aws-sdk-guardduty 1.24.0 → 1.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +358 -50
- data/lib/aws-sdk-guardduty/client_api.rb +124 -0
- data/lib/aws-sdk-guardduty/types.rb +471 -69
- metadata +2 -2
@@ -37,6 +37,8 @@ module Aws::GuardDuty
|
|
37
37
|
CreateIPSetResponse = Shapes::StructureShape.new(name: 'CreateIPSetResponse')
|
38
38
|
CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
|
39
39
|
CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
|
40
|
+
CreatePublishingDestinationRequest = Shapes::StructureShape.new(name: 'CreatePublishingDestinationRequest')
|
41
|
+
CreatePublishingDestinationResponse = Shapes::StructureShape.new(name: 'CreatePublishingDestinationResponse')
|
40
42
|
CreateSampleFindingsRequest = Shapes::StructureShape.new(name: 'CreateSampleFindingsRequest')
|
41
43
|
CreateSampleFindingsResponse = Shapes::StructureShape.new(name: 'CreateSampleFindingsResponse')
|
42
44
|
CreateThreatIntelSetRequest = Shapes::StructureShape.new(name: 'CreateThreatIntelSetRequest')
|
@@ -54,8 +56,16 @@ module Aws::GuardDuty
|
|
54
56
|
DeleteInvitationsResponse = Shapes::StructureShape.new(name: 'DeleteInvitationsResponse')
|
55
57
|
DeleteMembersRequest = Shapes::StructureShape.new(name: 'DeleteMembersRequest')
|
56
58
|
DeleteMembersResponse = Shapes::StructureShape.new(name: 'DeleteMembersResponse')
|
59
|
+
DeletePublishingDestinationRequest = Shapes::StructureShape.new(name: 'DeletePublishingDestinationRequest')
|
60
|
+
DeletePublishingDestinationResponse = Shapes::StructureShape.new(name: 'DeletePublishingDestinationResponse')
|
57
61
|
DeleteThreatIntelSetRequest = Shapes::StructureShape.new(name: 'DeleteThreatIntelSetRequest')
|
58
62
|
DeleteThreatIntelSetResponse = Shapes::StructureShape.new(name: 'DeleteThreatIntelSetResponse')
|
63
|
+
DescribePublishingDestinationRequest = Shapes::StructureShape.new(name: 'DescribePublishingDestinationRequest')
|
64
|
+
DescribePublishingDestinationResponse = Shapes::StructureShape.new(name: 'DescribePublishingDestinationResponse')
|
65
|
+
Destination = Shapes::StructureShape.new(name: 'Destination')
|
66
|
+
DestinationProperties = Shapes::StructureShape.new(name: 'DestinationProperties')
|
67
|
+
DestinationType = Shapes::StringShape.new(name: 'DestinationType')
|
68
|
+
Destinations = Shapes::ListShape.new(name: 'Destinations')
|
59
69
|
DetectorId = Shapes::StringShape.new(name: 'DetectorId')
|
60
70
|
DetectorIds = Shapes::ListShape.new(name: 'DetectorIds')
|
61
71
|
DetectorStatus = Shapes::StringShape.new(name: 'DetectorStatus')
|
@@ -131,6 +141,8 @@ module Aws::GuardDuty
|
|
131
141
|
ListInvitationsResponse = Shapes::StructureShape.new(name: 'ListInvitationsResponse')
|
132
142
|
ListMembersRequest = Shapes::StructureShape.new(name: 'ListMembersRequest')
|
133
143
|
ListMembersResponse = Shapes::StructureShape.new(name: 'ListMembersResponse')
|
144
|
+
ListPublishingDestinationsRequest = Shapes::StructureShape.new(name: 'ListPublishingDestinationsRequest')
|
145
|
+
ListPublishingDestinationsResponse = Shapes::StructureShape.new(name: 'ListPublishingDestinationsResponse')
|
134
146
|
ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
|
135
147
|
ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
|
136
148
|
ListThreatIntelSetsRequest = Shapes::StructureShape.new(name: 'ListThreatIntelSetsRequest')
|
@@ -157,6 +169,7 @@ module Aws::GuardDuty
|
|
157
169
|
PrivateIpAddresses = Shapes::ListShape.new(name: 'PrivateIpAddresses')
|
158
170
|
ProductCode = Shapes::StructureShape.new(name: 'ProductCode')
|
159
171
|
ProductCodes = Shapes::ListShape.new(name: 'ProductCodes')
|
172
|
+
PublishingStatus = Shapes::StringShape.new(name: 'PublishingStatus')
|
160
173
|
RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
|
161
174
|
RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
|
162
175
|
Resource = Shapes::StructureShape.new(name: 'Resource')
|
@@ -197,6 +210,8 @@ module Aws::GuardDuty
|
|
197
210
|
UpdateFindingsFeedbackResponse = Shapes::StructureShape.new(name: 'UpdateFindingsFeedbackResponse')
|
198
211
|
UpdateIPSetRequest = Shapes::StructureShape.new(name: 'UpdateIPSetRequest')
|
199
212
|
UpdateIPSetResponse = Shapes::StructureShape.new(name: 'UpdateIPSetResponse')
|
213
|
+
UpdatePublishingDestinationRequest = Shapes::StructureShape.new(name: 'UpdatePublishingDestinationRequest')
|
214
|
+
UpdatePublishingDestinationResponse = Shapes::StructureShape.new(name: 'UpdatePublishingDestinationResponse')
|
200
215
|
UpdateThreatIntelSetRequest = Shapes::StructureShape.new(name: 'UpdateThreatIntelSetRequest')
|
201
216
|
UpdateThreatIntelSetResponse = Shapes::StructureShape.new(name: 'UpdateThreatIntelSetResponse')
|
202
217
|
|
@@ -310,6 +325,15 @@ module Aws::GuardDuty
|
|
310
325
|
CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
|
311
326
|
CreateMembersResponse.struct_class = Types::CreateMembersResponse
|
312
327
|
|
328
|
+
CreatePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
329
|
+
CreatePublishingDestinationRequest.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
|
330
|
+
CreatePublishingDestinationRequest.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, required: true, location_name: "destinationProperties"))
|
331
|
+
CreatePublishingDestinationRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
|
332
|
+
CreatePublishingDestinationRequest.struct_class = Types::CreatePublishingDestinationRequest
|
333
|
+
|
334
|
+
CreatePublishingDestinationResponse.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
|
335
|
+
CreatePublishingDestinationResponse.struct_class = Types::CreatePublishingDestinationResponse
|
336
|
+
|
313
337
|
CreateSampleFindingsRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
314
338
|
CreateSampleFindingsRequest.add_member(:finding_types, Shapes::ShapeRef.new(shape: FindingTypes, location_name: "findingTypes"))
|
315
339
|
CreateSampleFindingsRequest.struct_class = Types::CreateSampleFindingsRequest
|
@@ -367,12 +391,40 @@ module Aws::GuardDuty
|
|
367
391
|
DeleteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
|
368
392
|
DeleteMembersResponse.struct_class = Types::DeleteMembersResponse
|
369
393
|
|
394
|
+
DeletePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
395
|
+
DeletePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
|
396
|
+
DeletePublishingDestinationRequest.struct_class = Types::DeletePublishingDestinationRequest
|
397
|
+
|
398
|
+
DeletePublishingDestinationResponse.struct_class = Types::DeletePublishingDestinationResponse
