aws-sdk-guardduty 1.17.0 → 1.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +381 -236
- data/lib/aws-sdk-guardduty/client_api.rb +262 -274
- data/lib/aws-sdk-guardduty/types.rb +558 -590
- metadata +2 -2
@@ -8,23 +8,17 @@
|
|
8
8
|
module Aws::GuardDuty
|
9
9
|
module Types
|
10
10
|
|
11
|
-
# AcceptInvitation request body.
|
12
|
-
#
|
13
11
|
# @note When making an API call, you may pass AcceptInvitationRequest
|
14
12
|
# data as a hash:
|
15
13
|
#
|
16
14
|
# {
|
17
|
-
# detector_id: "
|
18
|
-
#
|
19
|
-
#
|
15
|
+
# detector_id: "DetectorId", # required
|
16
|
+
# master_id: "String", # required
|
17
|
+
# invitation_id: "String", # required
|
20
18
|
# }
|
21
19
|
#
|
22
20
|
# @!attribute [rw] detector_id
|
23
|
-
#
|
24
|
-
#
|
25
|
-
# @!attribute [rw] invitation_id
|
26
|
-
# This value is used to validate the master account to the member
|
27
|
-
# account.
|
21
|
+
# The unique ID of the detector of the GuardDuty member account.
|
28
22
|
# @return [String]
|
29
23
|
#
|
30
24
|
# @!attribute [rw] master_id
|
@@ -32,12 +26,17 @@ module Aws::GuardDuty
|
|
32
26
|
# you're accepting.
|
33
27
|
# @return [String]
|
34
28
|
#
|
29
|
+
# @!attribute [rw] invitation_id
|
30
|
+
# This value is used to validate the master account to the member
|
31
|
+
# account.
|
32
|
+
# @return [String]
|
33
|
+
#
|
35
34
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AcceptInvitationRequest AWS API Documentation
|
36
35
|
#
|
37
36
|
class AcceptInvitationRequest < Struct.new(
|
38
37
|
:detector_id,
|
39
|
-
:
|
40
|
-
:
|
38
|
+
:master_id,
|
39
|
+
:invitation_id)
|
41
40
|
include Aws::Structure
|
42
41
|
end
|
43
42
|
|
@@ -45,9 +44,6 @@ module Aws::GuardDuty
|
|
45
44
|
#
|
46
45
|
class AcceptInvitationResponse < Aws::EmptyStructure; end
|
47
46
|
|
48
|
-
# The IAM access key details (IAM user information) of a user that
|
49
|
-
# engaged in the activity that prompted GuardDuty to generate a finding.
|
50
|
-
#
|
51
47
|
# @!attribute [rw] access_key_id
|
52
48
|
# Access key ID of the user.
|
53
49
|
# @return [String]
|
@@ -74,8 +70,6 @@ module Aws::GuardDuty
|
|
74
70
|
include Aws::Structure
|
75
71
|
end
|
76
72
|
|
77
|
-
# An object containing the member's accountId and email address.
|
78
|
-
#
|
79
73
|
# @note When making an API call, you may pass AccountDetail
|
80
74
|
# data as a hash:
|
81
75
|
#
|
@@ -100,8 +94,6 @@ module Aws::GuardDuty
|
|
100
94
|
include Aws::Structure
|
101
95
|
end
|
102
96
|
|
103
|
-
# Information about the activity described in a finding.
|
104
|
-
#
|
105
97
|
# @!attribute [rw] action_type
|
106
98
|
# GuardDuty Finding activity type.
|
107
99
|
# @return [String]
|
@@ -135,17 +127,17 @@ module Aws::GuardDuty
|
|
135
127
|
include Aws::Structure
|
136
128
|
end
|
137
129
|
|
138
|
-
# Archive Findings Request
|
139
|
-
#
|
140
130
|
# @note When making an API call, you may pass ArchiveFindingsRequest
|
141
131
|
# data as a hash:
|
142
132
|
#
|
143
133
|
# {
|
144
|
-
# detector_id: "
|
134
|
+
# detector_id: "DetectorId", # required
|
145
135
|
# finding_ids: ["FindingId"], # required
|
146
136
|
# }
|
147
137
|
#
|
148
138
|
# @!attribute [rw] detector_id
|
139
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
140
|
+
# findings you want to archive.
|
149
141
|
# @return [String]
|
150
142
|
#
|
151
143
|
# @!attribute [rw] finding_ids
|
@@ -164,8 +156,6 @@ module Aws::GuardDuty
|
|
164
156
|
#
|
165
157
|
class ArchiveFindingsResponse < Aws::EmptyStructure; end
|
166
158
|
|
167
|
-
# Information about the AWS\_API\_CALL action described in this finding.
|
168
|
-
#
|
169
159
|
# @!attribute [rw] api
|
170
160
|
# AWS API name.
|
171
161
|
# @return [String]
|
@@ -197,12 +187,14 @@ module Aws::GuardDuty
|
|
197
187
|
include Aws::Structure
|
198
188
|
end
|
199
189
|
|
200
|
-
#
|
190
|
+
# Bad request exception object.
|
201
191
|
#
|
202
192
|
# @!attribute [rw] message
|
193
|
+
# The error message.
|
203
194
|
# @return [String]
|
204
195
|
#
|
205
196
|
# @!attribute [rw] type
|
197
|
+
# The error type.
|
206
198
|
# @return [String]
|
207
199
|
#
|
208
200
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BadRequestException AWS API Documentation
|
@@ -213,8 +205,6 @@ module Aws::GuardDuty
|
|
213
205
|
include Aws::Structure
|
214
206
|
end
|
215
207
|
|
216
|
-
# City information of the remote IP address.
|
217
|
-
#
|
218
208
|
# @!attribute [rw] city_name
|
219
209
|
# City name of the remote IP address.
|
220
210
|
# @return [String]
|
@@ -226,19 +216,22 @@ module Aws::GuardDuty
|
|
226
216
|
include Aws::Structure
|
227
217
|
end
|
228
218
|
|
229
|
-
# Finding attribute (for example, accountId) for which conditions and
|
230
|
-
# values must be specified when querying findings.
|
231
|
-
#
|
232
219
|
# @note When making an API call, you may pass Condition
|
233
220
|
# data as a hash:
|
234
221
|
#
|
235
222
|
# {
|
236
|
-
# eq: ["
|
223
|
+
# eq: ["String"],
|
224
|
+
# neq: ["String"],
|
237
225
|
# gt: 1,
|
238
226
|
# gte: 1,
|
239
227
|
# lt: 1,
|
240
228
|
# lte: 1,
|
241
|
-
#
|
229
|
+
# equals: ["String"],
|
230
|
+
# not_equals: ["String"],
|
231
|
+
# greater_than: 1,
|
232
|
+
# greater_than_or_equal: 1,
|
233
|
+
# less_than: 1,
|
234
|
+
# less_than_or_equal: 1,
|
242
235
|
# }
|
243
236
|
#
|
244
237
|
# @!attribute [rw] eq
|
@@ -246,45 +239,75 @@ module Aws::GuardDuty
|
|
246
239
|
# querying for findings.
|
247
240
|
# @return [Array<String>]
|
248
241
|
#
|
242
|
+
# @!attribute [rw] neq
|
243
|
+
# Represents the not equal condition to be applied to a single field
|
244
|
+
# when querying for findings.
|
245
|
+
# @return [Array<String>]
|
246
|
+
#
|
249
247
|
# @!attribute [rw] gt
|
250
|
-
# Represents
|
251
|
-
#
|
248
|
+
# Represents a greater than condition to be applied to a single field
|
249
|
+
# when querying for findings.
|
252
250
|
# @return [Integer]
|
253
251
|
#
|
254
252
|
# @!attribute [rw] gte
|
255
|
-
# Represents
|
256
|
-
#
|
253
|
+
# Represents a greater than equal condition to be applied to a single
|
254
|
+
# field when querying for findings.
|
257
255
|
# @return [Integer]
|
258
256
|
#
|
259
257
|
# @!attribute [rw] lt
|
260
|
-
# Represents
|
258
|
+
# Represents a less than condition to be applied to a single field
|
261
259
|
# when querying for findings.
|
262
260
|
# @return [Integer]
|
263
261
|
#
|
264
262
|
# @!attribute [rw] lte
|
265
|
-
# Represents
|
263
|
+
# Represents a less than equal condition to be applied to a single
|
266
264
|
# field when querying for findings.
|
267
265
|
# @return [Integer]
|
268
266
|
#
|
269
|
-
# @!attribute [rw]
|
270
|
-
#
|
271
|
-
#
|
267
|
+
# @!attribute [rw] equals
|
268
|
+
# @return [Array<String>]
|
269
|
+
#
|
270
|
+
# @!attribute [rw] not_equals
|
272
271
|
# @return [Array<String>]
|
273
272
|
#
|
273
|
+
# @!attribute [rw] greater_than
|
274
|
+
# Represents a greater than condition to be applied to a single field
|
275
|
+
# when querying for findings.
|
276
|
+
# @return [Integer]
|
277
|
+
#
|
278
|
+
# @!attribute [rw] greater_than_or_equal
|
279
|
+
# Represents a greater than equal condition to be applied to a single
|
280
|
+
# field when querying for findings.
|
281
|
+
# @return [Integer]
|
282
|
+
#
|
283
|
+
# @!attribute [rw] less_than
|
284
|
+
# Represents a less than condition to be applied to a single field
|
285
|
+
# when querying for findings.
|
286
|
+
# @return [Integer]
|
287
|
+
#
|
288
|
+
# @!attribute [rw] less_than_or_equal
|
289
|
+
# Represents a less than equal condition to be applied to a single
|
290
|
+
# field when querying for findings.
|
291
|
+
# @return [Integer]
|
292
|
+
#
|
274
293
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Condition AWS API Documentation
|
275
294
|
#
|
276
295
|
class Condition < Struct.new(
|
277
296
|
:eq,
|
297
|
+
:neq,
|
278
298
|
:gt,
|
279
299
|
:gte,
|
280
300
|
:lt,
|
281
301
|
:lte,
|
282
|
-
:
|
302
|
+
:equals,
|
303
|
+
:not_equals,
|
304
|
+
:greater_than,
|
305
|
+
:greater_than_or_equal,
|
306
|
+
:less_than,
|
307
|
+
:less_than_or_equal)
|
283
308
|
include Aws::Structure
|
284
309
|
end
|
285
310
|
|
286
|
-
# Country information of the remote IP address.
|
287
|
-
#
|
288
311
|
# @!attribute [rw] country_code
|
289
312
|
# Country code of the remote IP address.
|
290
313
|
# @return [String]
|
@@ -301,27 +324,27 @@ module Aws::GuardDuty
|
|
301
324
|
include Aws::Structure
|
302
325
|
end
|
303
326
|
|
304
|
-
# Create Detector Request
|
305
|
-
#
|
306
327
|
# @note When making an API call, you may pass CreateDetectorRequest
|
307
328
|
# data as a hash:
|
308
329
|
#
|
309
330
|
# {
|
310
|
-
# client_token: "__stringMin0Max64",
|
311
331
|
# enable: false, # required
|
332
|
+
# client_token: "ClientToken",
|
312
333
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
313
334
|
# }
|
314
335
|
#
|
315
|
-
# @!attribute [rw] client_token
|
316
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
317
|
-
# not need to pass this option.
|
318
|
-
# @return [String]
|
319
|
-
#
|
320
336
|
# @!attribute [rw] enable
|
321
337
|
# A boolean value that specifies whether the detector is to be
|
322
338
|
# enabled.
|
323
339
|
# @return [Boolean]
|
324
340
|
#
|
341
|
+
# @!attribute [rw] client_token
|
342
|
+
# The idempotency token for the create request.
|
343
|
+
#
|
344
|
+
# **A suitable default value is auto-generated.** You should normally
|
345
|
+
# not need to pass this option.
|
346
|
+
# @return [String]
|
347
|
+
#
|
325
348
|
# @!attribute [rw] finding_publishing_frequency
|
326
349
|
# A enum value that specifies how frequently customer got Finding
|
327
350
|
# updates published.
|
@@ -330,14 +353,12 @@ module Aws::GuardDuty
|
|
330
353
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateDetectorRequest AWS API Documentation
|
331
354
|
#
|
332
355
|
class CreateDetectorRequest < Struct.new(
|
333
|
-
:client_token,
|
334
356
|
:enable,
|
357
|
+
:client_token,
|
335
358
|
:finding_publishing_frequency)
