: 1,
|
1272
1271
|
# lt: 1,
|
1273
1272
|
# lte: 1,
|
1274
|
-
#
|
1273
|
+
# equals: ["String"],
|
1274
|
+
# not_equals: ["String"],
|
1275
|
+
# greater_than: 1,
|
1276
|
+
# greater_than_or_equal: 1,
|
1277
|
+
# less_than: 1,
|
1278
|
+
# less_than_or_equal: 1,
|
1275
1279
|
# },
|
1276
1280
|
# },
|
1277
1281
|
# },
|
1278
|
-
# finding_statistic_types: ["COUNT_BY_SEVERITY"], # required, accepts COUNT_BY_SEVERITY
|
1279
1282
|
# }
|
1280
1283
|
#
|
1281
1284
|
# @!attribute [rw] detector_id
|
1285
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1286
|
+
# findings' statistics you want to retrieve.
|
1282
1287
|
# @return [String]
|
1283
1288
|
#
|
1284
|
-
# @!attribute [rw] finding_criteria
|
1285
|
-
# Represents the criteria used for querying findings.
|
1286
|
-
# @return [Types::FindingCriteria]
|
1287
|
-
#
|
1288
1289
|
# @!attribute [rw] finding_statistic_types
|
1289
1290
|
# Types of finding statistics to retrieve.
|
1290
1291
|
# @return [Array<String>]
|
1291
1292
|
#
|
1293
|
+
# @!attribute [rw] finding_criteria
|
1294
|
+
# Represents the criteria used for querying findings.
|
1295
|
+
# @return [Types::FindingCriteria]
|
1296
|
+
#
|
1292
1297
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFindingsStatisticsRequest AWS API Documentation
|
1293
1298
|
#
|
1294
1299
|
class GetFindingsStatisticsRequest < Struct.new(
|
1295
1300
|
:detector_id,
|
1296
|
-
:
|
1297
|
-
:
|
1301
|
+
:finding_statistic_types,
|
1302
|
+
:finding_criteria)
|
1298
1303
|
include Aws::Structure
|
1299
1304
|
end
|
1300
1305
|
|
1301
|
-
# GetFindingsStatistics response object.
|
1302
|
-
#
|
1303
1306
|
# @!attribute [rw] finding_statistics
|
1304
1307
|
# Finding statistics object.
|
1305
1308
|
# @return [Types::FindingStatistics]
|
@@ -1315,14 +1318,16 @@ module Aws::GuardDuty
|
|
1315
1318
|
# data as a hash:
|
1316
1319
|
#
|
1317
1320
|
# {
|
1318
|
-
# detector_id: "
|
1319
|
-
# ip_set_id: "
|
1321
|
+
# detector_id: "DetectorId", # required
|
1322
|
+
# ip_set_id: "String", # required
|
1320
1323
|
# }
|
1321
1324
|
#
|
1322
1325
|
# @!attribute [rw] detector_id
|
1326
|
+
# The unique ID of the detector the ipSet is associated with.
|
1323
1327
|
# @return [String]
|
1324
1328
|
#
|
1325
1329
|
# @!attribute [rw] ip_set_id
|
1330
|
+
# The unique ID of the ipSet you want to get.
|
1326
1331
|
# @return [String]
|
1327
1332
|
#
|
1328
1333
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetRequest AWS API Documentation
|
@@ -1333,7 +1338,11 @@ module Aws::GuardDuty
|
|
1333
1338
|
include Aws::Structure
|
1334
1339
|
end
|
1335
1340
|
|
1336
|
-
#
|
1341
|
+
# @!attribute [rw] name
|
1342
|
+
# The user friendly name to identify the IPSet. This name is displayed
|
1343
|
+
# in all findings that are triggered by activity that involves IP
|
1344
|
+
# addresses included in this IPSet.
|
1345
|
+
# @return [String]
|
1337
1346
|
#
|
1338
1347
|
# @!attribute [rw] format
|
1339
1348
|
# The format of the file that contains the IPSet.
|
@@ -1344,12 +1353,6 @@ module Aws::GuardDuty
|
|
1344
1353
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
1345
1354
|
# @return [String]
|
1346
1355
|
#
|
1347
|
-
# @!attribute [rw] name
|
1348
|
-
# The user friendly name to identify the IPSet. This name is displayed
|
1349
|
-
# in all findings that are triggered by activity that involves IP
|
1350
|
-
# addresses included in this IPSet.
|
1351
|
-
# @return [String]
|
1352
|
-
#
|
1353
1356
|
# @!attribute [rw] status
|
1354
1357
|
# The status of ipSet file uploaded.
|
1355
1358
|
# @return [String]
|
@@ -1357,9 +1360,9 @@ module Aws::GuardDuty
|
|
1357
1360
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetResponse AWS API Documentation
|
1358
1361
|
#
|
1359
1362
|
class GetIPSetResponse < Struct.new(
|
1363
|
+
:name,
|
1360
1364
|
:format,
|
1361
1365
|
:location,
|
1362
|
-
:name,
|
1363
1366
|
:status)
|
1364
1367
|
include Aws::Structure
|
1365
1368
|
end
|
@@ -1370,8 +1373,6 @@ module Aws::GuardDuty
|
|
1370
1373
|
#
|
1371
1374
|
class GetInvitationsCountRequest < Aws::EmptyStructure; end
|
1372
1375
|
|
1373
|
-
# GetInvitationsCount response object.
|
1374
|
-
#
|
1375
1376
|
# @!attribute [rw] invitations_count
|
1376
1377
|
# The number of received invitations.
|
1377
1378
|
# @return [Integer]
|
@@ -1387,10 +1388,11 @@ module Aws::GuardDuty
|
|
1387
1388
|
# data as a hash:
|
1388
1389
|
#
|
1389
1390
|
# {
|
1390
|
-
# detector_id: "
|
1391
|
+
# detector_id: "DetectorId", # required
|
1391
1392
|
# }
|
1392
1393
|
#
|
1393
1394
|
# @!attribute [rw] detector_id
|
1395
|
+
# The unique ID of the detector of the GuardDuty member account.
|
1394
1396
|
# @return [String]
|
1395
1397
|
#
|
1396
1398
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMasterAccountRequest AWS API Documentation
|
@@ -1400,10 +1402,8 @@ module Aws::GuardDuty
|
|
1400
1402
|
include Aws::Structure
|
1401
1403
|
end
|
1402
1404
|
|
1403
|
-
# GetMasterAccount response object.
|
1404
|
-
#
|
1405
1405
|
# @!attribute [rw] master
|
1406
|
-
#
|
1406
|
+
# Master account details.
|
1407
1407
|
# @return [Types::Master]
|
1408
1408
|
#
|
1409
1409
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMasterAccountResponse AWS API Documentation
|
@@ -1413,36 +1413,34 @@ module Aws::GuardDuty
|
|
1413
1413
|
include Aws::Structure
|
1414
1414
|
end
|
1415
1415
|
|
1416
|
-
# GetMembers request body.
|
1417
|
-
#
|
1418
1416
|
# @note When making an API call, you may pass GetMembersRequest
|
1419
1417
|
# data as a hash:
|
1420
1418
|
#
|
1421
1419
|
# {
|
1422
|
-
#
|
1423
|
-
#
|
1420
|
+
# detector_id: "DetectorId", # required
|
1421
|
+
# account_ids: ["AccountId"], # required
|
1424
1422
|
# }
|
1425
1423
|
#
|
1424
|
+
# @!attribute [rw] detector_id
|
1425
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
1426
|
+
# you want to retrieve.
|
1427
|
+
# @return [String]
|
1428
|
+
#
|
1426
1429
|
# @!attribute [rw] account_ids
|
1427
1430
|
# A list of account IDs of the GuardDuty member accounts that you want
|
1428
1431
|
# to describe.
|
1429
1432
|
# @return [Array<String>]
|
1430
1433
|
#
|
1431
|
-
# @!attribute [rw] detector_id
|
1432
|
-
# @return [String]
|
1433
|
-
#
|
1434
1434
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMembersRequest AWS API Documentation
|
1435
1435
|
#
|
1436
1436
|
class GetMembersRequest < Struct.new(
|
1437
|
-
:
|
1438
|
-
:
|
1437
|
+
:detector_id,
|
1438
|
+
:account_ids)
