aws-sdk-guardduty 1.28.0 → 1.33.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +425 -140
- data/lib/aws-sdk-guardduty/client_api.rb +106 -0
- data/lib/aws-sdk-guardduty/resource.rb +1 -7
- data/lib/aws-sdk-guardduty/types.rb +564 -271
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 9f9b68221cee35901f261381ef95b37afbc170cb46e24b82b8999dbcb4fa4f89
|
|
4
|
+
data.tar.gz: 3ff66ccd7d3dde96ec16e6cc2487fcf1b9717aa992501067dddad0a17c0809f5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cedd57f50a723b82e372971c6d963e56675d065c7c68c3fb85d5c204c19a7966923e38ab19d9ae4ad7a29bd1141a0e3c695665e07ffeb1a398db9397306e7177
|
|
7
|
+
data.tar.gz: 0005b5eaf77dd5ed96e5493f2dfa0cbb4431f888aa428cb05c9fcb85b53442ae28d154f86e79362e365f0772084596cac633f7cd7d704aa7ce94d2c13459574c
|
data/lib/aws-sdk-guardduty.rb
CHANGED
|
@@ -32,11 +32,11 @@ Aws::Plugins::GlobalConfiguration.add_identifier(:guardduty)
|
|
|
32
32
|
module Aws::GuardDuty
|
|
33
33
|
# An API client for GuardDuty. To construct a client, you need to configure a `:region` and `:credentials`.
|
|
34
34
|
#
|
|
35
|
-
#
|
|
36
|
-
#
|
|
37
|
-
#
|
|
38
|
-
#
|
|
39
|
-
#
|
|
35
|
+
# client = Aws::GuardDuty::Client.new(
|
|
36
|
+
# region: region_name,
|
|
37
|
+
# credentials: credentials,
|
|
38
|
+
# # ...
|
|
39
|
+
# )
|
|
40
40
|
#
|
|
41
41
|
# For details on configuring region and credentials see
|
|
42
42
|
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
|
@@ -105,7 +105,7 @@ module Aws::GuardDuty
|
|
|
105
105
|
# @option options [required, String] :region
|
|
106
106
|
# The AWS region to connect to. The configured `:region` is
|
|
107
107
|
# used to determine the service `:endpoint`. When not passed,
|
|
108
|
-
# a default `:region` is
|
|
108
|
+
# a default `:region` is searched for in the following locations:
|
|
109
109
|
#
|
|
110
110
|
# * `Aws.config[:region]`
|
|
111
111
|
# * `ENV['AWS_REGION']`
|
|
@@ -161,7 +161,7 @@ module Aws::GuardDuty
|
|
|
161
161
|
# @option options [String] :endpoint
|
|
162
162
|
# The client endpoint is normally constructed from the `:region`
|
|
163
163
|
# option. You should only configure an `:endpoint` when connecting
|
|
164
|
-
# to test endpoints. This should be
|
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
|
165
165
|
#
|
|
166
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
|
167
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
|
@@ -176,7 +176,7 @@ module Aws::GuardDuty
|
|
|
176
176
|
# requests fetching endpoints information. Defaults to 60 sec.
|
|
177
177
|
#
|
|
178
178
|
# @option options [Boolean] :endpoint_discovery (false)
|
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
|
179
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
|
180
180
|
#
|
|
181
181
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
|
182
182
|
# The log formatter.
|
|
@@ -229,15 +229,19 @@ module Aws::GuardDuty
|
|
|
229
229
|
#
|
|
230
230
|
# @option options [String] :retry_mode ("legacy")
|
|
231
231
|
# Specifies which retry algorithm to use. Values are:
|
|
232
|
-
#
|
|
233
|
-
#
|
|
234
|
-
#
|
|
235
|
-
#
|
|
236
|
-
#
|
|
237
|
-
#
|
|
238
|
-
#
|
|
239
|
-
#
|
|
240
|
-
#
|
|
232
|
+
#
|
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
|
234
|
+
# no retry mode is provided.
|
|
235
|
+
#
|
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
|
238
|
+
# unsuccessful retries a client can make.
|
|
239
|
+
#
|
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
|
243
|
+
# in the future.
|
|
244
|
+
#
|
|
241
245
|
#
|
|
242
246
|
# @option options [String] :secret_access_key
|
|
243
247
|
#
|
|
@@ -265,8 +269,7 @@ module Aws::GuardDuty
|
|
|
265
269
|
#
|
|
266
270
|
# @option options [Integer] :http_read_timeout (60) The default
|
|
267
271
|
# number of seconds to wait for response data. This value can
|
|
268
|
-
# safely be set
|
|
269
|
-
# per-request on the session yielded by {#session_for}.
|
|
272
|
+
# safely be set per-request on the session.
|
|
270
273
|
#
|
|
271
274
|
# @option options [Float] :http_idle_timeout (5) The number of
|
|
272
275
|
# seconds a connection is allowed to sit idle before it is
|
|
@@ -278,7 +281,7 @@ module Aws::GuardDuty
|
|
|
278
281
|
# request body. This option has no effect unless the request has
|
|
279
282
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
