aws-sdk-guardduty 1.24.0 → 1.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -37,6 +37,8 @@ module Aws::GuardDuty
37
37
  CreateIPSetResponse = Shapes::StructureShape.new(name: 'CreateIPSetResponse')
38
38
  CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
39
39
  CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
40
+ CreatePublishingDestinationRequest = Shapes::StructureShape.new(name: 'CreatePublishingDestinationRequest')
41
+ CreatePublishingDestinationResponse = Shapes::StructureShape.new(name: 'CreatePublishingDestinationResponse')
40
42
  CreateSampleFindingsRequest = Shapes::StructureShape.new(name: 'CreateSampleFindingsRequest')
41
43
  CreateSampleFindingsResponse = Shapes::StructureShape.new(name: 'CreateSampleFindingsResponse')
42
44
  CreateThreatIntelSetRequest = Shapes::StructureShape.new(name: 'CreateThreatIntelSetRequest')
@@ -54,8 +56,16 @@ module Aws::GuardDuty
54
56
  DeleteInvitationsResponse = Shapes::StructureShape.new(name: 'DeleteInvitationsResponse')
55
57
  DeleteMembersRequest = Shapes::StructureShape.new(name: 'DeleteMembersRequest')
56
58
  DeleteMembersResponse = Shapes::StructureShape.new(name: 'DeleteMembersResponse')
59
+ DeletePublishingDestinationRequest = Shapes::StructureShape.new(name: 'DeletePublishingDestinationRequest')
60
+ DeletePublishingDestinationResponse = Shapes::StructureShape.new(name: 'DeletePublishingDestinationResponse')
57
61
  DeleteThreatIntelSetRequest = Shapes::StructureShape.new(name: 'DeleteThreatIntelSetRequest')
58
62
  DeleteThreatIntelSetResponse = Shapes::StructureShape.new(name: 'DeleteThreatIntelSetResponse')
63
+ DescribePublishingDestinationRequest = Shapes::StructureShape.new(name: 'DescribePublishingDestinationRequest')
64
+ DescribePublishingDestinationResponse = Shapes::StructureShape.new(name: 'DescribePublishingDestinationResponse')
65
+ Destination = Shapes::StructureShape.new(name: 'Destination')
66
+ DestinationProperties = Shapes::StructureShape.new(name: 'DestinationProperties')
67
+ DestinationType = Shapes::StringShape.new(name: 'DestinationType')
68
+ Destinations = Shapes::ListShape.new(name: 'Destinations')
59
69
  DetectorId = Shapes::StringShape.new(name: 'DetectorId')
60
70
  DetectorIds = Shapes::ListShape.new(name: 'DetectorIds')
61
71
  DetectorStatus = Shapes::StringShape.new(name: 'DetectorStatus')
@@ -131,6 +141,8 @@ module Aws::GuardDuty
131
141
  ListInvitationsResponse = Shapes::StructureShape.new(name: 'ListInvitationsResponse')
132
142
  ListMembersRequest = Shapes::StructureShape.new(name: 'ListMembersRequest')
133
143
  ListMembersResponse = Shapes::StructureShape.new(name: 'ListMembersResponse')
144
+ ListPublishingDestinationsRequest = Shapes::StructureShape.new(name: 'ListPublishingDestinationsRequest')
145
+ ListPublishingDestinationsResponse = Shapes::StructureShape.new(name: 'ListPublishingDestinationsResponse')
134
146
  ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
135
147
  ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
136
148
  ListThreatIntelSetsRequest = Shapes::StructureShape.new(name: 'ListThreatIntelSetsRequest')
@@ -157,6 +169,7 @@ module Aws::GuardDuty
157
169
  PrivateIpAddresses = Shapes::ListShape.new(name: 'PrivateIpAddresses')
158
170
  ProductCode = Shapes::StructureShape.new(name: 'ProductCode')
159
171
  ProductCodes = Shapes::ListShape.new(name: 'ProductCodes')
172
+ PublishingStatus = Shapes::StringShape.new(name: 'PublishingStatus')
160
173
  RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
161
174
  RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
162
175
  Resource = Shapes::StructureShape.new(name: 'Resource')
@@ -197,6 +210,8 @@ module Aws::GuardDuty
197
210
  UpdateFindingsFeedbackResponse = Shapes::StructureShape.new(name: 'UpdateFindingsFeedbackResponse')
198
211
  UpdateIPSetRequest = Shapes::StructureShape.new(name: 'UpdateIPSetRequest')
199
212
  UpdateIPSetResponse = Shapes::StructureShape.new(name: 'UpdateIPSetResponse')
213
+ UpdatePublishingDestinationRequest = Shapes::StructureShape.new(name: 'UpdatePublishingDestinationRequest')
214
+ UpdatePublishingDestinationResponse = Shapes::StructureShape.new(name: 'UpdatePublishingDestinationResponse')
200
215
  UpdateThreatIntelSetRequest = Shapes::StructureShape.new(name: 'UpdateThreatIntelSetRequest')
201
216
  UpdateThreatIntelSetResponse = Shapes::StructureShape.new(name: 'UpdateThreatIntelSetResponse')
202
217
 
@@ -310,6 +325,15 @@ module Aws::GuardDuty
310
325
  CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
311
326
  CreateMembersResponse.struct_class = Types::CreateMembersResponse
312
327
 
328
+ CreatePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
329
+ CreatePublishingDestinationRequest.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
330
+ CreatePublishingDestinationRequest.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, required: true, location_name: "destinationProperties"))
331
+ CreatePublishingDestinationRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
332
+ CreatePublishingDestinationRequest.struct_class = Types::CreatePublishingDestinationRequest
333
+
334
+ CreatePublishingDestinationResponse.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
335
+ CreatePublishingDestinationResponse.struct_class = Types::CreatePublishingDestinationResponse
336
+
313
337
  CreateSampleFindingsRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
314
338
  CreateSampleFindingsRequest.add_member(:finding_types, Shapes::ShapeRef.new(shape: FindingTypes, location_name: "findingTypes"))
315
339
  CreateSampleFindingsRequest.struct_class = Types::CreateSampleFindingsRequest
@@ -367,12 +391,40 @@ module Aws::GuardDuty
367
391
  DeleteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
368
392
  DeleteMembersResponse.struct_class = Types::DeleteMembersResponse
369
393
 