|
399
|
+
|
370
400
|
DeleteThreatIntelSetRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
371
401
|
DeleteThreatIntelSetRequest.add_member(:threat_intel_set_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "threatIntelSetId"))
|
372
402
|
DeleteThreatIntelSetRequest.struct_class = Types::DeleteThreatIntelSetRequest
|
373
403
|
|
374
404
|
DeleteThreatIntelSetResponse.struct_class = Types::DeleteThreatIntelSetResponse
|
375
405
|
|
406
|
+
DescribePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
407
|
+
DescribePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
|
408
|
+
DescribePublishingDestinationRequest.struct_class = Types::DescribePublishingDestinationRequest
|
409
|
+
|
410
|
+
DescribePublishingDestinationResponse.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
|
411
|
+
DescribePublishingDestinationResponse.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
|
412
|
+
DescribePublishingDestinationResponse.add_member(:status, Shapes::ShapeRef.new(shape: PublishingStatus, required: true, location_name: "status"))
|
413
|
+
DescribePublishingDestinationResponse.add_member(:publishing_failure_start_timestamp, Shapes::ShapeRef.new(shape: Long, required: true, location_name: "publishingFailureStartTimestamp"))
|
414
|
+
DescribePublishingDestinationResponse.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, required: true, location_name: "destinationProperties"))
|
415
|
+
DescribePublishingDestinationResponse.struct_class = Types::DescribePublishingDestinationResponse
|
416
|
+
|
417
|
+
Destination.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
|
418
|
+
Destination.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
|
419
|
+
Destination.add_member(:status, Shapes::ShapeRef.new(shape: PublishingStatus, required: true, location_name: "status"))
|
420
|
+
Destination.struct_class = Types::Destination
|
421
|
+
|
422
|
+
DestinationProperties.add_member(:destination_arn, Shapes::ShapeRef.new(shape: String, location_name: "destinationArn"))
|
423
|
+
DestinationProperties.add_member(:kms_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "kmsKeyArn"))
|
424
|
+
DestinationProperties.struct_class = Types::DestinationProperties
|
425
|
+
|
426
|
+
Destinations.member = Shapes::ShapeRef.new(shape: Destination)
|
427
|
+
|
376
428
|
DetectorIds.member = Shapes::ShapeRef.new(shape: DetectorId)
|
377
429
|
|
378
430
|
DisassociateFromMasterAccountRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
@@ -615,6 +667,15 @@ module Aws::GuardDuty
|
|
615
667
|
ListMembersResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
|
616
668
|
ListMembersResponse.struct_class = Types::ListMembersResponse
|
617
669
|
|
670
|
+
ListPublishingDestinationsRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
671
|
+
ListPublishingDestinationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "maxResults"))
|
672
|
+
ListPublishingDestinationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location: "querystring", location_name: "nextToken"))
|
673
|
+
ListPublishingDestinationsRequest.struct_class = Types::ListPublishingDestinationsRequest
|
674
|
+
|
675
|
+
ListPublishingDestinationsResponse.add_member(:destinations, Shapes::ShapeRef.new(shape: Destinations, required: true, location_name: "destinations"))
|
676
|
+
ListPublishingDestinationsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
|
677
|
+
ListPublishingDestinationsResponse.struct_class = Types::ListPublishingDestinationsResponse
|
678
|
+
|
618
679
|
ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: GuardDutyArn, required: true, location: "uri", location_name: "resourceArn"))
|
619
680
|
ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
|
620
681
|
|
@@ -837,6 +898,13 @@ module Aws::GuardDuty
|
|
837
898
|
|
838
899
|
UpdateIPSetResponse.struct_class = Types::UpdateIPSetResponse
|
839
900
|
|
901
|
+
UpdatePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
902
|
+
UpdatePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
|
903
|
+
UpdatePublishingDestinationRequest.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, location_name: "destinationProperties"))
|
904
|
+
UpdatePublishingDestinationRequest.struct_class = Types::UpdatePublishingDestinationRequest
|
905
|
+
|
906
|
+
UpdatePublishingDestinationResponse.struct_class = Types::UpdatePublishingDestinationResponse
|
907
|
+
|
840
908
|
UpdateThreatIntelSetRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
841
909
|
UpdateThreatIntelSetRequest.add_member(:threat_intel_set_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "threatIntelSetId"))
|
842
910
|
UpdateThreatIntelSetRequest.add_member(:name, Shapes::ShapeRef.new(shape: Name, location_name: "name"))
|
@@ -924,6 +992,16 @@ module Aws::GuardDuty
|
|
924
992
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
925
993
|
end)
|
926
994
|
|
995
|
+
api.add_operation(:create_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
|
996
|
+
o.name = "CreatePublishingDestination"
|
997
|
+
o.http_method = "POST"
|
998
|
+
o.http_request_uri = "/detector/{detectorId}/publishingDestination"
|
999
|
+
o.input = Shapes::ShapeRef.new(shape: CreatePublishingDestinationRequest)
|
1000
|
+
o.output = Shapes::ShapeRef.new(shape: CreatePublishingDestinationResponse)
|
1001
|
+
o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
|
1002
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1003
|
+
end)
|
1004
|
+
|
927
1005
|
api.add_operation(:create_sample_findings, Seahorse::Model::Operation.new.tap do |o|
|
928
1006
|
o.name = "CreateSampleFindings"
|
929
1007
|
o.http_method = "POST"
|
@@ -1004,6 +1082,16 @@ module Aws::GuardDuty
|
|
1004
1082
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1005
1083
|
end)
|
1006
1084
|
|
1085
|
+
api.add_operation(:delete_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
|
1086
|
+
o.name = "DeletePublishingDestination"
|
1087
|
+
o.http_method = "DELETE"
|
1088
|
+
o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
|
1089
|
+
o.input = Shapes::ShapeRef.new(shape: DeletePublishingDestinationRequest)
|
1090
|
+
o.output = Shapes::ShapeRef.new(shape: DeletePublishingDestinationResponse)
|
1091
|
+
o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
|
1092
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1093
|
+
end)
|
1094
|
+
|
1007
1095
|
api.add_operation(:delete_threat_intel_set, Seahorse::Model::Operation.new.tap do |o|
|
1008
1096
|
o.name = "DeleteThreatIntelSet"