|
1439
1439
|
include Aws::Structure
|
1440
1440
|
end
|
1441
1441
|
|
1442
|
-
# GetMembers response object.
|
1443
|
-
#
|
1444
1442
|
# @!attribute [rw] members
|
1445
|
-
# A list of
|
1443
|
+
# A list of members.
|
1446
1444
|
# @return [Array<Types::Member>]
|
1447
1445
|
#
|
1448
1446
|
# @!attribute [rw] unprocessed_accounts
|
@@ -1462,14 +1460,16 @@ module Aws::GuardDuty
|
|
1462
1460
|
# data as a hash:
|
1463
1461
|
#
|
1464
1462
|
# {
|
1465
|
-
# detector_id: "
|
1466
|
-
# threat_intel_set_id: "
|
1463
|
+
# detector_id: "DetectorId", # required
|
1464
|
+
# threat_intel_set_id: "String", # required
|
1467
1465
|
# }
|
1468
1466
|
#
|
1469
1467
|
# @!attribute [rw] detector_id
|
1468
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
1470
1469
|
# @return [String]
|
1471
1470
|
#
|
1472
1471
|
# @!attribute [rw] threat_intel_set_id
|
1472
|
+
# The unique ID of the threatIntelSet you want to get.
|
1473
1473
|
# @return [String]
|
1474
1474
|
#
|
1475
1475
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetThreatIntelSetRequest AWS API Documentation
|
@@ -1480,7 +1480,11 @@ module Aws::GuardDuty
|
|
1480
1480
|
include Aws::Structure
|
1481
1481
|
end
|
1482
1482
|
|
1483
|
-
#
|
1483
|
+
# @!attribute [rw] name
|
1484
|
+
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
1485
|
+
# generated by activity that involves IP addresses included in this
|
1486
|
+
# ThreatIntelSet.
|
1487
|
+
# @return [String]
|
1484
1488
|
#
|
1485
1489
|
# @!attribute [rw] format
|
1486
1490
|
# The format of the threatIntelSet.
|
@@ -1491,12 +1495,6 @@ module Aws::GuardDuty
|
|
1491
1495
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
1492
1496
|
# @return [String]
|
1493
1497
|
#
|
1494
|
-
# @!attribute [rw] name
|
1495
|
-
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
1496
|
-
# generated by activity that involves IP addresses included in this
|
1497
|
-
# ThreatIntelSet.
|
1498
|
-
# @return [String]
|
1499
|
-
#
|
1500
1498
|
# @!attribute [rw] status
|
1501
1499
|
# The status of threatIntelSet file uploaded.
|
1502
1500
|
# @return [String]
|
@@ -1504,15 +1502,13 @@ module Aws::GuardDuty
|
|
1504
1502
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetThreatIntelSetResponse AWS API Documentation
|
1505
1503
|
#
|
1506
1504
|
class GetThreatIntelSetResponse < Struct.new(
|
1505
|
+
:name,
|
1507
1506
|
:format,
|
1508
1507
|
:location,
|
1509
|
-
:name,
|
1510
1508
|
:status)
|
1511
1509
|
include Aws::Structure
|
1512
1510
|
end
|
1513
1511
|
|
1514
|
-
# The profile information of the EC2 instance.
|
1515
|
-
#
|
1516
1512
|
# @!attribute [rw] arn
|
1517
1513
|
# AWS EC2 instance profile ARN.
|
1518
1514
|
# @return [String]
|
@@ -1529,9 +1525,6 @@ module Aws::GuardDuty
|
|
1529
1525
|
include Aws::Structure
|
1530
1526
|
end
|
1531
1527
|
|
1532
|
-
# The information about the EC2 instance associated with the activity
|
1533
|
-
# that prompted GuardDuty to generate a finding.
|
1534
|
-
#
|
1535
1528
|
# @!attribute [rw] availability_zone
|
1536
1529
|
# The availability zone of the EC2 instance.
|
1537
1530
|
# @return [String]
|
@@ -1598,12 +1591,14 @@ module Aws::GuardDuty
|
|
1598
1591
|
include Aws::Structure
|
1599
1592
|
end
|
1600
1593
|
|
1601
|
-
#
|
1594
|
+
# Internal server error exception object.
|
1602
1595
|
#
|
1603
1596
|
# @!attribute [rw] message
|
1597
|
+
# The error message.
|
1604
1598
|
# @return [String]
|
1605
1599
|
#
|
1606
1600
|
# @!attribute [rw] type
|
1601
|
+
# The error type.
|
1607
1602
|
# @return [String]
|
1608
1603
|
#
|
1609
1604
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InternalServerErrorException AWS API Documentation
|
@@ -1614,9 +1609,6 @@ module Aws::GuardDuty
|
|
1614
1609
|
include Aws::Structure
|
1615
1610
|
end
|
1616
1611
|
|
1617
|
-
# Invitation from an AWS account to become the current account's
|
1618
|
-
# master.
|
1619
|
-
#
|
1620
1612
|
# @!attribute [rw] account_id
|
1621
1613
|
# Inviter account ID
|
1622
1614
|
# @return [String]
|
@@ -1626,45 +1618,45 @@ module Aws::GuardDuty
|
|
1626
1618
|
# account.
|
1627
1619
|
# @return [String]
|
1628
1620
|
#
|
1629
|
-
# @!attribute [rw] invited_at
|
1630
|
-
# Timestamp at which the invitation was sent
|
1631
|
-
# @return [String]
|
1632
|
-
#
|
1633
1621
|
# @!attribute [rw] relationship_status
|
1634
1622
|
# The status of the relationship between the inviter and invitee
|
1635
1623
|
# accounts.
|
1636
1624
|
# @return [String]
|
1637
1625
|
#
|
1626
|
+
# @!attribute [rw] invited_at
|
1627
|
+
# Timestamp at which the invitation was sent
|
1628
|
+
# @return [String]
|
1629
|
+
#
|
1638
1630
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Invitation AWS API Documentation
|
1639
1631
|
#
|
1640
1632
|
class Invitation < Struct.new(
|
1641
1633
|
:account_id,
|
1642
1634
|
:invitation_id,
|
1643
|
-
:
|
1644
|
-
:
|
1635
|
+
:relationship_status,
|
1636
|
+
:invited_at)
|
1645
1637
|
include Aws::Structure
|
1646
1638
|
end
|
1647
1639
|
|
1648
|
-
# InviteMembers request body.
|
1649
|
-
#
|
1650
1640
|
# @note When making an API call, you may pass InviteMembersRequest
|
1651
1641
|
# data as a hash:
|
1652
1642
|
#
|
1653
1643
|
# {
|
1654
|
-
#
|
1655
|
-
#
|
1644
|
+
# detector_id: "DetectorId", # required
|
1645
|
+
# account_ids: ["AccountId"], # required
|
1656
1646
|
# disable_email_notification: false,
|
1657
|
-
# message: "
|
1647
|
+
# message: "String",
|
1658
1648
|
# }
|
1659
1649
|
#
|
1650
|
+
# @!attribute [rw] detector_id
|
1651
|
+
# The unique ID of the detector of the GuardDuty account with which
|
1652
|
+
# you want to invite members.
|
1653
|
+
# @return [String]
|
1654
|
+
#
|
1660
1655
|
# @!attribute [rw] account_ids
|
1661
1656
|
# A list of account IDs of the accounts that you want to invite to
|
1662
1657
|
# GuardDuty as members.
|
1663
1658
|
# @return [Array<String>]
|
1664
1659
|
#
|
1665
|
-
# @!attribute [rw] detector_id
|
1666
|
-
# @return [String]
|
1667
|
-
#
|
1668
1660
|
# @!attribute [rw] disable_email_notification
|
1669
1661
|
# A boolean value that specifies whether you want to disable email
|
1670
1662
|
# notification to the accounts that you’re inviting to GuardDuty as
|
@@ -1679,15 +1671,13 @@ module Aws::GuardDuty
|
|
1679
1671
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InviteMembersRequest AWS API Documentation
|
1680
1672
|
#
|
1681
1673
|
class InviteMembersRequest < Struct.new(
|
1682
|
-
:account_ids,
|
1683
1674
|
:detector_id,
|
1675
|
+
:account_ids,
|
1684
1676
|
:disable_email_notification,
|
1685
1677
|
:message)