394
+ DeletePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
395
+ DeletePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
396
+ DeletePublishingDestinationRequest.struct_class = Types::DeletePublishingDestinationRequest
397
+
398
+ DeletePublishingDestinationResponse.struct_class = Types::DeletePublishingDestinationResponse
399
+
370
400
  DeleteThreatIntelSetRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
371
401
  DeleteThreatIntelSetRequest.add_member(:threat_intel_set_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "threatIntelSetId"))
372
402
  DeleteThreatIntelSetRequest.struct_class = Types::DeleteThreatIntelSetRequest
373
403
 
374
404
  DeleteThreatIntelSetResponse.struct_class = Types::DeleteThreatIntelSetResponse
375
405
 
406
+ DescribePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
407
+ DescribePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
408
+ DescribePublishingDestinationRequest.struct_class = Types::DescribePublishingDestinationRequest
409
+
410
+ DescribePublishingDestinationResponse.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
411
+ DescribePublishingDestinationResponse.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
412
+ DescribePublishingDestinationResponse.add_member(:status, Shapes::ShapeRef.new(shape: PublishingStatus, required: true, location_name: "status"))
413
+ DescribePublishingDestinationResponse.add_member(:publishing_failure_start_timestamp, Shapes::ShapeRef.new(shape: Long, required: true, location_name: "publishingFailureStartTimestamp"))
414
+ DescribePublishingDestinationResponse.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, required: true, location_name: "destinationProperties"))
415
+ DescribePublishingDestinationResponse.struct_class = Types::DescribePublishingDestinationResponse
416
+
417
+ Destination.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "destinationId"))
418
+ Destination.add_member(:destination_type, Shapes::ShapeRef.new(shape: DestinationType, required: true, location_name: "destinationType"))
419
+ Destination.add_member(:status, Shapes::ShapeRef.new(shape: PublishingStatus, required: true, location_name: "status"))
420
+ Destination.struct_class = Types::Destination
421
+
422
+ DestinationProperties.add_member(:destination_arn, Shapes::ShapeRef.new(shape: String, location_name: "destinationArn"))
423
+ DestinationProperties.add_member(:kms_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "kmsKeyArn"))
424
+ DestinationProperties.struct_class = Types::DestinationProperties
425
+
426
+ Destinations.member = Shapes::ShapeRef.new(shape: Destination)
427
+
376
428
  DetectorIds.member = Shapes::ShapeRef.new(shape: DetectorId)
377
429
 
378
430
  DisassociateFromMasterAccountRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
@@ -615,6 +667,15 @@ module Aws::GuardDuty
615
667
  ListMembersResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
616
668
  ListMembersResponse.struct_class = Types::ListMembersResponse
617
669
 
670
+ ListPublishingDestinationsRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
671
+ ListPublishingDestinationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "maxResults"))
672
+ ListPublishingDestinationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location: "querystring", location_name: "nextToken"))
673
+ ListPublishingDestinationsRequest.struct_class = Types::ListPublishingDestinationsRequest
674
+
675
+ ListPublishingDestinationsResponse.add_member(:destinations, Shapes::ShapeRef.new(shape: Destinations, required: true, location_name: "destinations"))
676
+ ListPublishingDestinationsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
677
+ ListPublishingDestinationsResponse.struct_class = Types::ListPublishingDestinationsResponse
678
+
618
679
  ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: GuardDutyArn, required: true, location: "uri", location_name: "resourceArn"))
619
680
  ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
620
681
 
@@ -837,6 +898,13 @@ module Aws::GuardDuty
837
898
 
838
899
  UpdateIPSetResponse.struct_class = Types::UpdateIPSetResponse
839
900
 
901
+ UpdatePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
902
+ UpdatePublishingDestinationRequest.add_member(:destination_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "destinationId"))
903
+ UpdatePublishingDestinationRequest.add_member(:destination_properties, Shapes::ShapeRef.new(shape: DestinationProperties, location_name: "destinationProperties"))
904
+ UpdatePublishingDestinationRequest.struct_class = Types::UpdatePublishingDestinationRequest
905
+
906
+ UpdatePublishingDestinationResponse.struct_class = Types::UpdatePublishingDestinationResponse
907
+
840
908
  UpdateThreatIntelSetRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
841
909
  UpdateThreatIntelSetRequest.add_member(:threat_intel_set_id, Shapes::ShapeRef.new(shape: String, required: true, location: "uri", location_name: "threatIntelSetId"))
842
910
  UpdateThreatIntelSetRequest.add_member(:name, Shapes::ShapeRef.new(shape: Name, location_name: "name"))
@@ -924,6 +992,16 @@ module Aws::GuardDuty
924
992
  o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
925
993
  end)
926
994
 
995
+ api.add_operation(:create_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
996
+ o.name = "CreatePublishingDestination"
997
+ o.http_method = "POST"
998
+ o.http_request_uri = "/detector/{detectorId}/publishingDestination"
999
+ o.input = Shapes::ShapeRef.new(shape: CreatePublishingDestinationRequest)
1000
+ o.output = Shapes::ShapeRef.new(shape: CreatePublishingDestinationResponse)
1001
+ o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
1002
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1003
+ end)
1004
+
927
1005
  api.add_operation(:create_sample_findings, Seahorse::Model::Operation.new.tap do |o|
928
1006
  o.name = "CreateSampleFindings"
929
1007
  o.http_method = "POST"
@@ -1004,6 +1082,16 @@ module Aws::GuardDuty
1004
1082
  o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1005
1083
  end)
1006
1084
 
1085
+ api.add_operation(:delete_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
1086
+ o.name = "DeletePublishingDestination"
1087
+ o.http_method = "DELETE"
1088
+ o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
1089
+ o.input = Shapes::ShapeRef.new(shape: DeletePublishingDestinationRequest)
1090
+ o.output = Shapes::ShapeRef.new(shape: DeletePublishingDestinationResponse)
1091
+ o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
1092
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1093
+ end)
1094
+
1007
1095
  api.add_operation(:delete_threat_intel_set, Seahorse::Model::Operation.new.tap do |o|
1008
1096
  o.name = "DeleteThreatIntelSet"
1009
1097
  o.http_method = "DELETE"
@@ -1014,6 +1102,16 @@ module Aws::GuardDuty
1014
1102
  o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1015
1103
  end)
1016
1104
 