|
1009
1097
|
o.http_method = "DELETE"
|
@@ -1014,6 +1102,16 @@ module Aws::GuardDuty
|
|
1014
1102
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1015
1103
|
end)
|
1016
1104
|
|
1105
|
+
api.add_operation(:describe_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
|
1106
|
+
o.name = "DescribePublishingDestination"
|
1107
|
+
o.http_method = "GET"
|
1108
|
+
o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
|
1109
|
+
o.input = Shapes::ShapeRef.new(shape: DescribePublishingDestinationRequest)
|
1110
|
+
o.output = Shapes::ShapeRef.new(shape: DescribePublishingDestinationResponse)
|
1111
|
+
o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
|
1112
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1113
|
+
end)
|
1114
|
+
|
1017
1115
|
api.add_operation(:disassociate_from_master_account, Seahorse::Model::Operation.new.tap do |o|
|
1018
1116
|
o.name = "DisassociateFromMasterAccount"
|
1019
1117
|
o.http_method = "POST"
|
@@ -1230,6 +1328,22 @@ module Aws::GuardDuty
|
|
1230
1328
|
)
|
1231
1329
|
end)
|
1232
1330
|
|
1331
|
+
api.add_operation(:list_publishing_destinations, Seahorse::Model::Operation.new.tap do |o|
|
1332
|
+
o.name = "ListPublishingDestinations"
|
1333
|
+
o.http_method = "GET"
|
1334
|
+
o.http_request_uri = "/detector/{detectorId}/publishingDestination"
|
1335
|
+
o.input = Shapes::ShapeRef.new(shape: ListPublishingDestinationsRequest)
|
1336
|
+
o.output = Shapes::ShapeRef.new(shape: ListPublishingDestinationsResponse)
|
1337
|
+
o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
|
1338
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1339
|
+
o[:pager] = Aws::Pager.new(
|
1340
|
+
limit_key: "max_results",
|
1341
|
+
tokens: {
|
1342
|
+
"next_token" => "next_token"
|
1343
|
+
}
|
1344
|
+
)
|
1345
|
+
end)
|
1346
|
+
|
1233
1347
|
api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
|
1234
1348
|
o.name = "ListTagsForResource"
|
1235
1349
|
o.http_method = "GET"
|
@@ -1346,6 +1460,16 @@ module Aws::GuardDuty
|
|
1346
1460
|
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1347
1461
|
end)
|
1348
1462
|
|
1463
|
+
api.add_operation(:update_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
|
1464
|
+
o.name = "UpdatePublishingDestination"
|
1465
|
+
o.http_method = "POST"
|
1466
|
+
o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
|
1467
|
+
o.input = Shapes::ShapeRef.new(shape: UpdatePublishingDestinationRequest)
|
1468
|
+
o.output = Shapes::ShapeRef.new(shape: UpdatePublishingDestinationResponse)
|
1469
|
+
o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
|
1470
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
|
1471
|
+
end)
|
1472
|
+
|
1349
1473
|
api.add_operation(:update_threat_intel_set, Seahorse::Model::Operation.new.tap do |o|
|
1350
1474
|
o.name = "UpdateThreatIntelSet"
|
1351
1475
|
o.http_method = "POST"
|
@@ -247,33 +247,33 @@ module Aws::GuardDuty
|
|
247
247
|
# }
|
248
248
|
#
|
249
249
|
# @!attribute [rw] eq
|
250
|
-
#
|
251
|
-
#
|
250
|
+
# Represents the equal condition to be applied to a single field when
|
251
|
+
# querying for findings.
|
252
252
|
# @return [Array<String>]
|
253
253
|
#
|
254
254
|
# @!attribute [rw] neq
|
255
|
-
#
|
256
|
-
#
|
255
|
+
# Represents the not equal condition to be applied to a single field
|
256
|
+
# when querying for findings.
|
257
257
|
# @return [Array<String>]
|
258
258
|
#
|
259
259
|
# @!attribute [rw] gt
|
260
|
-
#
|
261
|
-
#
|
260
|
+
# Represents a greater than condition to be applied to a single field
|
261
|
+
# when querying for findings.
|
262
262
|
# @return [Integer]
|
263
263
|
#
|
264
264
|
# @!attribute [rw] gte
|
265
|
-
#
|
266
|
-
#
|
265
|
+
# Represents a greater than equal condition to be applied to a single
|
266
|
+
# field when querying for findings.
|
267
267
|
# @return [Integer]
|
268
268
|
#
|
269
269
|
# @!attribute [rw] lt
|
270
|
-
#
|
271
|
-
#
|
270
|
+
# Represents a less than condition to be applied to a single field
|
271
|
+
# when querying for findings.
|
272
272
|
# @return [Integer]
|
273
273
|
#
|
274
274
|
# @!attribute [rw] lte
|
275
|
-
#
|
276
|
-
#
|
275
|
+
# Represents a less than equal condition to be applied to a single
|
276
|
+
# field when querying for findings.
|
277
277
|
# @return [Integer]
|
278
278
|
#
|
279
279
|
# @!attribute [rw] equals
|
@@ -324,7 +324,8 @@ module Aws::GuardDuty
|
|
324
324
|
include Aws::Structure
|
325
325
|
end
|
326
326
|
|
327
|
-
# Contains information about the country
|
327
|
+
# Contains information about the country in which the remote IP address
|
328
|
+
# is located.
|
328
329
|
#
|
329
330
|
# @!attribute [rw] country_code
|
330
331
|
# Country code of the remote IP address.
|
@@ -612,6 +613,62 @@ module Aws::GuardDuty
|
|
612
613
|
include Aws::Structure
|
613
614
|
end
|
614
615
|
|
616
|
+
# @note When making an API call, you may pass CreatePublishingDestinationRequest
|
617
|
+
# data as a hash:
|
618
|
+
#
|
619
|
+
# {
|
620
|
+
# detector_id: "DetectorId", # required
|
621
|
+
# destination_type: "S3", # required, accepts S3
|
622
|
+
# destination_properties: { # required
|
623
|
+
# destination_arn: "String",
|
624
|
+
# kms_key_arn: "String",
|
625
|
+
# },
|
626
|
+
# client_token: "ClientToken",
|
627
|
+
# }
|
628
|
+
#
|
629
|
+
# @!attribute [rw] detector_id
|
630
|
+
# The ID of the GuardDuty detector associated with the publishing
|
631
|
+
# destination.
|
632
|
+
# @return [String]
|
633
|
+
#
|
634
|
+
# @!attribute [rw] destination_type
|
635
|
+
# The type of resource for the publishing destination. Currently only
|
636
|
+
# S3 is supported.
|
637
|
+
# @return [String]
|
638
|
+
#
|
639
|
+
# @!attribute [rw] destination_properties
|
640
|
+
# Properties of the publishing destination, including the ARNs for the
|
641
|
+
# destination and the KMS key used for encryption.
|
642
|
+
# @return [Types::DestinationProperties]
|
643
|
+
#
|
644
|
+
# @!attribute [rw] client_token
|
645
|
+
# The idempotency token for the request.
|
646
|
+
#
|
647
|
+
# **A suitable default value is auto-generated.** You should normally
|
648
|
+
# not need to pass this option.
|
649
|
+
# @return [String]
|
650
|
+
#
|
651
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreatePublishingDestinationRequest AWS API Documentation
|
652
|
+
#
|
653
|
+
class CreatePublishingDestinationRequest < Struct.new(
|
654
|
+
:detector_id,
|
655
|
+
:destination_type,
|
656
|
+
:destination_properties,
|
657
|
+
:client_token)