|
1686
1678
|
include Aws::Structure
|
1687
1679
|
end
|
1688
1680
|
|
1689
|
-
# InviteMembers response object.
|
1690
|
-
#
|
1691
1681
|
# @!attribute [rw] unprocessed_accounts
|
1692
1682
|
# A list of objects containing the unprocessed account and a result
|
1693
1683
|
# string explaining why it was unprocessed.
|
@@ -1705,15 +1695,21 @@ module Aws::GuardDuty
|
|
1705
1695
|
#
|
1706
1696
|
# {
|
1707
1697
|
# max_results: 1,
|
1708
|
-
# next_token: "
|
1698
|
+
# next_token: "String",
|
1709
1699
|
# }
|
1710
1700
|
#
|
1711
1701
|
# @!attribute [rw] max_results
|
1712
1702
|
# You can use this parameter to indicate the maximum number of items
|
1713
|
-
#
|
1703
|
+
# you want in the response. The default value is 50. The maximum value
|
1704
|
+
# is 50.
|
1714
1705
|
# @return [Integer]
|
1715
1706
|
#
|
1716
1707
|
# @!attribute [rw] next_token
|
1708
|
+
# You can use this parameter when paginating results. Set the value of
|
1709
|
+
# this parameter to null on your first call to the list action. For
|
1710
|
+
# subsequent calls to the action fill nextToken in the request with
|
1711
|
+
# the value of NextToken from the previous response to continue
|
1712
|
+
# listing data.
|
1717
1713
|
# @return [String]
|
1718
1714
|
#
|
1719
1715
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListDetectorsRequest AWS API Documentation
|
@@ -1724,18 +1720,13 @@ module Aws::GuardDuty
|
|
1724
1720
|
include Aws::Structure
|
1725
1721
|
end
|
1726
1722
|
|
1727
|
-
# ListDetectors response object.
|
1728
|
-
#
|
1729
1723
|
# @!attribute [rw] detector_ids
|
1730
1724
|
# A list of detector Ids.
|
1731
1725
|
# @return [Array<String>]
|
1732
1726
|
#
|
1733
1727
|
# @!attribute [rw] next_token
|
1734
|
-
#
|
1735
|
-
#
|
1736
|
-
# subsequent calls to the action fill nextToken in the request with
|
1737
|
-
# the value of NextToken from the previous response to continue
|
1738
|
-
# listing data.
|
1728
|
+
# Pagination parameter to be used on the next list operation to
|
1729
|
+
# retrieve more items.
|
1739
1730
|
# @return [String]
|
1740
1731
|
#
|
1741
1732
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListDetectorsResponse AWS API Documentation
|
@@ -1750,20 +1741,27 @@ module Aws::GuardDuty
|
|
1750
1741
|
# data as a hash:
|
1751
1742
|
#
|
1752
1743
|
# {
|
1753
|
-
# detector_id: "
|
1744
|
+
# detector_id: "DetectorId", # required
|
1754
1745
|
# max_results: 1,
|
1755
|
-
# next_token: "
|
1746
|
+
# next_token: "String",
|
1756
1747
|
# }
|
1757
1748
|
#
|
1758
1749
|
# @!attribute [rw] detector_id
|
1750
|
+
# The unique ID of the detector the filter is associated with.
|
1759
1751
|
# @return [String]
|
1760
1752
|
#
|
1761
1753
|
# @!attribute [rw] max_results
|
1762
1754
|
# You can use this parameter to indicate the maximum number of items
|
1763
|
-
#
|
1755
|
+
# you want in the response. The default value is 50. The maximum value
|
1756
|
+
# is 50.
|
1764
1757
|
# @return [Integer]
|
1765
1758
|
#
|
1766
1759
|
# @!attribute [rw] next_token
|
1760
|
+
# You can use this parameter when paginating results. Set the value of
|
1761
|
+
# this parameter to null on your first call to the list action. For
|
1762
|
+
# subsequent calls to the action fill nextToken in the request with
|
1763
|
+
# the value of NextToken from the previous response to continue
|
1764
|
+
# listing data.
|
1767
1765
|
# @return [String]
|
1768
1766
|
#
|
1769
1767
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFiltersRequest AWS API Documentation
|
@@ -1775,18 +1773,13 @@ module Aws::GuardDuty
|
|
1775
1773
|
include Aws::Structure
|
1776
1774
|
end
|
1777
1775
|
|
1778
|
-
# ListFilters response object.
|
1779
|
-
#
|
1780
1776
|
# @!attribute [rw] filter_names
|
1781
1777
|
# A list of filter names
|
1782
1778
|
# @return [Array<String>]
|
1783
1779
|
#
|
1784
1780
|
# @!attribute [rw] next_token
|
1785
|
-
#
|
1786
|
-
#
|
1787
|
-
# subsequent calls to the action fill nextToken in the request with
|
1788
|
-
# the value of NextToken from the previous response to continue
|
1789
|
-
# listing data.
|
1781
|
+
# Pagination parameter to be used on the next list operation to
|
1782
|
+
# retrieve more items.
|
1790
1783
|
# @return [String]
|
1791
1784
|
#
|
1792
1785
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFiltersResponse AWS API Documentation
|
@@ -1797,40 +1790,50 @@ module Aws::GuardDuty
|
|
1797
1790
|
include Aws::Structure
|
1798
1791
|
end
|
1799
1792
|
|
1800
|
-
# List Findings Request
|
1801
|
-
#
|
1802
1793
|
# @note When making an API call, you may pass ListFindingsRequest
|
1803
1794
|
# data as a hash:
|
1804
1795
|
#
|
1805
1796
|
# {
|
1806
|
-
# detector_id: "
|
1797
|
+
# detector_id: "DetectorId", # required
|
1807
1798
|
# finding_criteria: {
|
1808
1799
|
# criterion: {
|
1809
|
-
# "
|
1810
|
-
# eq: ["
|
1800
|
+
# "String" => {
|
1801
|
+
# eq: ["String"],
|
1802
|
+
# neq: ["String"],
|
1811
1803
|
# gt: 1,
|
1812
1804
|
# gte: 1,
|
1813
1805
|
# lt: 1,
|
1814
1806
|
# lte: 1,
|
1815
|
-
#
|
1807
|
+
# equals: ["String"],
|
1808
|
+
# not_equals: ["String"],
|
1809
|
+
# greater_than: 1,
|
1810
|
+
# greater_than_or_equal: 1,
|
1811
|
+
# less_than: 1,
|
1812
|
+
# less_than_or_equal: 1,
|
1816
1813
|
# },
|
1817
1814
|
# },
|
1818
1815
|
# },
|
1819
|
-
# max_results: 1,
|
1820
|
-
# next_token: "NextToken",
|
1821
1816
|
# sort_criteria: {
|
1822
|
-
# attribute_name: "
|
1817
|
+
# attribute_name: "String",
|
1823
1818
|
# order_by: "ASC", # accepts ASC, DESC
|
1824
1819
|
# },
|
1820
|
+
# max_results: 1,
|
1821
|
+
# next_token: "String",
|
1825
1822
|
# }
|
1826
1823
|
#
|
1827
1824
|
# @!attribute [rw] detector_id
|
1825
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1826
|
+
# findings you want to list.
|
1828
1827
|
# @return [String]
|
1829
1828
|
#
|
1830
1829
|
# @!attribute [rw] finding_criteria
|
1831
1830
|
# Represents the criteria used for querying findings.
|
1832
1831
|
# @return [Types::FindingCriteria]
|
1833
1832
|
#
|
1833
|
+
# @!attribute [rw] sort_criteria
|
1834
|
+
# Represents the criteria used for sorting findings.
|
1835
|
+
# @return [Types::SortCriteria]
|
1836
|
+
#
|
1834
1837
|
# @!attribute [rw] max_results
|
1835
1838
|
# You can use this parameter to indicate the maximum number of items
|
1836
1839
|
# you want in the response. The default value is 50. The maximum value
|
@@ -1839,39 +1842,30 @@ module Aws::GuardDuty
|
|
1839
1842
|
#
|
1840
1843
|
# @!attribute [rw] next_token
|
1841
1844
|
# You can use this parameter when paginating results. Set the value of
|
1842
|
-
# this parameter to null on your first call to the
|
1843
|
-
#
|
1844
|
-
#
|
1845
|
-
#
|
1845
|
+
# this parameter to null on your first call to the list action. For
|
1846
|
+
# subsequent calls to the action fill nextToken in the request with
|
1847
|
+
# the value of NextToken from the previous response to continue
|
1848
|
+
# listing data.
|
1846
1849
|
# @return [String]
|
1847
1850
|
#
|
1848
|
-
# @!attribute [rw] sort_criteria
|
1849
|
-
# Represents the criteria used for sorting findings.
|
1850
|
-
# @return [Types::SortCriteria]
|
1851
|
-
#
|
1852
1851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFindingsRequest AWS API Documentation
|
1853
1852
|
#
|
1854
1853
|
class ListFindingsRequest < Struct.new(
|
1855
1854
|
:detector_id,
|
1856
1855
|
:finding_criteria,
|
1856
|
+
:sort_criteria,
|
1857
1857
|
:max_results,
|
1858
|
-
:next_token
|
1859
|
-
:sort_criteria)
|
1858
|
+
:next_token)
