aws-sdk-guardduty 1.27.0 → 1.32.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +458 -132
- data/lib/aws-sdk-guardduty/client_api.rb +106 -0
- data/lib/aws-sdk-guardduty/errors.rb +4 -10
- data/lib/aws-sdk-guardduty/resource.rb +1 -7
- data/lib/aws-sdk-guardduty/types.rb +564 -271
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: bc0ba5a47397111aaac489281607408efa58b71542fb54cedf2185d144dc1a88
|
4
|
+
data.tar.gz: 3f8b2efcd682ef67ba482b91b285ac7958bc27003d8007b95f016dd63c076bbc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 811e38cefa8c4823f9bf96c02caf316da9c6b87aacea4ce3f550f8f1ac60ea42301f809631a18fe84690baaf91f8523e7d5bfde3ba3079037ef1298c1236201b
|
7
|
+
data.tar.gz: f05b0a6dd3eb2793ca8cb0274023d0cb2b1cc9ef039b1b5de3ba46e28df55a524ba58ca73f7ef66b6dd022923d95664803466929e6e5547cb816ccfef41744e5
|
data/lib/aws-sdk-guardduty.rb
CHANGED
@@ -30,14 +30,16 @@ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
|
30
30
|
Aws::Plugins::GlobalConfiguration.add_identifier(:guardduty)
|
31
31
|
|
32
32
|
module Aws::GuardDuty
|
33
|
-
# An API client for GuardDuty. To construct a client, you need to configure a
|
33
|
+
# An API client for GuardDuty. To construct a client, you need to configure a `:region` and `:credentials`.
|
34
|
+
#
|
34
35
|
# client = Aws::GuardDuty::Client.new(
|
35
36
|
# region: region_name,
|
36
37
|
# credentials: credentials,
|
37
38
|
# # ...
|
38
39
|
# )
|
40
|
+
#
|
39
41
|
# For details on configuring region and credentials see
|
40
|
-
# the
|
42
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
41
43
|
#
|
42
44
|
# See {#initialize} for a full list of supported configuration options.
|
43
45
|
class Client < Seahorse::Client::Base
|
@@ -103,7 +105,7 @@ module Aws::GuardDuty
|
|
103
105
|
# @option options [required, String] :region
|
104
106
|
# The AWS region to connect to. The configured `:region` is
|
105
107
|
# used to determine the service `:endpoint`. When not passed,
|
106
|
-
# a default `:region` is
|
108
|
+
# a default `:region` is searched for in the following locations:
|
107
109
|
#
|
108
110
|
# * `Aws.config[:region]`
|
109
111
|
# * `ENV['AWS_REGION']`
|
@@ -118,6 +120,12 @@ module Aws::GuardDuty
|
|
118
120
|
# When set to `true`, a thread polling for endpoints will be running in
|
119
121
|
# the background every 60 secs (default). Defaults to `false`.
|
120
122
|
#
|
123
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
124
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
125
|
+
# until there is sufficent client side capacity to retry the request.
|
126
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
127
|
+
# not retry instead of sleeping.
|
128
|
+
#
|
121
129
|
# @option options [Boolean] :client_side_monitoring (false)
|
122
130
|
# When `true`, client-side metrics will be collected for all API requests from
|
123
131
|
# this client.
|
@@ -142,6 +150,10 @@ module Aws::GuardDuty
|
|
142
150
|
# When `true`, an attempt is made to coerce request parameters into
|
143
151
|
# the required types.
|
144
152
|
#
|
153
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
154
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
155
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
156
|
+
#
|
145
157
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
146
158
|
# Set to true to disable SDK automatically adding host prefix
|
147
159
|
# to default service endpoint when available.
|
@@ -149,7 +161,7 @@ module Aws::GuardDuty
|
|
149
161
|
# @option options [String] :endpoint
|
150
162
|
# The client endpoint is normally constructed from the `:region`
|
151
163
|
# option. You should only configure an `:endpoint` when connecting
|
152
|
-
# to test endpoints. This should be
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
153
165
|
#
|
154
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
155
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,15 +188,29 @@ module Aws::GuardDuty