|
336
359
|
include Aws::Structure
|
337
360
|
end
|
338
361
|
|
339
|
-
# CreateDetector response object.
|
340
|
-
#
|
341
362
|
# @!attribute [rw] detector_id
|
342
363
|
# The unique ID of the created detector.
|
343
364
|
# @return [String]
|
@@ -349,79 +370,85 @@ module Aws::GuardDuty
|
|
349
370
|
include Aws::Structure
|
350
371
|
end
|
351
372
|
|
352
|
-
# CreateFilter request object.
|
353
|
-
#
|
354
373
|
# @note When making an API call, you may pass CreateFilterRequest
|
355
374
|
# data as a hash:
|
356
375
|
#
|
357
376
|
# {
|
358
|
-
#
|
359
|
-
#
|
377
|
+
# detector_id: "DetectorId", # required
|
378
|
+
# name: "FilterName", # required
|
360
379
|
# description: "FilterDescription",
|
361
|
-
#
|
380
|
+
# action: "NOOP", # accepts NOOP, ARCHIVE
|
381
|
+
# rank: 1,
|
362
382
|
# finding_criteria: { # required
|
363
383
|
# criterion: {
|
364
|
-
# "
|
365
|
-
# eq: ["
|
384
|
+
# "String" => {
|
385
|
+
# eq: ["String"],
|
386
|
+
# neq: ["String"],
|
366
387
|
# gt: 1,
|
367
388
|
# gte: 1,
|
368
389
|
# lt: 1,
|
369
390
|
# lte: 1,
|
370
|
-
#
|
391
|
+
# equals: ["String"],
|
392
|
+
# not_equals: ["String"],
|
393
|
+
# greater_than: 1,
|
394
|
+
# greater_than_or_equal: 1,
|
395
|
+
# less_than: 1,
|
396
|
+
# less_than_or_equal: 1,
|
371
397
|
# },
|
372
398
|
# },
|
373
399
|
# },
|
374
|
-
#
|
375
|
-
# rank: 1,
|
400
|
+
# client_token: "ClientToken",
|
376
401
|
# }
|
377
402
|
#
|
378
|
-
# @!attribute [rw]
|
379
|
-
#
|
380
|
-
#
|
403
|
+
# @!attribute [rw] detector_id
|
404
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
405
|
+
# want to create a filter.
|
381
406
|
# @return [String]
|
382
407
|
#
|
383
|
-
# @!attribute [rw]
|
384
|
-
# The
|
385
|
-
# not need to pass this option.
|
408
|
+
# @!attribute [rw] name
|
409
|
+
# The name of the filter.
|
386
410
|
# @return [String]
|
387
411
|
#
|
388
412
|
# @!attribute [rw] description
|
389
413
|
# The description of the filter.
|
390
414
|
# @return [String]
|
391
415
|
#
|
392
|
-
# @!attribute [rw]
|
416
|
+
# @!attribute [rw] action
|
417
|
+
# Specifies the action that is to be applied to the findings that
|
418
|
+
# match the filter.
|
393
419
|
# @return [String]
|
394
420
|
#
|
421
|
+
# @!attribute [rw] rank
|
422
|
+
# Specifies the position of the filter in the list of current filters.
|
423
|
+
# Also specifies the order in which this filter is applied to the
|
424
|
+
# findings.
|
425
|
+
# @return [Integer]
|
426
|
+
#
|
395
427
|
# @!attribute [rw] finding_criteria
|
396
428
|
# Represents the criteria to be used in the filter for querying
|
397
429
|
# findings.
|
398
430
|
# @return [Types::FindingCriteria]
|
399
431
|
#
|
400
|
-
# @!attribute [rw]
|
401
|
-
# The
|
402
|
-
# @return [String]
|
432
|
+
# @!attribute [rw] client_token
|
433
|
+
# The idempotency token for the create request.
|
403
434
|
#
|
404
|
-
#
|
405
|
-
#
|
406
|
-
#
|
407
|
-
# findings.
|
408
|
-
# @return [Integer]
|
435
|
+
# **A suitable default value is auto-generated.** You should normally
|
436
|
+
# not need to pass this option.
|
437
|
+
# @return [String]
|
409
438
|
#
|
410
439
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateFilterRequest AWS API Documentation
|
411
440
|
#
|
412
441
|
class CreateFilterRequest < Struct.new(
|
413
|
-
:action,
|
414
|
-
:client_token,
|
415
|
-
:description,
|
416
442
|
:detector_id,
|
417
|
-
:finding_criteria,
|
418
443
|
:name,
|
419
|
-
:
|
444
|
+
:description,
|
445
|
+
:action,
|
446
|
+
:rank,
|
447
|
+
:finding_criteria,
|
448
|
+
:client_token)
|
420
449
|
include Aws::Structure
|
421
450
|
end
|
422
451
|
|
423
|
-
# CreateFilter response object.
|
424
|
-
#
|
425
452
|
# @!attribute [rw] name
|
426
453
|
# The name of the successfully created filter.
|
427
454
|
# @return [String]
|
@@ -433,31 +460,27 @@ module Aws::GuardDuty
|
|
433
460
|
include Aws::Structure
|
434
461
|
end
|
435
462
|
|
436
|
-
# Create IP Set Request
|
437
|
-
#
|
438
463
|
# @note When making an API call, you may pass CreateIPSetRequest
|
439
464
|
# data as a hash:
|
440
465
|
#
|
441
466
|
# {
|
442
|
-
#
|
443
|
-
#
|
444
|
-
# detector_id: "__string", # required
|
467
|
+
# detector_id: "DetectorId", # required
|
468
|
+
# name: "Name", # required
|
445
469
|
# format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
|
446
470
|
# location: "Location", # required
|
447
|
-
#
|
471
|
+
# activate: false, # required
|
472
|
+
# client_token: "ClientToken",
|
448
473
|
# }
|
449
474
|
#
|
450
|
-
# @!attribute [rw]
|
451
|
-
#
|
452
|
-
#
|
453
|
-
# @return [Boolean]
|
454
|
-
#
|
455
|
-
# @!attribute [rw] client_token
|
456
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
457
|
-
# not need to pass this option.
|
475
|
+
# @!attribute [rw] detector_id
|
476
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
477
|
+
# want to create an IPSet.
|
458
478
|
# @return [String]
|
459
479
|
#
|
460
|
-
# @!attribute [rw]
|
480
|
+
# @!attribute [rw] name
|
481
|
+
# The user friendly name to identify the IPSet. This name is displayed
|
482
|
+
# in all findings that are triggered by activity that involves IP
|
483
|
+
# addresses included in this IPSet.
|
461
484
|
# @return [String]
|
462
485
|
#
|
463
486
|
# @!attribute [rw] format
|
@@ -469,28 +492,32 @@ module Aws::GuardDuty
|
|
469
492
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
470
493
|
# @return [String]
|
471
494
|
#
|
472
|
-
# @!attribute [rw]
|
473
|
-
#
|
474
|
-
#
|
475
|
-
#
|
495
|
+
# @!attribute [rw] activate
|
496
|
+
# A boolean value that indicates whether GuardDuty is to start using
|
497
|
+
# the uploaded IPSet.
|
498
|
+
# @return [Boolean]
|
499
|
+
#
|
500
|
+
# @!attribute [rw] client_token
|
501
|
+
# The idempotency token for the create request.
|
502
|
+
#
|
503
|
+
# **A suitable default value is auto-generated.** You should normally
|
504
|
+
# not need to pass this option.
|
476
505
|
# @return [String]
|
477
506
|
#
|
478
507
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateIPSetRequest AWS API Documentation
|
479
508
|
#
|
480
509
|
class CreateIPSetRequest < Struct.new(
|
481
|
-
:activate,
|
482
|
-
:client_token,
|
483
510
|
:detector_id,
|
511
|
+
:name,
|
484
512
|
:format,
|
485
513
|
:location,
|
486
|
-
:
|
514
|
+
:activate,
|
515
|
+
:client_token)
|
487
516
|
include Aws::Structure
|
488
517
|
end
|
489
518
|
|
490
|
-
# CreateIPSet response object.
|
491
|
-
#
|
492
519
|
# @!attribute [rw] ip_set_id
|
493
|
-
# The
|
520
|
+
# The ID of the IPSet resource.
|
494
521
|
# @return [String]
|
495
522
|
#
|
496
523
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateIPSetResponse AWS API Documentation
|
@@ -500,39 +527,37 @@ module Aws::GuardDuty
|
|
500
527
|
include Aws::Structure
|
501
528
|
end
|
502
529
|
|
503
|
-
# CreateMembers body
|
504
|
-
#
|
505
530
|
# @note When making an API call, you may pass CreateMembersRequest
|
506
531
|
# data as a hash:
|
507
532
|
#
|
508
533
|
# {
|
534
|
+
# detector_id: "DetectorId", # required
|
509
535
|
# account_details: [ # required
|
510
536
|
# {
|
511
537
|
# account_id: "AccountId", # required
|
512
538
|
# email: "Email", # required
|
513
539
|
# },
|
514
540
|
# ],
|
515
|
-
# detector_id: "__string", # required
|
516
541
|
# }
|
517
542
|
#
|
543
|
+
# @!attribute [rw] detector_id
|
544
|
+
# The unique ID of the detector of the GuardDuty account with which
|
545
|
+
# you want to associate member accounts.
|
546
|
+
# @return [String]
|
547
|
+
#
|
518
548
|
# @!attribute [rw] account_details
|
519
549
|
# A list of account ID and email address pairs of the accounts that
|
520
550
|
# you want to associate with the master GuardDuty account.
|
521
551
|
# @return [Array<Types::AccountDetail>]
|
522
552
|
#
|
523
|
-
# @!attribute [rw] detector_id
|
524
|
-
# @return [String]
|
525
|
-
#
|
526
553
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateMembersRequest AWS API Documentation
|
527
554
|
#
|
528
555
|
class CreateMembersRequest < Struct.new(
|
529
|
-
:
|
530
|
-
:
|
556
|
+
:detector_id,
|
557
|
+
:account_details)
|
531
558
|
include Aws::Structure
|
532
559
|
end
|
533
560
|
|
534
|
-
# CreateMembers response object.
|
535
|
-
#
|
536
561
|
# @!attribute [rw] unprocessed_accounts
|
537
562
|
# A list of objects containing the unprocessed account and a result
|
538
563
|
# string explaining why it was unprocessed.
|
@@ -545,17 +570,16 @@ module Aws::GuardDuty
|
|
545
570
|
include Aws::Structure
|
546
571
|
end
|
547
572
|
|
548
|
-
# Create Sample Findings Request
|
549
|
-
#
|
550
573
|
# @note When making an API call, you may pass CreateSampleFindingsRequest
|
551
574
|
# data as a hash:
|
552
575
|
#
|
553
576
|
# {
|
554
|
-
# detector_id: "
|
577
|
+
# detector_id: "DetectorId", # required
|
555
578
|
# finding_types: ["FindingType"],
|
556
579
|
# }
|
557
580
|
#
|
558
581
|
# @!attribute [rw] detector_id
|
582
|
+
# The ID of the detector to create sample findings for.
|
559
583
|
# @return [String]
|
560
584
|
#
|
561
585
|
# @!attribute [rw] finding_types
|
@@ -574,31 +598,27 @@ module Aws::GuardDuty
|
|
574
598
|
#
|
575
599
|
class CreateSampleFindingsResponse < Aws::EmptyStructure; end
|
576
600
|
|
577
|
-
# Create Threat Intel Set Request
|
578
|
-
#
|
579
601
|
# @note When making an API call, you may pass CreateThreatIntelSetRequest
|
580
602
|
# data as a hash:
|
581
603
|
#
|
582
604
|
# {
|
583
|
-
#
|
584
|
-
#
|
585
|
-
# detector_id: "__string", # required
|
605
|
+
# detector_id: "DetectorId", # required
|
606
|
+
# name: "Name", # required
|
586
607
|
# format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
|
587
608
|
# location: "Location", # required
|
588
|
-
#
|
609
|
+
# activate: false, # required
|
610
|
+
# client_token: "ClientToken",
|
589
611
|
# }
|
590
612
|
#
|
591
|
-
# @!attribute [rw]
|
592
|
-
#
|
593
|
-
#
|
594
|
-
# @return [Boolean]
|
595
|
-
#
|
596
|
-
# @!attribute [rw] client_token
|
597
|
-
# The idempotency token for the create request.**A suitable default value is auto-generated.** You should normally
|
598
|
-
# not need to pass this option.
|
613
|
+
# @!attribute [rw] detector_id
|
614
|
+
# The unique ID of the detector of the GuardDuty account for which you
|
615
|
+
# want to create a threatIntelSet.
|
599
616
|
# @return [String]
|
600
617
|
#
|
601
|
-
# @!attribute [rw]
|
618
|
+
# @!attribute [rw] name
|
619
|
+
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
620
|
+
# generated by activity that involves IP addresses included in this
|
621
|
+
# ThreatIntelSet.
|
602
622
|
# @return [String]
|
603
623
|
#
|
604
624
|
# @!attribute [rw] format
|
@@ -610,28 +630,32 @@ module Aws::GuardDuty
|
|
610
630
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
611
631
|
# @return [String]
|
612
632
|
#
|
613
|
-
# @!attribute [rw]
|
614
|
-
# A
|
615
|
-
#
|
616
|
-
#
|
633
|
+
# @!attribute [rw] activate
|
634
|
+
# A boolean value that indicates whether GuardDuty is to start using
|
635
|
+
# the uploaded ThreatIntelSet.
|
636
|
+
# @return [Boolean]
|
637
|
+
#
|
638
|
+
# @!attribute [rw] client_token
|
639
|
+
# The idempotency token for the create request.
|
640
|
+
#
|
641
|
+
# **A suitable default value is auto-generated.** You should normally
|
642
|
+
# not need to pass this option.
|
617
643
|
# @return [String]
|
618
644
|
#
|
619
645
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateThreatIntelSetRequest AWS API Documentation
|
620
646
|
#
|
621
647
|
class CreateThreatIntelSetRequest < Struct.new(
|
622
|
-
:activate,
|
623
|
-
:client_token,
|
624
648
|
:detector_id,
|
649
|
+
:name,
|
625
650
|
:format,
|
626
651
|
:location,
|
627
|
-
:
|
652
|
+
:activate,
|
653
|
+
:client_token)
|
628
654
|
include Aws::Structure
|
629
655
|
end
|
630
656
|
|
631
|
-
# CreateThreatIntelSet response object.
|
632
|
-
#
|
633
657
|
# @!attribute [rw] threat_intel_set_id
|
634
|
-
# The
|
658
|
+
# The ID of the ThreatIntelSet resource.
|
635
659
|
# @return [String]
|
636
660
|
#
|
637
661
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateThreatIntelSetResponse AWS API Documentation
|
@@ -641,13 +665,11 @@ module Aws::GuardDuty
|
|
641
665
|
include Aws::Structure
|
642
666
|
end
|
643
667
|
|
644
|
-
# DeclineInvitations request body.
|
645
|
-
#
|
646
668
|
# @note When making an API call, you may pass DeclineInvitationsRequest
|
647
669
|
# data as a hash:
|
648
670
|
#
|
649
671
|
# {
|
650
|
-
# account_ids: ["
|
672
|
+
# account_ids: ["AccountId"], # required
|
651
673
|
# }
|
652
674
|
#
|
653
675
|
# @!attribute [rw] account_ids
|
@@ -663,8 +685,6 @@ module Aws::GuardDuty
|
|
663
685
|
include Aws::Structure
|
664
686
|
end
|
665
687
|
|
666
|
-
# DeclineInvitations response object.
|
667
|
-
#
|
668
688
|
# @!attribute [rw] unprocessed_accounts
|
669
689
|
# A list of objects containing the unprocessed account and a result
|
670
690
|
# string explaining why it was unprocessed.
|
@@ -681,10 +701,11 @@ module Aws::GuardDuty
|
|
681
701
|
# data as a hash:
|
682
702
|
#
|
683
703
|
# {
|
684
|
-
# detector_id: "
|
704
|
+
# detector_id: "DetectorId", # required
|
685
705
|
# }
|
686
706
|
#
|
687
707
|
# @!attribute [rw] detector_id
|
708
|
+
# The unique ID of the detector that you want to delete.
|
688
709
|
# @return [String]
|
689
710
|
#
|
690
711
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteDetectorRequest AWS API Documentation