|
1860
1859
|
include Aws::Structure
|
1861
1860
|
end
|
1862
1861
|
|
1863
|
-
# ListFindings response object.
|
1864
|
-
#
|
1865
1862
|
# @!attribute [rw] finding_ids
|
1866
|
-
# The
|
1863
|
+
# The IDs of the findings you are listing.
|
1867
1864
|
# @return [Array<String>]
|
1868
1865
|
#
|
1869
1866
|
# @!attribute [rw] next_token
|
1870
|
-
#
|
1871
|
-
#
|
1872
|
-
# subsequent calls to the action fill nextToken in the request with
|
1873
|
-
# the value of NextToken from the previous response to continue
|
1874
|
-
# listing data.
|
1867
|
+
# Pagination parameter to be used on the next list operation to
|
1868
|
+
# retrieve more items.
|
1875
1869
|
# @return [String]
|
1876
1870
|
#
|
1877
1871
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFindingsResponse AWS API Documentation
|
@@ -1886,20 +1880,27 @@ module Aws::GuardDuty
|
|
1886
1880
|
# data as a hash:
|
1887
1881
|
#
|
1888
1882
|
# {
|
1889
|
-
# detector_id: "
|
1883
|
+
# detector_id: "DetectorId", # required
|
1890
1884
|
# max_results: 1,
|
1891
|
-
# next_token: "
|
1885
|
+
# next_token: "String",
|
1892
1886
|
# }
|
1893
1887
|
#
|
1894
1888
|
# @!attribute [rw] detector_id
|
1889
|
+
# The unique ID of the detector the ipSet is associated with.
|
1895
1890
|
# @return [String]
|
1896
1891
|
#
|
1897
1892
|
# @!attribute [rw] max_results
|
1898
1893
|
# You can use this parameter to indicate the maximum number of items
|
1899
|
-
#
|
1894
|
+
# you want in the response. The default value is 50. The maximum value
|
1895
|
+
# is 50.
|
1900
1896
|
# @return [Integer]
|
1901
1897
|
#
|
1902
1898
|
# @!attribute [rw] next_token
|
1899
|
+
# You can use this parameter when paginating results. Set the value of
|
1900
|
+
# this parameter to null on your first call to the list action. For
|
1901
|
+
# subsequent calls to the action fill nextToken in the request with
|
1902
|
+
# the value of NextToken from the previous response to continue
|
1903
|
+
# listing data.
|
1903
1904
|
# @return [String]
|
1904
1905
|
#
|
1905
1906
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListIPSetsRequest AWS API Documentation
|
@@ -1911,18 +1912,13 @@ module Aws::GuardDuty
|
|
1911
1912
|
include Aws::Structure
|
1912
1913
|
end
|
1913
1914
|
|
1914
|
-
# ListIPSets response object.
|
1915
|
-
#
|
1916
1915
|
# @!attribute [rw] ip_set_ids
|
1917
|
-
#
|
1916
|
+
# The IDs of the IPSet resources.
|
1918
1917
|
# @return [Array<String>]
|
1919
1918
|
#
|
1920
1919
|
# @!attribute [rw] next_token
|
1921
|
-
#
|
1922
|
-
#
|
1923
|
-
# subsequent calls to the action fill nextToken in the request with
|
1924
|
-
# the value of NextToken from the previous response to continue
|
1925
|
-
# listing data.
|
1920
|
+
# Pagination parameter to be used on the next list operation to
|
1921
|
+
# retrieve more items.
|
1926
1922
|
# @return [String]
|
1927
1923
|
#
|
1928
1924
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListIPSetsResponse AWS API Documentation
|
@@ -1938,15 +1934,21 @@ module Aws::GuardDuty
|
|
1938
1934
|
#
|
1939
1935
|
# {
|
1940
1936
|
# max_results: 1,
|
1941
|
-
# next_token: "
|
1937
|
+
# next_token: "String",
|
1942
1938
|
# }
|
1943
1939
|
#
|
1944
1940
|
# @!attribute [rw] max_results
|
1945
1941
|
# You can use this parameter to indicate the maximum number of items
|
1946
|
-
#
|
1942
|
+
# you want in the response. The default value is 50. The maximum value
|
1943
|
+
# is 50.
|
1947
1944
|
# @return [Integer]
|
1948
1945
|
#
|
1949
1946
|
# @!attribute [rw] next_token
|
1947
|
+
# You can use this parameter when paginating results. Set the value of
|
1948
|
+
# this parameter to null on your first call to the list action. For
|
1949
|
+
# subsequent calls to the action fill nextToken in the request with
|
1950
|
+
# the value of NextToken from the previous response to continue
|
1951
|
+
# listing data.
|
1950
1952
|
# @return [String]
|
1951
1953
|
#
|
1952
1954
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListInvitationsRequest AWS API Documentation
|
@@ -1957,18 +1959,13 @@ module Aws::GuardDuty
|
|
1957
1959
|
include Aws::Structure
|
1958
1960
|
end
|
1959
1961
|
|
1960
|
-
# ListInvitations response object.
|
1961
|
-
#
|
1962
1962
|
# @!attribute [rw] invitations
|
1963
1963
|
# A list of invitation descriptions.
|
1964
1964
|
# @return [Array<Types::Invitation>]
|
1965
1965
|
#
|
1966
1966
|
# @!attribute [rw] next_token
|
1967
|
-
#
|
1968
|
-
#
|
1969
|
-
# subsequent calls to the action fill nextToken in the request with
|
1970
|
-
# the value of NextToken from the previous response to continue
|
1971
|
-
# listing data.
|
1967
|
+
# Pagination parameter to be used on the next list operation to
|
1968
|
+
# retrieve more items.
|
1972
1969
|
# @return [String]
|
1973
1970
|
#
|
1974
1971
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListInvitationsResponse AWS API Documentation
|
@@ -1983,24 +1980,34 @@ module Aws::GuardDuty
|
|
1983
1980
|
# data as a hash:
|
1984
1981
|
#
|
1985
1982
|
# {
|
1986
|
-
# detector_id: "
|
1983
|
+
# detector_id: "DetectorId", # required
|
1987
1984
|
# max_results: 1,
|
1988
|
-
# next_token: "
|
1989
|
-
# only_associated: "
|
1985
|
+
# next_token: "String",
|
1986
|
+
# only_associated: "String",
|
1990
1987
|
# }
|
1991
1988
|
#
|
1992
1989
|
# @!attribute [rw] detector_id
|
1990
|
+
# The unique ID of the detector the member is associated with.
|
1993
1991
|
# @return [String]
|
1994
1992
|
#
|
1995
1993
|
# @!attribute [rw] max_results
|
1996
1994
|
# You can use this parameter to indicate the maximum number of items
|
1997
|
-
#
|
1995
|
+
# you want in the response. The default value is 50. The maximum value
|
1996
|
+
# is 50.
|
1998
1997
|
# @return [Integer]
|
1999
1998
|
#
|
2000
1999
|
# @!attribute [rw] next_token
|
2000
|
+
# You can use this parameter when paginating results. Set the value of
|
2001
|
+
# this parameter to null on your first call to the list action. For
|
2002
|
+
# subsequent calls to the action fill nextToken in the request with
|
2003
|
+
# the value of NextToken from the previous response to continue
|
2004
|
+
# listing data.
|
2001
2005
|
# @return [String]
|
2002
2006
|
#
|
2003
2007
|
# @!attribute [rw] only_associated
|
2008
|
+
# Specifies whether to only return associated members or to return all
|
2009
|
+
# members (including members which haven't been invited yet or have
|
2010
|
+
# been disassociated).
|
2004
2011
|
# @return [String]
|
2005
2012
|
#
|
2006
2013
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersRequest AWS API Documentation