|
|
176
188
|
# The Logger instance to send log messages to. If this option
|
177
189
|
# is not set, logging will be disabled.
|
178
190
|
#
|
191
|
+
# @option options [Integer] :max_attempts (3)
|
192
|
+
# An integer representing the maximum number attempts that will be made for
|
193
|
+
# a single request, including the initial attempt. For example,
|
194
|
+
# setting this value to 5 will result in a request being retried up to
|
195
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
196
|
+
#
|
179
197
|
# @option options [String] :profile ("default")
|
180
198
|
# Used when loading credentials from the shared credentials file
|
181
199
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
182
200
|
#
|
201
|
+
# @option options [Proc] :retry_backoff
|
202
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
203
|
+
# This option is only used in the `legacy` retry mode.
|
204
|
+
#
|
183
205
|
# @option options [Float] :retry_base_delay (0.3)
|
184
|
-
# The base delay in seconds used by the default backoff function.
|
206
|
+
# The base delay in seconds used by the default backoff function. This option
|
207
|
+
# is only used in the `legacy` retry mode.
|
185
208
|
#
|
186
209
|
# @option options [Symbol] :retry_jitter (:none)
|
187
|
-
# A delay randomiser function used by the default backoff function.
|
210
|
+
# A delay randomiser function used by the default backoff function.
|
211
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
212
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
213
|
+
# in the `legacy` retry mode.
|
188
214
|
#
|
189
215
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
190
216
|
#
|
@@ -192,11 +218,30 @@ module Aws::GuardDuty
|
|
192
218
|
# The maximum number of times to retry failed requests. Only
|
193
219
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
194
220
|
# are retried. Generally, these are throttling errors, data
|
195
|
-
# checksum errors, networking errors, timeout errors
|
196
|
-
# errors from expired credentials.
|
221
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
222
|
+
# endpoint discovery, and errors from expired credentials.
|
223
|
+
# This option is only used in the `legacy` retry mode.
|
197
224
|
#
|
198
225
|
# @option options [Integer] :retry_max_delay (0)
|
199
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
226
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
227
|
+
# used by the default backoff function. This option is only used in the
|
228
|
+
# `legacy` retry mode.
|
229
|
+
#
|
230
|
+
# @option options [String] :retry_mode ("legacy")
|
231
|
+
# Specifies which retry algorithm to use. Values are:
|
232
|
+
#
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
234
|
+
# no retry mode is provided.
|
235
|
+
#
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
238
|
+
# unsuccessful retries a client can make.
|
239
|
+
#
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
243
|
+
# in the future.
|
244
|
+
#
|
200
245
|
#
|
201
246
|
# @option options [String] :secret_access_key
|
202
247
|
#
|
@@ -224,8 +269,7 @@ module Aws::GuardDuty
|
|
224
269
|
#
|
225
270
|
# @option options [Integer] :http_read_timeout (60) The default
|
226
271
|
# number of seconds to wait for response data. This value can
|
227
|
-
# safely be set
|
228
|
-
# per-request on the session yielded by {#session_for}.
|
272
|
+
# safely be set per-request on the session.
|
229
273
|
#
|
230
274
|
# @option options [Float] :http_idle_timeout (5) The number of
|
231
275
|
# seconds a connection is allowed to sit idle before it is
|
@@ -237,7 +281,7 @@ module Aws::GuardDuty
|
|
237
281
|
# request body. This option has no effect unless the request has
|
238
282
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
239
283
|
# disables this behaviour. This value can safely be set per
|
240
|
-
# request on the session
|
284
|
+
# request on the session.
|
241
285
|
#
|
242
286
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
243
287
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -274,7 +318,7 @@ module Aws::GuardDuty
|
|
274
318
|
# you're accepting.
|
275
319
|
#
|
276
320
|
# @option params [required, String] :invitation_id
|
277
|
-
#
|
321
|
+
# The value that is used to validate the master account to the member
|
278
322
|
# account.
|
279
323
|
#
|
280
324
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -296,9 +340,10 @@ module Aws::GuardDuty
|
|
296
340
|
req.send_request(options)