|
@@ -702,14 +723,16 @@ module Aws::GuardDuty
|
|
702
723
|
# data as a hash:
|
703
724
|
#
|
704
725
|
# {
|
705
|
-
# detector_id: "
|
706
|
-
# filter_name: "
|
726
|
+
# detector_id: "DetectorId", # required
|
727
|
+
# filter_name: "String", # required
|
707
728
|
# }
|
708
729
|
#
|
709
730
|
# @!attribute [rw] detector_id
|
731
|
+
# The unique ID of the detector the filter is associated with.
|
710
732
|
# @return [String]
|
711
733
|
#
|
712
734
|
# @!attribute [rw] filter_name
|
735
|
+
# The name of the filter you want to delete.
|
713
736
|
# @return [String]
|
714
737
|
#
|
715
738
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteFilterRequest AWS API Documentation
|
@@ -728,14 +751,16 @@ module Aws::GuardDuty
|
|
728
751
|
# data as a hash:
|
729
752
|
#
|
730
753
|
# {
|
731
|
-
# detector_id: "
|
732
|
-
# ip_set_id: "
|
754
|
+
# detector_id: "DetectorId", # required
|
755
|
+
# ip_set_id: "String", # required
|
733
756
|
# }
|
734
757
|
#
|
735
758
|
# @!attribute [rw] detector_id
|
759
|
+
# The unique ID of the detector the ipSet is associated with.
|
736
760
|
# @return [String]
|
737
761
|
#
|
738
762
|
# @!attribute [rw] ip_set_id
|
763
|
+
# The unique ID of the ipSet you want to delete.
|
739
764
|
# @return [String]
|
740
765
|
#
|
741
766
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteIPSetRequest AWS API Documentation
|
@@ -750,13 +775,11 @@ module Aws::GuardDuty
|
|
750
775
|
#
|
751
776
|
class DeleteIPSetResponse < Aws::EmptyStructure; end
|
752
777
|
|
753
|
-
# DeleteInvitations request body.
|
754
|
-
#
|
755
778
|
# @note When making an API call, you may pass DeleteInvitationsRequest
|
756
779
|
# data as a hash:
|
757
780
|
#
|
758
781
|
# {
|
759
|
-
# account_ids: ["
|
782
|
+
# account_ids: ["AccountId"], # required
|
760
783
|
# }
|
761
784
|
#
|
762
785
|
# @!attribute [rw] account_ids
|
@@ -771,8 +794,6 @@ module Aws::GuardDuty
|
|
771
794
|
include Aws::Structure
|
772
795
|
end
|
773
796
|
|
774
|
-
# DeleteInvitations response object.
|
775
|
-
#
|
776
797
|
# @!attribute [rw] unprocessed_accounts
|
777
798
|
# A list of objects containing the unprocessed account and a result
|
778
799
|
# string explaining why it was unprocessed.
|
@@ -785,34 +806,32 @@ module Aws::GuardDuty
|
|
785
806
|
include Aws::Structure
|
786
807
|
end
|
787
808
|
|
788
|
-
# DeleteMembers request body.
|
789
|
-
#
|
790
809
|
# @note When making an API call, you may pass DeleteMembersRequest
|
791
810
|
# data as a hash:
|
792
811
|
#
|
793
812
|
# {
|
794
|
-
#
|
795
|
-
#
|
813
|
+
# detector_id: "DetectorId", # required
|
814
|
+
# account_ids: ["AccountId"], # required
|
796
815
|
# }
|
797
816
|
#
|
817
|
+
# @!attribute [rw] detector_id
|
818
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
819
|
+
# you want to delete.
|
820
|
+
# @return [String]
|
821
|
+
#
|
798
822
|
# @!attribute [rw] account_ids
|
799
823
|
# A list of account IDs of the GuardDuty member accounts that you want
|
800
824
|
# to delete.
|
801
825
|
# @return [Array<String>]
|
802
826
|
#
|
803
|
-
# @!attribute [rw] detector_id
|
804
|
-
# @return [String]
|
805
|
-
#
|
806
827
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteMembersRequest AWS API Documentation
|
807
828
|
#
|
808
829
|
class DeleteMembersRequest < Struct.new(
|
809
|
-
:
|
810
|
-
:
|
830
|
+
:detector_id,
|
831
|
+
:account_ids)
|
811
832
|
include Aws::Structure
|
812
833
|
end
|
813
834
|
|
814
|
-
# DeleteMembers response object.
|
815
|
-
#
|
816
835
|
# @!attribute [rw] unprocessed_accounts
|
817
836
|
# A list of objects containing the unprocessed account and a result
|
818
837
|
# string explaining why it was unprocessed.
|
@@ -829,14 +848,16 @@ module Aws::GuardDuty
|
|
829
848
|
# data as a hash:
|
830
849
|
#
|
831
850
|
# {
|
832
|
-
# detector_id: "
|
833
|
-
# threat_intel_set_id: "
|
851
|
+
# detector_id: "DetectorId", # required
|
852
|
+
# threat_intel_set_id: "String", # required
|
834
853
|
# }
|
835
854
|
#
|
836
855
|
# @!attribute [rw] detector_id
|
856
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
837
857
|
# @return [String]
|
838
858
|
#
|
839
859
|
# @!attribute [rw] threat_intel_set_id
|
860
|
+
# The unique ID of the threatIntelSet you want to delete.
|
840
861
|
# @return [String]
|
841
862
|
#
|
842
863
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteThreatIntelSetRequest AWS API Documentation
|
@@ -855,10 +876,11 @@ module Aws::GuardDuty
|
|
855
876
|
# data as a hash:
|
856
877
|
#
|
857
878
|
# {
|
858
|
-
# detector_id: "
|
879
|
+
# detector_id: "DetectorId", # required
|
859
880
|
# }
|
860
881
|
#
|
861
882
|
# @!attribute [rw] detector_id
|
883
|
+
# The unique ID of the detector of the GuardDuty member account.
|
862
884
|
# @return [String]
|
863
885
|
#
|
864
886
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisassociateFromMasterAccountRequest AWS API Documentation
|
@@ -872,34 +894,32 @@ module Aws::GuardDuty
|
|
872
894
|
#
|
873
895
|
class DisassociateFromMasterAccountResponse < Aws::EmptyStructure; end
|
874
896
|
|
875
|
-
# DisassociateMembers request body.
|
876
|
-
#
|
877
897
|
# @note When making an API call, you may pass DisassociateMembersRequest
|
878
898
|
# data as a hash:
|
879
899
|
#
|
880
900
|
# {
|
881
|
-
#
|
882
|
-
#
|
901
|
+
# detector_id: "DetectorId", # required
|
902
|
+
# account_ids: ["AccountId"], # required
|
883
903
|
# }
|
884
904
|
#
|
905
|
+
# @!attribute [rw] detector_id
|
906
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
907
|
+
# you want to disassociate from master.
|
908
|
+
# @return [String]
|
909
|
+
#
|
885
910
|
# @!attribute [rw] account_ids
|
886
911
|
# A list of account IDs of the GuardDuty member accounts that you want
|
887
912
|
# to disassociate from master.
|
888
913
|
# @return [Array<String>]
|
889
914
|
#
|
890
|
-
# @!attribute [rw] detector_id
|
891
|
-
# @return [String]
|
892
|
-
#
|
893
915
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisassociateMembersRequest AWS API Documentation
|
894
916
|
#
|
895
917
|
class DisassociateMembersRequest < Struct.new(
|
896
|
-
:
|
897
|
-
:
|
918
|
+
:detector_id,
|
919
|
+
:account_ids)
|
898
920
|
include Aws::Structure
|
899
921
|
end
|
900
922
|
|
901
|
-
# DisassociateMembers response object.
|
902
|
-
#
|
903
923
|
# @!attribute [rw] unprocessed_accounts
|
904
924
|
# A list of objects containing the unprocessed account and a result
|
905
925
|
# string explaining why it was unprocessed.
|
@@ -912,8 +932,6 @@ module Aws::GuardDuty
|
|
912
932
|
include Aws::Structure
|
913
933
|
end
|
914
934
|
|
915
|
-
# Information about the DNS\_REQUEST action described in this finding.
|
916
|
-
#
|
917
935
|
# @!attribute [rw] domain
|
918
936
|
# Domain information for the DNS request.
|
919
937
|
# @return [String]
|
@@ -925,32 +943,17 @@ module Aws::GuardDuty
|
|
925
943
|
include Aws::Structure
|
926
944
|
end
|
927
945
|
|
928
|
-
#
|
929
|
-
#
|
930
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DomainDetails AWS API Documentation
|
931
|
-
#
|
932
|
-
class DomainDetails < Aws::EmptyStructure; end
|
933
|
-
|
934
|
-
# Error response object.
|
935
|
-
#
|
936
|
-
# @!attribute [rw] message
|
937
|
-
# The error message.
|
938
|
-
# @return [String]
|
939
|
-
#
|
940
|
-
# @!attribute [rw] type
|
941
|
-
# The error type.
|
946
|
+
# @!attribute [rw] domain
|
947
|
+
# Domain information for the AWS API call.
|
942
948
|
# @return [String]
|
943
949
|
#
|
944
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/
|
950
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DomainDetails AWS API Documentation
|
945
951
|
#
|
946
|
-
class
|
947
|
-
:
|
948
|
-
:type)
|
952
|
+
class DomainDetails < Struct.new(
|
953
|
+
:domain)
|
949
954
|
include Aws::Structure
|
950
955
|
end
|
951
956
|
|
952
|
-
# Representation of a abnormal or suspicious activity.
|
953
|
-
#
|
954
957
|
# @!attribute [rw] account_id
|
955
958
|
# AWS account ID where the activity occurred that prompted GuardDuty
|
956
959
|
# to generate a finding.
|
@@ -1037,20 +1040,24 @@ module Aws::GuardDuty
|
|
1037
1040
|
include Aws::Structure
|
1038
1041
|
end
|
1039
1042
|
|
1040
|
-
# Represents the criteria used for querying findings.
|
1041
|
-
#
|
1042
1043
|
# @note When making an API call, you may pass FindingCriteria
|
1043
1044
|
# data as a hash:
|
1044
1045
|
#
|
1045
1046
|
# {
|
1046
1047
|
# criterion: {
|
1047
|
-
# "
|
1048
|
-
# eq: ["
|
1048
|
+
# "String" => {
|
1049
|
+
# eq: ["String"],
|
1050
|
+
# neq: ["String"],
|
1049
1051
|
# gt: 1,
|
1050
1052
|
# gte: 1,
|
1051
1053
|
# lt: 1,
|
1052
1054
|
# lte: 1,
|
1053
|
-
#
|
1055
|
+
# equals: ["String"],
|
1056
|
+
# not_equals: ["String"],
|
1057
|
+
# greater_than: 1,
|
1058
|
+
# greater_than_or_equal: 1,
|
1059
|
+
# less_than: 1,
|
1060
|
+
# less_than_or_equal: 1,
|
1054
1061
|
# },
|
1055
1062
|
# },
|
1056
1063
|
# }
|
@@ -1067,8 +1074,6 @@ module Aws::GuardDuty
|
|
1067
1074
|
include Aws::Structure
|
1068
1075
|
end
|
1069
1076
|
|
1070
|
-
# Finding statistics object.
|
1071
|
-
#
|
1072
1077
|
# @!attribute [rw] count_by_severity
|
1073
1078
|
# Represents a map of severity to count statistic for a set of
|
1074
1079
|
# findings
|
@@ -1081,8 +1086,6 @@ module Aws::GuardDuty
|
|
1081
1086
|
include Aws::Structure
|
1082
1087
|
end
|
1083
1088
|
|
1084
|
-
# Location information of the remote IP address.
|
1085
|
-
#
|
1086
1089
|
# @!attribute [rw] lat
|
1087
1090
|
# Latitude information of remote IP address.
|
1088
1091
|
# @return [Float]
|
@@ -1103,10 +1106,11 @@ module Aws::GuardDuty
|
|
1103
1106
|
# data as a hash:
|
1104
1107
|
#
|
1105
1108
|
# {
|
1106
|
-
# detector_id: "
|
1109
|
+
# detector_id: "DetectorId", # required
|
1107
1110
|
# }
|
1108
1111
|
#
|
1109
1112
|
# @!attribute [rw] detector_id
|
1113
|
+
# The unique ID of the detector that you want to get.
|
1110
1114
|
# @return [String]
|
1111
1115
|
#
|
1112
1116
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetectorRequest AWS API Documentation
|
@@ -1116,27 +1120,24 @@ module Aws::GuardDuty
|
|
1116
1120
|
include Aws::Structure
|
1117
1121
|
end
|
1118
1122
|
|
1119
|
-
# GetDetector response object.
|
1120
|
-
#
|
1121
1123
|
# @!attribute [rw] created_at
|
1122
|
-
#
|
1124
|
+
# Detector creation timestamp.
|
1123
1125
|
# @return [String]
|
1124
1126
|
#
|
1125
1127
|
# @!attribute [rw] finding_publishing_frequency
|
1126
|
-
#
|
1127
|
-
# updates published.
|
1128
|
+
# Finding publishing frequency.
|
1128
1129
|
# @return [String]
|
1129
1130
|
#
|
1130
1131
|
# @!attribute [rw] service_role
|
1131
|
-
#
|
1132
|
+
# The GuardDuty service role.
|
1132
1133
|
# @return [String]
|
1133
1134
|
#
|
1134
1135
|
# @!attribute [rw] status
|
1135
|
-
# The status
|
1136
|
+
# The detector status.
|
1136
1137
|
# @return [String]
|
1137
1138
|
#
|
1138
1139
|
# @!attribute [rw] updated_at
|
1139
|
-
#
|
1140
|
+
# Detector last update timestamp.
|
1140
1141
|
# @return [String]
|
1141
1142
|
#
|
1142
1143
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetectorResponse AWS API Documentation