|
@@ -2013,18 +2020,13 @@ module Aws::GuardDuty
|
|
2013
2020
|
include Aws::Structure
|
2014
2021
|
end
|
2015
2022
|
|
2016
|
-
# ListMembers response object.
|
2017
|
-
#
|
2018
2023
|
# @!attribute [rw] members
|
2019
|
-
# A list of
|
2024
|
+
# A list of members.
|
2020
2025
|
# @return [Array<Types::Member>]
|
2021
2026
|
#
|
2022
2027
|
# @!attribute [rw] next_token
|
2023
|
-
#
|
2024
|
-
#
|
2025
|
-
# subsequent calls to the action fill nextToken in the request with
|
2026
|
-
# the value of NextToken from the previous response to continue
|
2027
|
-
# listing data.
|
2028
|
+
# Pagination parameter to be used on the next list operation to
|
2029
|
+
# retrieve more items.
|
2028
2030
|
# @return [String]
|
2029
2031
|
#
|
2030
2032
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersResponse AWS API Documentation
|
@@ -2039,20 +2041,27 @@ module Aws::GuardDuty
|
|
2039
2041
|
# data as a hash:
|
2040
2042
|
#
|
2041
2043
|
# {
|
2042
|
-
# detector_id: "
|
2044
|
+
# detector_id: "DetectorId", # required
|
2043
2045
|
# max_results: 1,
|
2044
|
-
# next_token: "
|
2046
|
+
# next_token: "String",
|
2045
2047
|
# }
|
2046
2048
|
#
|
2047
2049
|
# @!attribute [rw] detector_id
|
2050
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
2048
2051
|
# @return [String]
|
2049
2052
|
#
|
2050
2053
|
# @!attribute [rw] max_results
|
2051
2054
|
# You can use this parameter to indicate the maximum number of items
|
2052
|
-
#
|
2055
|
+
# you want in the response. The default value is 50. The maximum value
|
2056
|
+
# is 50.
|
2053
2057
|
# @return [Integer]
|
2054
2058
|
#
|
2055
2059
|
# @!attribute [rw] next_token
|
2060
|
+
# You can use this parameter when paginating results. Set the value of
|
2061
|
+
# this parameter to null on your first call to the list action. For
|
2062
|
+
# subsequent calls to the action fill nextToken in the request with
|
2063
|
+
# the value of NextToken from the previous response to continue
|
2064
|
+
# listing data.
|
2056
2065
|
# @return [String]
|
2057
2066
|
#
|
2058
2067
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsRequest AWS API Documentation
|
@@ -2064,30 +2073,23 @@ module Aws::GuardDuty
|
|
2064
2073
|
include Aws::Structure
|
2065
2074
|
end
|
2066
2075
|
|
2067
|
-
#
|
2076
|
+
# @!attribute [rw] threat_intel_set_ids
|
2077
|
+
# The IDs of the ThreatIntelSet resources.
|
2078
|
+
# @return [Array<String>]
|
2068
2079
|
#
|
2069
2080
|
# @!attribute [rw] next_token
|
2070
|
-
#
|
2071
|
-
#
|
2072
|
-
# subsequent calls to the action fill nextToken in the request with
|
2073
|
-
# the value of NextToken from the previous response to continue
|
2074
|
-
# listing data.
|
2081
|
+
# Pagination parameter to be used on the next list operation to
|
2082
|
+
# retrieve more items.
|
2075
2083
|
# @return [String]
|
2076
2084
|
#
|
2077
|
-
# @!attribute [rw] threat_intel_set_ids
|
2078
|
-
# The list of the threat intel set IDs
|
2079
|
-
# @return [Array<String>]
|
2080
|
-
#
|
2081
2085
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsResponse AWS API Documentation
|
2082
2086
|
#
|
2083
2087
|
class ListThreatIntelSetsResponse < Struct.new(
|
2084
|
-
:
|
2085
|
-
:
|
2088
|
+
:threat_intel_set_ids,
|
2089
|
+
:next_token)
|
2086
2090
|
include Aws::Structure
|
2087
2091
|
end
|
2088
2092
|
|
2089
|
-
# Local port information of the connection.
|
2090
|
-
#
|
2091
2093
|
# @!attribute [rw] port
|
2092
2094
|
# Port number of the local connection.
|
2093
2095
|
# @return [Integer]
|
@@ -2104,8 +2106,6 @@ module Aws::GuardDuty
|
|
2104
2106
|
include Aws::Structure
|
2105
2107
|
end
|
2106
2108
|
|
2107
|
-
# Contains details about the master account.
|
2108
|
-
#
|
2109
2109
|
# @!attribute [rw] account_id
|
2110
2110
|
# Master account ID
|
2111
2111
|
# @return [String]
|
@@ -2115,53 +2115,51 @@ module Aws::GuardDuty
|
|
2115
2115
|
# account.
|
2116
2116
|
# @return [String]
|
2117
2117
|
#
|
2118
|
-
# @!attribute [rw] invited_at
|
2119
|
-
# Timestamp at which the invitation was sent
|
2120
|
-
# @return [String]
|
2121
|
-
#
|
2122
2118
|
# @!attribute [rw] relationship_status
|
2123
2119
|
# The status of the relationship between the master and member
|
2124
2120
|
# accounts.
|
2125
2121
|
# @return [String]
|
2126
2122
|
#
|
2123
|
+
# @!attribute [rw] invited_at
|
2124
|
+
# Timestamp at which the invitation was sent
|
2125
|
+
# @return [String]
|
2126
|
+
#
|
2127
2127
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Master AWS API Documentation
|
2128
2128
|
#
|
2129
2129
|
class Master < Struct.new(
|
2130
2130
|
:account_id,
|
2131
2131
|
:invitation_id,
|
2132
|
-
:
|
2133
|
-
:
|
2132
|
+
:relationship_status,
|
2133
|
+
:invited_at)
|
2134
2134
|
include Aws::Structure
|
2135
2135
|
end
|
2136
2136
|
|
2137
|
-
# Contains details about the member account.
|
2138
|
-
#
|
2139
2137
|
# @!attribute [rw] account_id
|
2140
|
-
#
|
2138
|
+
# Member account ID.
|
2141
2139
|
# @return [String]
|
2142
2140
|
#
|
2143
2141
|
# @!attribute [rw] detector_id
|
2144
|
-
#
|
2142
|
+
# Member account's detector ID.
|
2145
2143
|
# @return [String]
|
2146
2144
|
#
|
2147
|
-
# @!attribute [rw]
|
2148
|
-
#
|
2149
|
-
# @return [String]
|
2150
|
-
#
|
2151
|
-
# @!attribute [rw] invited_at
|
2152
|
-
# Timestamp at which the invitation was sent
|
2145
|
+
# @!attribute [rw] master_id
|
2146
|
+
# Master account ID.
|
2153
2147
|
# @return [String]
|
2154
2148
|
#
|
2155
|
-
# @!attribute [rw]
|
2156
|
-
#
|
2149
|
+
# @!attribute [rw] email
|
2150
|
+
# Member account's email address.
|
2157
2151
|
# @return [String]
|
2158
2152
|
#
|
2159
2153
|
# @!attribute [rw] relationship_status
|
2160
2154
|
# The status of the relationship between the member and the master.
|
2161
2155
|
# @return [String]
|
2162
2156
|
#
|
2157
|
+
# @!attribute [rw] invited_at
|
2158
|
+
# Timestamp at which the invitation was sent
|
2159
|
+
# @return [String]
|
2160
|
+
#
|
2163
2161
|
# @!attribute [rw] updated_at
|
2164
|
-
#
|
2162
|
+
# Member last updated timestamp.
|
2165
2163
|
# @return [String]
|
2166
2164
|
#
|
2167
2165
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Member AWS API Documentation
|
@@ -2169,17 +2167,14 @@ module Aws::GuardDuty
|
|
2169
2167
|
class Member < Struct.new(
|
2170
2168
|
:account_id,
|
2171
2169
|
:detector_id,
|
2172
|
-
:email,
|
2173
|
-
:invited_at,
|
2174
2170
|
:master_id,
|
2171
|
+
:email,
|
2175
2172
|
:relationship_status,
|
2173
|
+
:invited_at,
|
2176
2174
|
:updated_at)