|
297
341
|
end
|
298
342
|
|
299
|
-
# Archives GuardDuty findings specified by the list of finding
|
343
|
+
# Archives GuardDuty findings that are specified by the list of finding
|
344
|
+
# IDs.
|
300
345
|
#
|
301
|
-
# <note markdown="1"> Only the master account can archive findings. Member accounts
|
346
|
+
# <note markdown="1"> Only the master account can archive findings. Member accounts don't
|
302
347
|
# have permission to archive findings from their accounts.
|
303
348
|
#
|
304
349
|
# </note>
|
@@ -308,7 +353,7 @@ module Aws::GuardDuty
|
|
308
353
|
# findings you want to archive.
|
309
354
|
#
|
310
355
|
# @option params [required, Array<String>] :finding_ids
|
311
|
-
# IDs of the findings that you want to archive.
|
356
|
+
# The IDs of the findings that you want to archive.
|
312
357
|
#
|
313
358
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
314
359
|
#
|
@@ -330,11 +375,11 @@ module Aws::GuardDuty
|
|
330
375
|
|
331
376
|
# Creates a single Amazon GuardDuty detector. A detector is a resource
|
332
377
|
# that represents the GuardDuty service. To start using GuardDuty, you
|
333
|
-
# must create a detector in each
|
334
|
-
# can have only one detector per account per
|
378
|
+
# must create a detector in each Region where you enable the service.
|
379
|
+
# You can have only one detector per account per Region.
|
335
380
|
#
|
336
381
|
# @option params [required, Boolean] :enable
|
337
|
-
# A
|
382
|
+
# A Boolean value that specifies whether the detector is to be enabled.
|
338
383
|
#
|
339
384
|
# @option params [String] :client_token
|
340
385
|
# The idempotency token for the create request.
|
@@ -343,8 +388,8 @@ module Aws::GuardDuty
|
|
343
388
|
# not need to pass this option.**
|
344
389
|
#
|
345
390
|
# @option params [String] :finding_publishing_frequency
|
346
|
-
#
|
347
|
-
#
|
391
|
+
# An enum value that specifies how frequently updated findings are
|
392
|
+
# exported.
|
348
393
|
#
|
349
394
|
# @option params [Hash<String,String>] :tags
|
350
395
|
# The tags to be added to a new detector resource.
|
@@ -380,8 +425,8 @@ module Aws::GuardDuty
|
|
380
425
|
# Creates a filter using the specified finding criteria.
|
381
426
|
#
|
382
427
|
# @option params [required, String] :detector_id
|
383
|
-
# The unique ID of the detector of the GuardDuty account
|
384
|
-
#
|
428
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
429
|
+
# to create a filter for.
|
385
430
|
#
|
386
431
|
# @option params [required, String] :name
|
387
432
|
# The name of the filter.
|
@@ -402,6 +447,117 @@ module Aws::GuardDuty
|
|
402
447
|
# Represents the criteria to be used in the filter for querying
|
403
448
|
# findings.
|
404
449
|
#
|
450
|
+
# You can only use the following attributes to query findings:
|
451
|
+
#
|
452
|
+
# * accountId
|
453
|
+
#
|
454
|
+
# * region
|
455
|
+
#
|
456
|
+
# * confidence
|
457
|
+
#
|
458
|
+
# * id
|
459
|
+
#
|
460
|
+
# * resource.accessKeyDetails.accessKeyId
|
461
|
+
#
|
462
|
+
# * resource.accessKeyDetails.principalId
|
463
|
+
#
|
464
|
+
# * resource.accessKeyDetails.userName
|
465
|
+
#
|
466
|
+
# * resource.accessKeyDetails.userType
|
467
|
+
#
|
468
|
+
# * resource.instanceDetails.iamInstanceProfile.id
|
469
|
+
#
|
470
|
+
# * resource.instanceDetails.imageId
|
471
|
+
#
|
472
|
+
# * resource.instanceDetails.instanceId
|
473
|
+
#
|
474
|
+
# * resource.instanceDetails.outpostArn
|
475
|
+
#
|
476
|
+
# * resource.instanceDetails.networkInterfaces.ipv6Addresses
|
477
|
+
#
|
478
|
+
# * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
|
479
|
+
#
|
480
|
+
# * resource.instanceDetails.networkInterfaces.publicDnsName
|
481
|
+
#
|
482
|
+
# * resource.instanceDetails.networkInterfaces.publicIp
|
483
|
+
#
|
484
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupId
|
485
|
+
#
|
486
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupName
|
487
|
+
#
|
488
|
+
# * resource.instanceDetails.networkInterfaces.subnetId
|
489
|
+
#
|
490
|
+
# * resource.instanceDetails.networkInterfaces.vpcId
|
491
|
+
#
|
492
|
+
# * resource.instanceDetails.tags.key
|
493
|
+
#
|
494
|
+
# * resource.instanceDetails.tags.value
|
495
|
+
#
|
496
|
+
# * resource.resourceType
|
497
|
+
#
|
498
|
+
# * service.action.actionType
|
499
|
+
#
|
500
|
+
# * service.action.awsApiCallAction.api
|
501
|
+
#
|
502
|
+
# * service.action.awsApiCallAction.callerType
|
503
|
+
#
|
504
|
+
# * service.action.awsApiCallAction.remoteIpDetails.city.cityName
|
505
|
+
#
|
506
|
+
# * service.action.awsApiCallAction.remoteIpDetails.country.countryName
|
507
|
+
#
|
508
|
+
# * service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
|
509
|
+
#
|
510
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asn
|
511
|
+
#
|
512
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
|
513
|
+
#
|
514
|
+
# * service.action.awsApiCallAction.serviceName
|
515
|
+
#
|
516
|
+
# * service.action.dnsRequestAction.domain
|
517
|
+
#
|
518
|
+
# * service.action.networkConnectionAction.blocked
|
519
|
+
#
|
520
|
+
# * service.action.networkConnectionAction.connectionDirection
|
521
|
+
#
|
522
|
+
# * service.action.networkConnectionAction.localPortDetails.port
|
523
|
+
#
|
524
|
+
# * service.action.networkConnectionAction.protocol
|
525
|
+
#
|
526
|
+
# * service.action.networkConnectionAction.localIpDetails.ipAddressV4
|
527
|
+
#
|
528
|
+
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
529
|
+
#
|
530
|
+
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
531
|
+
#
|
532
|
+
# * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
|
533
|
+
#
|
534
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asn
|
535
|
+
#
|
536
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
|
537
|
+
#
|
538
|
+
# * service.action.networkConnectionAction.remotePortDetails.port
|
539
|
+
#
|
540
|
+
# * service.additionalInfo.threatListName
|
541
|
+
#
|
542
|
+
# * service.archived
|
543
|
+
#
|
544
|
+
# When this attribute is set to TRUE, only archived findings are
|
545
|
+
# listed. When it's set to FALSE, only unarchived findings are
|
546
|
+
# listed. When this attribute is not set, all existing findings are
|
547
|
+
# listed.
|
548
|
+
#
|
549
|
+
# * service.resourceRole
|
550
|
+
#
|
551
|
+
# * severity
|
552
|
+
#
|
553
|
+
# * type
|
554
|
+
#
|
555
|
+
# * updatedAt
|
556
|
+
#
|
557
|
+
# Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or
|
558
|
+
# YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains
|
559
|
+
# milliseconds.
|
560
|
+
#
|
405
561
|
# @option params [String] :client_token
|
406
562
|
# The idempotency token for the create request.
|
407
563
|
#
|
@@ -460,30 +616,31 @@ module Aws::GuardDuty
|
|
460
616
|
req.send_request(options)
|
461
617
|
end
|
462
618
|
|
463
|
-
# Creates a new IPSet, called
|
464
|
-
# interface. An IPSet is a list IP addresses
|
465
|
-
# communication with AWS infrastructure and applications.
|
466
|
-
#
|
467
|
-
# from the master account can use this
|
619
|
+
# Creates a new IPSet, which is called a trusted IP list in the console
|
620
|
+
# user interface. An IPSet is a list of IP addresses that are trusted
|
621
|
+
# for secure communication with AWS infrastructure and applications.
|
622
|
+
# GuardDuty doesn't generate findings for IP addresses that are
|
623
|
+
# included in IPSets. Only users from the master account can use this
|
624
|
+
# operation.
|
468
625
|
#
|
469
626
|
# @option params [required, String] :detector_id
|
470
|
-
# The unique ID of the detector of the GuardDuty account
|
471
|
-
#
|
627
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
628
|
+
# to create an IPSet for.
|
472
629
|
#
|
473
630
|
# @option params [required, String] :name
|
474
|
-
# The user
|
475
|
-
#
|
476
|
-
#
|
631
|
+
# The user-friendly name to identify the IPSet.
|
632
|
+
#
|
633
|
+
# Allowed characters are alphanumerics, spaces, hyphens (-), and
|
634
|
+
# underscores (\_).
|
477
635
|
#
|
478
636
|
# @option params [required, String] :format
|
479
637
|
# The format of the file that contains the IPSet.
|
480
638
|
#
|
481
639
|
# @option params [required, String] :location
|
482
|
-
# The URI of the file that contains the IPSet.
|
483
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
640
|
+
# The URI of the file that contains the IPSet.
|
484
641
|
#
|
485
642
|
# @option params [required, Boolean] :activate
|
486
|
-
# A
|
643
|
+
# A Boolean value that indicates whether GuardDuty is to start using the
|
487
644
|
# uploaded IPSet.
|
488
645
|
#
|
489
646
|
# @option params [String] :client_token
|
@@ -531,8 +688,8 @@ module Aws::GuardDuty
|
|
531
688
|
# members to manage GuardDuty in their accounts.
|
532
689
|
#
|
533
690
|
# @option params [required, String] :detector_id
|
534
|
-
# The unique ID of the detector of the GuardDuty account
|
535
|
-
#
|
691
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
692
|
+
# to associate member accounts with.
|
536
693
|
#
|
537
694
|
# @option params [required, Array<Types::AccountDetail>] :account_details
|
538
695
|
# A list of account ID and email address pairs of the accounts that you
|
@@ -569,20 +726,20 @@ module Aws::GuardDuty
|
|
569
726
|
req.send_request(options)
|
570
727
|
end
|
571
728
|
|
572
|
-
# Creates a publishing destination to
|
573
|
-
#
|
729
|
+
# Creates a publishing destination to export findings to. The resource
|
730
|
+
# to export findings to must exist before you use this operation.
|
574
731
|
#
|
575
732
|
# @option params [required, String] :detector_id
|
576
733
|
# The ID of the GuardDuty detector associated with the publishing
|
577
734
|
# destination.
|
578
735
|
#
|
579
736
|
# @option params [required, String] :destination_type
|
580
|
-
# The type of resource for the publishing destination. Currently only
|
581
|
-
#
|
737
|
+
# The type of resource for the publishing destination. Currently only
|
738
|
+
# Amazon S3 buckets are supported.
|
582
739
|
#
|
583
740
|
# @option params [required, Types::DestinationProperties] :destination_properties
|
584
|
-
#
|
585
|
-
# destination and the KMS key used for encryption.
|
741
|
+
# The properties of the publishing destination, including the ARNs for
|
742
|
+
# the destination and the KMS key used for encryption.
|
586
743
|
#
|
587
744
|
# @option params [String] :client_token
|
588
745
|
# The idempotency token for the request.
|
@@ -627,7 +784,7 @@ module Aws::GuardDuty
|
|
627
784
|
# The ID of the detector to create sample findings for.
|
628
785
|
#
|
629
786
|
# @option params [Array<String>] :finding_types
|
630
|
-
#
|
787
|
+
# The types of sample findings to generate.
|
631
788
|
#
|
632
789
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
633
790
|
#
|
@@ -647,17 +804,17 @@ module Aws::GuardDuty
|
|
647
804
|
req.send_request(options)