|
@@ -1154,14 +1155,16 @@ module Aws::GuardDuty
|
|
1154
1155
|
# data as a hash:
|
1155
1156
|
#
|
1156
1157
|
# {
|
1157
|
-
# detector_id: "
|
1158
|
-
# filter_name: "
|
1158
|
+
# detector_id: "DetectorId", # required
|
1159
|
+
# filter_name: "String", # required
|
1159
1160
|
# }
|
1160
1161
|
#
|
1161
1162
|
# @!attribute [rw] detector_id
|
1163
|
+
# The unique ID of the detector the filter is associated with.
|
1162
1164
|
# @return [String]
|
1163
1165
|
#
|
1164
1166
|
# @!attribute [rw] filter_name
|
1167
|
+
# The name of the filter you want to get.
|
1165
1168
|
# @return [String]
|
1166
1169
|
#
|
1167
1170
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFilterRequest AWS API Documentation
|
@@ -1172,58 +1175,56 @@ module Aws::GuardDuty
|
|
1172
1175
|
include Aws::Structure
|
1173
1176
|
end
|
1174
1177
|
|
1175
|
-
#
|
1178
|
+
# @!attribute [rw] name
|
1179
|
+
# The name of the filter.
|
1180
|
+
# @return [String]
|
1181
|
+
#
|
1182
|
+
# @!attribute [rw] description
|
1183
|
+
# The description of the filter.
|
1184
|
+
# @return [String]
|
1176
1185
|
#
|
1177
1186
|
# @!attribute [rw] action
|
1178
1187
|
# Specifies the action that is to be applied to the findings that
|
1179
1188
|
# match the filter.
|
1180
1189
|
# @return [String]
|
1181
1190
|
#
|
1182
|
-
# @!attribute [rw]
|
1183
|
-
#
|
1184
|
-
#
|
1191
|
+
# @!attribute [rw] rank
|
1192
|
+
# Specifies the position of the filter in the list of current filters.
|
1193
|
+
# Also specifies the order in which this filter is applied to the
|
1194
|
+
# findings.
|
1195
|
+
# @return [Integer]
|
1185
1196
|
#
|
1186
1197
|
# @!attribute [rw] finding_criteria
|
1187
1198
|
# Represents the criteria to be used in the filter for querying
|
1188
1199
|
# findings.
|
1189
1200
|
# @return [Types::FindingCriteria]
|
1190
1201
|
#
|
1191
|
-
# @!attribute [rw] name
|
1192
|
-
# The name of the filter.
|
1193
|
-
# @return [String]
|
1194
|
-
#
|
1195
|
-
# @!attribute [rw] rank
|
1196
|
-
# Specifies the position of the filter in the list of current filters.
|
1197
|
-
# Also specifies the order in which this filter is applied to the
|
1198
|
-
# findings.
|
1199
|
-
# @return [Integer]
|
1200
|
-
#
|
1201
1202
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFilterResponse AWS API Documentation
|
1202
1203
|
#
|
1203
1204
|
class GetFilterResponse < Struct.new(
|
1204
|
-
:action,
|
1205
|
-
:description,
|
1206
|
-
:finding_criteria,
|
1207
1205
|
:name,
|
1208
|
-
:
|
1206
|
+
:description,
|
1207
|
+
:action,
|
1208
|
+
:rank,
|
1209
|
+
:finding_criteria)
|
1209
1210
|
include Aws::Structure
|
1210
1211
|
end
|
1211
1212
|
|
1212
|
-
# Get Findings Request
|
1213
|
-
#
|
1214
1213
|
# @note When making an API call, you may pass GetFindingsRequest
|
1215
1214
|
# data as a hash:
|
1216
1215
|
#
|
1217
1216
|
# {
|
1218
|
-
# detector_id: "
|
1217
|
+
# detector_id: "DetectorId", # required
|
1219
1218
|
# finding_ids: ["FindingId"], # required
|
1220
1219
|
# sort_criteria: {
|
1221
|
-
# attribute_name: "
|
1220
|
+
# attribute_name: "String",
|
1222
1221
|
# order_by: "ASC", # accepts ASC, DESC
|
1223
1222
|
# },
|
1224
1223
|
# }
|
1225
1224
|
#
|
1226
1225
|
# @!attribute [rw] detector_id
|
1226
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1227
|
+
# findings you want to retrieve.
|
1227
1228
|
# @return [String]
|
1228
1229
|
#
|
1229
1230
|
# @!attribute [rw] finding_ids
|
@@ -1243,8 +1244,6 @@ module Aws::GuardDuty
|
|
1243
1244
|
include Aws::Structure
|
1244
1245
|
end
|
1245
1246
|
|
1246
|
-
# GetFindings response object.
|
1247
|
-
#
|
1248
1247
|
# @!attribute [rw] findings
|
1249
1248
|
# A list of findings.
|
1250
1249
|
# @return [Array<Types::Finding>]
|
@@ -1256,50 +1255,54 @@ module Aws::GuardDuty
|
|
1256
1255
|
include Aws::Structure
|
1257
1256
|
end
|
1258
1257
|
|
1259
|
-
# Get Findings Statistics Request
|
1260
|
-
#
|
1261
1258
|
# @note When making an API call, you may pass GetFindingsStatisticsRequest
|
1262
1259
|
# data as a hash:
|
1263
1260
|
#
|
1264
1261
|
# {
|
1265
|
-
# detector_id: "
|
1262
|
+
# detector_id: "DetectorId", # required
|
1263
|
+
# finding_statistic_types: ["COUNT_BY_SEVERITY"], # required, accepts COUNT_BY_SEVERITY
|
1266
1264
|
# finding_criteria: {
|
1267
1265
|
# criterion: {
|
1268
|
-
# "
|
1269
|
-
# eq: ["
|
1266
|
+
# "String" => {
|
1267
|
+
# eq: ["String"],
|
1268
|
+
# neq: ["String"],
|
1270
1269
|
# gt: 1,
|
1271
1270
|
# gte: 1,
|
1272
1271
|
# lt: 1,
|
1273
1272
|
# lte: 1,
|
1274
|
-
#
|
1273
|
+
# equals: ["String"],
|
1274
|
+
# not_equals: ["String"],
|
1275
|
+
# greater_than: 1,
|
1276
|
+
# greater_than_or_equal: 1,
|
1277
|
+
# less_than: 1,
|
1278
|
+
# less_than_or_equal: 1,
|
1275
1279
|
# },
|
1276
1280
|
# },
|
1277
1281
|
# },
|
1278
|
-
# finding_statistic_types: ["COUNT_BY_SEVERITY"], # required, accepts COUNT_BY_SEVERITY
|
1279
1282
|
# }
|
1280
1283
|
#
|
1281
1284
|
# @!attribute [rw] detector_id
|
1285
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1286
|
+
# findings' statistics you want to retrieve.
|
1282
1287
|
# @return [String]
|
1283
1288
|
#
|
1284
|
-
# @!attribute [rw] finding_criteria
|
1285
|
-
# Represents the criteria used for querying findings.
|
1286
|
-
# @return [Types::FindingCriteria]
|
1287
|
-
#
|
1288
1289
|
# @!attribute [rw] finding_statistic_types
|
1289
1290
|
# Types of finding statistics to retrieve.
|
1290
1291
|
# @return [Array<String>]
|
1291
1292
|
#
|
1293
|
+
# @!attribute [rw] finding_criteria
|
1294
|
+
# Represents the criteria used for querying findings.
|
1295
|
+
# @return [Types::FindingCriteria]
|
1296
|
+
#
|
1292
1297
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFindingsStatisticsRequest AWS API Documentation
|
1293
1298
|
#
|
1294
1299
|
class GetFindingsStatisticsRequest < Struct.new(
|
1295
1300
|
:detector_id,
|
1296
|
-
:
|
1297
|
-
:
|
1301
|
+
:finding_statistic_types,
|
1302
|
+
:finding_criteria)
|
1298
1303
|
include Aws::Structure
|
1299
1304
|
end
|
1300
1305
|
|
1301
|
-
# GetFindingsStatistics response object.
|
1302
|
-
#
|
1303
1306
|
# @!attribute [rw] finding_statistics
|
1304
1307
|
# Finding statistics object.
|
1305
1308
|
# @return [Types::FindingStatistics]
|
@@ -1315,14 +1318,16 @@ module Aws::GuardDuty
|
|
1315
1318
|
# data as a hash:
|
1316
1319
|
#
|
1317
1320
|
# {
|
1318
|
-
# detector_id: "
|
1319
|
-
# ip_set_id: "
|
1321
|
+
# detector_id: "DetectorId", # required
|
1322
|
+
# ip_set_id: "String", # required
|
1320
1323
|
# }
|
1321
1324
|
#
|
1322
1325
|
# @!attribute [rw] detector_id
|
1326
|
+
# The unique ID of the detector the ipSet is associated with.
|
1323
1327
|
# @return [String]
|
1324
1328
|
#
|
1325
1329
|
# @!attribute [rw] ip_set_id
|
1330
|
+
# The unique ID of the ipSet you want to get.
|
1326
1331
|
# @return [String]
|
1327
1332
|
#
|
1328
1333
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetRequest AWS API Documentation
|
@@ -1333,7 +1338,11 @@ module Aws::GuardDuty
|
|
1333
1338
|
include Aws::Structure
|
1334
1339
|
end
|
1335
1340
|
|
1336
|
-
#
|
1341
|
+
# @!attribute [rw] name
|
1342
|
+
# The user friendly name to identify the IPSet. This name is displayed
|
1343
|
+
# in all findings that are triggered by activity that involves IP
|
1344
|
+
# addresses included in this IPSet.
|
1345
|
+
# @return [String]
|
1337
1346
|
#
|
1338
1347
|
# @!attribute [rw] format
|
1339
1348
|
# The format of the file that contains the IPSet.
|
@@ -1344,12 +1353,6 @@ module Aws::GuardDuty
|
|
1344
1353
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
1345
1354
|
# @return [String]
|
1346
1355
|
#
|
1347
|
-
# @!attribute [rw] name
|
1348
|
-
# The user friendly name to identify the IPSet. This name is displayed
|
1349
|
-
# in all findings that are triggered by activity that involves IP
|
1350
|
-
# addresses included in this IPSet.
|
1351
|
-
# @return [String]
|
1352
|
-
#
|
1353
1356
|
# @!attribute [rw] status
|
1354
1357
|
# The status of ipSet file uploaded.
|
1355
1358
|
# @return [String]
|
@@ -1357,9 +1360,9 @@ module Aws::GuardDuty
|
|
1357
1360
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetResponse AWS API Documentation
|
1358
1361
|
#
|
1359
1362
|
class GetIPSetResponse < Struct.new(
|
1363
|
+
:name,
|
1360
1364
|
:format,
|
1361
1365
|
:location,
|
1362
|
-
:name,
|
1363
1366
|
:status)
|
1364
1367
|
include Aws::Structure
|
1365
1368
|
end
|
@@ -1370,8 +1373,6 @@ module Aws::GuardDuty
|
|
1370
1373
|
#
|
1371
1374
|
class GetInvitationsCountRequest < Aws::EmptyStructure; end
|
1372
1375
|
|
1373
|
-
# GetInvitationsCount response object.
|
1374
|
-
#
|
1375
1376
|
# @!attribute [rw] invitations_count
|
1376
1377
|
# The number of received invitations.
|
1377
1378
|
# @return [Integer]
|
@@ -1387,10 +1388,11 @@ module Aws::GuardDuty
|
|
1387
1388
|
# data as a hash:
|
1388
1389
|
#
|
1389
1390
|
# {
|
1390
|
-
# detector_id: "
|
1391
|
+
# detector_id: "DetectorId", # required
|
1391
1392
|
# }
|
1392
1393
|
#
|
1393
1394
|
# @!attribute [rw] detector_id
|
1395
|
+
# The unique ID of the detector of the GuardDuty member account.
|
1394
1396
|
# @return [String]
|
1395
1397
|
#
|
1396
1398
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMasterAccountRequest AWS API Documentation
|
@@ -1400,10 +1402,8 @@ module Aws::GuardDuty
|
|
1400
1402
|
include Aws::Structure
|
1401
1403
|
end
|
1402
1404
|
|
1403
|
-
# GetMasterAccount response object.
|
1404
|
-
#
|
1405
1405
|
# @!attribute [rw] master
|
1406
|
-
#
|
1406
|
+
# Master account details.
|
1407
1407
|
# @return [Types::Master]
|
1408
1408
|
#
|
1409
1409
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMasterAccountResponse AWS API Documentation
|
@@ -1413,36 +1413,34 @@ module Aws::GuardDuty
|
|
1413
1413
|
include Aws::Structure
|
1414
1414
|
end
|
1415
1415
|
|
1416
|
-
# GetMembers request body.
|
1417
|
-
#
|
1418
1416
|
# @note When making an API call, you may pass GetMembersRequest
|
1419
1417
|
# data as a hash:
|
1420
1418
|
#
|
1421
1419
|
# {
|
1422
|
-
#
|
1423
|
-
#
|
1420
|
+
# detector_id: "DetectorId", # required
|
1421
|
+
# account_ids: ["AccountId"], # required
|
1424
1422
|
# }
|
1425
1423
|
#
|
1424
|
+
# @!attribute [rw] detector_id
|
1425
|
+
# The unique ID of the detector of the GuardDuty account whose members
|
1426
|
+
# you want to retrieve.
|
1427
|
+
# @return [String]
|
1428
|
+
#
|
1426
1429
|
# @!attribute [rw] account_ids
|
1427
1430
|
# A list of account IDs of the GuardDuty member accounts that you want
|
1428
1431
|
# to describe.
|
1429
1432
|
# @return [Array<String>]
|
1430
1433
|
#
|
1431
|
-
# @!attribute [rw] detector_id
|
1432
|
-
# @return [String]
|
1433
|
-
#
|
1434
1434
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMembersRequest AWS API Documentation
|
1435
1435
|
#
|
1436
1436
|
class GetMembersRequest < Struct.new(
|
1437
|
-
:
|
1438
|
-
:
|
1437
|
+
:detector_id,
|
1438
|
+
:account_ids)