1105
+ api.add_operation(:describe_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
1106
+ o.name = "DescribePublishingDestination"
1107
+ o.http_method = "GET"
1108
+ o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
1109
+ o.input = Shapes::ShapeRef.new(shape: DescribePublishingDestinationRequest)
1110
+ o.output = Shapes::ShapeRef.new(shape: DescribePublishingDestinationResponse)
1111
+ o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
1112
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1113
+ end)
1114
+
1017
1115
  api.add_operation(:disassociate_from_master_account, Seahorse::Model::Operation.new.tap do |o|
1018
1116
  o.name = "DisassociateFromMasterAccount"
1019
1117
  o.http_method = "POST"
@@ -1230,6 +1328,22 @@ module Aws::GuardDuty
1230
1328
  )
1231
1329
  end)
1232
1330
 
1331
+ api.add_operation(:list_publishing_destinations, Seahorse::Model::Operation.new.tap do |o|
1332
+ o.name = "ListPublishingDestinations"
1333
+ o.http_method = "GET"
1334
+ o.http_request_uri = "/detector/{detectorId}/publishingDestination"
1335
+ o.input = Shapes::ShapeRef.new(shape: ListPublishingDestinationsRequest)
1336
+ o.output = Shapes::ShapeRef.new(shape: ListPublishingDestinationsResponse)
1337
+ o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
1338
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1339
+ o[:pager] = Aws::Pager.new(
1340
+ limit_key: "max_results",
1341
+ tokens: {
1342
+ "next_token" => "next_token"
1343
+ }
1344
+ )
1345
+ end)
1346
+
1233
1347
  api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
1234
1348
  o.name = "ListTagsForResource"
1235
1349
  o.http_method = "GET"
@@ -1346,6 +1460,16 @@ module Aws::GuardDuty
1346
1460
  o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1347
1461
  end)
1348
1462
 
1463
+ api.add_operation(:update_publishing_destination, Seahorse::Model::Operation.new.tap do |o|
1464
+ o.name = "UpdatePublishingDestination"
1465
+ o.http_method = "POST"
1466
+ o.http_request_uri = "/detector/{detectorId}/publishingDestination/{destinationId}"
1467
+ o.input = Shapes::ShapeRef.new(shape: UpdatePublishingDestinationRequest)
1468
+ o.output = Shapes::ShapeRef.new(shape: UpdatePublishingDestinationResponse)
1469
+ o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
1470
+ o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
1471
+ end)
1472
+
1349
1473
  api.add_operation(:update_threat_intel_set, Seahorse::Model::Operation.new.tap do |o|
1350
1474
  o.name = "UpdateThreatIntelSet"
1351
1475
  o.http_method = "POST"
@@ -247,33 +247,33 @@ module Aws::GuardDuty
247
247
  # }
248
248
  #
249
249
  # @!attribute [rw] eq
250
- # Deprecated. Represents the equal condition to be applied to a single
251
- # field when querying for findings.
250
+ # Represents the equal condition to be applied to a single field when
251
+ # querying for findings.
252
252
  # @return [Array<String>]
253
253
  #
254
254
  # @!attribute [rw] neq
255
- # Deprecated. Represents the not equal condition to be applied to a
256
- # single field when querying for findings.
255
+ # Represents the not equal condition to be applied to a single field
256
+ # when querying for findings.
257
257
  # @return [Array<String>]
258
258
  #
259
259
  # @!attribute [rw] gt
260
- # Deprecated. Represents a greater than condition to be applied to a
261
- # single field when querying for findings.
260
+ # Represents a greater than condition to be applied to a single field
261
+ # when querying for findings.
262
262
  # @return [Integer]
263
263
  #
264
264
  # @!attribute [rw] gte
265
- # Deprecated. Represents a greater than equal condition to be applied
266
- # to a single field when querying for findings.
265
+ # Represents a greater than equal condition to be applied to a single
266
+ # field when querying for findings.
267
267
  # @return [Integer]
268
268
  #
269
269
  # @!attribute [rw] lt
270
- # Deprecated. Represents a less than condition to be applied to a
271
- # single field when querying for findings.
270
+ # Represents a less than condition to be applied to a single field
271
+ # when querying for findings.
272
272
  # @return [Integer]
273
273
  #
274
274
  # @!attribute [rw] lte
275
- # Deprecated. Represents a less than equal condition to be applied to
276
- # a single field when querying for findings.
275
+ # Represents a less than equal condition to be applied to a single
276
+ # field when querying for findings.
277
277
  # @return [Integer]
278
278
  #
279
279
  # @!attribute [rw] equals
@@ -324,7 +324,8 @@ module Aws::GuardDuty
324
324
  include Aws::Structure
325
325
  end
326
326
 
327
- # Contains information about the country.
327
+ # Contains information about the country in which the remote IP address
328
+ # is located.
328
329
  #
329
330
  # @!attribute [rw] country_code
330
331
  # Country code of the remote IP address.
@@ -612,6 +613,62 @@ module Aws::GuardDuty
612
613
  include Aws::Structure
613
614
  end
614
615
 