|
2177
2175
|
include Aws::Structure
|
2178
2176
|
end
|
2179
2177
|
|
2180
|
-
# Information about the NETWORK\_CONNECTION action described in this
|
2181
|
-
# finding.
|
2182
|
-
#
|
2183
2178
|
# @!attribute [rw] blocked
|
2184
2179
|
# Network connection blocked information.
|
2185
2180
|
# @return [Boolean]
|
@@ -2216,8 +2211,6 @@ module Aws::GuardDuty
|
|
2216
2211
|
include Aws::Structure
|
2217
2212
|
end
|
2218
2213
|
|
2219
|
-
# The network interface information of the EC2 instance.
|
2220
|
-
#
|
2221
2214
|
# @!attribute [rw] ipv_6_addresses
|
2222
2215
|
# A list of EC2 instance IPv6 address information.
|
2223
2216
|
# @return [Array<String>]
|
@@ -2274,8 +2267,6 @@ module Aws::GuardDuty
|
|
2274
2267
|
include Aws::Structure
|
2275
2268
|
end
|
2276
2269
|
|
2277
|
-
# ISP Organization information of the remote IP address.
|
2278
|
-
#
|
2279
2270
|
# @!attribute [rw] asn
|
2280
2271
|
# Autonomous system number of the internet provider of the remote IP
|
2281
2272
|
# address.
|
@@ -2303,8 +2294,6 @@ module Aws::GuardDuty
|
|
2303
2294
|
include Aws::Structure
|
2304
2295
|
end
|
2305
2296
|
|
2306
|
-
# Information about the PORT\_PROBE action described in this finding.
|
2307
|
-
#
|
2308
2297
|
# @!attribute [rw] blocked
|
2309
2298
|
# Port probe blocked information.
|
2310
2299
|
# @return [Boolean]
|
@@ -2321,8 +2310,6 @@ module Aws::GuardDuty
|
|
2321
2310
|
include Aws::Structure
|
2322
2311
|
end
|
2323
2312
|
|
2324
|
-
# Details about the port probe finding.
|
2325
|
-
#
|
2326
2313
|
# @!attribute [rw] local_port_details
|
2327
2314
|
# Local port information of the connection.
|
2328
2315
|
# @return [Types::LocalPortDetails]
|
@@ -2339,8 +2326,6 @@ module Aws::GuardDuty
|
|
2339
2326
|
include Aws::Structure
|
2340
2327
|
end
|
2341
2328
|
|
2342
|
-
# Other private IP address information of the EC2 instance.
|
2343
|
-
#
|
2344
2329
|
# @!attribute [rw] private_dns_name
|
2345
2330
|
# Private DNS name of the EC2 instance.
|
2346
2331
|
# @return [String]
|
@@ -2357,8 +2342,6 @@ module Aws::GuardDuty
|
|
2357
2342
|
include Aws::Structure
|
2358
2343
|
end
|
2359
2344
|
|
2360
|
-
# The product code of the EC2 instance.
|
2361
|
-
#
|
2362
2345
|
# @!attribute [rw] code
|
2363
2346
|
# Product code information.
|
2364
2347
|
# @return [String]
|
@@ -2375,8 +2358,6 @@ module Aws::GuardDuty
|
|
2375
2358
|
include Aws::Structure
|
2376
2359
|
end
|
2377
2360
|
|
2378
|
-
# Remote IP information of the connection.
|
2379
|
-
#
|
2380
2361
|
# @!attribute [rw] city
|
2381
2362
|
# City information of the remote IP address.
|
2382
2363
|
# @return [Types::City]
|
@@ -2408,8 +2389,6 @@ module Aws::GuardDuty
|
|
2408
2389
|
include Aws::Structure
|
2409
2390
|
end
|
2410
2391
|
|
2411
|
-
# Remote port information of the connection.
|
2412
|
-
#
|
2413
2392
|
# @!attribute [rw] port
|
2414
2393
|
# Port number of the remote connection.
|
2415
2394
|
# @return [Integer]
|
@@ -2426,9 +2405,6 @@ module Aws::GuardDuty
|
|
2426
2405
|
include Aws::Structure
|
2427
2406
|
end
|
2428
2407
|
|
2429
|
-
# The AWS resource associated with the activity that prompted GuardDuty
|
2430
|
-
# to generate a finding.
|
2431
|
-
#
|
2432
2408
|
# @!attribute [rw] access_key_details
|
2433
2409
|
# The IAM access key details (IAM user information) of a user that
|
2434
2410
|
# engaged in the activity that prompted GuardDuty to generate a
|
@@ -2453,8 +2429,6 @@ module Aws::GuardDuty
|
|
2453
2429
|
include Aws::Structure
|
2454
2430
|
end
|
2455
2431
|
|
2456
|
-
# Security groups associated with the EC2 instance.
|
2457
|
-
#
|
2458
2432
|
# @!attribute [rw] group_id
|
2459
2433
|
# EC2 instance's security group ID.
|
2460
2434
|
# @return [String]
|
@@ -2471,8 +2445,6 @@ module Aws::GuardDuty
|
|
2471
2445
|
include Aws::Structure
|
2472
2446
|
end
|
2473
2447
|
|
2474
|
-
# Additional information assigned to the generated finding by GuardDuty.
|
2475
|
-
#
|
2476
2448
|
# @!attribute [rw] action
|
2477
2449
|
# Information about the activity described in a finding.
|
2478
2450
|
# @return [Types::Action]
|
@@ -2526,13 +2498,11 @@ module Aws::GuardDuty
|
|
2526
2498
|
include Aws::Structure
|
2527
2499
|
end
|
2528
2500
|
|
2529
|
-
# Represents the criteria used for sorting findings.
|
2530
|
-
#
|
2531
2501
|
# @note When making an API call, you may pass SortCriteria
|
2532
2502
|
# data as a hash:
|
2533
2503
|
#
|
2534
2504
|
# {
|
2535
|
-
# attribute_name: "
|
2505
|
+
# attribute_name: "String",
|
2536
2506
|
# order_by: "ASC", # accepts ASC, DESC
|
2537
2507
|
# }
|
2538
2508
|
#
|
@@ -2553,34 +2523,32 @@ module Aws::GuardDuty
|
|
2553
2523
|
include Aws::Structure
|
2554
2524
|
end
|
2555
2525
|
|
2556
|
-
# StartMonitoringMembers request body.
|
2557
|
-
#
|
2558
2526
|
# @note When making an API call, you may pass StartMonitoringMembersRequest
|
2559
2527
|
# data as a hash:
|
2560
2528
|
#
|
2561
2529
|
# {
|
2562
|
-
#
|
2563
|
-
#
|
2530
|
+
# detector_id: "DetectorId", # required
|
2531
|
+
# account_ids: ["AccountId"], # required
|
2564
2532
|
# }
|
2565
2533
|
#
|
2534
|
+
# @!attribute [rw] detector_id
|
2535
|
+
# The unique ID of the detector of the GuardDuty account whom you want
|
2536
|
+
# to re-enable to monitor members' findings.
|
2537
|
+
# @return [String]
|
2538
|
+
#
|
2566
2539
|
# @!attribute [rw] account_ids
|
2567
2540
|
# A list of account IDs of the GuardDuty member accounts whose
|
2568
2541
|
# findings you want the master account to monitor.
|
2569
2542
|
# @return [Array<String>]
|
2570
2543
|
#
|
2571
|
-
# @!attribute [rw] detector_id
|
2572
|
-
# @return [String]
|
2573
|
-
#
|
2574
2544
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMonitoringMembersRequest AWS API Documentation
|
2575
2545
|
#
|
2576
2546
|
class StartMonitoringMembersRequest < Struct.new(
|
2577
|
-
:
|
2578
|
-
:
|
2547
|
+
:detector_id,
|
2548
|
+
:account_ids)