|
1439
1439
|
include Aws::Structure
|
1440
1440
|
end
|
1441
1441
|
|
1442
|
-
# GetMembers response object.
|
1443
|
-
#
|
1444
1442
|
# @!attribute [rw] members
|
1445
|
-
# A list of
|
1443
|
+
# A list of members.
|
1446
1444
|
# @return [Array<Types::Member>]
|
1447
1445
|
#
|
1448
1446
|
# @!attribute [rw] unprocessed_accounts
|
@@ -1462,14 +1460,16 @@ module Aws::GuardDuty
|
|
1462
1460
|
# data as a hash:
|
1463
1461
|
#
|
1464
1462
|
# {
|
1465
|
-
# detector_id: "
|
1466
|
-
# threat_intel_set_id: "
|
1463
|
+
# detector_id: "DetectorId", # required
|
1464
|
+
# threat_intel_set_id: "String", # required
|
1467
1465
|
# }
|
1468
1466
|
#
|
1469
1467
|
# @!attribute [rw] detector_id
|
1468
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
1470
1469
|
# @return [String]
|
1471
1470
|
#
|
1472
1471
|
# @!attribute [rw] threat_intel_set_id
|
1472
|
+
# The unique ID of the threatIntelSet you want to get.
|
1473
1473
|
# @return [String]
|
1474
1474
|
#
|
1475
1475
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetThreatIntelSetRequest AWS API Documentation
|
@@ -1480,7 +1480,11 @@ module Aws::GuardDuty
|
|
1480
1480
|
include Aws::Structure
|
1481
1481
|
end
|
1482
1482
|
|
1483
|
-
#
|
1483
|
+
# @!attribute [rw] name
|
1484
|
+
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
1485
|
+
# generated by activity that involves IP addresses included in this
|
1486
|
+
# ThreatIntelSet.
|
1487
|
+
# @return [String]
|
1484
1488
|
#
|
1485
1489
|
# @!attribute [rw] format
|
1486
1490
|
# The format of the threatIntelSet.
|
@@ -1491,12 +1495,6 @@ module Aws::GuardDuty
|
|
1491
1495
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
1492
1496
|
# @return [String]
|
1493
1497
|
#
|
1494
|
-
# @!attribute [rw] name
|
1495
|
-
# A user-friendly ThreatIntelSet name that is displayed in all finding
|
1496
|
-
# generated by activity that involves IP addresses included in this
|
1497
|
-
# ThreatIntelSet.
|
1498
|
-
# @return [String]
|
1499
|
-
#
|
1500
1498
|
# @!attribute [rw] status
|
1501
1499
|
# The status of threatIntelSet file uploaded.
|
1502
1500
|
# @return [String]
|
@@ -1504,15 +1502,13 @@ module Aws::GuardDuty
|
|
1504
1502
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetThreatIntelSetResponse AWS API Documentation
|
1505
1503
|
#
|
1506
1504
|
class GetThreatIntelSetResponse < Struct.new(
|
1505
|
+
:name,
|
1507
1506
|
:format,
|
1508
1507
|
:location,
|
1509
|
-
:name,
|
1510
1508
|
:status)
|
1511
1509
|
include Aws::Structure
|
1512
1510
|
end
|
1513
1511
|
|
1514
|
-
# The profile information of the EC2 instance.
|
1515
|
-
#
|
1516
1512
|
# @!attribute [rw] arn
|
1517
1513
|
# AWS EC2 instance profile ARN.
|
1518
1514
|
# @return [String]
|
@@ -1529,9 +1525,6 @@ module Aws::GuardDuty
|
|
1529
1525
|
include Aws::Structure
|
1530
1526
|
end
|
1531
1527
|
|
1532
|
-
# The information about the EC2 instance associated with the activity
|
1533
|
-
# that prompted GuardDuty to generate a finding.
|
1534
|
-
#
|
1535
1528
|
# @!attribute [rw] availability_zone
|
1536
1529
|
# The availability zone of the EC2 instance.
|
1537
1530
|
# @return [String]
|
@@ -1598,12 +1591,14 @@ module Aws::GuardDuty
|
|
1598
1591
|
include Aws::Structure
|
1599
1592
|
end
|
1600
1593
|
|
1601
|
-
#
|
1594
|
+
# Internal server error exception object.
|
1602
1595
|
#
|
1603
1596
|
# @!attribute [rw] message
|
1597
|
+
# The error message.
|
1604
1598
|
# @return [String]
|
1605
1599
|
#
|
1606
1600
|
# @!attribute [rw] type
|
1601
|
+
# The error type.
|
1607
1602
|
# @return [String]
|
1608
1603
|
#
|
1609
1604
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InternalServerErrorException AWS API Documentation
|
@@ -1614,9 +1609,6 @@ module Aws::GuardDuty
|
|
1614
1609
|
include Aws::Structure
|
1615
1610
|
end
|
1616
1611
|
|
1617
|
-
# Invitation from an AWS account to become the current account's
|
1618
|
-
# master.
|
1619
|
-
#
|
1620
1612
|
# @!attribute [rw] account_id
|
1621
1613
|
# Inviter account ID
|
1622
1614
|
# @return [String]
|
@@ -1626,45 +1618,45 @@ module Aws::GuardDuty
|
|
1626
1618
|
# account.
|
1627
1619
|
# @return [String]
|
1628
1620
|
#
|
1629
|
-
# @!attribute [rw] invited_at
|
1630
|
-
# Timestamp at which the invitation was sent
|
1631
|
-
# @return [String]
|
1632
|
-
#
|
1633
1621
|
# @!attribute [rw] relationship_status
|
1634
1622
|
# The status of the relationship between the inviter and invitee
|
1635
1623
|
# accounts.
|
1636
1624
|
# @return [String]
|
1637
1625
|
#
|
1626
|
+
# @!attribute [rw] invited_at
|
1627
|
+
# Timestamp at which the invitation was sent
|
1628
|
+
# @return [String]
|
1629
|
+
#
|
1638
1630
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Invitation AWS API Documentation
|
1639
1631
|
#
|
1640
1632
|
class Invitation < Struct.new(
|
1641
1633
|
:account_id,
|
1642
1634
|
:invitation_id,
|
1643
|
-
:
|
1644
|
-
:
|
1635
|
+
:relationship_status,
|
1636
|
+
:invited_at)
|
1645
1637
|
include Aws::Structure
|
1646
1638
|
end
|
1647
1639
|
|
1648
|
-
# InviteMembers request body.
|
1649
|
-
#
|
1650
1640
|
# @note When making an API call, you may pass InviteMembersRequest
|
1651
1641
|
# data as a hash:
|
1652
1642
|
#
|
1653
1643
|
# {
|
1654
|
-
#
|
1655
|
-
#
|
1644
|
+
# detector_id: "DetectorId", # required
|
1645
|
+
# account_ids: ["AccountId"], # required
|
1656
1646
|
# disable_email_notification: false,
|
1657
|
-
# message: "
|
1647
|
+
# message: "String",
|
1658
1648
|
# }
|
1659
1649
|
#
|
1650
|
+
# @!attribute [rw] detector_id
|
1651
|
+
# The unique ID of the detector of the GuardDuty account with which
|
1652
|
+
# you want to invite members.
|
1653
|
+
# @return [String]
|
1654
|
+
#
|
1660
1655
|
# @!attribute [rw] account_ids
|
1661
1656
|
# A list of account IDs of the accounts that you want to invite to
|
1662
1657
|
# GuardDuty as members.
|
1663
1658
|
# @return [Array<String>]
|
1664
1659
|
#
|
1665
|
-
# @!attribute [rw] detector_id
|
1666
|
-
# @return [String]
|
1667
|
-
#
|
1668
1660
|
# @!attribute [rw] disable_email_notification
|
1669
1661
|
# A boolean value that specifies whether you want to disable email
|
1670
1662
|
# notification to the accounts that you’re inviting to GuardDuty as
|
@@ -1679,15 +1671,13 @@ module Aws::GuardDuty
|
|
1679
1671
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InviteMembersRequest AWS API Documentation
|
1680
1672
|
#
|
1681
1673
|
class InviteMembersRequest < Struct.new(
|
1682
|
-
:account_ids,
|
1683
1674
|
:detector_id,
|
1675
|
+
:account_ids,
|
1684
1676
|
:disable_email_notification,
|
1685
1677
|
:message)
|
1686
1678
|
include Aws::Structure
|
1687
1679
|
end
|
1688
1680
|
|
1689
|
-
# InviteMembers response object.
|
1690
|
-
#
|
1691
1681
|
# @!attribute [rw] unprocessed_accounts
|
1692
1682
|
# A list of objects containing the unprocessed account and a result
|
1693
1683
|
# string explaining why it was unprocessed.
|
@@ -1705,15 +1695,21 @@ module Aws::GuardDuty
|
|
1705
1695
|
#
|
1706
1696
|
# {
|
1707
1697
|
# max_results: 1,
|
1708
|
-
# next_token: "
|
1698
|
+
# next_token: "String",
|
1709
1699
|
# }
|
1710
1700
|
#
|
1711
1701
|
# @!attribute [rw] max_results
|
1712
1702
|
# You can use this parameter to indicate the maximum number of items
|
1713
|
-
#
|
1703
|
+
# you want in the response. The default value is 50. The maximum value
|
1704
|
+
# is 50.
|
1714
1705
|
# @return [Integer]
|
1715
1706
|
#
|
1716
1707
|
# @!attribute [rw] next_token
|
1708
|
+
# You can use this parameter when paginating results. Set the value of
|
1709
|
+
# this parameter to null on your first call to the list action. For
|
1710
|
+
# subsequent calls to the action fill nextToken in the request with
|
1711
|
+
# the value of NextToken from the previous response to continue
|
1712
|
+
# listing data.
|
1717
1713
|
# @return [String]
|
1718
1714
|
#
|
1719
1715
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListDetectorsRequest AWS API Documentation
|
@@ -1724,18 +1720,13 @@ module Aws::GuardDuty
|
|
1724
1720
|
include Aws::Structure
|
1725
1721
|
end
|
1726
1722
|
|
1727
|
-
# ListDetectors response object.
|
1728
|
-
#
|
1729
1723
|
# @!attribute [rw] detector_ids
|
1730
1724
|
# A list of detector Ids.
|
1731
1725
|
# @return [Array<String>]
|
1732
1726
|
#
|
1733
1727
|
# @!attribute [rw] next_token
|
1734
|
-
#
|
1735
|
-
#
|
1736
|
-
# subsequent calls to the action fill nextToken in the request with
|
1737
|
-
# the value of NextToken from the previous response to continue
|
1738
|
-
# listing data.
|
1728
|
+
# Pagination parameter to be used on the next list operation to
|
1729
|
+
# retrieve more items.
|
1739
1730
|
# @return [String]
|
1740
1731
|
#
|
1741
1732
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListDetectorsResponse AWS API Documentation
|
@@ -1750,20 +1741,27 @@ module Aws::GuardDuty
|
|
1750
1741
|
# data as a hash:
|
1751
1742
|
#
|
1752
1743
|
# {
|
1753
|
-
# detector_id: "
|
1744
|
+
# detector_id: "DetectorId", # required
|
1754
1745
|
# max_results: 1,
|
1755
|
-
# next_token: "
|
1746
|
+
# next_token: "String",
|
1756
1747
|
# }
|
1757
1748
|
#
|
1758
1749
|
# @!attribute [rw] detector_id
|
1750
|
+
# The unique ID of the detector the filter is associated with.
|
1759
1751
|
# @return [String]
|
1760
1752
|
#
|
1761
1753
|
# @!attribute [rw] max_results
|
1762
1754
|
# You can use this parameter to indicate the maximum number of items
|
1763
|
-
#
|
1755
|
+
# you want in the response. The default value is 50. The maximum value
|
1756
|
+
# is 50.
|
1764
1757
|
# @return [Integer]
|
1765
1758
|
#
|
1766
1759
|
# @!attribute [rw] next_token
|
1760
|
+
# You can use this parameter when paginating results. Set the value of
|
1761
|
+
# this parameter to null on your first call to the list action. For
|
1762
|
+
# subsequent calls to the action fill nextToken in the request with
|
1763
|
+
# the value of NextToken from the previous response to continue
|
1764
|
+
# listing data.
|
1767
1765
|
# @return [String]
|
1768
1766
|
#
|
1769
1767
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFiltersRequest AWS API Documentation
|
@@ -1775,18 +1773,13 @@ module Aws::GuardDuty
|
|
1775
1773
|
include Aws::Structure
|
1776
1774
|
end
|
1777
1775
|
|
1778
|
-
# ListFilters response object.
|
1779
|
-
#
|
1780
1776
|
# @!attribute [rw] filter_names
|
1781
1777
|
# A list of filter names
|
1782
1778
|
# @return [Array<String>]
|
1783
1779
|
#
|
1784
1780
|
# @!attribute [rw] next_token
|
1785
|
-
#
|
1786
|
-
#
|
1787
|
-
# subsequent calls to the action fill nextToken in the request with
|
1788
|
-
# the value of NextToken from the previous response to continue
|
1789
|
-
# listing data.
|
1781
|
+
# Pagination parameter to be used on the next list operation to
|
1782
|
+
# retrieve more items.
|
1790
1783
|
# @return [String]
|
1791
1784
|
#
|
1792
1785
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFiltersResponse AWS API Documentation