|
658
|
+
include Aws::Structure
|
659
|
+
end
|
660
|
+
|
661
|
+
# @!attribute [rw] destination_id
|
662
|
+
# The ID of the publishing destination created.
|
663
|
+
# @return [String]
|
664
|
+
#
|
665
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreatePublishingDestinationResponse AWS API Documentation
|
666
|
+
#
|
667
|
+
class CreatePublishingDestinationResponse < Struct.new(
|
668
|
+
:destination_id)
|
669
|
+
include Aws::Structure
|
670
|
+
end
|
671
|
+
|
615
672
|
# @note When making an API call, you may pass CreateSampleFindingsRequest
|
616
673
|
# data as a hash:
|
617
674
|
#
|
@@ -625,7 +682,7 @@ module Aws::GuardDuty
|
|
625
682
|
# @return [String]
|
626
683
|
#
|
627
684
|
# @!attribute [rw] finding_types
|
628
|
-
# Types of sample findings
|
685
|
+
# Types of sample findings to generate.
|
629
686
|
# @return [Array<String>]
|
630
687
|
#
|
631
688
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateSampleFindingsRequest AWS API Documentation
|
@@ -806,11 +863,11 @@ module Aws::GuardDuty
|
|
806
863
|
# }
|
807
864
|
#
|
808
865
|
# @!attribute [rw] detector_id
|
809
|
-
# The unique ID of the detector
|
866
|
+
# The unique ID of the detector associated with the IPSet.
|
810
867
|
# @return [String]
|
811
868
|
#
|
812
869
|
# @!attribute [rw] ip_set_id
|
813
|
-
# The unique ID of the
|
870
|
+
# The unique ID of the IPSet to delete.
|
814
871
|
# @return [String]
|
815
872
|
#
|
816
873
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteIPSetRequest AWS API Documentation
|
@@ -893,6 +950,35 @@ module Aws::GuardDuty
|
|
893
950
|
include Aws::Structure
|
894
951
|
end
|
895
952
|
|
953
|
+
# @note When making an API call, you may pass DeletePublishingDestinationRequest
|
954
|
+
# data as a hash:
|
955
|
+
#
|
956
|
+
# {
|
957
|
+
# detector_id: "DetectorId", # required
|
958
|
+
# destination_id: "String", # required
|
959
|
+
# }
|
960
|
+
#
|
961
|
+
# @!attribute [rw] detector_id
|
962
|
+
# The unique ID of the detector associated with the publishing
|
963
|
+
# destination to delete.
|
964
|
+
# @return [String]
|
965
|
+
#
|
966
|
+
# @!attribute [rw] destination_id
|
967
|
+
# The ID of the publishing destination to delete.
|
968
|
+
# @return [String]
|
969
|
+
#
|
970
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeletePublishingDestinationRequest AWS API Documentation
|
971
|
+
#
|
972
|
+
class DeletePublishingDestinationRequest < Struct.new(
|
973
|
+
:detector_id,
|
974
|
+
:destination_id)
|
975
|
+
include Aws::Structure
|
976
|
+
end
|
977
|
+
|
978
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeletePublishingDestinationResponse AWS API Documentation
|
979
|
+
#
|
980
|
+
class DeletePublishingDestinationResponse < Aws::EmptyStructure; end
|
981
|
+
|
896
982
|
# @note When making an API call, you may pass DeleteThreatIntelSetRequest
|
897
983
|
# data as a hash:
|
898
984
|
#
|
@@ -921,6 +1007,117 @@ module Aws::GuardDuty
|
|
921
1007
|
#
|
922
1008
|
class DeleteThreatIntelSetResponse < Aws::EmptyStructure; end
|
923
1009
|
|
1010
|
+
# @note When making an API call, you may pass DescribePublishingDestinationRequest
|
1011
|
+
# data as a hash:
|
1012
|
+
#
|
1013
|
+
# {
|
1014
|
+
# detector_id: "DetectorId", # required
|
1015
|
+
# destination_id: "String", # required
|
1016
|
+
# }
|
1017
|
+
#
|
1018
|
+
# @!attribute [rw] detector_id
|
1019
|
+
# The unique ID of the detector associated with the publishing
|
1020
|
+
# destination to retrieve.
|
1021
|
+
# @return [String]
|
1022
|
+
#
|
1023
|
+
# @!attribute [rw] destination_id
|
1024
|
+
# The ID of the publishing destination to retrieve.
|
1025
|
+
# @return [String]
|
1026
|
+
#
|
1027
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribePublishingDestinationRequest AWS API Documentation
|
1028
|
+
#
|
1029
|
+
class DescribePublishingDestinationRequest < Struct.new(
|
1030
|
+
:detector_id,
|
1031
|
+
:destination_id)
|
1032
|
+
include Aws::Structure
|
1033
|
+
end
|
1034
|
+
|
1035
|
+
# @!attribute [rw] destination_id
|
1036
|
+
# The ID of the publishing destination.
|
1037
|
+
# @return [String]
|
1038
|
+
#
|
1039
|
+
# @!attribute [rw] destination_type
|
1040
|
+
# The type of the publishing destination. Currently, only S3 is
|
1041
|
+
# supported.
|
1042
|
+
# @return [String]
|
1043
|
+
#
|
1044
|
+
# @!attribute [rw] status
|
1045
|
+
# The status of the publishing destination.
|
1046
|
+
# @return [String]
|
1047
|
+
#
|
1048
|
+
# @!attribute [rw] publishing_failure_start_timestamp
|
1049
|
+
# The time, in epoch millisecond format, at which GuardDuty was first
|
1050
|
+
# unable to publish findings to the destination.
|
1051
|
+
# @return [Integer]
|
1052
|
+
#
|
1053
|
+
# @!attribute [rw] destination_properties
|
1054
|
+
# A `DestinationProperties` object that includes the `DestinationArn`
|
1055
|
+
# and `KmsKeyArn` of the publishing destination.
|
1056
|
+
# @return [Types::DestinationProperties]
|
1057
|
+
#
|
1058
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribePublishingDestinationResponse AWS API Documentation
|
1059
|
+
#
|
1060
|
+
class DescribePublishingDestinationResponse < Struct.new(
|
1061
|
+
:destination_id,
|
1062
|
+
:destination_type,
|
1063
|
+
:status,
|
1064
|
+
:publishing_failure_start_timestamp,
|
1065
|
+
:destination_properties)
|
1066
|
+
include Aws::Structure
|
1067
|
+
end
|
1068
|
+
|
1069
|
+
# Contains information about a publishing destination, including the ID,
|
1070
|
+
# type, and status.
|
1071
|
+
#
|
1072
|
+
# @!attribute [rw] destination_id
|
1073
|
+
# The unique ID of the publishing destination.
|
1074
|
+
# @return [String]
|
1075
|
+
#
|
1076
|
+
# @!attribute [rw] destination_type
|
1077
|
+
# The type of resource used for the publishing destination. Currently,
|
1078
|
+
# only S3 is supported.
|
1079
|
+
# @return [String]
|
1080
|
+
#
|
1081
|
+
# @!attribute [rw] status
|
1082
|
+
# The status of the publishing destination.
|
1083
|
+
# @return [String]
|
1084
|
+
#
|
1085
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Destination AWS API Documentation
|
1086
|
+
#
|
1087
|
+
class Destination < Struct.new(
|
1088
|
+
:destination_id,
|
1089
|
+
:destination_type,
|
1090
|
+
:status)