|
2579
2549
|
include Aws::Structure
|
2580
2550
|
end
|
2581
2551
|
|
2582
|
-
# StartMonitoringMembers response object.
|
2583
|
-
#
|
2584
2552
|
# @!attribute [rw] unprocessed_accounts
|
2585
2553
|
# A list of objects containing the unprocessed account and a result
|
2586
2554
|
# string explaining why it was unprocessed.
|
@@ -2593,34 +2561,32 @@ module Aws::GuardDuty
|
|
2593
2561
|
include Aws::Structure
|
2594
2562
|
end
|
2595
2563
|
|
2596
|
-
# StopMonitoringMembers request body.
|
2597
|
-
#
|
2598
2564
|
# @note When making an API call, you may pass StopMonitoringMembersRequest
|
2599
2565
|
# data as a hash:
|
2600
2566
|
#
|
2601
2567
|
# {
|
2602
|
-
#
|
2603
|
-
#
|
2568
|
+
# detector_id: "DetectorId", # required
|
2569
|
+
# account_ids: ["AccountId"], # required
|
2604
2570
|
# }
|
2605
2571
|
#
|
2572
|
+
# @!attribute [rw] detector_id
|
2573
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
2574
|
+
# to stop from monitor members' findings.
|
2575
|
+
# @return [String]
|
2576
|
+
#
|
2606
2577
|
# @!attribute [rw] account_ids
|
2607
2578
|
# A list of account IDs of the GuardDuty member accounts whose
|
2608
2579
|
# findings you want the master account to stop monitoring.
|
2609
2580
|
# @return [Array<String>]
|
2610
2581
|
#
|
2611
|
-
# @!attribute [rw] detector_id
|
2612
|
-
# @return [String]
|
2613
|
-
#
|
2614
2582
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StopMonitoringMembersRequest AWS API Documentation
|
2615
2583
|
#
|
2616
2584
|
class StopMonitoringMembersRequest < Struct.new(
|
2617
|
-
:
|
2618
|
-
:
|
2585
|
+
:detector_id,
|
2586
|
+
:account_ids)
|
2619
2587
|
include Aws::Structure
|
2620
2588
|
end
|
2621
2589
|
|
2622
|
-
# StopMonitoringMembers response object.
|
2623
|
-
#
|
2624
2590
|
# @!attribute [rw] unprocessed_accounts
|
2625
2591
|
# A list of objects containing the unprocessed account and a result
|
2626
2592
|
# string explaining why it was unprocessed.
|
@@ -2633,8 +2599,6 @@ module Aws::GuardDuty
|
|
2633
2599
|
include Aws::Structure
|
2634
2600
|
end
|
2635
2601
|
|
2636
|
-
# A tag of the EC2 instance.
|
2637
|
-
#
|
2638
2602
|
# @!attribute [rw] key
|
2639
2603
|
# EC2 instance tag key.
|
2640
2604
|
# @return [String]
|
@@ -2651,17 +2615,17 @@ module Aws::GuardDuty
|
|
2651
2615
|
include Aws::Structure
|
2652
2616
|
end
|
2653
2617
|
|
2654
|
-
# Unrchive Findings Request
|
2655
|
-
#
|
2656
2618
|
# @note When making an API call, you may pass UnarchiveFindingsRequest
|
2657
2619
|
# data as a hash:
|
2658
2620
|
#
|
2659
2621
|
# {
|
2660
|
-
# detector_id: "
|
2622
|
+
# detector_id: "DetectorId", # required
|
2661
2623
|
# finding_ids: ["FindingId"], # required
|
2662
2624
|
# }
|
2663
2625
|
#
|
2664
2626
|
# @!attribute [rw] detector_id
|
2627
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
2628
|
+
# findings you want to unarchive.
|
2665
2629
|
# @return [String]
|
2666
2630
|
#
|
2667
2631
|
# @!attribute [rw] finding_ids
|
@@ -2680,9 +2644,6 @@ module Aws::GuardDuty
|
|
2680
2644
|
#
|
2681
2645
|
class UnarchiveFindingsResponse < Aws::EmptyStructure; end
|
2682
2646
|
|
2683
|
-
# An object containing the unprocessed account and a result string
|
2684
|
-
# explaining why it was unprocessed.
|
2685
|
-
#
|
2686
2647
|
# @!attribute [rw] account_id
|
2687
2648
|
# AWS Account ID.
|
2688
2649
|
# @return [String]
|
@@ -2699,18 +2660,17 @@ module Aws::GuardDuty
|
|
2699
2660
|
include Aws::Structure
|
2700
2661
|
end
|
2701
2662
|
|
2702
|
-
# Update Detector Request
|
2703
|
-
#
|
2704
2663
|
# @note When making an API call, you may pass UpdateDetectorRequest
|
2705
2664
|
# data as a hash:
|
2706
2665
|
#
|
2707
2666
|
# {
|
2708
|
-
# detector_id: "
|
2667
|
+
# detector_id: "DetectorId", # required
|
2709
2668
|
# enable: false,
|
2710
2669
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
2711
2670
|
# }
|
2712
2671
|
#
|
2713
2672
|
# @!attribute [rw] detector_id
|
2673
|
+
# The unique ID of the detector that you want to update.
|
2714
2674
|
# @return [String]
|
2715
2675
|
#
|
2716
2676
|
# @!attribute [rw] enable
|
@@ -2736,71 +2696,76 @@ module Aws::GuardDuty
|
|
2736
2696
|
#
|
2737
2697
|
class UpdateDetectorResponse < Aws::EmptyStructure; end
|
2738
2698
|
|
2739
|
-
# UpdateFilter request object.
|
2740
|
-
#
|
2741
2699
|
# @note When making an API call, you may pass UpdateFilterRequest
|
2742
2700
|
# data as a hash:
|
2743
2701
|
#
|
2744
2702
|
# {
|
2745
|
-
#
|
2703
|
+
# detector_id: "DetectorId", # required
|
2704
|
+
# filter_name: "String", # required
|
2746
2705
|
# description: "FilterDescription",
|
2747
|
-
#
|
2748
|
-
#
|
2706
|
+
# action: "NOOP", # accepts NOOP, ARCHIVE
|
2707
|
+
# rank: 1,
|
2749
2708
|
# finding_criteria: {
|
2750
2709
|
# criterion: {
|
2751
|
-
# "
|
2752
|
-
# eq: ["
|
2710
|
+
# "String" => {
|
2711
|
+
# eq: ["String"],
|
2712
|
+
# neq: ["String"],
|
2753
2713
|
# gt: 1,
|
2754
2714
|
# gte: 1,
|
2755
2715
|
# lt: 1,
|
2756
2716
|
# lte: 1,
|
2757
|
-
#
|
2717
|
+
# equals: ["String"],
|
2718
|
+
# not_equals: ["String"],
|
2719
|
+
# greater_than: 1,
|
2720
|
+
# greater_than_or_equal: 1,
|
2721
|
+
# less_than: 1,
|
2722
|
+
# less_than_or_equal: 1,
|
2758
2723
|
# },
|
2759
2724
|
# },
|
2760
2725
|
# },
|
2761
|
-
# rank: 1,
|
2762
2726
|
# }
|
2763
2727
|
#
|
2764
|
-
# @!attribute [rw]
|
2765
|
-
#
|
2766
|
-
#
|
2728
|
+
# @!attribute [rw] detector_id
|
2729
|
+
# The unique ID of the detector that specifies the GuardDuty service
|
2730
|
+
# where you want to update a filter.
|
2767
2731
|
# @return [String]
|
2768
2732
|
#
|
2769
|
-
# @!attribute [rw]
|
2770
|
-
# The
|
2733
|
+
# @!attribute [rw] filter_name
|
2734
|
+
# The name of the filter.
|
2771
2735
|
# @return [String]
|
2772
2736
|
#
|
2773
|
-
# @!attribute [rw]
|
2737
|
+
# @!attribute [rw] description
|
2738
|
+
# The description of the filter.
|
2774
2739
|
# @return [String]
|
2775
2740
|
#
|
2776
|
-
# @!attribute [rw]
|
2741
|
+
# @!attribute [rw] action
|
2742
|
+
# Specifies the action that is to be applied to the findings that
|
2743
|
+
# match the filter.
|
2777
2744
|
# @return [String]
|
2778
2745
|
#
|
2779
|
-
# @!attribute [rw] finding_criteria
|
2780
|
-
# Represents the criteria to be used in the filter for querying
|
2781
|
-
# findings.
|
2782
|
-
# @return [Types::FindingCriteria]
|
2783
|
-
#
|
2784
2746
|
# @!attribute [rw] rank
|
2785
2747
|
# Specifies the position of the filter in the list of current filters.
|
2786
2748
|
# Also specifies the order in which this filter is applied to the
|
2787
2749
|
# findings.
|
2788
2750
|
# @return [Integer]
|
2789
2751
|
#
|
2752
|
+
# @!attribute [rw] finding_criteria
|
2753
|
+
# Represents the criteria to be used in the filter for querying
|
2754
|
+
# findings.
|
2755
|
+
# @return [Types::FindingCriteria]
|
2756
|
+
#
|
2790
2757
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateFilterRequest AWS API Documentation
|
2791
2758
|
#
|
2792
2759
|
class UpdateFilterRequest < Struct.new(
|
2793
|
-
:action,
|
2794
|
-
:description,
|
2795
2760
|
:detector_id,
|
2796
2761
|
:filter_name,
|
2797
|
-
:
|
2798
|
-
:
|
2762
|
+
:description,
|
2763
|
+
:action,
|
2764
|
+
:rank,
|
2765
|
+
:finding_criteria)