|
@@ -1797,40 +1790,50 @@ module Aws::GuardDuty
|
|
1797
1790
|
include Aws::Structure
|
1798
1791
|
end
|
1799
1792
|
|
1800
|
-
# List Findings Request
|
1801
|
-
#
|
1802
1793
|
# @note When making an API call, you may pass ListFindingsRequest
|
1803
1794
|
# data as a hash:
|
1804
1795
|
#
|
1805
1796
|
# {
|
1806
|
-
# detector_id: "
|
1797
|
+
# detector_id: "DetectorId", # required
|
1807
1798
|
# finding_criteria: {
|
1808
1799
|
# criterion: {
|
1809
|
-
# "
|
1810
|
-
# eq: ["
|
1800
|
+
# "String" => {
|
1801
|
+
# eq: ["String"],
|
1802
|
+
# neq: ["String"],
|
1811
1803
|
# gt: 1,
|
1812
1804
|
# gte: 1,
|
1813
1805
|
# lt: 1,
|
1814
1806
|
# lte: 1,
|
1815
|
-
#
|
1807
|
+
# equals: ["String"],
|
1808
|
+
# not_equals: ["String"],
|
1809
|
+
# greater_than: 1,
|
1810
|
+
# greater_than_or_equal: 1,
|
1811
|
+
# less_than: 1,
|
1812
|
+
# less_than_or_equal: 1,
|
1816
1813
|
# },
|
1817
1814
|
# },
|
1818
1815
|
# },
|
1819
|
-
# max_results: 1,
|
1820
|
-
# next_token: "NextToken",
|
1821
1816
|
# sort_criteria: {
|
1822
|
-
# attribute_name: "
|
1817
|
+
# attribute_name: "String",
|
1823
1818
|
# order_by: "ASC", # accepts ASC, DESC
|
1824
1819
|
# },
|
1820
|
+
# max_results: 1,
|
1821
|
+
# next_token: "String",
|
1825
1822
|
# }
|
1826
1823
|
#
|
1827
1824
|
# @!attribute [rw] detector_id
|
1825
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
1826
|
+
# findings you want to list.
|
1828
1827
|
# @return [String]
|
1829
1828
|
#
|
1830
1829
|
# @!attribute [rw] finding_criteria
|
1831
1830
|
# Represents the criteria used for querying findings.
|
1832
1831
|
# @return [Types::FindingCriteria]
|
1833
1832
|
#
|
1833
|
+
# @!attribute [rw] sort_criteria
|
1834
|
+
# Represents the criteria used for sorting findings.
|
1835
|
+
# @return [Types::SortCriteria]
|
1836
|
+
#
|
1834
1837
|
# @!attribute [rw] max_results
|
1835
1838
|
# You can use this parameter to indicate the maximum number of items
|
1836
1839
|
# you want in the response. The default value is 50. The maximum value
|
@@ -1839,39 +1842,30 @@ module Aws::GuardDuty
|
|
1839
1842
|
#
|
1840
1843
|
# @!attribute [rw] next_token
|
1841
1844
|
# You can use this parameter when paginating results. Set the value of
|
1842
|
-
# this parameter to null on your first call to the
|
1843
|
-
#
|
1844
|
-
#
|
1845
|
-
#
|
1845
|
+
# this parameter to null on your first call to the list action. For
|
1846
|
+
# subsequent calls to the action fill nextToken in the request with
|
1847
|
+
# the value of NextToken from the previous response to continue
|
1848
|
+
# listing data.
|
1846
1849
|
# @return [String]
|
1847
1850
|
#
|
1848
|
-
# @!attribute [rw] sort_criteria
|
1849
|
-
# Represents the criteria used for sorting findings.
|
1850
|
-
# @return [Types::SortCriteria]
|
1851
|
-
#
|
1852
1851
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFindingsRequest AWS API Documentation
|
1853
1852
|
#
|
1854
1853
|
class ListFindingsRequest < Struct.new(
|
1855
1854
|
:detector_id,
|
1856
1855
|
:finding_criteria,
|
1856
|
+
:sort_criteria,
|
1857
1857
|
:max_results,
|
1858
|
-
:next_token
|
1859
|
-
:sort_criteria)
|
1858
|
+
:next_token)
|
1860
1859
|
include Aws::Structure
|
1861
1860
|
end
|
1862
1861
|
|
1863
|
-
# ListFindings response object.
|
1864
|
-
#
|
1865
1862
|
# @!attribute [rw] finding_ids
|
1866
|
-
# The
|
1863
|
+
# The IDs of the findings you are listing.
|
1867
1864
|
# @return [Array<String>]
|
1868
1865
|
#
|
1869
1866
|
# @!attribute [rw] next_token
|
1870
|
-
#
|
1871
|
-
#
|
1872
|
-
# subsequent calls to the action fill nextToken in the request with
|
1873
|
-
# the value of NextToken from the previous response to continue
|
1874
|
-
# listing data.
|
1867
|
+
# Pagination parameter to be used on the next list operation to
|
1868
|
+
# retrieve more items.
|
1875
1869
|
# @return [String]
|
1876
1870
|
#
|
1877
1871
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFindingsResponse AWS API Documentation
|
@@ -1886,20 +1880,27 @@ module Aws::GuardDuty
|
|
1886
1880
|
# data as a hash:
|
1887
1881
|
#
|
1888
1882
|
# {
|
1889
|
-
# detector_id: "
|
1883
|
+
# detector_id: "DetectorId", # required
|
1890
1884
|
# max_results: 1,
|
1891
|
-
# next_token: "
|
1885
|
+
# next_token: "String",
|
1892
1886
|
# }
|
1893
1887
|
#
|
1894
1888
|
# @!attribute [rw] detector_id
|
1889
|
+
# The unique ID of the detector the ipSet is associated with.
|
1895
1890
|
# @return [String]
|
1896
1891
|
#
|
1897
1892
|
# @!attribute [rw] max_results
|
1898
1893
|
# You can use this parameter to indicate the maximum number of items
|
1899
|
-
#
|
1894
|
+
# you want in the response. The default value is 50. The maximum value
|
1895
|
+
# is 50.
|
1900
1896
|
# @return [Integer]
|
1901
1897
|
#
|
1902
1898
|
# @!attribute [rw] next_token
|
1899
|
+
# You can use this parameter when paginating results. Set the value of
|
1900
|
+
# this parameter to null on your first call to the list action. For
|
1901
|
+
# subsequent calls to the action fill nextToken in the request with
|
1902
|
+
# the value of NextToken from the previous response to continue
|
1903
|
+
# listing data.
|
1903
1904
|
# @return [String]
|
1904
1905
|
#
|
1905
1906
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListIPSetsRequest AWS API Documentation
|
@@ -1911,18 +1912,13 @@ module Aws::GuardDuty
|
|
1911
1912
|
include Aws::Structure
|
1912
1913
|
end
|
1913
1914
|
|
1914
|
-
# ListIPSets response object.
|
1915
|
-
#
|
1916
1915
|
# @!attribute [rw] ip_set_ids
|
1917
|
-
#
|
1916
|
+
# The IDs of the IPSet resources.
|
1918
1917
|
# @return [Array<String>]
|
1919
1918
|
#
|
1920
1919
|
# @!attribute [rw] next_token
|
1921
|
-
#
|
1922
|
-
#
|
1923
|
-
# subsequent calls to the action fill nextToken in the request with
|
1924
|
-
# the value of NextToken from the previous response to continue
|
1925
|
-
# listing data.
|
1920
|
+
# Pagination parameter to be used on the next list operation to
|
1921
|
+
# retrieve more items.
|
1926
1922
|
# @return [String]
|
1927
1923
|
#
|
1928
1924
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListIPSetsResponse AWS API Documentation
|
@@ -1938,15 +1934,21 @@ module Aws::GuardDuty
|
|
1938
1934
|
#
|
1939
1935
|
# {
|
1940
1936
|
# max_results: 1,
|
1941
|
-
# next_token: "
|
1937
|
+
# next_token: "String",
|
1942
1938
|
# }
|
1943
1939
|
#
|
1944
1940
|
# @!attribute [rw] max_results
|
1945
1941
|
# You can use this parameter to indicate the maximum number of items
|
1946
|
-
#
|
1942
|
+
# you want in the response. The default value is 50. The maximum value
|
1943
|
+
# is 50.
|
1947
1944
|
# @return [Integer]
|
1948
1945
|
#
|
1949
1946
|
# @!attribute [rw] next_token
|
1947
|
+
# You can use this parameter when paginating results. Set the value of
|
1948
|
+
# this parameter to null on your first call to the list action. For
|
1949
|
+
# subsequent calls to the action fill nextToken in the request with
|
1950
|
+
# the value of NextToken from the previous response to continue
|
1951
|
+
# listing data.
|
1950
1952
|
# @return [String]
|
1951
1953
|
#
|
1952
1954
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListInvitationsRequest AWS API Documentation
|
@@ -1957,18 +1959,13 @@ module Aws::GuardDuty
|
|
1957
1959
|
include Aws::Structure
|
1958
1960
|
end
|
1959
1961
|
|
1960
|
-
# ListInvitations response object.
|
1961
|
-
#
|
1962
1962
|
# @!attribute [rw] invitations
|
1963
1963
|
# A list of invitation descriptions.
|
1964
1964
|
# @return [Array<Types::Invitation>]
|
1965
1965
|
#
|
1966
1966
|
# @!attribute [rw] next_token
|
1967
|
-
#
|
1968
|
-
#
|
1969
|
-
# subsequent calls to the action fill nextToken in the request with
|
1970
|
-
# the value of NextToken from the previous response to continue
|
1971
|
-
# listing data.
|
1967
|
+
# Pagination parameter to be used on the next list operation to
|
1968
|
+
# retrieve more items.
|
1972
1969
|
# @return [String]
|
1973
1970
|
#
|
1974
1971
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListInvitationsResponse AWS API Documentation
|
@@ -1983,24 +1980,34 @@ module Aws::GuardDuty
|
|
1983
1980
|
# data as a hash:
|
1984
1981
|
#
|
1985
1982
|
# {
|
1986
|
-
# detector_id: "
|
1983
|
+
# detector_id: "DetectorId", # required
|
1987
1984
|
# max_results: 1,
|
1988
|
-
# next_token: "
|
1989
|
-
# only_associated: "
|
1985
|
+
# next_token: "String",
|
1986
|
+
# only_associated: "String",
|
1990
1987
|
# }
|
1991
1988
|
#
|
1992
1989
|
# @!attribute [rw] detector_id
|
1990
|
+
# The unique ID of the detector the member is associated with.
|
1993
1991
|
# @return [String]
|
1994
1992
|
#
|
1995
1993
|
# @!attribute [rw] max_results
|
1996
1994
|
# You can use this parameter to indicate the maximum number of items
|
1997
|
-
#
|
1995
|
+
# you want in the response. The default value is 50. The maximum value
|
1996
|
+
# is 50.
|
1998
1997
|
# @return [Integer]
|
1999
1998
|
#
|
2000
1999
|
# @!attribute [rw] next_token
|
2000
|
+
# You can use this parameter when paginating results. Set the value of
|
2001
|
+
# this parameter to null on your first call to the list action. For
|
2002
|
+
# subsequent calls to the action fill nextToken in the request with
|
2003
|
+
# the value of NextToken from the previous response to continue
|
2004
|
+
# listing data.
|
2001
2005
|
# @return [String]
|
2002
2006
|
#
|
2003
2007
|
# @!attribute [rw] only_associated
|
2008
|
+
# Specifies whether to only return associated members or to return all
|
2009
|
+
# members (including members which haven't been invited yet or have
|
2010
|
+
# been disassociated).
|
2004
2011
|
# @return [String]
|
2005
2012
|
#
|
2006
2013
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersRequest AWS API Documentation
|
@@ -2013,18 +2020,13 @@ module Aws::GuardDuty
|
|
2013
2020
|
include Aws::Structure
|
2014
2021
|
end
|
2015
2022
|
|
2016
|
-
# ListMembers response object.
|
2017
|
-
#
|
2018
2023
|
# @!attribute [rw] members
|
2019
|
-
# A list of
|
2024
|
+
# A list of members.
|
2020
2025
|
# @return [Array<Types::Member>]
|
2021
2026
|
#
|
2022
2027
|
# @!attribute [rw] next_token
|
2023
|
-
#
|
2024
|
-
#
|
2025
|
-
# subsequent calls to the action fill nextToken in the request with
|
2026
|
-
# the value of NextToken from the previous response to continue
|
2027
|
-
# listing data.
|
2028
|
+
# Pagination parameter to be used on the next list operation to
|
2029
|
+
# retrieve more items.
|
2028
2030
|
# @return [String]
|
2029
2031
|
#
|
2030
2032
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersResponse AWS API Documentation
|
@@ -2039,20 +2041,27 @@ module Aws::GuardDuty
|
|
2039
2041
|
# data as a hash:
|
2040
2042
|
#
|
2041
2043
|
# {
|
2042
|
-
# detector_id: "
|
2044
|
+
# detector_id: "DetectorId", # required
|
2043
2045
|
# max_results: 1,
|
2044
|
-
# next_token: "
|
2046
|
+
# next_token: "String",
|
2045
2047
|
# }
|
2046
2048
|
#
|
2047
2049
|
# @!attribute [rw] detector_id
|
2050
|
+
# The unique ID of the detector the threatIntelSet is associated with.
|
2048
2051
|
# @return [String]
|
2049
2052
|
#
|
2050
2053
|
# @!attribute [rw] max_results
|
2051
2054
|
# You can use this parameter to indicate the maximum number of items
|
2052
|
-
#
|
2055
|
+
# you want in the response. The default value is 50. The maximum value
|
2056
|
+
# is 50.
|
2053
2057
|
# @return [Integer]
|
2054
2058
|
#
|
2055
2059
|
# @!attribute [rw] next_token
|
2060
|
+
# You can use this parameter when paginating results. Set the value of
|
2061
|
+
# this parameter to null on your first call to the list action. For
|
2062
|
+
# subsequent calls to the action fill nextToken in the request with
|
2063
|
+
# the value of NextToken from the previous response to continue
|
2064
|
+
# listing data.
|
2056
2065
|
# @return [String]
|
2057
2066
|
#
|
2058
2067
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsRequest AWS API Documentation
|
@@ -2064,30 +2073,23 @@ module Aws::GuardDuty
|
|
2064
2073
|
include Aws::Structure
|
2065
2074
|
end
|
2066
2075
|
|
2067
|
-
#
|
2076
|
+
# @!attribute [rw] threat_intel_set_ids
|
2077
|
+
# The IDs of the ThreatIntelSet resources.
|
2078
|
+
# @return [Array<String>]
|
2068
2079
|
#
|
2069
2080
|
# @!attribute [rw] next_token
|
2070
|
-
#
|
2071
|
-
#
|
2072
|
-
# subsequent calls to the action fill nextToken in the request with
|
2073
|
-
# the value of NextToken from the previous response to continue
|
2074
|
-
# listing data.
|
2081
|
+
# Pagination parameter to be used on the next list operation to
|
2082
|
+
# retrieve more items.
|
2075
2083
|
# @return [String]
|
2076
2084
|
#
|
2077
|
-
# @!attribute [rw] threat_intel_set_ids
|
2078
|
-
# The list of the threat intel set IDs
|
2079
|
-
# @return [Array<String>]
|
2080
|
-
#
|
2081
2085
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsResponse AWS API Documentation
|
2082
2086
|
#
|
2083
2087
|
class ListThreatIntelSetsResponse < Struct.new(
|
2084
|
-
:
|
2085
|
-
:
|
2088
|
+
:threat_intel_set_ids,
|
2089
|
+
:next_token)