|
1091
|
+
include Aws::Structure
|
1092
|
+
end
|
1093
|
+
|
1094
|
+
# Contains the ARN of the resource to publish to, such as an S3 bucket,
|
1095
|
+
# and the ARN of the KMS key to use to encrypt published findings.
|
1096
|
+
#
|
1097
|
+
# @note When making an API call, you may pass DestinationProperties
|
1098
|
+
# data as a hash:
|
1099
|
+
#
|
1100
|
+
# {
|
1101
|
+
# destination_arn: "String",
|
1102
|
+
# kms_key_arn: "String",
|
1103
|
+
# }
|
1104
|
+
#
|
1105
|
+
# @!attribute [rw] destination_arn
|
1106
|
+
# The ARN of the resource to publish to.
|
1107
|
+
# @return [String]
|
1108
|
+
#
|
1109
|
+
# @!attribute [rw] kms_key_arn
|
1110
|
+
# The ARN of the KMS key to use for encryption.
|
1111
|
+
# @return [String]
|
1112
|
+
#
|
1113
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DestinationProperties AWS API Documentation
|
1114
|
+
#
|
1115
|
+
class DestinationProperties < Struct.new(
|
1116
|
+
:destination_arn,
|
1117
|
+
:kms_key_arn)
|
1118
|
+
include Aws::Structure
|
1119
|
+
end
|
1120
|
+
|
924
1121
|
# @note When making an API call, you may pass DisassociateFromMasterAccountRequest
|
925
1122
|
# data as a hash:
|
926
1123
|
#
|
@@ -981,10 +1178,11 @@ module Aws::GuardDuty
|
|
981
1178
|
include Aws::Structure
|
982
1179
|
end
|
983
1180
|
|
984
|
-
# Contains information about the DNS
|
1181
|
+
# Contains information about the DNS\_REQUEST action described in this
|
1182
|
+
# finding.
|
985
1183
|
#
|
986
1184
|
# @!attribute [rw] domain
|
987
|
-
# Domain information for the
|
1185
|
+
# Domain information for the API request.
|
988
1186
|
# @return [String]
|
989
1187
|
#
|
990
1188
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DnsRequestAction AWS API Documentation
|
@@ -1020,7 +1218,8 @@ module Aws::GuardDuty
|
|
1020
1218
|
include Aws::Structure
|
1021
1219
|
end
|
1022
1220
|
|
1023
|
-
# Contains information about the finding
|
1221
|
+
# Contains information about the finding, which is generated when
|
1222
|
+
# abnormal or suspicious activity is detected.
|
1024
1223
|
#
|
1025
1224
|
# @!attribute [rw] account_id
|
1026
1225
|
# The ID of the account in which the finding was generated.
|
@@ -1055,7 +1254,8 @@ module Aws::GuardDuty
|
|
1055
1254
|
# @return [String]
|
1056
1255
|
#
|
1057
1256
|
# @!attribute [rw] resource
|
1058
|
-
# Contains information about the resource
|
1257
|
+
# Contains information about the AWS resource associated with the
|
1258
|
+
# activity that prompted GuardDuty to generate a finding.
|
1059
1259
|
# @return [Types::Resource]
|
1060
1260
|
#
|
1061
1261
|
# @!attribute [rw] schema_version
|
@@ -1063,7 +1263,7 @@ module Aws::GuardDuty
|
|
1063
1263
|
# @return [String]
|
1064
1264
|
#
|
1065
1265
|
# @!attribute [rw] service
|
1066
|
-
# Contains information about the
|
1266
|
+
# Contains additional information about the generated finding.
|
1067
1267
|
# @return [Types::Service]
|
1068
1268
|
#
|
1069
1269
|
# @!attribute [rw] severity
|
@@ -1103,7 +1303,7 @@ module Aws::GuardDuty
|
|
1103
1303
|
include Aws::Structure
|
1104
1304
|
end
|
1105
1305
|
|
1106
|
-
# Contains
|
1306
|
+
# Contains information about the criteria used for querying findings.
|
1107
1307
|
#
|
1108
1308
|
# @note When making an API call, you may pass FindingCriteria
|
1109
1309
|
# data as a hash:
|
@@ -1153,7 +1353,7 @@ module Aws::GuardDuty
|
|
1153
1353
|
include Aws::Structure
|
1154
1354
|
end
|
1155
1355
|
|
1156
|
-
# Contains information about the
|
1356
|
+
# Contains information about the location of the remote IP address.
|
1157
1357
|
#
|
1158
1358
|
# @!attribute [rw] lat
|
1159
1359
|
# Latitude information of remote IP address.
|
@@ -1406,7 +1606,7 @@ module Aws::GuardDuty
|
|
1406
1606
|
# @return [String]
|
1407
1607
|
#
|
1408
1608
|
# @!attribute [rw] ip_set_id
|
1409
|
-
# The unique ID of the
|
1609
|
+
# The unique ID of the IPSet to retrieve.
|
1410
1610
|
# @return [String]
|
1411
1611
|
#
|
1412
1612
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetRequest AWS API Documentation
|
@@ -1418,9 +1618,7 @@ module Aws::GuardDuty
|
|
1418
1618
|
end
|
1419
1619
|
|
1420
1620
|
# @!attribute [rw] name
|
1421
|
-
# The user friendly name
|
1422
|
-
# in all findings that are triggered by activity that involves IP
|
1423
|
-
# addresses included in this IPSet.
|
1621
|
+
# The user friendly name for the IPSet.
|
1424
1622
|
# @return [String]
|
1425
1623
|
#
|
1426
1624
|
# @!attribute [rw] format
|
@@ -1598,7 +1796,7 @@ module Aws::GuardDuty
|
|
1598
1796
|
include Aws::Structure
|
1599
1797
|
end
|
1600
1798
|
|
1601
|
-
# Contains information about the instance profile.
|
1799
|
+
# Contains information about the EC2 instance profile.
|
1602
1800
|
#
|
1603
1801
|
# @!attribute [rw] arn
|
1604
1802
|
# AWS EC2 instance profile ARN.
|
@@ -1702,15 +1900,15 @@ module Aws::GuardDuty
|
|
1702
1900
|
include Aws::Structure
|
1703
1901
|
end
|
1704
1902
|
|
1705
|
-
# Contains information about the invitation.
|
1903
|
+
# Contains information about the invitation to become a member account.
|
1706
1904
|
#
|
1707
1905
|
# @!attribute [rw] account_id
|
1708
|
-
#
|
1906
|
+
# The ID of the account from which the invitations was sent.
|
1709
1907
|
# @return [String]
|
1710
1908
|
#
|
1711
1909
|
# @!attribute [rw] invitation_id
|
1712
|
-
# This value is used to validate the inviter
|
1713
|
-
# account.
|
1910
|
+
# The ID of the invitation. This value is used to validate the inviter
|
1911
|
+
# account to the member account.
|
1714
1912
|
# @return [String]
|
1715
1913
|
#
|
1716
1914
|
# @!attribute [rw] relationship_status
|
@@ -1719,7 +1917,7 @@ module Aws::GuardDuty
|
|
1719
1917
|
# @return [String]
|
1720
1918
|
#
|
1721
1919
|
# @!attribute [rw] invited_at
|
1722
|
-
# Timestamp at which the invitation was sent
|
1920
|
+
# Timestamp at which the invitation was sent.
|
1723
1921
|
# @return [String]
|
1724
1922
|
#
|
1725
1923
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Invitation AWS API Documentation