616
+ # @note When making an API call, you may pass CreatePublishingDestinationRequest
617
+ # data as a hash:
618
+ #
619
+ # {
620
+ # detector_id: "DetectorId", # required
621
+ # destination_type: "S3", # required, accepts S3
622
+ # destination_properties: { # required
623
+ # destination_arn: "String",
624
+ # kms_key_arn: "String",
625
+ # },
626
+ # client_token: "ClientToken",
627
+ # }
628
+ #
629
+ # @!attribute [rw] detector_id
630
+ # The ID of the GuardDuty detector associated with the publishing
631
+ # destination.
632
+ # @return [String]
633
+ #
634
+ # @!attribute [rw] destination_type
635
+ # The type of resource for the publishing destination. Currently only
636
+ # S3 is supported.
637
+ # @return [String]
638
+ #
639
+ # @!attribute [rw] destination_properties
640
+ # Properties of the publishing destination, including the ARNs for the
641
+ # destination and the KMS key used for encryption.
642
+ # @return [Types::DestinationProperties]
643
+ #
644
+ # @!attribute [rw] client_token
645
+ # The idempotency token for the request.
646
+ #
647
+ # **A suitable default value is auto-generated.** You should normally
648
+ # not need to pass this option.
649
+ # @return [String]
650
+ #
651
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreatePublishingDestinationRequest AWS API Documentation
652
+ #
653
+ class CreatePublishingDestinationRequest < Struct.new(
654
+ :detector_id,
655
+ :destination_type,
656
+ :destination_properties,
657
+ :client_token)
658
+ include Aws::Structure
659
+ end
660
+
661
+ # @!attribute [rw] destination_id
662
+ # The ID of the publishing destination created.
663
+ # @return [String]
664
+ #
665
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreatePublishingDestinationResponse AWS API Documentation
666
+ #
667
+ class CreatePublishingDestinationResponse < Struct.new(
668
+ :destination_id)
669
+ include Aws::Structure
670
+ end
671
+
615
672
  # @note When making an API call, you may pass CreateSampleFindingsRequest
616
673
  # data as a hash:
617
674
  #
@@ -625,7 +682,7 @@ module Aws::GuardDuty
625
682
  # @return [String]
626
683
  #
627
684
  # @!attribute [rw] finding_types
628
- # Types of sample findings that you want to generate.
685
+ # Types of sample findings to generate.
629
686
  # @return [Array<String>]
630
687
  #
631
688
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateSampleFindingsRequest AWS API Documentation
@@ -806,11 +863,11 @@ module Aws::GuardDuty
806
863
  # }
807
864
  #
808
865
  # @!attribute [rw] detector_id
809
- # The unique ID of the detector the ipSet is associated with.
866
+ # The unique ID of the detector associated with the IPSet.
810
867
  # @return [String]
811
868
  #
812
869
  # @!attribute [rw] ip_set_id
813
- # The unique ID of the ipSet you want to delete.
870
+ # The unique ID of the IPSet to delete.
814
871
  # @return [String]
815
872
  #
816
873
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteIPSetRequest AWS API Documentation
@@ -893,6 +950,35 @@ module Aws::GuardDuty
893
950
  include Aws::Structure
894
951
  end
895
952
 
953
+ # @note When making an API call, you may pass DeletePublishingDestinationRequest
954
+ # data as a hash:
955
+ #
956
+ # {
957
+ # detector_id: "DetectorId", # required
958
+ # destination_id: "String", # required
959
+ # }
960
+ #
961
+ # @!attribute [rw] detector_id
962
+ # The unique ID of the detector associated with the publishing
963
+ # destination to delete.
964
+ # @return [String]
965
+ #
966
+ # @!attribute [rw] destination_id
967
+ # The ID of the publishing destination to delete.
968
+ # @return [String]
969
+ #
970
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeletePublishingDestinationRequest AWS API Documentation
971
+ #
972
+ class DeletePublishingDestinationRequest < Struct.new(
973
+ :detector_id,
974
+ :destination_id)
975
+ include Aws::Structure
976
+ end
977
+
978
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeletePublishingDestinationResponse AWS API Documentation
979
+ #
980
+ class DeletePublishingDestinationResponse < Aws::EmptyStructure; end
981
+
896
982
  # @note When making an API call, you may pass DeleteThreatIntelSetRequest
897
983
  # data as a hash:
898
984
  #
@@ -921,6 +1007,117 @@ module Aws::GuardDuty
921
1007
  #
922
1008
  class DeleteThreatIntelSetResponse < Aws::EmptyStructure; end
923
1009
 
1010
+ # @note When making an API call, you may pass DescribePublishingDestinationRequest
1011
+ # data as a hash:
1012
+ #
1013
+ # {
1014
+ # detector_id: "DetectorId", # required
1015
+ # destination_id: "String", # required
1016
+ # }
1017
+ #
1018
+ # @!attribute [rw] detector_id
1019
+ # The unique ID of the detector associated with the publishing
1020
+ # destination to retrieve.
1021
+ # @return [String]
1022
+ #
1023
+ # @!attribute [rw] destination_id
1024
+ # The ID of the publishing destination to retrieve.
1025
+ # @return [String]
1026
+ #
1027
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribePublishingDestinationRequest AWS API Documentation
1028
+ #
1029
+ class DescribePublishingDestinationRequest < Struct.new(
1030
+ :detector_id,
1031
+ :destination_id)
1032
+ include Aws::Structure
1033
+ end
1034
+
1035
+ # @!attribute [rw] destination_id
1036
+ # The ID of the publishing destination.
1037
+ # @return [String]
1038
+ #
1039
+ # @!attribute [rw] destination_type
1040
+ # The type of the publishing destination. Currently, only S3 is
1041
+ # supported.
1042
+ # @return [String]
1043
+ #
1044
+ # @!attribute [rw] status
1045
+ # The status of the publishing destination.
1046
+ # @return [String]
1047
+ #
1048
+ # @!attribute [rw] publishing_failure_start_timestamp
1049
+ # The time, in epoch millisecond format, at which GuardDuty was first
1050
+ # unable to publish findings to the destination.
1051
+ # @return [Integer]
1052
+ #
1053
+ # @!attribute [rw] destination_properties
1054
+ # A `DestinationProperties` object that includes the `DestinationArn`
1055
+ # and `KmsKeyArn` of the publishing destination.
1056
+ # @return [Types::DestinationProperties]
1057
+ #
1058
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribePublishingDestinationResponse AWS API Documentation
1059
+ #
1060
+ class DescribePublishingDestinationResponse < Struct.new(
1061
+ :destination_id,
1062
+ :destination_type,
1063
+ :status,
1064
+ :publishing_failure_start_timestamp,
1065
+ :destination_properties)
1066
+ include Aws::Structure
1067
+ end
1068
+
1069
+ # Contains information about a publishing destination, including the ID,
1070
+ # type, and status.
1071
+ #
1072
+ # @!attribute [rw] destination_id
1073
+ # The unique ID of the publishing destination.
1074
+ # @return [String]
1075
+ #
1076
+ # @!attribute [rw] destination_type
1077
+ # The type of resource used for the publishing destination. Currently,
1078
+ # only S3 is supported.
1079
+ # @return [String]
1080
+ #
1081
+ # @!attribute [rw] status
1082
+ # The status of the publishing destination.
1083
+ # @return [String]
1084
+ #
1085
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Destination AWS API Documentation
1086
+ #
1087
+ class Destination < Struct.new(
1088
+ :destination_id,
1089
+ :destination_type,
1090
+ :status)
1091
+ include Aws::Structure
1092
+ end
1093
+
1094
+ # Contains the ARN of the resource to publish to, such as an S3 bucket,
1095
+ # and the ARN of the KMS key to use to encrypt published findings.
1096
+ #
1097
+ # @note When making an API call, you may pass DestinationProperties
1098
+ # data as a hash:
1099
+ #
1100
+ # {
1101
+ # destination_arn: "String",
1102
+ # kms_key_arn: "String",
1103
+ # }
1104
+ #
1105
+ # @!attribute [rw] destination_arn
1106
+ # The ARN of the resource to publish to.
1107
+ # @return [String]
1108
+ #
1109
+ # @!attribute [rw] kms_key_arn
1110
+ # The ARN of the KMS key to use for encryption.
1111
+ # @return [String]
1112
+ #
1113
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DestinationProperties AWS API Documentation
1114
+ #
1115
+ class DestinationProperties < Struct.new(
1116
+ :destination_arn,
1117
+ :kms_key_arn)
1118
+ include Aws::Structure
1119
+ end
1120
+
924
1121
  # @note When making an API call, you may pass DisassociateFromMasterAccountRequest
925
1122
  # data as a hash:
926
1123
  #
@@ -981,10 +1178,11 @@ module Aws::GuardDuty
981
1178
  include Aws::Structure
982
1179
  end
983
1180
 