|
648
805
|
end
|
649
806
|
|
650
|
-
#
|
807
|
+
# Creates a new ThreatIntelSet. ThreatIntelSets consist of known
|
651
808
|
# malicious IP addresses. GuardDuty generates findings based on
|
652
809
|
# ThreatIntelSets. Only users of the master account can use this
|
653
810
|
# operation.
|
654
811
|
#
|
655
812
|
# @option params [required, String] :detector_id
|
656
|
-
# The unique ID of the detector of the GuardDuty account
|
657
|
-
#
|
813
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
814
|
+
# to create a threatIntelSet for.
|
658
815
|
#
|
659
816
|
# @option params [required, String] :name
|
660
|
-
# A user-friendly ThreatIntelSet name
|
817
|
+
# A user-friendly ThreatIntelSet name displayed in all findings that are
|
661
818
|
# generated by activity that involves IP addresses included in this
|
662
819
|
# ThreatIntelSet.
|
663
820
|
#
|
@@ -665,11 +822,10 @@ module Aws::GuardDuty
|
|
665
822
|
# The format of the file that contains the ThreatIntelSet.
|
666
823
|
#
|
667
824
|
# @option params [required, String] :location
|
668
|
-
# The URI of the file that contains the ThreatIntelSet.
|
669
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
825
|
+
# The URI of the file that contains the ThreatIntelSet.
|
670
826
|
#
|
671
827
|
# @option params [required, Boolean] :activate
|
672
|
-
# A
|
828
|
+
# A Boolean value that indicates whether GuardDuty is to start using the
|
673
829
|
# uploaded ThreatIntelSet.
|
674
830
|
#
|
675
831
|
# @option params [String] :client_token
|
@@ -679,7 +835,7 @@ module Aws::GuardDuty
|
|
679
835
|
# not need to pass this option.**
|
680
836
|
#
|
681
837
|
# @option params [Hash<String,String>] :tags
|
682
|
-
# The tags to be added to a new
|
838
|
+
# The tags to be added to a new threat list resource.
|
683
839
|
#
|
684
840
|
# @return [Types::CreateThreatIntelSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
685
841
|
#
|
@@ -712,8 +868,8 @@ module Aws::GuardDuty
|
|
712
868
|
req.send_request(options)
|
713
869
|
end
|
714
870
|
|
715
|
-
# Declines invitations sent to the current member account by AWS
|
716
|
-
# specified by their account IDs.
|
871
|
+
# Declines invitations sent to the current member account by AWS
|
872
|
+
# accounts specified by their account IDs.
|
717
873
|
#
|
718
874
|
# @option params [required, Array<String>] :account_ids
|
719
875
|
# A list of account IDs of the AWS accounts that sent invitations to the
|
@@ -744,7 +900,8 @@ module Aws::GuardDuty
|
|
744
900
|
req.send_request(options)
|
745
901
|
end
|
746
902
|
|
747
|
-
# Deletes
|
903
|
+
# Deletes an Amazon GuardDuty detector that is specified by the detector
|
904
|
+
# ID.
|
748
905
|
#
|
749
906
|
# @option params [required, String] :detector_id
|
750
907
|
# The unique ID of the detector that you want to delete.
|
@@ -769,10 +926,10 @@ module Aws::GuardDuty
|
|
769
926
|
# Deletes the filter specified by the filter name.
|
770
927
|
#
|
771
928
|
# @option params [required, String] :detector_id
|
772
|
-
# The unique ID of the detector the filter is associated with.
|
929
|
+
# The unique ID of the detector that the filter is associated with.
|
773
930
|
#
|
774
931
|
# @option params [required, String] :filter_name
|
775
|
-
# The name of the filter you want to delete.
|
932
|
+
# The name of the filter that you want to delete.
|
776
933
|
#
|
777
934
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
778
935
|
#
|
@@ -793,7 +950,7 @@ module Aws::GuardDuty
|
|
793
950
|
end
|
794
951
|
|
795
952
|
# Deletes the IPSet specified by the `ipSetId`. IPSets are called
|
796
|
-
#
|
953
|
+
# trusted IP lists in the console user interface.
|
797
954
|
#
|
798
955
|
# @option params [required, String] :detector_id
|
799
956
|
# The unique ID of the detector associated with the IPSet.
|
@@ -915,13 +1072,14 @@ module Aws::GuardDuty
|
|
915
1072
|
req.send_request(options)
|
916
1073
|
end
|
917
1074
|
|
918
|
-
# Deletes ThreatIntelSet specified by the ThreatIntelSet ID.
|
1075
|
+
# Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
|
919
1076
|
#
|
920
1077
|
# @option params [required, String] :detector_id
|
921
|
-
# The unique ID of the detector the threatIntelSet is associated
|
1078
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
1079
|
+
# with.
|
922
1080
|
#
|
923
1081
|
# @option params [required, String] :threat_intel_set_id
|
924
|
-
# The unique ID of the threatIntelSet you want to delete.
|
1082
|
+
# The unique ID of the threatIntelSet that you want to delete.
|
925
1083
|
#
|
926
1084
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
927
1085
|
#
|
@@ -941,6 +1099,38 @@ module Aws::GuardDuty
|
|
941
1099
|
req.send_request(options)
|
942
1100
|
end
|
943
1101
|
|
1102
|
+
# Returns information about the account selected as the delegated
|
1103
|
+
# administrator for GuardDuty.
|
1104
|
+
#
|
1105
|
+
# @option params [required, String] :detector_id
|
1106
|
+
# The ID of the detector to retrieve information about the delegated
|
1107
|
+
# administrator from.
|
1108
|
+
#
|
1109
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1110
|
+
#
|
1111
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
1112
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
1113
|
+
#
|
1114
|
+
# @example Request syntax with placeholder values
|
1115
|
+
#
|
1116
|
+
# resp = client.describe_organization_configuration({
|
1117
|
+
# detector_id: "DetectorId", # required
|
1118
|
+
# })
|
1119
|
+
#
|
1120
|
+
# @example Response structure
|
1121
|
+
#
|
1122
|
+
# resp.auto_enable #=> Boolean
|
1123
|
+
# resp.member_account_limit_reached #=> Boolean
|
1124
|
+
#
|
1125
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
1126
|
+
#
|
1127
|
+
# @overload describe_organization_configuration(params = {})
|
1128
|
+
# @param [Hash] params ({})
|
1129
|
+
def describe_organization_configuration(params = {}, options = {})
|
1130
|
+
req = build_request(:describe_organization_configuration, params)
|
1131
|
+
req.send_request(options)
|
1132
|
+
end
|
1133
|
+
|
944
1134
|
# Returns information about the publishing destination specified by the
|
945
1135
|
# provided `destinationId`.
|
946
1136
|
#
|
@@ -984,6 +1174,30 @@ module Aws::GuardDuty
|
|
984
1174
|
req.send_request(options)
|
985
1175
|
end
|
986
1176
|
|
1177
|
+
# Disables an AWS account within the Organization as the GuardDuty
|
1178
|
+
# delegated administrator.
|
1179
|
+
#
|
1180
|
+
# @option params [required, String] :admin_account_id
|
1181
|
+
# The AWS Account ID for the organizations account to be disabled as a
|
1182
|
+
# GuardDuty delegated administrator.
|
1183
|
+
#
|
1184
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1185
|
+
#
|
1186
|
+
# @example Request syntax with placeholder values
|
1187
|
+
#
|
1188
|
+
# resp = client.disable_organization_admin_account({
|
1189
|
+
# admin_account_id: "String", # required
|
1190
|
+
# })
|
1191
|
+
#
|
1192
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisableOrganizationAdminAccount AWS API Documentation
|
1193
|
+
#
|
1194
|
+
# @overload disable_organization_admin_account(params = {})
|
1195
|
+
# @param [Hash] params ({})
|
1196
|
+
def disable_organization_admin_account(params = {}, options = {})
|
1197
|
+
req = build_request(:disable_organization_admin_account, params)
|
1198
|
+
req.send_request(options)
|
1199
|
+
end
|
1200
|
+
|
987
1201
|
# Disassociates the current GuardDuty member account from its master
|
988
1202
|
# account.
|
989
1203
|
#
|
@@ -1012,11 +1226,11 @@ module Aws::GuardDuty
|
|
1012
1226
|
#
|
1013
1227
|
# @option params [required, String] :detector_id
|
1014
1228
|
# The unique ID of the detector of the GuardDuty account whose members
|
1015
|
-
# you want to disassociate from master.
|
1229
|
+
# you want to disassociate from the master account.
|
1016
1230
|
#
|
1017
1231
|
# @option params [required, Array<String>] :account_ids
|
1018
1232
|
# A list of account IDs of the GuardDuty member accounts that you want
|
1019
|
-
# to disassociate from master.
|
1233
|
+
# to disassociate from the master account.
|
1020
1234
|
#
|
1021
1235
|
# @return [Types::DisassociateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1022
1236
|
#
|
@@ -1044,6 +1258,30 @@ module Aws::GuardDuty
|
|
1044
1258
|
req.send_request(options)