|
@@ -1922,7 +2120,113 @@ module Aws::GuardDuty
|
|
1922
2120
|
# @return [String]
|
1923
2121
|
#
|
1924
2122
|
# @!attribute [rw] finding_criteria
|
1925
|
-
# Represents the criteria used for querying findings.
|
2123
|
+
# Represents the criteria used for querying findings. Valid values
|
2124
|
+
# include:
|
2125
|
+
#
|
2126
|
+
# * JSON field name
|
2127
|
+
#
|
2128
|
+
# * accountId
|
2129
|
+
#
|
2130
|
+
# * region
|
2131
|
+
#
|
2132
|
+
# * confidence
|
2133
|
+
#
|
2134
|
+
# * id
|
2135
|
+
#
|
2136
|
+
# * resource.accessKeyDetails.accessKeyId
|
2137
|
+
#
|
2138
|
+
# * resource.accessKeyDetails.principalId
|
2139
|
+
#
|
2140
|
+
# * resource.accessKeyDetails.userName
|
2141
|
+
#
|
2142
|
+
# * resource.accessKeyDetails.userType
|
2143
|
+
#
|
2144
|
+
# * resource.instanceDetails.iamInstanceProfile.id
|
2145
|
+
#
|
2146
|
+
# * resource.instanceDetails.imageId
|
2147
|
+
#
|
2148
|
+
# * resource.instanceDetails.instanceId
|
2149
|
+
#
|
2150
|
+
# * resource.instanceDetails.networkInterfaces.ipv6Addresses
|
2151
|
+
#
|
2152
|
+
# * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
|
2153
|
+
#
|
2154
|
+
# * resource.instanceDetails.networkInterfaces.publicDnsName
|
2155
|
+
#
|
2156
|
+
# * resource.instanceDetails.networkInterfaces.publicIp
|
2157
|
+
#
|
2158
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupId
|
2159
|
+
#
|
2160
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupName
|
2161
|
+
#
|
2162
|
+
# * resource.instanceDetails.networkInterfaces.subnetId
|
2163
|
+
#
|
2164
|
+
# * resource.instanceDetails.networkInterfaces.vpcId
|
2165
|
+
#
|
2166
|
+
# * resource.instanceDetails.tags.key
|
2167
|
+
#
|
2168
|
+
# * resource.instanceDetails.tags.value
|
2169
|
+
#
|
2170
|
+
# * resource.resourceType
|
2171
|
+
#
|
2172
|
+
# * service.action.actionType
|
2173
|
+
#
|
2174
|
+
# * service.action.awsApiCallAction.api
|
2175
|
+
#
|
2176
|
+
# * service.action.awsApiCallAction.callerType
|
2177
|
+
#
|
2178
|
+
# * service.action.awsApiCallAction.remoteIpDetails.city.cityName
|
2179
|
+
#
|
2180
|
+
# * service.action.awsApiCallAction.remoteIpDetails.country.countryName
|
2181
|
+
#
|
2182
|
+
# * service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
|
2183
|
+
#
|
2184
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asn
|
2185
|
+
#
|
2186
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
|
2187
|
+
#
|
2188
|
+
# * service.action.awsApiCallAction.serviceName
|
2189
|
+
#
|
2190
|
+
# * service.action.dnsRequestAction.domain
|
2191
|
+
#
|
2192
|
+
# * service.action.networkConnectionAction.blocked
|
2193
|
+
#
|
2194
|
+
# * service.action.networkConnectionAction.connectionDirection
|
2195
|
+
#
|
2196
|
+
# * service.action.networkConnectionAction.localPortDetails.port
|
2197
|
+
#
|
2198
|
+
# * service.action.networkConnectionAction.protocol
|
2199
|
+
#
|
2200
|
+
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
2201
|
+
#
|
2202
|
+
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
2203
|
+
#
|
2204
|
+
# * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
|
2205
|
+
#
|
2206
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asn
|
2207
|
+
#
|
2208
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
|
2209
|
+
#
|
2210
|
+
# * service.action.networkConnectionAction.remotePortDetails.port
|
2211
|
+
#
|
2212
|
+
# * service.additionalInfo.threatListName
|
2213
|
+
#
|
2214
|
+
# * service.archived
|
2215
|
+
#
|
2216
|
+
# When this attribute is set to 'true', only archived findings are
|
2217
|
+
# listed. When it's set to 'false', only unarchived findings are
|
2218
|
+
# listed. When this attribute is not set, all existing findings are
|
2219
|
+
# listed.
|
2220
|
+
#
|
2221
|
+
# * service.resourceRole
|
2222
|
+
#
|
2223
|
+
# * severity
|
2224
|
+
#
|
2225
|
+
# * type
|
2226
|
+
#
|
2227
|
+
# * updatedAt
|
2228
|
+
#
|
2229
|
+
# Type: Timestamp in Unix Epoch millisecond format: 1486685375000
|
1926
2230
|
# @return [Types::FindingCriteria]
|
1927
2231
|
#
|
1928
2232
|
# @!attribute [rw] sort_criteria
|
@@ -2132,6 +2436,61 @@ module Aws::GuardDuty
|
|
2132
2436
|
include Aws::Structure
|
2133
2437
|
end
|
2134
2438
|
|
2439
|
+
# @note When making an API call, you may pass ListPublishingDestinationsRequest
|
2440
|
+
# data as a hash:
|
2441
|
+
#
|
2442
|
+
# {
|
2443
|
+
# detector_id: "DetectorId", # required
|
2444
|
+
# max_results: 1,
|
2445
|
+
# next_token: "String",
|
2446
|
+
# }
|
2447
|
+
#
|
2448
|
+
# @!attribute [rw] detector_id
|
2449
|
+
# The ID of the detector to retrieve publishing destinations for.
|
2450
|
+
# @return [String]
|
2451
|
+
#
|
2452
|
+
# @!attribute [rw] max_results
|
2453
|
+
# The maximum number of results to return in the response.
|
2454
|
+
# @return [Integer]
|
2455
|
+
#
|
2456
|
+
# @!attribute [rw] next_token
|
2457
|
+
# A token to use for paginating results returned in the repsonse. Set
|
2458
|
+
# the value of this parameter to null for the first request to a list
|
2459
|
+
# action. For subsequent calls, use the `NextToken` value returned
|
2460
|
+
# from the previous request to continue listing results after the
|
2461
|
+
# first page.
|
2462
|
+
# @return [String]
|
2463
|
+
#
|
2464
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListPublishingDestinationsRequest AWS API Documentation
|
2465
|
+
#
|
2466
|
+
class ListPublishingDestinationsRequest < Struct.new(
|
2467
|
+
:detector_id,
|
2468
|
+
:max_results,
|
2469
|
+
:next_token)