984
- # Contains information about the DNS request.
1181
+ # Contains information about the DNS\_REQUEST action described in this
1182
+ # finding.
985
1183
  #
986
1184
  # @!attribute [rw] domain
987
- # Domain information for the DNS request.
1185
+ # Domain information for the API request.
988
1186
  # @return [String]
989
1187
  #
990
1188
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DnsRequestAction AWS API Documentation
@@ -1020,7 +1218,8 @@ module Aws::GuardDuty
1020
1218
  include Aws::Structure
1021
1219
  end
1022
1220
 
1023
- # Contains information about the finding.
1221
+ # Contains information about the finding, which is generated when
1222
+ # abnormal or suspicious activity is detected.
1024
1223
  #
1025
1224
  # @!attribute [rw] account_id
1026
1225
  # The ID of the account in which the finding was generated.
@@ -1055,7 +1254,8 @@ module Aws::GuardDuty
1055
1254
  # @return [String]
1056
1255
  #
1057
1256
  # @!attribute [rw] resource
1058
- # Contains information about the resource.
1257
+ # Contains information about the AWS resource associated with the
1258
+ # activity that prompted GuardDuty to generate a finding.
1059
1259
  # @return [Types::Resource]
1060
1260
  #
1061
1261
  # @!attribute [rw] schema_version
@@ -1063,7 +1263,7 @@ module Aws::GuardDuty
1063
1263
  # @return [String]
1064
1264
  #
1065
1265
  # @!attribute [rw] service
1066
- # Contains information about the service.
1266
+ # Contains additional information about the generated finding.
1067
1267
  # @return [Types::Service]
1068
1268
  #
1069
1269
  # @!attribute [rw] severity
@@ -1103,7 +1303,7 @@ module Aws::GuardDuty
1103
1303
  include Aws::Structure
1104
1304
  end
1105
1305
 
1106
- # Contains finding criteria information.
1306
+ # Contains information about the criteria used for querying findings.
1107
1307
  #
1108
1308
  # @note When making an API call, you may pass FindingCriteria
1109
1309
  # data as a hash:
@@ -1153,7 +1353,7 @@ module Aws::GuardDuty
1153
1353
  include Aws::Structure
1154
1354
  end
1155
1355
 
1156
- # Contains information about the
1356
+ # Contains information about the location of the remote IP address.
1157
1357
  #
1158
1358
  # @!attribute [rw] lat
1159
1359
  # Latitude information of remote IP address.
@@ -1406,7 +1606,7 @@ module Aws::GuardDuty
1406
1606
  # @return [String]
1407
1607
  #
1408
1608
  # @!attribute [rw] ip_set_id
1409
- # The unique ID of the ipSet you want to get.
1609
+ # The unique ID of the IPSet to retrieve.
1410
1610
  # @return [String]
1411
1611
  #
1412
1612
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetIPSetRequest AWS API Documentation
@@ -1418,9 +1618,7 @@ module Aws::GuardDuty
1418
1618
  end
1419
1619
 
1420
1620
  # @!attribute [rw] name
1421
- # The user friendly name to identify the IPSet. This name is displayed
1422
- # in all findings that are triggered by activity that involves IP
1423
- # addresses included in this IPSet.
1621
+ # The user friendly name for the IPSet.
1424
1622
  # @return [String]
1425
1623
  #
1426
1624
  # @!attribute [rw] format
@@ -1598,7 +1796,7 @@ module Aws::GuardDuty
1598
1796
  include Aws::Structure
1599
1797
  end
1600
1798
 
1601
- # Contains information about the instance profile.
1799
+ # Contains information about the EC2 instance profile.
1602
1800
  #
1603
1801
  # @!attribute [rw] arn
1604
1802
  # AWS EC2 instance profile ARN.
@@ -1702,15 +1900,15 @@ module Aws::GuardDuty
1702
1900
  include Aws::Structure
1703
1901
  end
1704
1902
 