|
1045
1259
|
end
|
1046
1260
|
|
1261
|
+
# Enables an AWS account within the organization as the GuardDuty
|
1262
|
+
# delegated administrator.
|
1263
|
+
#
|
1264
|
+
# @option params [required, String] :admin_account_id
|
1265
|
+
# The AWS Account ID for the organization account to be enabled as a
|
1266
|
+
# GuardDuty delegated administrator.
|
1267
|
+
#
|
1268
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1269
|
+
#
|
1270
|
+
# @example Request syntax with placeholder values
|
1271
|
+
#
|
1272
|
+
# resp = client.enable_organization_admin_account({
|
1273
|
+
# admin_account_id: "String", # required
|
1274
|
+
# })
|
1275
|
+
#
|
1276
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EnableOrganizationAdminAccount AWS API Documentation
|
1277
|
+
#
|
1278
|
+
# @overload enable_organization_admin_account(params = {})
|
1279
|
+
# @param [Hash] params ({})
|
1280
|
+
def enable_organization_admin_account(params = {}, options = {})
|
1281
|
+
req = build_request(:enable_organization_admin_account, params)
|
1282
|
+
req.send_request(options)
|
1283
|
+
end
|
1284
|
+
|
1047
1285
|
# Retrieves an Amazon GuardDuty detector specified by the detectorId.
|
1048
1286
|
#
|
1049
1287
|
# @option params [required, String] :detector_id
|
@@ -1086,7 +1324,7 @@ module Aws::GuardDuty
|
|
1086
1324
|
# Returns the details of the filter specified by the filter name.
|
1087
1325
|
#
|
1088
1326
|
# @option params [required, String] :detector_id
|
1089
|
-
# The unique ID of the detector the filter is associated with.
|
1327
|
+
# The unique ID of the detector that the filter is associated with.
|
1090
1328
|
#
|
1091
1329
|
# @option params [required, String] :filter_name
|
1092
1330
|
# The name of the filter you want to get.
|
@@ -1149,7 +1387,7 @@ module Aws::GuardDuty
|
|
1149
1387
|
# findings you want to retrieve.
|
1150
1388
|
#
|
1151
1389
|
# @option params [required, Array<String>] :finding_ids
|
1152
|
-
# IDs of the findings that you want to retrieve.
|
1390
|
+
# The IDs of the findings that you want to retrieve.
|
1153
1391
|
#
|
1154
1392
|
# @option params [Types::SortCriteria] :sort_criteria
|
1155
1393
|
# Represents the criteria used for sorting findings.
|
@@ -1294,18 +1532,18 @@ module Aws::GuardDuty
|
|
1294
1532
|
req.send_request(options)