|
2470
|
+
include Aws::Structure
|
2471
|
+
end
|
2472
|
+
|
2473
|
+
# @!attribute [rw] destinations
|
2474
|
+
# A `Destinations` obect that includes information about each
|
2475
|
+
# publishing destination returned.
|
2476
|
+
# @return [Array<Types::Destination>]
|
2477
|
+
#
|
2478
|
+
# @!attribute [rw] next_token
|
2479
|
+
# A token to use for paginating results returned in the repsonse. Set
|
2480
|
+
# the value of this parameter to null for the first request to a list
|
2481
|
+
# action. For subsequent calls, use the `NextToken` value returned
|
2482
|
+
# from the previous request to continue listing results after the
|
2483
|
+
# first page.
|
2484
|
+
# @return [String]
|
2485
|
+
#
|
2486
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListPublishingDestinationsResponse AWS API Documentation
|
2487
|
+
#
|
2488
|
+
class ListPublishingDestinationsResponse < Struct.new(
|
2489
|
+
:destinations,
|
2490
|
+
:next_token)
|
2491
|
+
include Aws::Structure
|
2492
|
+
end
|
2493
|
+
|
2135
2494
|
# @note When making an API call, you may pass ListTagsForResourceRequest
|
2136
2495
|
# data as a hash:
|
2137
2496
|
#
|
@@ -2181,11 +2540,11 @@ module Aws::GuardDuty
|
|
2181
2540
|
# @return [Integer]
|
2182
2541
|
#
|
2183
2542
|
# @!attribute [rw] next_token
|
2184
|
-
# You can use this parameter
|
2185
|
-
# this parameter to null on your first call to the list
|
2186
|
-
# subsequent calls to the action fill nextToken in the
|
2187
|
-
# the value of NextToken from the previous response to
|
2188
|
-
# listing data.
|
2543
|
+
# You can use this parameter to paginate results in the response. Set
|
2544
|
+
# the value of this parameter to null on your first call to the list
|
2545
|
+
# action. For subsequent calls to the action fill nextToken in the
|
2546
|
+
# request with the value of NextToken from the previous response to
|
2547
|
+
# continue listing data.
|
2189
2548
|
# @return [String]
|
2190
2549
|
#
|
2191
2550
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsRequest AWS API Documentation