1705
- # Contains information about the invitation.
1903
+ # Contains information about the invitation to become a member account.
1706
1904
  #
1707
1905
  # @!attribute [rw] account_id
1708
- # Inviter account ID
1906
+ # The ID of the account from which the invitations was sent.
1709
1907
  # @return [String]
1710
1908
  #
1711
1909
  # @!attribute [rw] invitation_id
1712
- # This value is used to validate the inviter account to the member
1713
- # account.
1910
+ # The ID of the invitation. This value is used to validate the inviter
1911
+ # account to the member account.
1714
1912
  # @return [String]
1715
1913
  #
1716
1914
  # @!attribute [rw] relationship_status
@@ -1719,7 +1917,7 @@ module Aws::GuardDuty
1719
1917
  # @return [String]
1720
1918
  #
1721
1919
  # @!attribute [rw] invited_at
1722
- # Timestamp at which the invitation was sent
1920
+ # Timestamp at which the invitation was sent.
1723
1921
  # @return [String]
1724
1922
  #
1725
1923
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Invitation AWS API Documentation
@@ -1922,7 +2120,113 @@ module Aws::GuardDuty
1922
2120
  # @return [String]
1923
2121
  #
1924
2122
  # @!attribute [rw] finding_criteria
1925
- # Represents the criteria used for querying findings.
2123
+ # Represents the criteria used for querying findings. Valid values
2124
+ # include:
2125
+ #
2126
+ # * JSON field name
2127
+ #
2128
+ # * accountId
2129
+ #
2130
+ # * region
2131
+ #
2132
+ # * confidence
2133
+ #
2134
+ # * id
2135
+ #
2136
+ # * resource.accessKeyDetails.accessKeyId
2137
+ #
2138
+ # * resource.accessKeyDetails.principalId
2139
+ #
2140
+ # * resource.accessKeyDetails.userName
2141
+ #
2142
+ # * resource.accessKeyDetails.userType
2143
+ #
2144
+ # * resource.instanceDetails.iamInstanceProfile.id
2145
+ #
2146
+ # * resource.instanceDetails.imageId
2147
+ #
2148
+ # * resource.instanceDetails.instanceId
2149
+ #
2150
+ # * resource.instanceDetails.networkInterfaces.ipv6Addresses
2151
+ #
2152
+ # * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
2153
+ #
2154
+ # * resource.instanceDetails.networkInterfaces.publicDnsName
2155
+ #
2156
+ # * resource.instanceDetails.networkInterfaces.publicIp
2157
+ #
2158
+ # * resource.instanceDetails.networkInterfaces.securityGroups.groupId
2159
+ #
2160
+ # * resource.instanceDetails.networkInterfaces.securityGroups.groupName
2161
+ #
2162
+ # * resource.instanceDetails.networkInterfaces.subnetId
2163
+ #
2164
+ # * resource.instanceDetails.networkInterfaces.vpcId
2165
+ #
2166
+ # * resource.instanceDetails.tags.key
2167
+ #
2168
+ # * resource.instanceDetails.tags.value
2169
+ #
2170
+ # * resource.resourceType
2171
+ #
2172
+ # * service.action.actionType
2173
+ #
2174
+ # * service.action.awsApiCallAction.api
2175
+ #
2176
+ # * service.action.awsApiCallAction.callerType
2177
+ #
2178
+ # * service.action.awsApiCallAction.remoteIpDetails.city.cityName
2179
+ #
2180
+ # * service.action.awsApiCallAction.remoteIpDetails.country.countryName
2181
+ #
2182
+ # * service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
2183
+ #
2184
+ # * service.action.awsApiCallAction.remoteIpDetails.organization.asn
2185
+ #
2186
+ # * service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
2187
+ #
2188
+ # * service.action.awsApiCallAction.serviceName
2189
+ #
2190
+ # * service.action.dnsRequestAction.domain
2191
+ #
2192
+ # * service.action.networkConnectionAction.blocked
2193
+ #
2194
+ # * service.action.networkConnectionAction.connectionDirection
2195
+ #
2196
+ # * service.action.networkConnectionAction.localPortDetails.port
2197
+ #
2198
+ # * service.action.networkConnectionAction.protocol
2199
+ #
2200
+ # * service.action.networkConnectionAction.remoteIpDetails.city.cityName
2201
+ #
2202
+ # * service.action.networkConnectionAction.remoteIpDetails.country.countryName
2203
+ #
2204
+ # * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
2205
+ #
2206
+ # * service.action.networkConnectionAction.remoteIpDetails.organization.asn
2207
+ #
2208
+ # * service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
2209
+ #
2210
+ # * service.action.networkConnectionAction.remotePortDetails.port
2211
+ #
2212
+ # * service.additionalInfo.threatListName
2213
+ #
2214
+ # * service.archived
2215
+ #
2216
+ # When this attribute is set to 'true', only archived findings are
2217
+ # listed. When it's set to 'false', only unarchived findings are
2218
+ # listed. When this attribute is not set, all existing findings are
2219
+ # listed.
2220
+ #
2221
+ # * service.resourceRole
2222
+ #
2223
+ # * severity
2224
+ #
2225
+ # * type
2226
+ #
2227
+ # * updatedAt
2228
+ #
2229
+ # Type: Timestamp in Unix Epoch millisecond format: 1486685375000
1926
2230
  # @return [Types::FindingCriteria]
1927
2231
  #
1928
2232
  # @!attribute [rw] sort_criteria
@@ -2132,6 +2436,61 @@ module Aws::GuardDuty
2132
2436
  include Aws::Structure
2133
2437
  end
2134
2438
 
2439
+ # @note When making an API call, you may pass ListPublishingDestinationsRequest
2440
+ # data as a hash:
2441
+ #
2442
+ # {
2443
+ # detector_id: "DetectorId", # required
2444
+ # max_results: 1,
2445
+ # next_token: "String",
2446
+ # }
2447
+ #
2448
+ # @!attribute [rw] detector_id
2449
+ # The ID of the detector to retrieve publishing destinations for.
2450
+ # @return [String]
2451
+ #
2452
+ # @!attribute [rw] max_results
2453
+ # The maximum number of results to return in the response.
2454
+ # @return [Integer]
2455
+ #
2456
+ # @!attribute [rw] next_token
2457
+ # A token to use for paginating results returned in the repsonse. Set
2458
+ # the value of this parameter to null for the first request to a list
2459
+ # action. For subsequent calls, use the `NextToken` value returned
2460
+ # from the previous request to continue listing results after the
2461
+ # first page.
2462
+ # @return [String]
2463
+ #
2464
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListPublishingDestinationsRequest AWS API Documentation
2465
+ #
2466
+ class ListPublishingDestinationsRequest < Struct.new(
2467
+ :detector_id,
2468
+ :max_results,
2469
+ :next_token)
2470
+ include Aws::Structure
2471
+ end
2472
+
2473
+ # @!attribute [rw] destinations
2474
+ # A `Destinations` obect that includes information about each
2475
+ # publishing destination returned.
2476
+ # @return [Array<Types::Destination>]
2477
+ #
2478
+ # @!attribute [rw] next_token
2479
+ # A token to use for paginating results returned in the repsonse. Set
2480
+ # the value of this parameter to null for the first request to a list
2481
+ # action. For subsequent calls, use the `NextToken` value returned
2482
+ # from the previous request to continue listing results after the
2483
+ # first page.
2484
+ # @return [String]
2485
+ #
2486
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListPublishingDestinationsResponse AWS API Documentation
2487
+ #
2488
+ class ListPublishingDestinationsResponse < Struct.new(
2489
+ :destinations,
2490
+ :next_token)
2491
+ include Aws::Structure
2492
+ end
2493
+
2135
2494
  # @note When making an API call, you may pass ListTagsForResourceRequest
2136
2495
  # data as a hash:
2137
2496
  #
@@ -2181,11 +2540,11 @@ module Aws::GuardDuty
2181
2540
  # @return [Integer]
2182
2541
  #
2183
2542
  # @!attribute [rw] next_token
2184
- # You can use this parameter when paginating results. Set the value of
2185
- # this parameter to null on your first call to the list action. For
2186
- # subsequent calls to the action fill nextToken in the request with
2187
- # the value of NextToken from the previous response to continue
2188
- # listing data.
2543
+ # You can use this parameter to paginate results in the response. Set
2544
+ # the value of this parameter to null on your first call to the list
2545
+ # action. For subsequent calls to the action fill nextToken in the
2546
+ # request with the value of NextToken from the previous response to
2547
+ # continue listing data.
2189
2548
  # @return [String]
2190
2549
  #
2191
2550
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListThreatIntelSetsRequest AWS API Documentation
@@ -2305,7 +2664,8 @@ module Aws::GuardDuty
2305
2664
  include Aws::Structure
2306
2665
  end
2307
2666
 