|
1295
1533
|
end
|
1296
1534
|
|
1297
|
-
# Lists Amazon GuardDuty findings
|
1298
|
-
#
|
1535
|
+
# Lists Amazon GuardDuty findings statistics for the specified detector
|
1536
|
+
# ID.
|
1299
1537
|
#
|
1300
1538
|
# @option params [required, String] :detector_id
|
1301
1539
|
# The ID of the detector that specifies the GuardDuty service whose
|
1302
1540
|
# findings' statistics you want to retrieve.
|
1303
1541
|
#
|
1304
1542
|
# @option params [required, Array<String>] :finding_statistic_types
|
1305
|
-
#
|
1543
|
+
# The types of finding statistics to retrieve.
|
1306
1544
|
#
|
1307
1545
|
# @option params [Types::FindingCriteria] :finding_criteria
|
1308
|
-
# Represents the criteria used for querying findings.
|
1546
|
+
# Represents the criteria that is used for querying findings.
|
1309
1547
|
#
|
1310
1548
|
# @return [Types::GetFindingsStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1311
1549
|
#
|
@@ -1353,7 +1591,7 @@ module Aws::GuardDuty
|
|
1353
1591
|
# Retrieves the IPSet specified by the `ipSetId`.
|
1354
1592
|
#
|
1355
1593
|
# @option params [required, String] :detector_id
|
1356
|
-
# The unique ID of the detector the
|
1594
|
+
# The unique ID of the detector that the IPSet is associated with.
|
1357
1595
|
#
|
1358
1596
|
# @option params [required, String] :ip_set_id
|
1359
1597
|
# The unique ID of the IPSet to retrieve.
|
@@ -1494,10 +1732,11 @@ module Aws::GuardDuty
|
|
1494
1732
|
# ID.
|
1495
1733
|
#
|
1496
1734
|
# @option params [required, String] :detector_id
|
1497
|
-
# The unique ID of the detector the threatIntelSet is associated
|
1735
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
1736
|
+
# with.
|
1498
1737
|
#
|
1499
1738
|
# @option params [required, String] :threat_intel_set_id
|
1500
|
-
# The unique ID of the threatIntelSet you want to get.
|
1739
|
+
# The unique ID of the threatIntelSet that you want to get.
|
1501
1740
|
#
|
1502
1741
|
# @return [Types::GetThreatIntelSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1503
1742
|
#
|
@@ -1533,20 +1772,20 @@ module Aws::GuardDuty
|
|
1533
1772
|
end
|
1534
1773
|
|
1535
1774
|
# Invites other AWS accounts (created as members of the current AWS
|
1536
|
-
# account by CreateMembers) to enable GuardDuty and allow the current
|
1775
|
+
# account by CreateMembers) to enable GuardDuty, and allow the current
|
1537
1776
|
# AWS account to view and manage these accounts' GuardDuty findings on
|
1538
1777
|
# their behalf as the master account.
|
1539
1778
|
#
|
1540
1779
|
# @option params [required, String] :detector_id
|
1541
|
-
# The unique ID of the detector of the GuardDuty account
|
1542
|
-
#
|
1780
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
1781
|
+
# to invite members with.
|
1543
1782
|
#
|
1544
1783
|
# @option params [required, Array<String>] :account_ids
|
1545
1784
|
# A list of account IDs of the accounts that you want to invite to
|
1546
1785
|
# GuardDuty as members.
|
1547
1786
|
#
|
1548
1787
|
# @option params [Boolean] :disable_email_notification
|
1549
|
-
# A
|
1788
|
+
# A Boolean value that specifies whether you want to disable email
|
1550
1789
|
# notification to the accounts that you’re inviting to GuardDuty as
|
1551
1790
|
# members.
|
1552
1791
|
#
|
@@ -1586,14 +1825,14 @@ module Aws::GuardDuty
|
|
1586
1825
|
# resources.
|
1587
1826
|
#
|
1588
1827
|
# @option params [Integer] :max_results
|
1589
|
-
# You can use this parameter to indicate the maximum number of items
|
1590
|
-
# want in the response. The default value is 50. The maximum
|
1591
|
-
# 50.
|
1828
|
+
# You can use this parameter to indicate the maximum number of items
|
1829
|
+
# that you want in the response. The default value is 50. The maximum
|
1830
|
+
# value is 50.
|
1592
1831
|
#
|
1593
1832
|
# @option params [String] :next_token
|
1594
1833
|
# You can use this parameter when paginating results. Set the value of
|
1595
1834
|
# this parameter to null on your first call to the list action. For
|
1596
|
-
# subsequent calls to the action fill nextToken in the request with the
|
1835
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1597
1836
|
# value of NextToken from the previous response to continue listing
|
1598
1837
|
# data.
|
1599
1838
|
#
|
@@ -1602,6 +1841,8 @@ module Aws::GuardDuty
|
|
1602
1841
|
# * {Types::ListDetectorsResponse#detector_ids #detector_ids} => Array<String>
|
1603
1842
|
# * {Types::ListDetectorsResponse#next_token #next_token} => String
|
1604
1843
|
#
|
1844
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1845
|
+
#
|
1605
1846
|
# @example Request syntax with placeholder values
|
1606
1847
|
#
|
1607
1848
|
# resp = client.list_detectors({
|
@@ -1627,17 +1868,17 @@ module Aws::GuardDuty
|
|
1627
1868
|
# Returns a paginated list of the current filters.
|
1628
1869
|
#
|
1629
1870
|
# @option params [required, String] :detector_id
|
1630
|
-
# The unique ID of the detector the filter is associated with.
|
1871
|
+
# The unique ID of the detector that the filter is associated with.
|
1631
1872
|
#
|
1632
1873
|
# @option params [Integer] :max_results
|
1633
|
-
# You can use this parameter to indicate the maximum number of items
|
1634
|
-
# want in the response. The default value is 50. The maximum
|
1635
|
-
# 50.
|
1874
|
+
# You can use this parameter to indicate the maximum number of items
|
1875
|
+
# that you want in the response. The default value is 50. The maximum
|
1876
|
+
# value is 50.
|
1636
1877
|
#
|
1637
1878
|
# @option params [String] :next_token
|
1638
1879
|
# You can use this parameter when paginating results. Set the value of
|
1639
1880
|
# this parameter to null on your first call to the list action. For
|
1640
|
-
# subsequent calls to the action fill nextToken in the request with the
|
1881
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1641
1882
|
# value of NextToken from the previous response to continue listing
|
1642
1883
|
# data.
|
1643
1884
|
#
|
@@ -1646,6 +1887,8 @@ module Aws::GuardDuty
|
|
1646
1887
|
# * {Types::ListFiltersResponse#filter_names #filter_names} => Array<String>
|
1647
1888
|
# * {Types::ListFiltersResponse#next_token #next_token} => String
|
1648
1889
|
#
|
1890
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1891
|
+
#
|
1649
1892
|
# @example Request syntax with placeholder values
|
1650
1893
|
#
|
1651
1894
|
# resp = client.list_filters({
|
@@ -1799,7 +2042,7 @@ module Aws::GuardDuty
|
|
1799
2042
|
# @option params [String] :next_token
|
1800
2043
|
# You can use this parameter when paginating results. Set the value of
|
1801
2044
|
# this parameter to null on your first call to the list action. For
|
1802
|
-
# subsequent calls to the action fill nextToken in the request with the
|
2045
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1803
2046
|
# value of NextToken from the previous response to continue listing
|
1804
2047
|
# data.
|
1805
2048
|
#
|
@@ -1808,6 +2051,8 @@ module Aws::GuardDuty
|
|
1808
2051
|
# * {Types::ListFindingsResponse#finding_ids #finding_ids} => Array<String>
|
1809
2052
|
# * {Types::ListFindingsResponse#next_token #next_token} => String
|
1810
2053
|
#
|
2054
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2055
|
+
#
|
1811
2056
|
# @example Request syntax with placeholder values
|
1812
2057
|
#
|
1813
2058
|
# resp = client.list_findings({
|
@@ -1858,7 +2103,7 @@ module Aws::GuardDuty
|
|
1858
2103
|
# returned are the IPSets from the associated master account.
|
1859
2104
|
#
|
1860
2105
|
# @option params [required, String] :detector_id
|
1861
|
-
# The unique ID of the detector the
|
2106
|
+
# The unique ID of the detector that the IPSet is associated with.
|
1862
2107
|
#
|
1863
2108
|
# @option params [Integer] :max_results
|
1864
2109
|
# You can use this parameter to indicate the maximum number of items you
|
@@ -1868,7 +2113,7 @@ module Aws::GuardDuty
|
|
1868
2113
|
# @option params [String] :next_token
|
1869
2114
|
# You can use this parameter when paginating results. Set the value of
|
1870
2115
|
# this parameter to null on your first call to the list action. For
|
1871
|
-
# subsequent calls to the action fill nextToken in the request with the
|
2116
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1872
2117
|
# value of NextToken from the previous response to continue listing
|
1873
2118
|
# data.
|
1874
2119
|
#
|
@@ -1877,6 +2122,8 @@ module Aws::GuardDuty
|
|
1877
2122
|
# * {Types::ListIPSetsResponse#ip_set_ids #ip_set_ids} => Array<String>
|
1878
2123
|
# * {Types::ListIPSetsResponse#next_token #next_token} => String
|
1879
2124
|
#
|
2125
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2126
|
+
#
|
1880
2127
|
# @example Request syntax with placeholder values
|
1881
2128
|
#
|
1882
2129
|
# resp = client.list_ip_sets({
|
@@ -1904,14 +2151,14 @@ module Aws::GuardDuty
|
|
1904
2151
|
# current AWS account.
|
1905
2152
|
#
|
1906
2153
|
# @option params [Integer] :max_results
|
1907
|
-
# You can use this parameter to indicate the maximum number of items
|
1908
|
-
# want in the response. The default value is 50. The maximum
|
1909
|
-
# 50.
|
2154
|
+
# You can use this parameter to indicate the maximum number of items
|
2155
|
+
# that you want in the response. The default value is 50. The maximum
|
2156
|
+
# value is 50.
|
1910
2157
|
#
|
1911
2158
|
# @option params [String] :next_token
|
1912
2159
|
# You can use this parameter when paginating results. Set the value of
|
1913
2160
|
# this parameter to null on your first call to the list action. For
|
1914
|
-
# subsequent calls to the action fill nextToken in the request with the
|
2161
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1915
2162
|
# value of NextToken from the previous response to continue listing
|
1916
2163
|
# data.
|
1917
2164
|
#
|
@@ -1920,6 +2167,8 @@ module Aws::GuardDuty
|
|
1920
2167
|
# * {Types::ListInvitationsResponse#invitations #invitations} => Array<Types::Invitation>
|
1921
2168
|
# * {Types::ListInvitationsResponse#next_token #next_token} => String
|
1922
2169
|
#
|
2170
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2171
|
+
#
|
1923
2172
|
# @example Request syntax with placeholder values
|
1924
2173
|
#
|
1925
2174
|
# resp = client.list_invitations({
|
@@ -1945,8 +2194,8 @@ module Aws::GuardDuty
|
|
1945
2194
|
req.send_request(options)