|
@@ -2305,7 +2664,8 @@ module Aws::GuardDuty
|
|
2305
2664
|
include Aws::Structure
|
2306
2665
|
end
|
2307
2666
|
|
2308
|
-
# Contains information about the
|
2667
|
+
# Contains information about the NETWORK\_CONNECTION action described in
|
2668
|
+
# the finding.
|
2309
2669
|
#
|
2310
2670
|
# @!attribute [rw] blocked
|
2311
2671
|
# Network connection blocked information.
|
@@ -2343,7 +2703,7 @@ module Aws::GuardDuty
|
|
2343
2703
|
include Aws::Structure
|
2344
2704
|
end
|
2345
2705
|
|
2346
|
-
# Contains information about the network interface.
|
2706
|
+
# Contains information about the network interface of the Ec2 instance.
|
2347
2707
|
#
|
2348
2708
|
# @!attribute [rw] ipv_6_addresses
|
2349
2709
|
# A list of EC2 instance IPv6 address information.
|
@@ -2401,7 +2761,8 @@ module Aws::GuardDuty
|
|
2401
2761
|
include Aws::Structure
|
2402
2762
|
end
|
2403
2763
|
|
2404
|
-
# Continas information about the organization
|
2764
|
+
# Continas information about the ISP organization of the remote IP
|
2765
|
+
# address.
|
2405
2766
|
#
|
2406
2767
|
# @!attribute [rw] asn
|
2407
2768
|
# Autonomous system number of the internet provider of the remote IP
|
@@ -2430,7 +2791,8 @@ module Aws::GuardDuty
|
|
2430
2791
|
include Aws::Structure
|
2431
2792
|
end
|
2432
2793
|
|
2433
|
-
# Contains information about the
|
2794
|
+
# Contains information about the PORT\_PROBE action described in the
|
2795
|
+
# finding.
|
2434
2796
|
#
|
2435
2797
|
# @!attribute [rw] blocked
|
2436
2798
|
# Port probe blocked information.
|
@@ -2466,7 +2828,7 @@ module Aws::GuardDuty
|
|
2466
2828
|
include Aws::Structure
|
2467
2829
|
end
|
2468
2830
|
|
2469
|
-
# Contains information
|
2831
|
+
# Contains other private IP address information of the EC2 instance.
|
2470
2832
|
#
|
2471
2833
|
# @!attribute [rw] private_dns_name
|
2472
2834
|
# Private DNS name of the EC2 instance.
|
@@ -2484,7 +2846,7 @@ module Aws::GuardDuty
|
|
2484
2846
|
include Aws::Structure
|
2485
2847
|
end
|
2486
2848
|
|
2487
|
-
# Contains information about the product code.
|
2849
|
+
# Contains information about the product code for the Ec2 instance.
|
2488
2850
|
#
|
2489
2851
|
# @!attribute [rw] code
|
2490
2852
|
# Product code information.
|
@@ -2502,7 +2864,7 @@ module Aws::GuardDuty
|
|
2502
2864
|
include Aws::Structure
|
2503
2865
|
end
|
2504
2866
|
|
2505
|
-
# Continas information about the remote IP address.
|
2867
|
+
# Continas information about the remote IP address of the connection.
|
2506
2868
|
#
|
2507
2869
|
# @!attribute [rw] city
|
2508
2870
|
# City information of the remote IP address.
|
@@ -2553,7 +2915,8 @@ module Aws::GuardDuty
|
|
2553
2915
|
include Aws::Structure
|
2554
2916
|
end
|
2555
2917
|
|
2556
|
-
# Contains information about the resource
|
2918
|
+
# Contains information about the AWS resource associated with the
|
2919
|
+
# activity that prompted GuardDuty to generate a finding.
|
2557
2920
|
#
|
2558
2921
|
# @!attribute [rw] access_key_details
|
2559
2922
|
# The IAM access key details (IAM user information) of a user that
|
@@ -2579,7 +2942,8 @@ module Aws::GuardDuty
|
|
2579
2942
|
include Aws::Structure
|
2580
2943
|
end
|
2581
2944
|
|
2582
|
-
# Contains information about the security
|
2945
|
+
# Contains information about the security groups associated with the EC2
|
2946
|
+
# instance.
|
2583
2947
|
#
|
2584
2948
|
# @!attribute [rw] group_id
|
2585
2949
|
# EC2 instance's security group ID.
|
@@ -2597,7 +2961,7 @@ module Aws::GuardDuty
|
|
2597
2961
|
include Aws::Structure
|
2598
2962
|
end
|
2599
2963
|
|
2600
|
-
# Contains information about the
|
2964
|
+
# Contains additional information about the generated finding.
|
2601
2965
|
#
|
2602
2966
|
# @!attribute [rw] action
|
2603
2967
|
# Information about the activity described in a finding.
|
@@ -2657,7 +3021,7 @@ module Aws::GuardDuty
|
|
2657
3021
|
include Aws::Structure
|
2658
3022
|
end
|
2659
3023
|
|
2660
|
-
# Contains information about the criteria for sorting.
|
3024
|
+
# Contains information about the criteria used for sorting findings.
|
2661
3025
|
#
|
2662
3026
|
# @note When making an API call, you may pass SortCriteria
|
2663
3027
|
# data as a hash:
|
@@ -2693,13 +3057,13 @@ module Aws::GuardDuty
|
|
2693
3057
|
# }
|
2694
3058
|
#
|
2695
3059
|
# @!attribute [rw] detector_id
|
2696
|
-
# The unique ID of the detector of the GuardDuty account
|
2697
|
-
#
|
3060
|
+
# The unique ID of the detector of the GuardDuty master account
|
3061
|
+
# associated with the member accounts to monitor.
|
2698
3062
|
# @return [String]
|
2699
3063
|
#
|
2700
3064
|
# @!attribute [rw] account_ids
|
2701
|
-
# A list of account IDs of the GuardDuty member accounts
|
2702
|
-
#
|
3065
|
+
# A list of account IDs of the GuardDuty member accounts to start
|
3066
|
+
# monitoring.
|
2703
3067
|
# @return [Array<String>]
|
2704
3068
|
#
|
2705
3069
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMonitoringMembersRequest AWS API Documentation
|
@@ -2760,7 +3124,7 @@ module Aws::GuardDuty
|
|
2760
3124
|
include Aws::Structure
|
2761
3125
|
end
|
2762
3126
|
|
2763
|
-
# Contains information about
|
3127
|
+
# Contains information about a tag associated with the Ec2 instance.
|
2764
3128
|
#
|
2765
3129
|
# @!attribute [rw] key
|
2766
3130
|
# EC2 instance tag key.
|
@@ -2789,7 +3153,8 @@ module Aws::GuardDuty
|
|
2789
3153
|
# }
|
2790
3154
|
#
|
2791
3155
|
# @!attribute [rw] resource_arn
|
2792
|
-
# The Amazon Resource Name (ARN) for the
|
3156
|
+
# The Amazon Resource Name (ARN) for the GuardDuty resource to apply a
|
3157
|
+
# tag to.
|
2793
3158
|
# @return [String]
|
2794
3159
|
#
|
2795
3160
|
# @!attribute [rw] tags
|
@@ -2837,12 +3202,11 @@ module Aws::GuardDuty
|
|
2837
3202
|
# }
|
2838
3203
|
#
|
2839
3204
|
# @!attribute [rw] detector_id
|
2840
|
-
# The ID of the detector
|
2841
|
-
# findings you want to unarchive.
|
3205
|
+
# The ID of the detector associated with the findings to unarchive.
|
2842
3206
|
# @return [String]
|
2843
3207
|
#
|
2844
3208
|
# @!attribute [rw] finding_ids
|
2845
|
-
# IDs of the findings
|
3209
|
+
# IDs of the findings to unarchive.
|
2846
3210
|
# @return [Array<String>]
|
2847
3211
|
#
|
2848
3212
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UnarchiveFindingsRequest AWS API Documentation
|
@@ -2884,11 +3248,11 @@ module Aws::GuardDuty
|
|
2884
3248
|
# }
|
2885
3249
|
#
|
2886
3250
|
# @!attribute [rw] resource_arn
|
2887
|
-
# The Amazon Resource Name (ARN) for the
|
3251
|
+
# The Amazon Resource Name (ARN) for the resource to remove tags from.
|
2888
3252
|
# @return [String]
|
2889
3253
|
#
|
2890
3254
|
# @!attribute [rw] tag_keys
|
2891
|
-
# The tag keys to remove from
|
3255
|
+
# The tag keys to remove from the resource.
|
2892
3256
|
# @return [Array<String>]
|
2893
3257
|
#
|
2894
3258
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UntagResourceRequest AWS API Documentation
|
@@ -2913,17 +3277,16 @@ module Aws::GuardDuty
|
|
2913
3277
|
# }
|
2914
3278
|
#
|
2915
3279
|
# @!attribute [rw] detector_id
|
2916
|
-
# The unique ID of the detector
|
3280
|
+
# The unique ID of the detector to update.
|
2917
3281
|
# @return [String]
|
2918
3282
|
#
|
2919
3283
|
# @!attribute [rw] enable
|
2920
|
-
#
|
2921
|
-
# detector is enabled.
|
3284
|
+
# Specifies whether the detector is enabled or not enabled.
|
2922
3285
|
# @return [Boolean]
|
2923
3286
|
#
|
2924
3287
|
# @!attribute [rw] finding_publishing_frequency
|
2925
|
-
# A enum value that specifies how frequently
|
2926
|
-
#
|
3288
|
+
# A enum value that specifies how frequently findings are exported,
|
3289
|
+
# such as to CloudWatch Events.
|
2927
3290
|
# @return [String]
|
2928
3291
|
#
|
2929
3292
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetectorRequest AWS API Documentation
|
@@ -3031,8 +3394,8 @@ module Aws::GuardDuty
|
|
3031
3394
|
# }
|
3032
3395
|
#
|
3033
3396
|
# @!attribute [rw] detector_id
|
3034
|
-
# The ID of the detector
|
3035
|
-
#
|
3397
|
+
# The ID of the detector associated with the findings to update
|
3398
|
+
# feedback for.
|
3036
3399
|
# @return [String]
|
3037
3400
|
#
|
3038
3401
|
# @!attribute [rw] finding_ids
|
@@ -3040,7 +3403,7 @@ module Aws::GuardDuty
|
|
3040
3403
|
# @return [Array<String>]
|
3041
3404
|
#
|
3042
3405
|
# @!attribute [rw] feedback
|
3043
|
-
#
|
3406
|
+
# The feedback for the finding.
|
3044
3407
|
# @return [String]
|
3045
3408
|
#
|
3046
3409
|
# @!attribute [rw] comments
|
@@ -3110,6 +3473,45 @@ module Aws::GuardDuty
|
|
3110
3473
|
#
|
3111
3474
|
class UpdateIPSetResponse < Aws::EmptyStructure; end
|
3112
3475
|
|
3476
|
+
# @note When making an API call, you may pass UpdatePublishingDestinationRequest
|
3477
|
+
# data as a hash:
|
3478
|
+
#
|
3479
|
+
# {
|
3480
|
+
# detector_id: "DetectorId", # required
|
3481
|
+
# destination_id: "String", # required
|
3482
|
+
# destination_properties: {
|
3483
|
+
# destination_arn: "String",
|
3484
|
+
# kms_key_arn: "String",
|
3485
|
+
# },
|
3486
|
+
# }
|
3487
|
+
#
|
3488
|
+
# @!attribute [rw] detector_id
|
3489
|
+
# The ID of the
|
3490
|
+
# @return [String]
|
3491
|
+
#
|
3492
|
+
# @!attribute [rw] destination_id
|
3493
|
+
# The ID of the detector associated with the publishing destinations
|
3494
|
+
# to update.
|
3495
|
+
# @return [String]
|
3496
|
+
#
|
3497
|
+
# @!attribute [rw] destination_properties
|
3498
|
+
# A `DestinationProperties` object that includes the `DestinationArn`
|
3499
|
+
# and `KmsKeyArn` of the publishing destination.
|
3500
|
+
# @return [Types::DestinationProperties]
|
3501
|
+
#
|
3502
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdatePublishingDestinationRequest AWS API Documentation
|
3503
|
+
#
|
3504
|
+
class UpdatePublishingDestinationRequest < Struct.new(
|
3505
|
+
:detector_id,
|
3506
|
+
:destination_id,
|
3507
|
+
:destination_properties)
|
3508
|
+
include Aws::Structure
|
3509
|
+
end
|
3510
|
+
|
3511
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdatePublishingDestinationResponse AWS API Documentation
|
3512
|
+
#
|
3513
|
+
class UpdatePublishingDestinationResponse < Aws::EmptyStructure; end
|
3514
|
+
|
3113
3515
|
# @note When making an API call, you may pass UpdateThreatIntelSetRequest
|
3114
3516
|
# data as a hash:
|
3115
3517
|
#
|