2308
- # Contains information about the network connection.
2667
+ # Contains information about the NETWORK\_CONNECTION action described in
2668
+ # the finding.
2309
2669
  #
2310
2670
  # @!attribute [rw] blocked
2311
2671
  # Network connection blocked information.
@@ -2343,7 +2703,7 @@ module Aws::GuardDuty
2343
2703
  include Aws::Structure
2344
2704
  end
2345
2705
 
2346
- # Contains information about the network interface.
2706
+ # Contains information about the network interface of the Ec2 instance.
2347
2707
  #
2348
2708
  # @!attribute [rw] ipv_6_addresses
2349
2709
  # A list of EC2 instance IPv6 address information.
@@ -2401,7 +2761,8 @@ module Aws::GuardDuty
2401
2761
  include Aws::Structure
2402
2762
  end
2403
2763
 
2404
- # Continas information about the organization.
2764
+ # Continas information about the ISP organization of the remote IP
2765
+ # address.
2405
2766
  #
2406
2767
  # @!attribute [rw] asn
2407
2768
  # Autonomous system number of the internet provider of the remote IP
@@ -2430,7 +2791,8 @@ module Aws::GuardDuty
2430
2791
  include Aws::Structure
2431
2792
  end
2432
2793
 
2433
- # Contains information about the port probe.
2794
+ # Contains information about the PORT\_PROBE action described in the
2795
+ # finding.
2434
2796
  #
2435
2797
  # @!attribute [rw] blocked
2436
2798
  # Port probe blocked information.
@@ -2466,7 +2828,7 @@ module Aws::GuardDuty
2466
2828
  include Aws::Structure
2467
2829
  end
2468
2830
 
2469
- # Contains information about the private IP address.
2831
+ # Contains other private IP address information of the EC2 instance.
2470
2832
  #
2471
2833
  # @!attribute [rw] private_dns_name
2472
2834
  # Private DNS name of the EC2 instance.
@@ -2484,7 +2846,7 @@ module Aws::GuardDuty
2484
2846
  include Aws::Structure
2485
2847
  end
2486
2848
 
2487
- # Contains information about the product code.
2849
+ # Contains information about the product code for the Ec2 instance.
2488
2850
  #
2489
2851
  # @!attribute [rw] code
2490
2852
  # Product code information.
@@ -2502,7 +2864,7 @@ module Aws::GuardDuty
2502
2864
  include Aws::Structure
2503
2865
  end
2504
2866
 
2505
- # Continas information about the remote IP address.
2867
+ # Continas information about the remote IP address of the connection.
2506
2868
  #
2507
2869
  # @!attribute [rw] city
2508
2870
  # City information of the remote IP address.
@@ -2553,7 +2915,8 @@ module Aws::GuardDuty
2553
2915
  include Aws::Structure
2554
2916
  end
2555
2917
 
2556
- # Contains information about the resource.
2918
+ # Contains information about the AWS resource associated with the
2919
+ # activity that prompted GuardDuty to generate a finding.
2557
2920
  #
2558
2921
  # @!attribute [rw] access_key_details
2559
2922
  # The IAM access key details (IAM user information) of a user that
@@ -2579,7 +2942,8 @@ module Aws::GuardDuty
2579
2942
  include Aws::Structure
2580
2943
  end
2581
2944
 
2582
- # Contains information about the security group.
2945
+ # Contains information about the security groups associated with the EC2
2946
+ # instance.
2583
2947
  #
2584
2948
  # @!attribute [rw] group_id
2585
2949
  # EC2 instance's security group ID.
@@ -2597,7 +2961,7 @@ module Aws::GuardDuty
2597
2961
  include Aws::Structure
2598
2962
  end
2599
2963
 
2600
- # Contains information about the service.
2964
+ # Contains additional information about the generated finding.
2601
2965
  #
2602
2966
  # @!attribute [rw] action
2603
2967
  # Information about the activity described in a finding.
@@ -2657,7 +3021,7 @@ module Aws::GuardDuty
2657
3021
  include Aws::Structure
2658
3022
  end
2659
3023
 
2660
- # Contains information about the criteria for sorting.
3024
+ # Contains information about the criteria used for sorting findings.
2661
3025
  #
2662
3026
  # @note When making an API call, you may pass SortCriteria
2663
3027
  # data as a hash:
@@ -2693,13 +3057,13 @@ module Aws::GuardDuty
2693
3057
  # }
2694
3058
  #
2695
3059
  # @!attribute [rw] detector_id
2696
- # The unique ID of the detector of the GuardDuty account whom you want
2697
- # to re-enable to monitor members' findings.
3060
+ # The unique ID of the detector of the GuardDuty master account
3061
+ # associated with the member accounts to monitor.
2698
3062
  # @return [String]
2699
3063
  #
2700
3064
  # @!attribute [rw] account_ids
2701
- # A list of account IDs of the GuardDuty member accounts whose
2702
- # findings you want the master account to monitor.
3065
+ # A list of account IDs of the GuardDuty member accounts to start
3066
+ # monitoring.
2703
3067
  # @return [Array<String>]
2704
3068
  #
2705
3069
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMonitoringMembersRequest AWS API Documentation
@@ -2760,7 +3124,7 @@ module Aws::GuardDuty
2760
3124
  include Aws::Structure
2761
3125
  end
2762
3126
 