|
1946
2195
|
end
|
1947
2196
|
|
1948
|
-
# Lists details about
|
1949
|
-
# master account.
|
2197
|
+
# Lists details about associated member accounts for the current
|
2198
|
+
# GuardDuty master account.
|
1950
2199
|
#
|
1951
2200
|
# @option params [required, String] :detector_id
|
1952
2201
|
# The unique ID of the detector the member is associated with.
|
@@ -1959,20 +2208,24 @@ module Aws::GuardDuty
|
|
1959
2208
|
# @option params [String] :next_token
|
1960
2209
|
# You can use this parameter when paginating results. Set the value of
|
1961
2210
|
# this parameter to null on your first call to the list action. For
|
1962
|
-
# subsequent calls to the action fill nextToken in the request with the
|
2211
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
1963
2212
|
# value of NextToken from the previous response to continue listing
|
1964
2213
|
# data.
|
1965
2214
|
#
|
1966
2215
|
# @option params [String] :only_associated
|
1967
|
-
# Specifies
|
1968
|
-
#
|
1969
|
-
#
|
2216
|
+
# Specifies what member accounts the response includes based on their
|
2217
|
+
# relationship status with the master account. The default value is
|
2218
|
+
# "true". If set to "false" the response includes all existing
|
2219
|
+
# member accounts (including members who haven't been invited yet or
|
2220
|
+
# have been disassociated).
|
1970
2221
|
#
|
1971
2222
|
# @return [Types::ListMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1972
2223
|
#
|
1973
2224
|
# * {Types::ListMembersResponse#members #members} => Array<Types::Member>
|
1974
2225
|
# * {Types::ListMembersResponse#next_token #next_token} => String
|
1975
2226
|
#
|
2227
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2228
|
+
#
|
1976
2229
|
# @example Request syntax with placeholder values
|
1977
2230
|
#
|
1978
2231
|
# resp = client.list_members({
|
@@ -2003,6 +2256,48 @@ module Aws::GuardDuty
|
|
2003
2256
|
req.send_request(options)
|
2004
2257
|
end
|
2005
2258
|
|
2259
|
+
# Lists the accounts configured as GuardDuty delegated administrators.
|
2260
|
+
#
|
2261
|
+
# @option params [Integer] :max_results
|
2262
|
+
# The maximum number of results to return in the response.
|
2263
|
+
#
|
2264
|
+
# @option params [String] :next_token
|
2265
|
+
# A token to use for paginating results that are returned in the
|
2266
|
+
# response. Set the value of this parameter to null for the first
|
2267
|
+
# request to a list action. For subsequent calls, use the `NextToken`
|
2268
|
+
# value returned from the previous request to continue listing results
|
2269
|
+
# after the first page.
|
2270
|
+
#
|
2271
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2272
|
+
#
|
2273
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
2274
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
2275
|
+
#
|
2276
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2277
|
+
#
|
2278
|
+
# @example Request syntax with placeholder values
|
2279
|
+
#
|
2280
|
+
# resp = client.list_organization_admin_accounts({
|
2281
|
+
# max_results: 1,
|
2282
|
+
# next_token: "String",
|
2283
|
+
# })
|
2284
|
+
#
|
2285
|
+
# @example Response structure
|
2286
|
+
#
|
2287
|
+
# resp.admin_accounts #=> Array
|
2288
|
+
# resp.admin_accounts[0].admin_account_id #=> String
|
2289
|
+
# resp.admin_accounts[0].admin_status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
2290
|
+
# resp.next_token #=> String
|
2291
|
+
#
|
2292
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListOrganizationAdminAccounts AWS API Documentation
|
2293
|
+
#
|
2294
|
+
# @overload list_organization_admin_accounts(params = {})
|
2295
|
+
# @param [Hash] params ({})
|
2296
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
2297
|
+
req = build_request(:list_organization_admin_accounts, params)
|
2298
|
+
req.send_request(options)
|
2299
|
+
end
|
2300
|
+
|
2006
2301
|
# Returns a list of publishing destinations associated with the
|
2007
2302
|
# specified `dectectorId`.
|
2008
2303
|
#
|
@@ -2013,16 +2308,19 @@ module Aws::GuardDuty
|
|
2013
2308
|
# The maximum number of results to return in the response.
|
2014
2309
|
#
|
2015
2310
|
# @option params [String] :next_token
|
2016
|
-
# A token to use for paginating results returned in the
|
2017
|
-
# the value of this parameter to null for the first
|
2018
|
-
# action. For subsequent calls, use the `NextToken`
|
2019
|
-
# the previous request to continue listing results
|
2311
|
+
# A token to use for paginating results that are returned in the
|
2312
|
+
# response. Set the value of this parameter to null for the first
|
2313
|
+
# request to a list action. For subsequent calls, use the `NextToken`
|
2314
|
+
# value returned from the previous request to continue listing results
|
2315
|
+
# after the first page.
|
2020
2316
|
#
|
2021
2317
|
# @return [Types::ListPublishingDestinationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2022
2318
|
#
|
2023
2319
|
# * {Types::ListPublishingDestinationsResponse#destinations #destinations} => Array<Types::Destination>
|
2024
2320
|
# * {Types::ListPublishingDestinationsResponse#next_token #next_token} => String
|
2025
2321
|
#
|
2322
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2323
|
+
#
|
2026
2324
|
# @example Request syntax with placeholder values
|
2027
2325
|
#
|
2028
2326
|
# resp = client.list_publishing_destinations({
|
@@ -2049,12 +2347,12 @@ module Aws::GuardDuty
|
|
2049
2347
|
end
|
2050
2348
|
|
2051
2349
|
# Lists tags for a resource. Tagging is currently supported for
|
2052
|
-
# detectors, finding filters, IP sets, and
|
2350
|
+
# detectors, finding filters, IP sets, and threat intel sets, with a
|
2053
2351
|
# limit of 50 tags per resource. When invoked, this operation returns
|
2054
|
-
# all assigned tags for a given resource
|
2352
|
+
# all assigned tags for a given resource.
|
2055
2353
|
#
|
2056
2354
|
# @option params [required, String] :resource_arn
|
2057
|
-
# The Amazon Resource Name (ARN) for the given GuardDuty resource
|
2355
|
+
# The Amazon Resource Name (ARN) for the given GuardDuty resource.
|
2058
2356
|
#
|
2059
2357
|
# @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2060
2358
|
#
|
@@ -2085,17 +2383,18 @@ module Aws::GuardDuty
|
|
2085
2383
|
# ThreatIntelSets associated with the master account are returned.
|
2086
2384
|
#
|
2087
2385
|
# @option params [required, String] :detector_id
|
2088
|
-
# The unique ID of the detector the threatIntelSet is associated
|
2386
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
2387
|
+
# with.
|
2089
2388
|
#
|
2090
2389
|
# @option params [Integer] :max_results
|
2091
|
-
# You can use this parameter to indicate the maximum number of items
|
2092
|
-
# want in the response. The default value is 50. The maximum
|
2093
|
-
# 50.
|
2390
|
+
# You can use this parameter to indicate the maximum number of items
|
2391
|
+
# that you want in the response. The default value is 50. The maximum
|
2392
|
+
# value is 50.
|
2094
2393
|
#
|
2095
2394
|
# @option params [String] :next_token
|
2096
2395
|
# You can use this parameter to paginate results in the response. Set
|
2097
2396
|
# the value of this parameter to null on your first call to the list
|
2098
|
-
# action. For subsequent calls to the action fill nextToken in the
|
2397
|
+
# action. For subsequent calls to the action, fill nextToken in the
|
2099
2398
|
# request with the value of NextToken from the previous response to
|
2100
2399
|
# continue listing data.
|
2101
2400
|
#
|
@@ -2104,6 +2403,8 @@ module Aws::GuardDuty
|
|
2104
2403
|
# * {Types::ListThreatIntelSetsResponse#threat_intel_set_ids #threat_intel_set_ids} => Array<String>
|
2105
2404
|
# * {Types::ListThreatIntelSetsResponse#next_token #next_token} => String
|
2106
2405
|
#
|
2406
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2407
|
+
#
|
2107
2408
|
# @example Request syntax with placeholder values
|
2108
2409
|
#
|
2109
2410
|
# resp = client.list_threat_intel_sets({
|
@@ -2165,16 +2466,16 @@ module Aws::GuardDuty
|
|
2165
2466
|
req.send_request(options)