|
2086
2090
|
include Aws::Structure
|
2087
2091
|
end
|
2088
2092
|
|
2089
|
-
# Local port information of the connection.
|
2090
|
-
#
|
2091
2093
|
# @!attribute [rw] port
|
2092
2094
|
# Port number of the local connection.
|
2093
2095
|
# @return [Integer]
|
@@ -2104,8 +2106,6 @@ module Aws::GuardDuty
|
|
2104
2106
|
include Aws::Structure
|
2105
2107
|
end
|
2106
2108
|
|
2107
|
-
# Contains details about the master account.
|
2108
|
-
#
|
2109
2109
|
# @!attribute [rw] account_id
|
2110
2110
|
# Master account ID
|
2111
2111
|
# @return [String]
|
@@ -2115,53 +2115,51 @@ module Aws::GuardDuty
|
|
2115
2115
|
# account.
|
2116
2116
|
# @return [String]
|
2117
2117
|
#
|
2118
|
-
# @!attribute [rw] invited_at
|
2119
|
-
# Timestamp at which the invitation was sent
|
2120
|
-
# @return [String]
|
2121
|
-
#
|
2122
2118
|
# @!attribute [rw] relationship_status
|
2123
2119
|
# The status of the relationship between the master and member
|
2124
2120
|
# accounts.
|
2125
2121
|
# @return [String]
|
2126
2122
|
#
|
2123
|
+
# @!attribute [rw] invited_at
|
2124
|
+
# Timestamp at which the invitation was sent
|
2125
|
+
# @return [String]
|
2126
|
+
#
|
2127
2127
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Master AWS API Documentation
|
2128
2128
|
#
|
2129
2129
|
class Master < Struct.new(
|
2130
2130
|
:account_id,
|
2131
2131
|
:invitation_id,
|
2132
|
-
:
|
2133
|
-
:
|
2132
|
+
:relationship_status,
|
2133
|
+
:invited_at)
|
2134
2134
|
include Aws::Structure
|
2135
2135
|
end
|
2136
2136
|
|
2137
|
-
# Contains details about the member account.
|
2138
|
-
#
|
2139
2137
|
# @!attribute [rw] account_id
|
2140
|
-
#
|
2138
|
+
# Member account ID.
|
2141
2139
|
# @return [String]
|
2142
2140
|
#
|
2143
2141
|
# @!attribute [rw] detector_id
|
2144
|
-
#
|
2142
|
+
# Member account's detector ID.
|
2145
2143
|
# @return [String]
|
2146
2144
|
#
|
2147
|
-
# @!attribute [rw]
|
2148
|
-
#
|
2149
|
-
# @return [String]
|
2150
|
-
#
|
2151
|
-
# @!attribute [rw] invited_at
|
2152
|
-
# Timestamp at which the invitation was sent
|
2145
|
+
# @!attribute [rw] master_id
|
2146
|
+
# Master account ID.
|
2153
2147
|
# @return [String]
|
2154
2148
|
#
|
2155
|
-
# @!attribute [rw]
|
2156
|
-
#
|
2149
|
+
# @!attribute [rw] email
|
2150
|
+
# Member account's email address.
|
2157
2151
|
# @return [String]
|
2158
2152
|
#
|
2159
2153
|
# @!attribute [rw] relationship_status
|
2160
2154
|
# The status of the relationship between the member and the master.
|
2161
2155
|
# @return [String]
|
2162
2156
|
#
|
2157
|
+
# @!attribute [rw] invited_at
|
2158
|
+
# Timestamp at which the invitation was sent
|
2159
|
+
# @return [String]
|
2160
|
+
#
|
2163
2161
|
# @!attribute [rw] updated_at
|
2164
|
-
#
|
2162
|
+
# Member last updated timestamp.
|
2165
2163
|
# @return [String]
|
2166
2164
|
#
|
2167
2165
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Member AWS API Documentation
|
@@ -2169,17 +2167,14 @@ module Aws::GuardDuty
|
|
2169
2167
|
class Member < Struct.new(
|
2170
2168
|
:account_id,
|
2171
2169
|
:detector_id,
|
2172
|
-
:email,
|
2173
|
-
:invited_at,
|
2174
2170
|
:master_id,
|
2171
|
+
:email,
|
2175
2172
|
:relationship_status,
|
2173
|
+
:invited_at,
|
2176
2174
|
:updated_at)
|
2177
2175
|
include Aws::Structure
|
2178
2176
|
end
|
2179
2177
|
|
2180
|
-
# Information about the NETWORK\_CONNECTION action described in this
|
2181
|
-
# finding.
|
2182
|
-
#
|
2183
2178
|
# @!attribute [rw] blocked
|
2184
2179
|
# Network connection blocked information.
|
2185
2180
|
# @return [Boolean]
|
@@ -2216,8 +2211,6 @@ module Aws::GuardDuty
|
|
2216
2211
|
include Aws::Structure
|
2217
2212
|
end
|
2218
2213
|
|
2219
|
-
# The network interface information of the EC2 instance.
|
2220
|
-
#
|
2221
2214
|
# @!attribute [rw] ipv_6_addresses
|
2222
2215
|
# A list of EC2 instance IPv6 address information.
|
2223
2216
|
# @return [Array<String>]
|
@@ -2274,8 +2267,6 @@ module Aws::GuardDuty
|
|
2274
2267
|
include Aws::Structure
|
2275
2268
|
end
|
2276
2269
|
|
2277
|
-
# ISP Organization information of the remote IP address.
|
2278
|
-
#
|
2279
2270
|
# @!attribute [rw] asn
|
2280
2271
|
# Autonomous system number of the internet provider of the remote IP
|
2281
2272
|
# address.
|
@@ -2303,8 +2294,6 @@ module Aws::GuardDuty
|
|
2303
2294
|
include Aws::Structure
|
2304
2295
|
end
|
2305
2296
|
|
2306
|
-
# Information about the PORT\_PROBE action described in this finding.
|
2307
|
-
#
|
2308
2297
|
# @!attribute [rw] blocked
|
2309
2298
|
# Port probe blocked information.
|
2310
2299
|
# @return [Boolean]
|
@@ -2321,8 +2310,6 @@ module Aws::GuardDuty
|
|
2321
2310
|
include Aws::Structure
|
2322
2311
|
end
|
2323
2312
|
|
2324
|
-
# Details about the port probe finding.
|
2325
|
-
#
|
2326
2313
|
# @!attribute [rw] local_port_details
|
2327
2314
|
# Local port information of the connection.
|
2328
2315
|
# @return [Types::LocalPortDetails]
|
@@ -2339,8 +2326,6 @@ module Aws::GuardDuty
|
|
2339
2326
|
include Aws::Structure
|
2340
2327
|
end
|
2341
2328
|
|
2342
|
-
# Other private IP address information of the EC2 instance.
|
2343
|
-
#
|
2344
2329
|
# @!attribute [rw] private_dns_name
|
2345
2330
|
# Private DNS name of the EC2 instance.
|
2346
2331
|
# @return [String]
|
@@ -2357,8 +2342,6 @@ module Aws::GuardDuty
|
|
2357
2342
|
include Aws::Structure
|
2358
2343
|
end
|
2359
2344
|
|
2360
|
-
# The product code of the EC2 instance.
|
2361
|
-
#
|
2362
2345
|
# @!attribute [rw] code
|
2363
2346
|
# Product code information.
|
2364
2347
|
# @return [String]
|
@@ -2375,8 +2358,6 @@ module Aws::GuardDuty
|
|
2375
2358
|
include Aws::Structure
|
2376
2359
|
end
|
2377
2360
|
|
2378
|
-
# Remote IP information of the connection.
|
2379
|
-
#
|
2380
2361
|
# @!attribute [rw] city
|
2381
2362
|
# City information of the remote IP address.
|
2382
2363
|
# @return [Types::City]
|
@@ -2408,8 +2389,6 @@ module Aws::GuardDuty
|
|
2408
2389
|
include Aws::Structure
|
2409
2390
|
end
|
2410
2391
|
|
2411
|
-
# Remote port information of the connection.
|
2412
|
-
#
|
2413
2392
|
# @!attribute [rw] port
|
2414
2393
|
# Port number of the remote connection.
|
2415
2394
|
# @return [Integer]
|
@@ -2426,9 +2405,6 @@ module Aws::GuardDuty
|
|
2426
2405
|
include Aws::Structure
|
2427
2406
|
end
|
2428
2407
|
|
2429
|
-
# The AWS resource associated with the activity that prompted GuardDuty
|
2430
|
-
# to generate a finding.
|
2431
|
-
#
|
2432
2408
|
# @!attribute [rw] access_key_details
|
2433
2409
|
# The IAM access key details (IAM user information) of a user that
|
2434
2410
|
# engaged in the activity that prompted GuardDuty to generate a
|
@@ -2453,8 +2429,6 @@ module Aws::GuardDuty
|
|
2453
2429
|
include Aws::Structure
|
2454
2430
|
end
|
2455
2431
|
|
2456
|
-
# Security groups associated with the EC2 instance.
|
2457
|
-
#
|
2458
2432
|
# @!attribute [rw] group_id
|
2459
2433
|
# EC2 instance's security group ID.
|
2460
2434
|
# @return [String]
|
@@ -2471,8 +2445,6 @@ module Aws::GuardDuty
|
|
2471
2445
|
include Aws::Structure
|
2472
2446
|
end
|
2473
2447
|
|
2474
|
-
# Additional information assigned to the generated finding by GuardDuty.
|
2475
|
-
#
|
2476
2448
|
# @!attribute [rw] action
|
2477
2449
|
# Information about the activity described in a finding.
|
2478
2450
|
# @return [Types::Action]
|
@@ -2526,13 +2498,11 @@ module Aws::GuardDuty
|
|
2526
2498
|
include Aws::Structure
|
2527
2499
|
end
|
2528
2500
|
|
2529
|
-
# Represents the criteria used for sorting findings.
|
2530
|
-
#
|
2531
2501
|
# @note When making an API call, you may pass SortCriteria
|
2532
2502
|
# data as a hash:
|
2533
2503
|
#
|
2534
2504
|
# {
|
2535
|
-
# attribute_name: "
|
2505
|
+
# attribute_name: "String",
|
2536
2506
|
# order_by: "ASC", # accepts ASC, DESC
|
2537
2507
|
# }
|
2538
2508
|
#
|
@@ -2553,34 +2523,32 @@ module Aws::GuardDuty
|
|
2553
2523
|
include Aws::Structure
|
2554
2524
|
end
|
2555
2525
|
|
2556
|
-
# StartMonitoringMembers request body.
|
2557
|
-
#
|
2558
2526
|
# @note When making an API call, you may pass StartMonitoringMembersRequest
|
2559
2527
|
# data as a hash:
|
2560
2528
|
#
|
2561
2529
|
# {
|
2562
|
-
#
|
2563
|
-
#
|
2530
|
+
# detector_id: "DetectorId", # required
|
2531
|
+
# account_ids: ["AccountId"], # required
|
2564
2532
|
# }
|
2565
2533
|
#
|
2534
|
+
# @!attribute [rw] detector_id
|
2535
|
+
# The unique ID of the detector of the GuardDuty account whom you want
|
2536
|
+
# to re-enable to monitor members' findings.
|
2537
|
+
# @return [String]
|
2538
|
+
#
|
2566
2539
|
# @!attribute [rw] account_ids
|
2567
2540
|
# A list of account IDs of the GuardDuty member accounts whose
|
2568
2541
|
# findings you want the master account to monitor.
|
2569
2542
|
# @return [Array<String>]
|
2570
2543
|
#
|
2571
|
-
# @!attribute [rw] detector_id
|
2572
|
-
# @return [String]
|
2573
|
-
#
|
2574
2544
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMonitoringMembersRequest AWS API Documentation
|
2575
2545
|
#
|
2576
2546
|
class StartMonitoringMembersRequest < Struct.new(
|
2577
|
-
:
|
2578
|
-
:
|
2547
|
+
:detector_id,
|
2548
|
+
:account_ids)
|
2579
2549
|
include Aws::Structure
|
2580
2550
|
end
|
2581
2551
|
|
2582
|
-
# StartMonitoringMembers response object.
|
2583
|
-
#
|
2584
2552
|
# @!attribute [rw] unprocessed_accounts
|
2585
2553
|
# A list of objects containing the unprocessed account and a result
|
2586
2554
|
# string explaining why it was unprocessed.
|
@@ -2593,34 +2561,32 @@ module Aws::GuardDuty
|
|
2593
2561
|
include Aws::Structure
|
2594
2562
|
end
|
2595
2563
|
|
2596
|
-
# StopMonitoringMembers request body.
|
2597
|
-
#
|
2598
2564
|
# @note When making an API call, you may pass StopMonitoringMembersRequest
|
2599
2565
|
# data as a hash:
|
2600
2566
|
#
|
2601
2567
|
# {
|
2602
|
-
#
|
2603
|
-
#
|
2568
|
+
# detector_id: "DetectorId", # required
|
2569
|
+
# account_ids: ["AccountId"], # required
|
2604
2570
|
# }
|
2605
2571
|
#
|
2572
|
+
# @!attribute [rw] detector_id
|
2573
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
2574
|
+
# to stop from monitor members' findings.
|
2575
|
+
# @return [String]
|
2576
|
+
#
|
2606
2577
|
# @!attribute [rw] account_ids
|
2607
2578
|
# A list of account IDs of the GuardDuty member accounts whose
|
2608
2579
|
# findings you want the master account to stop monitoring.
|
2609
2580
|
# @return [Array<String>]
|
2610
2581
|
#
|
2611
|
-
# @!attribute [rw] detector_id
|
2612
|
-
# @return [String]
|
2613
|
-
#
|
2614
2582
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StopMonitoringMembersRequest AWS API Documentation
|
2615
2583
|
#
|
2616
2584
|
class StopMonitoringMembersRequest < Struct.new(
|
2617
|
-
:
|
2618
|
-
:
|
2585
|
+
:detector_id,
|
2586
|
+
:account_ids)