2763
- # Contains information about the tag associated with the resource.
3127
+ # Contains information about a tag associated with the Ec2 instance.
2764
3128
  #
2765
3129
  # @!attribute [rw] key
2766
3130
  # EC2 instance tag key.
@@ -2789,7 +3153,8 @@ module Aws::GuardDuty
2789
3153
  # }
2790
3154
  #
2791
3155
  # @!attribute [rw] resource_arn
2792
- # The Amazon Resource Name (ARN) for the given GuardDuty resource
3156
+ # The Amazon Resource Name (ARN) for the GuardDuty resource to apply a
3157
+ # tag to.
2793
3158
  # @return [String]
2794
3159
  #
2795
3160
  # @!attribute [rw] tags
@@ -2837,12 +3202,11 @@ module Aws::GuardDuty
2837
3202
  # }
2838
3203
  #
2839
3204
  # @!attribute [rw] detector_id
2840
- # The ID of the detector that specifies the GuardDuty service whose
2841
- # findings you want to unarchive.
3205
+ # The ID of the detector associated with the findings to unarchive.
2842
3206
  # @return [String]
2843
3207
  #
2844
3208
  # @!attribute [rw] finding_ids
2845
- # IDs of the findings that you want to unarchive.
3209
+ # IDs of the findings to unarchive.
2846
3210
  # @return [Array<String>]
2847
3211
  #
2848
3212
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UnarchiveFindingsRequest AWS API Documentation
@@ -2884,11 +3248,11 @@ module Aws::GuardDuty
2884
3248
  # }
2885
3249
  #
2886
3250
  # @!attribute [rw] resource_arn
2887
- # The Amazon Resource Name (ARN) for the given GuardDuty resource
3251
+ # The Amazon Resource Name (ARN) for the resource to remove tags from.
2888
3252
  # @return [String]
2889
3253
  #
2890
3254
  # @!attribute [rw] tag_keys
2891
- # The tag keys to remove from a resource.
3255
+ # The tag keys to remove from the resource.
2892
3256
  # @return [Array<String>]
2893
3257
  #
2894
3258
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UntagResourceRequest AWS API Documentation
@@ -2913,17 +3277,16 @@ module Aws::GuardDuty
2913
3277
  # }
2914
3278
  #
2915
3279
  # @!attribute [rw] detector_id
2916
- # The unique ID of the detector that you want to update.
3280
+ # The unique ID of the detector to update.
2917
3281
  # @return [String]
2918
3282
  #
2919
3283
  # @!attribute [rw] enable
2920
- # Updated boolean value for the detector that specifies whether the
2921
- # detector is enabled.
3284
+ # Specifies whether the detector is enabled or not enabled.
2922
3285
  # @return [Boolean]
2923
3286
  #
2924
3287
  # @!attribute [rw] finding_publishing_frequency
2925
- # A enum value that specifies how frequently customer got Finding
2926
- # updates published.
3288
+ # A enum value that specifies how frequently findings are exported,
3289
+ # such as to CloudWatch Events.
2927
3290
  # @return [String]
2928
3291
  #
2929
3292
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetectorRequest AWS API Documentation
@@ -3031,8 +3394,8 @@ module Aws::GuardDuty
3031
3394
  # }
3032
3395
  #
3033
3396
  # @!attribute [rw] detector_id
3034
- # The ID of the detector that specifies the GuardDuty service whose
3035
- # findings you want to mark as useful or not useful.
3397
+ # The ID of the detector associated with the findings to update
3398
+ # feedback for.
3036
3399
  # @return [String]
3037
3400
  #
3038
3401
  # @!attribute [rw] finding_ids
@@ -3040,7 +3403,7 @@ module Aws::GuardDuty
3040
3403
  # @return [Array<String>]
3041
3404
  #
3042
3405
  # @!attribute [rw] feedback
3043
- # Valid values: USEFUL \| NOT\_USEFUL
3406
+ # The feedback for the finding.
3044
3407
  # @return [String]
3045
3408
  #
3046
3409
  # @!attribute [rw] comments
@@ -3110,6 +3473,45 @@ module Aws::GuardDuty
3110
3473
  #
3111
3474
  class UpdateIPSetResponse < Aws::EmptyStructure; end
3112
3475
 
3476
+ # @note When making an API call, you may pass UpdatePublishingDestinationRequest
3477
+ # data as a hash:
3478
+ #
3479
+ # {
3480
+ # detector_id: "DetectorId", # required
3481
+ # destination_id: "String", # required
3482
+ # destination_properties: {
3483
+ # destination_arn: "String",
3484
+ # kms_key_arn: "String",
3485
+ # },
3486
+ # }
3487
+ #
3488
+ # @!attribute [rw] detector_id
3489
+ # The ID of the
3490
+ # @return [String]
3491
+ #
3492
+ # @!attribute [rw] destination_id
3493
+ # The ID of the detector associated with the publishing destinations
3494
+ # to update.
3495
+ # @return [String]
3496
+ #
3497
+ # @!attribute [rw] destination_properties
3498
+ # A `DestinationProperties` object that includes the `DestinationArn`
3499
+ # and `KmsKeyArn` of the publishing destination.
3500
+ # @return [Types::DestinationProperties]
3501
+ #
3502
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdatePublishingDestinationRequest AWS API Documentation
3503
+ #
3504
+ class UpdatePublishingDestinationRequest < Struct.new(
3505
+ :detector_id,
3506
+ :destination_id,
3507
+ :destination_properties)
3508
+ include Aws::Structure
3509
+ end
3510
+
3511
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdatePublishingDestinationResponse AWS API Documentation
3512
+ #
3513
+ class UpdatePublishingDestinationResponse < Aws::EmptyStructure; end
3514
+
3113
3515
  # @note When making an API call, you may pass UpdateThreatIntelSetRequest
3114
3516
  # data as a hash:
3115
3517
  #