|
2799
2766
|
include Aws::Structure
|
2800
2767
|
end
|
2801
2768
|
|
2802
|
-
# UpdateFilter response object.
|
2803
|
-
#
|
2804
2769
|
# @!attribute [rw] name
|
2805
2770
|
# The name of the filter.
|
2806
2771
|
# @return [String]
|
@@ -2812,40 +2777,40 @@ module Aws::GuardDuty
|
|
2812
2777
|
include Aws::Structure
|
2813
2778
|
end
|
2814
2779
|
|
2815
|
-
# Update findings feedback body
|
2816
|
-
#
|
2817
2780
|
# @note When making an API call, you may pass UpdateFindingsFeedbackRequest
|
2818
2781
|
# data as a hash:
|
2819
2782
|
#
|
2820
2783
|
# {
|
2821
|
-
#
|
2822
|
-
# detector_id: "__string", # required
|
2823
|
-
# feedback: "USEFUL", # required, accepts USEFUL, NOT_USEFUL
|
2784
|
+
# detector_id: "DetectorId", # required
|
2824
2785
|
# finding_ids: ["FindingId"], # required
|
2786
|
+
# feedback: "USEFUL", # required, accepts USEFUL, NOT_USEFUL
|
2787
|
+
# comments: "String",
|
2825
2788
|
# }
|
2826
2789
|
#
|
2827
|
-
# @!attribute [rw] comments
|
2828
|
-
# Additional feedback about the GuardDuty findings.
|
2829
|
-
# @return [String]
|
2830
|
-
#
|
2831
2790
|
# @!attribute [rw] detector_id
|
2791
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
2792
|
+
# findings you want to mark as useful or not useful.
|
2832
2793
|
# @return [String]
|
2833
2794
|
#
|
2795
|
+
# @!attribute [rw] finding_ids
|
2796
|
+
# IDs of the findings that you want to mark as useful or not useful.
|
2797
|
+
# @return [Array<String>]
|
2798
|
+
#
|
2834
2799
|
# @!attribute [rw] feedback
|
2835
2800
|
# Valid values: USEFUL \| NOT\_USEFUL
|
2836
2801
|
# @return [String]
|
2837
2802
|
#
|
2838
|
-
# @!attribute [rw]
|
2839
|
-
#
|
2840
|
-
# @return [
|
2803
|
+
# @!attribute [rw] comments
|
2804
|
+
# Additional feedback about the GuardDuty findings.
|
2805
|
+
# @return [String]
|
2841
2806
|
#
|
2842
2807
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateFindingsFeedbackRequest AWS API Documentation
|
2843
2808
|
#
|
2844
2809
|
class UpdateFindingsFeedbackRequest < Struct.new(
|
2845
|
-
:comments,
|
2846
2810
|
:detector_id,
|
2811
|
+
:finding_ids,
|
2847
2812
|
:feedback,
|
2848
|
-
:
|
2813
|
+
:comments)
|
2849
2814
|
include Aws::Structure
|
2850
2815
|
end
|
2851
2816
|
|
@@ -2853,28 +2818,28 @@ module Aws::GuardDuty
|
|
2853
2818
|
#
|
2854
2819
|
class UpdateFindingsFeedbackResponse < Aws::EmptyStructure; end
|
2855
2820
|
|
2856
|
-
# Update IP Set Request
|
2857
|
-
#
|
2858
2821
|
# @note When making an API call, you may pass UpdateIPSetRequest
|
2859
2822
|
# data as a hash:
|
2860
2823
|
#
|
2861
2824
|
# {
|
2862
|
-
#
|
2863
|
-
#
|
2864
|
-
# ip_set_id: "__string", # required
|
2865
|
-
# location: "Location",
|
2825
|
+
# detector_id: "DetectorId", # required
|
2826
|
+
# ip_set_id: "String", # required
|
2866
2827
|
# name: "Name",
|
2828
|
+
# location: "Location",
|
2829
|
+
# activate: false,
|
2867
2830
|
# }
|
2868
2831
|
#
|
2869
|
-
# @!attribute [rw] activate
|
2870
|
-
# The updated boolean value that specifies whether the IPSet is active
|
2871
|
-
# or not.
|
2872
|
-
# @return [Boolean]
|
2873
|
-
#
|
2874
2832
|
# @!attribute [rw] detector_id
|
2833
|
+
# The detectorID that specifies the GuardDuty service whose IPSet you
|
2834
|
+
# want to update.
|
2875
2835
|
# @return [String]
|
2876
2836
|
#
|
2877
2837
|
# @!attribute [rw] ip_set_id
|
2838
|
+
# The unique ID that specifies the IPSet that you want to update.
|
2839
|
+
# @return [String]
|
2840
|
+
#
|
2841
|
+
# @!attribute [rw] name
|
2842
|
+
# The unique ID that specifies the IPSet that you want to update.
|
2878
2843
|
# @return [String]
|
2879
2844
|
#
|
2880
2845
|
# @!attribute [rw] location
|
@@ -2882,18 +2847,19 @@ module Aws::GuardDuty
|
|
2882
2847
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
2883
2848
|
# @return [String]
|
2884
2849
|
#
|
2885
|
-
# @!attribute [rw]
|
2886
|
-
# The
|
2887
|
-
#
|
2850
|
+
# @!attribute [rw] activate
|
2851
|
+
# The updated boolean value that specifies whether the IPSet is active
|
2852
|
+
# or not.
|
2853
|
+
# @return [Boolean]
|
2888
2854
|
#
|
2889
2855
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateIPSetRequest AWS API Documentation
|
2890
2856
|
#
|
2891
2857
|
class UpdateIPSetRequest < Struct.new(
|
2892
|
-
:activate,
|
2893
2858
|
:detector_id,
|
2894
2859
|
:ip_set_id,
|
2860
|
+
:name,
|
2895
2861
|
:location,
|
2896
|
-
:
|
2862
|
+
:activate)
|
2897
2863
|
include Aws::Structure
|
2898
2864
|
end
|
2899
2865
|
|
@@ -2901,30 +2867,25 @@ module Aws::GuardDuty
|
|
2901
2867
|
#
|
2902
2868
|
class UpdateIPSetResponse < Aws::EmptyStructure; end
|
2903
2869
|
|
2904
|
-
# Update Threat Intel Set Request
|
2905
|
-
#
|
2906
2870
|
# @note When making an API call, you may pass UpdateThreatIntelSetRequest
|
2907
2871
|
# data as a hash:
|
2908
2872
|
#
|
2909
2873
|
# {
|
2910
|
-
#
|
2911
|
-
#
|
2912
|
-
# location: "Location",
|
2874
|
+
# detector_id: "DetectorId", # required
|
2875
|
+
# threat_intel_set_id: "String", # required
|
2913
2876
|
# name: "Name",
|
2914
|
-
#
|
2877
|
+
# location: "Location",
|
2878
|
+
# activate: false,
|
2915
2879
|
# }
|
2916
2880
|
#
|
2917
|
-
# @!attribute [rw] activate
|
2918
|
-
# The updated boolean value that specifies whether the ThreateIntelSet
|
2919
|
-
# is active or not.
|
2920
|
-
# @return [Boolean]
|
2921
|
-
#
|
2922
2881
|
# @!attribute [rw] detector_id
|
2882
|
+
# The detectorID that specifies the GuardDuty service whose
|
2883
|
+
# ThreatIntelSet you want to update.
|
2923
2884
|
# @return [String]
|
2924
2885
|
#
|
2925
|
-
# @!attribute [rw]
|
2926
|
-
# The
|
2927
|
-
#
|
2886
|
+
# @!attribute [rw] threat_intel_set_id
|
2887
|
+
# The unique ID that specifies the ThreatIntelSet that you want to
|
2888
|
+
# update.
|
2928
2889
|
# @return [String]
|
2929
2890
|
#
|
2930
2891
|
# @!attribute [rw] name
|
@@ -2932,17 +2893,24 @@ module Aws::GuardDuty
|
|
2932
2893
|
# update.
|
2933
2894
|
# @return [String]
|
2934
2895
|
#
|
2935
|
-
# @!attribute [rw]
|
2896
|
+
# @!attribute [rw] location
|
2897
|
+
# The updated URI of the file that contains the ThreateIntelSet. For
|
2898
|
+
# example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
2936
2899
|
# @return [String]
|
2937
2900
|
#
|
2901
|
+
# @!attribute [rw] activate
|
2902
|
+
# The updated boolean value that specifies whether the ThreateIntelSet
|
2903
|
+
# is active or not.
|
2904
|
+
# @return [Boolean]
|
2905
|
+
#
|
2938
2906
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateThreatIntelSetRequest AWS API Documentation
|
2939
2907
|
#
|
2940
2908
|
class UpdateThreatIntelSetRequest < Struct.new(
|
2941
|
-
:activate,
|
2942
2909
|
:detector_id,
|
2943
|
-
:
|
2910
|
+
:threat_intel_set_id,
|
2944
2911
|
:name,
|
2945
|
-
:
|
2912
|
+
:location,
|
2913
|
+
:activate)
|
2946
2914
|
include Aws::Structure
|
2947
2915
|
end
|
2948
2916
|
|