|
2619
2587
|
include Aws::Structure
|
2620
2588
|
end
|
2621
2589
|
|
2622
|
-
# StopMonitoringMembers response object.
|
2623
|
-
#
|
2624
2590
|
# @!attribute [rw] unprocessed_accounts
|
2625
2591
|
# A list of objects containing the unprocessed account and a result
|
2626
2592
|
# string explaining why it was unprocessed.
|
@@ -2633,8 +2599,6 @@ module Aws::GuardDuty
|
|
2633
2599
|
include Aws::Structure
|
2634
2600
|
end
|
2635
2601
|
|
2636
|
-
# A tag of the EC2 instance.
|
2637
|
-
#
|
2638
2602
|
# @!attribute [rw] key
|
2639
2603
|
# EC2 instance tag key.
|
2640
2604
|
# @return [String]
|
@@ -2651,17 +2615,17 @@ module Aws::GuardDuty
|
|
2651
2615
|
include Aws::Structure
|
2652
2616
|
end
|
2653
2617
|
|
2654
|
-
# Unrchive Findings Request
|
2655
|
-
#
|
2656
2618
|
# @note When making an API call, you may pass UnarchiveFindingsRequest
|
2657
2619
|
# data as a hash:
|
2658
2620
|
#
|
2659
2621
|
# {
|
2660
|
-
# detector_id: "
|
2622
|
+
# detector_id: "DetectorId", # required
|
2661
2623
|
# finding_ids: ["FindingId"], # required
|
2662
2624
|
# }
|
2663
2625
|
#
|
2664
2626
|
# @!attribute [rw] detector_id
|
2627
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
2628
|
+
# findings you want to unarchive.
|
2665
2629
|
# @return [String]
|
2666
2630
|
#
|
2667
2631
|
# @!attribute [rw] finding_ids
|
@@ -2680,9 +2644,6 @@ module Aws::GuardDuty
|
|
2680
2644
|
#
|
2681
2645
|
class UnarchiveFindingsResponse < Aws::EmptyStructure; end
|
2682
2646
|
|
2683
|
-
# An object containing the unprocessed account and a result string
|
2684
|
-
# explaining why it was unprocessed.
|
2685
|
-
#
|
2686
2647
|
# @!attribute [rw] account_id
|
2687
2648
|
# AWS Account ID.
|
2688
2649
|
# @return [String]
|
@@ -2699,18 +2660,17 @@ module Aws::GuardDuty
|
|
2699
2660
|
include Aws::Structure
|
2700
2661
|
end
|
2701
2662
|
|
2702
|
-
# Update Detector Request
|
2703
|
-
#
|
2704
2663
|
# @note When making an API call, you may pass UpdateDetectorRequest
|
2705
2664
|
# data as a hash:
|
2706
2665
|
#
|
2707
2666
|
# {
|
2708
|
-
# detector_id: "
|
2667
|
+
# detector_id: "DetectorId", # required
|
2709
2668
|
# enable: false,
|
2710
2669
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
2711
2670
|
# }
|
2712
2671
|
#
|
2713
2672
|
# @!attribute [rw] detector_id
|
2673
|
+
# The unique ID of the detector that you want to update.
|
2714
2674
|
# @return [String]
|
2715
2675
|
#
|
2716
2676
|
# @!attribute [rw] enable
|
@@ -2736,71 +2696,76 @@ module Aws::GuardDuty
|
|
2736
2696
|
#
|
2737
2697
|
class UpdateDetectorResponse < Aws::EmptyStructure; end
|
2738
2698
|
|
2739
|
-
# UpdateFilter request object.
|
2740
|
-
#
|
2741
2699
|
# @note When making an API call, you may pass UpdateFilterRequest
|
2742
2700
|
# data as a hash:
|
2743
2701
|
#
|
2744
2702
|
# {
|
2745
|
-
#
|
2703
|
+
# detector_id: "DetectorId", # required
|
2704
|
+
# filter_name: "String", # required
|
2746
2705
|
# description: "FilterDescription",
|
2747
|
-
#
|
2748
|
-
#
|
2706
|
+
# action: "NOOP", # accepts NOOP, ARCHIVE
|
2707
|
+
# rank: 1,
|
2749
2708
|
# finding_criteria: {
|
2750
2709
|
# criterion: {
|
2751
|
-
# "
|
2752
|
-
# eq: ["
|
2710
|
+
# "String" => {
|
2711
|
+
# eq: ["String"],
|
2712
|
+
# neq: ["String"],
|
2753
2713
|
# gt: 1,
|
2754
2714
|
# gte: 1,
|
2755
2715
|
# lt: 1,
|
2756
2716
|
# lte: 1,
|
2757
|
-
#
|
2717
|
+
# equals: ["String"],
|
2718
|
+
# not_equals: ["String"],
|
2719
|
+
# greater_than: 1,
|
2720
|
+
# greater_than_or_equal: 1,
|
2721
|
+
# less_than: 1,
|
2722
|
+
# less_than_or_equal: 1,
|
2758
2723
|
# },
|
2759
2724
|
# },
|
2760
2725
|
# },
|
2761
|
-
# rank: 1,
|
2762
2726
|
# }
|
2763
2727
|
#
|
2764
|
-
# @!attribute [rw]
|
2765
|
-
#
|
2766
|
-
#
|
2728
|
+
# @!attribute [rw] detector_id
|
2729
|
+
# The unique ID of the detector that specifies the GuardDuty service
|
2730
|
+
# where you want to update a filter.
|
2767
2731
|
# @return [String]
|
2768
2732
|
#
|
2769
|
-
# @!attribute [rw]
|
2770
|
-
# The
|
2733
|
+
# @!attribute [rw] filter_name
|
2734
|
+
# The name of the filter.
|
2771
2735
|
# @return [String]
|
2772
2736
|
#
|
2773
|
-
# @!attribute [rw]
|
2737
|
+
# @!attribute [rw] description
|
2738
|
+
# The description of the filter.
|
2774
2739
|
# @return [String]
|
2775
2740
|
#
|
2776
|
-
# @!attribute [rw]
|
2741
|
+
# @!attribute [rw] action
|
2742
|
+
# Specifies the action that is to be applied to the findings that
|
2743
|
+
# match the filter.
|
2777
2744
|
# @return [String]
|
2778
2745
|
#
|
2779
|
-
# @!attribute [rw] finding_criteria
|
2780
|
-
# Represents the criteria to be used in the filter for querying
|
2781
|
-
# findings.
|
2782
|
-
# @return [Types::FindingCriteria]
|
2783
|
-
#
|
2784
2746
|
# @!attribute [rw] rank
|
2785
2747
|
# Specifies the position of the filter in the list of current filters.
|
2786
2748
|
# Also specifies the order in which this filter is applied to the
|
2787
2749
|
# findings.
|
2788
2750
|
# @return [Integer]
|
2789
2751
|
#
|
2752
|
+
# @!attribute [rw] finding_criteria
|
2753
|
+
# Represents the criteria to be used in the filter for querying
|
2754
|
+
# findings.
|
2755
|
+
# @return [Types::FindingCriteria]
|
2756
|
+
#
|
2790
2757
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateFilterRequest AWS API Documentation
|
2791
2758
|
#
|
2792
2759
|
class UpdateFilterRequest < Struct.new(
|
2793
|
-
:action,
|
2794
|
-
:description,
|
2795
2760
|
:detector_id,
|
2796
2761
|
:filter_name,
|
2797
|
-
:
|
2798
|
-
:
|
2762
|
+
:description,
|
2763
|
+
:action,
|
2764
|
+
:rank,
|
2765
|
+
:finding_criteria)
|
2799
2766
|
include Aws::Structure
|
2800
2767
|
end
|
2801
2768
|
|
2802
|
-
# UpdateFilter response object.
|
2803
|
-
#
|
2804
2769
|
# @!attribute [rw] name
|
2805
2770
|
# The name of the filter.
|
2806
2771
|
# @return [String]
|
@@ -2812,40 +2777,40 @@ module Aws::GuardDuty
|
|
2812
2777
|
include Aws::Structure
|
2813
2778
|
end
|
2814
2779
|
|
2815
|
-
# Update findings feedback body
|
2816
|
-
#
|
2817
2780
|
# @note When making an API call, you may pass UpdateFindingsFeedbackRequest
|
2818
2781
|
# data as a hash:
|
2819
2782
|
#
|
2820
2783
|
# {
|
2821
|
-
#
|
2822
|
-
# detector_id: "__string", # required
|
2823
|
-
# feedback: "USEFUL", # required, accepts USEFUL, NOT_USEFUL
|
2784
|
+
# detector_id: "DetectorId", # required
|
2824
2785
|
# finding_ids: ["FindingId"], # required
|
2786
|
+
# feedback: "USEFUL", # required, accepts USEFUL, NOT_USEFUL
|
2787
|
+
# comments: "String",
|
2825
2788
|
# }
|
2826
2789
|
#
|
2827
|
-
# @!attribute [rw] comments
|
2828
|
-
# Additional feedback about the GuardDuty findings.
|
2829
|
-
# @return [String]
|
2830
|
-
#
|
2831
2790
|
# @!attribute [rw] detector_id
|
2791
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
2792
|
+
# findings you want to mark as useful or not useful.
|
2832
2793
|
# @return [String]
|
2833
2794
|
#
|
2795
|
+
# @!attribute [rw] finding_ids
|
2796
|
+
# IDs of the findings that you want to mark as useful or not useful.
|
2797
|
+
# @return [Array<String>]
|
2798
|
+
#
|
2834
2799
|
# @!attribute [rw] feedback
|
2835
2800
|
# Valid values: USEFUL \| NOT\_USEFUL
|
2836
2801
|
# @return [String]
|
2837
2802
|
#
|
2838
|
-
# @!attribute [rw]
|
2839
|
-
#
|
2840
|
-
# @return [
|
2803
|
+
# @!attribute [rw] comments
|
2804
|
+
# Additional feedback about the GuardDuty findings.
|
2805
|
+
# @return [String]
|
2841
2806
|
#
|
2842
2807
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateFindingsFeedbackRequest AWS API Documentation
|
2843
2808
|
#
|
2844
2809
|
class UpdateFindingsFeedbackRequest < Struct.new(
|
2845
|
-
:comments,
|
2846
2810
|
:detector_id,
|
2811
|
+
:finding_ids,
|
2847
2812
|
:feedback,
|
2848
|
-
:
|
2813
|
+
:comments)
|
2849
2814
|
include Aws::Structure
|
2850
2815
|
end
|
2851
2816
|
|
@@ -2853,28 +2818,28 @@ module Aws::GuardDuty
|
|
2853
2818
|
#
|
2854
2819
|
class UpdateFindingsFeedbackResponse < Aws::EmptyStructure; end
|
2855
2820
|
|
2856
|
-
# Update IP Set Request
|
2857
|
-
#
|
2858
2821
|
# @note When making an API call, you may pass UpdateIPSetRequest
|
2859
2822
|
# data as a hash:
|
2860
2823
|
#
|
2861
2824
|
# {
|
2862
|
-
#
|
2863
|
-
#
|
2864
|
-
# ip_set_id: "__string", # required
|
2865
|
-
# location: "Location",
|
2825
|
+
# detector_id: "DetectorId", # required
|
2826
|
+
# ip_set_id: "String", # required
|
2866
2827
|
# name: "Name",
|
2828
|
+
# location: "Location",
|
2829
|
+
# activate: false,
|
2867
2830
|
# }
|
2868
2831
|
#
|
2869
|
-
# @!attribute [rw] activate
|
2870
|
-
# The updated boolean value that specifies whether the IPSet is active
|
2871
|
-
# or not.
|
2872
|
-
# @return [Boolean]
|
2873
|
-
#
|
2874
2832
|
# @!attribute [rw] detector_id
|
2833
|
+
# The detectorID that specifies the GuardDuty service whose IPSet you
|
2834
|
+
# want to update.
|
2875
2835
|
# @return [String]
|
2876
2836
|
#
|
2877
2837
|
# @!attribute [rw] ip_set_id
|
2838
|
+
# The unique ID that specifies the IPSet that you want to update.
|
2839
|
+
# @return [String]
|
2840
|
+
#
|
2841
|
+
# @!attribute [rw] name
|
2842
|
+
# The unique ID that specifies the IPSet that you want to update.
|
2878
2843
|
# @return [String]
|
2879
2844
|
#
|
2880
2845
|
# @!attribute [rw] location
|
@@ -2882,18 +2847,19 @@ module Aws::GuardDuty
|
|
2882
2847
|
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
2883
2848
|
# @return [String]
|
2884
2849
|
#
|
2885
|
-
# @!attribute [rw]
|
2886
|
-
# The
|
2887
|
-
#
|
2850
|
+
# @!attribute [rw] activate
|
2851
|
+
# The updated boolean value that specifies whether the IPSet is active
|
2852
|
+
# or not.
|
2853
|
+
# @return [Boolean]
|
2888
2854
|
#
|
2889
2855
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateIPSetRequest AWS API Documentation
|
2890
2856
|
#
|
2891
2857
|
class UpdateIPSetRequest < Struct.new(
|
2892
|
-
:activate,
|
2893
2858
|
:detector_id,
|
2894
2859
|
:ip_set_id,
|
2860
|
+
:name,
|
2895
2861
|
:location,
|
2896
|
-
:
|
2862
|
+
:activate)
|
2897
2863
|
include Aws::Structure
|
2898
2864
|
end
|
2899
2865
|
|
@@ -2901,30 +2867,25 @@ module Aws::GuardDuty
|
|
2901
2867
|
#
|
2902
2868
|
class UpdateIPSetResponse < Aws::EmptyStructure; end
|
2903
2869
|
|
2904
|
-
# Update Threat Intel Set Request
|
2905
|
-
#
|
2906
2870
|
# @note When making an API call, you may pass UpdateThreatIntelSetRequest
|
2907
2871
|
# data as a hash:
|
2908
2872
|
#
|
2909
2873
|
# {
|
2910
|
-
#
|
2911
|
-
#
|
2912
|
-
# location: "Location",
|
2874
|
+
# detector_id: "DetectorId", # required
|
2875
|
+
# threat_intel_set_id: "String", # required
|
2913
2876
|
# name: "Name",
|
2914
|
-
#
|
2877
|
+
# location: "Location",
|
2878
|
+
# activate: false,
|
2915
2879
|
# }
|
2916
2880
|
#
|
2917
|
-
# @!attribute [rw] activate
|
2918
|
-
# The updated boolean value that specifies whether the ThreateIntelSet
|
2919
|
-
# is active or not.
|
2920
|
-
# @return [Boolean]
|
2921
|
-
#
|
2922
2881
|
# @!attribute [rw] detector_id
|
2882
|
+
# The detectorID that specifies the GuardDuty service whose
|
2883
|
+
# ThreatIntelSet you want to update.
|
2923
2884
|
# @return [String]
|
2924
2885
|
#
|
2925
|
-
# @!attribute [rw]
|
2926
|
-
# The
|
2927
|
-
#
|
2886
|
+
# @!attribute [rw] threat_intel_set_id
|
2887
|
+
# The unique ID that specifies the ThreatIntelSet that you want to
|
2888
|
+
# update.
|
2928
2889
|
# @return [String]
|
2929
2890
|
#
|
2930
2891
|
# @!attribute [rw] name
|
@@ -2932,17 +2893,24 @@ module Aws::GuardDuty
|
|
2932
2893
|
# update.
|
2933
2894
|
# @return [String]
|
2934
2895
|
#
|
2935
|
-
# @!attribute [rw]
|
2896
|
+
# @!attribute [rw] location
|
2897
|
+
# The updated URI of the file that contains the ThreateIntelSet. For
|
2898
|
+
# example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
2936
2899
|
# @return [String]
|
2937
2900
|
#
|
2901
|
+
# @!attribute [rw] activate
|
2902
|
+
# The updated boolean value that specifies whether the ThreateIntelSet
|
2903
|
+
# is active or not.
|
2904
|
+
# @return [Boolean]
|
2905
|
+
#
|
2938
2906
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateThreatIntelSetRequest AWS API Documentation
|
2939
2907
|
#
|
2940
2908
|
class UpdateThreatIntelSetRequest < Struct.new(
|
2941
|
-
:activate,
|
2942
2909
|
:detector_id,
|
2943
|
-
:
|
2910
|
+
:threat_intel_set_id,
|
2944
2911
|
:name,
|
2945
|
-
:
|
2912
|
+
:location,
|
2913
|
+
:activate)
|
2946
2914
|
include Aws::Structure
|
2947
2915
|
end
|
2948
2916
|
|