|
2166
2467
|
end
|
2167
2468
|
|
2168
|
-
# Stops GuardDuty monitoring for the specified member
|
2169
|
-
# `StartMonitoringMembers` to restart monitoring for those
|
2469
|
+
# Stops GuardDuty monitoring for the specified member accounts. Use the
|
2470
|
+
# `StartMonitoringMembers` operation to restart monitoring for those
|
2471
|
+
# accounts.
|
2170
2472
|
#
|
2171
2473
|
# @option params [required, String] :detector_id
|
2172
|
-
# The unique ID of the detector
|
2173
|
-
#
|
2474
|
+
# The unique ID of the detector associated with the GuardDuty master
|
2475
|
+
# account that is monitoring member accounts.
|
2174
2476
|
#
|
2175
2477
|
# @option params [required, Array<String>] :account_ids
|
2176
|
-
# A list of account IDs
|
2177
|
-
# you want the master account to stop monitoring.
|
2478
|
+
# A list of account IDs for the member accounts to stop monitoring.
|
2178
2479
|
#
|
2179
2480
|
# @return [Types::StopMonitoringMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2180
2481
|
#
|
@@ -2237,7 +2538,7 @@ module Aws::GuardDuty
|
|
2237
2538
|
# The ID of the detector associated with the findings to unarchive.
|
2238
2539
|
#
|
2239
2540
|
# @option params [required, Array<String>] :finding_ids
|
2240
|
-
# IDs of the findings to unarchive.
|
2541
|
+
# The IDs of the findings to unarchive.
|
2241
2542
|
#
|
2242
2543
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2243
2544
|
#
|
@@ -2292,8 +2593,8 @@ module Aws::GuardDuty
|
|
2292
2593
|
# Specifies whether the detector is enabled or not enabled.
|
2293
2594
|
#
|
2294
2595
|
# @option params [String] :finding_publishing_frequency
|
2295
|
-
#
|
2296
|
-
# as to CloudWatch Events.
|
2596
|
+
# An enum value that specifies how frequently findings are exported,
|
2597
|
+
# such as to CloudWatch Events.
|
2297
2598
|
#
|
2298
2599
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2299
2600
|
#
|
@@ -2391,7 +2692,7 @@ module Aws::GuardDuty
|
|
2391
2692
|
# for.
|
2392
2693
|
#
|
2393
2694
|
# @option params [required, Array<String>] :finding_ids
|
2394
|
-
# IDs of the findings that you want to mark as useful or not useful.
|
2695
|
+
# The IDs of the findings that you want to mark as useful or not useful.
|
2395
2696
|
#
|
2396
2697
|
# @option params [required, String] :feedback
|
2397
2698
|
# The feedback for the finding.
|
@@ -2432,11 +2733,10 @@ module Aws::GuardDuty
|
|
2432
2733
|
# The unique ID that specifies the IPSet that you want to update.
|
2433
2734
|
#
|
2434
2735
|
# @option params [String] :location
|
2435
|
-
# The updated URI of the file that contains the IPSet.
|
2436
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
2736
|
+
# The updated URI of the file that contains the IPSet.
|
2437
2737
|
#
|
2438
2738
|
# @option params [Boolean] :activate
|
2439
|
-
# The updated
|
2739
|
+
# The updated Boolean value that specifies whether the IPSet is active
|
2440
2740
|
# or not.
|
2441
2741
|
#
|
2442
2742
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -2460,16 +2760,43 @@ module Aws::GuardDuty
|
|
2460
2760
|
req.send_request(options)
|
2461
2761
|
end
|
2462
2762
|
|
2763
|
+
# Updates the delegated administrator account with the values provided.
|
2764
|
+
#
|
2765
|
+
# @option params [required, String] :detector_id
|
2766
|
+
# The ID of the detector to update the delegated administrator for.
|
2767
|
+
#
|
2768
|
+
# @option params [required, Boolean] :auto_enable
|
2769
|
+
# Indicates whether to automatically enable member accounts in the
|
2770
|
+
# organization.
|
2771
|
+
#
|
2772
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2773
|
+
#
|
2774
|
+
# @example Request syntax with placeholder values
|
2775
|
+
#
|
2776
|
+
# resp = client.update_organization_configuration({
|
2777
|
+
# detector_id: "DetectorId", # required
|
2778
|
+
# auto_enable: false, # required
|
2779
|
+
# })
|
2780
|
+
#
|
2781
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
2782
|
+
#
|
2783
|
+
# @overload update_organization_configuration(params = {})
|
2784
|
+
# @param [Hash] params ({})
|
2785
|
+
def update_organization_configuration(params = {}, options = {})
|
2786
|
+
req = build_request(:update_organization_configuration, params)
|
2787
|
+
req.send_request(options)
|
2788
|
+
end
|
2789
|
+
|
2463
2790
|
# Updates information about the publishing destination specified by the
|
2464
2791
|
# `destinationId`.
|
2465
2792
|
#
|
2466
2793
|
# @option params [required, String] :detector_id
|
2467
|
-
# The ID of the
|
2468
|
-
#
|
2469
|
-
# @option params [required, String] :destination_id
|
2470
2794
|
# The ID of the detector associated with the publishing destinations to
|
2471
2795
|
# update.
|
2472
2796
|
#
|
2797
|
+
# @option params [required, String] :destination_id
|
2798
|
+
# The ID of the publishing destination to update.
|
2799
|
+
#
|
2473
2800
|
# @option params [Types::DestinationProperties] :destination_properties
|
2474
2801
|
# A `DestinationProperties` object that includes the `DestinationArn`
|
2475
2802
|
# and `KmsKeyArn` of the publishing destination.
|
@@ -2496,7 +2823,7 @@ module Aws::GuardDuty
|
|
2496
2823
|
req.send_request(options)
|
2497
2824
|
end
|
2498
2825
|
|
2499
|
-
# Updates the ThreatIntelSet specified by ThreatIntelSet ID.
|
2826
|
+
# Updates the ThreatIntelSet specified by the ThreatIntelSet ID.
|
2500
2827
|
#
|
2501
2828
|
# @option params [required, String] :detector_id
|
2502
2829
|
# The detectorID that specifies the GuardDuty service whose
|
@@ -2511,11 +2838,10 @@ module Aws::GuardDuty
|
|
2511
2838
|
# update.
|
2512
2839
|
#
|
2513
2840
|
# @option params [String] :location
|
2514
|
-
# The updated URI of the file that contains the ThreateIntelSet.
|
2515
|
-
# example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
2841
|
+
# The updated URI of the file that contains the ThreateIntelSet.
|
2516
2842
|
#
|
2517
2843
|
# @option params [Boolean] :activate
|
2518
|
-
# The updated
|
2844
|
+
# The updated Boolean value that specifies whether the ThreateIntelSet
|
2519
2845
|
# is active or not.
|
2520
2846
|
#
|
2521
2847
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -2552,7 +2878,7 @@ module Aws::GuardDuty
|
|
2552
2878
|
params: params,
|
2553
2879
|
config: config)
|
2554
2880
|
context[:gem_name] = 'aws-sdk-guardduty'
|
2555
|
-
context[:gem_version] = '1.
|
2881
|
+
context[:gem_version] = '1.32.0'
|
2556
2882
|
Seahorse::Client::Request.new(handlers, context)
|
2557
2883
|
end
|
2558
2884
|
|