|
280
283
|
# disables this behaviour. This value can safely be set per
|
|
281
|
-
# request on the session
|
|
284
|
+
# request on the session.
|
|
282
285
|
#
|
|
283
286
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
|
284
287
|
# HTTP debug output will be sent to the `:logger`.
|
|
@@ -315,7 +318,7 @@ module Aws::GuardDuty
|
|
|
315
318
|
# you're accepting.
|
|
316
319
|
#
|
|
317
320
|
# @option params [required, String] :invitation_id
|
|
318
|
-
#
|
|
321
|
+
# The value that is used to validate the master account to the member
|
|
319
322
|
# account.
|
|
320
323
|
#
|
|
321
324
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
@@ -337,9 +340,10 @@ module Aws::GuardDuty
|
|
|
337
340
|
req.send_request(options)
|
|
338
341
|
end
|
|
339
342
|
|
|
340
|
-
# Archives GuardDuty findings specified by the list of finding
|
|
343
|
+
# Archives GuardDuty findings that are specified by the list of finding
|
|
344
|
+
# IDs.
|
|
341
345
|
#
|
|
342
|
-
# <note markdown="1"> Only the master account can archive findings. Member accounts
|
|
346
|
+
# <note markdown="1"> Only the master account can archive findings. Member accounts don't
|
|
343
347
|
# have permission to archive findings from their accounts.
|
|
344
348
|
#
|
|
345
349
|
# </note>
|
|
@@ -349,7 +353,7 @@ module Aws::GuardDuty
|
|
|
349
353
|
# findings you want to archive.
|
|
350
354
|
#
|
|
351
355
|
# @option params [required, Array<String>] :finding_ids
|
|
352
|
-
# IDs of the findings that you want to archive.
|
|
356
|
+
# The IDs of the findings that you want to archive.
|
|
353
357
|
#
|
|
354
358
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
355
359
|
#
|
|
@@ -371,11 +375,11 @@ module Aws::GuardDuty
|
|
|
371
375
|
|
|
372
376
|
# Creates a single Amazon GuardDuty detector. A detector is a resource
|
|
373
377
|
# that represents the GuardDuty service. To start using GuardDuty, you
|
|
374
|
-
# must create a detector in each
|
|
375
|
-
# can have only one detector per account per
|
|
378
|
+
# must create a detector in each Region where you enable the service.
|
|
379
|
+
# You can have only one detector per account per Region.
|
|
376
380
|
#
|
|
377
381
|
# @option params [required, Boolean] :enable
|
|
378
|
-
# A
|
|
382
|
+
# A Boolean value that specifies whether the detector is to be enabled.
|
|
379
383
|
#
|
|
380
384
|
# @option params [String] :client_token
|
|
381
385
|
# The idempotency token for the create request.
|
|
@@ -384,8 +388,8 @@ module Aws::GuardDuty
|
|
|
384
388
|
# not need to pass this option.**
|
|
385
389
|
#
|
|
386
390
|
# @option params [String] :finding_publishing_frequency
|
|
387
|
-
#
|
|
388
|
-
#
|
|
391
|
+
# An enum value that specifies how frequently updated findings are
|
|
392
|
+
# exported.
|
|
389
393
|
#
|
|
390
394
|
# @option params [Hash<String,String>] :tags
|
|
391
395
|
# The tags to be added to a new detector resource.
|
|
@@ -421,8 +425,8 @@ module Aws::GuardDuty
|
|
|
421
425
|
# Creates a filter using the specified finding criteria.
|
|
422
426
|
#
|
|
423
427
|
# @option params [required, String] :detector_id
|
|
424
|
-
# The unique ID of the detector of the GuardDuty account
|
|
425
|
-
#
|
|
428
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
|
429
|
+
# to create a filter for.
|
|
426
430
|
#
|
|
427
431
|
# @option params [required, String] :name
|
|
428
432
|
# The name of the filter.
|
|
@@ -443,6 +447,117 @@ module Aws::GuardDuty
|
|
|
443
447
|
# Represents the criteria to be used in the filter for querying
|
|
444
448
|
# findings.
|
|
445
449
|
#
|
|
450
|
+
# You can only use the following attributes to query findings:
|
|
451
|
+
#
|
|
452
|
+
# * accountId
|
|
453
|
+
#
|
|
454
|
+
# * region
|
|
455
|
+
#
|
|
456
|
+
# * confidence
|
|
457
|
+
#
|
|
458
|
+
# * id
|
|
459
|
+
#
|
|
460
|
+
# * resource.accessKeyDetails.accessKeyId
|
|
461
|
+
#
|
|
462
|
+
# * resource.accessKeyDetails.principalId
|
|
463
|
+
#
|
|
464
|
+
# * resource.accessKeyDetails.userName
|
|
465
|
+
#
|
|
466
|
+
# * resource.accessKeyDetails.userType
|
|
467
|
+
#
|
|
468
|
+
# * resource.instanceDetails.iamInstanceProfile.id
|
|
469
|
+
#
|
|
470
|
+
# * resource.instanceDetails.imageId
|
|
471
|
+
#
|
|
472
|
+
# * resource.instanceDetails.instanceId
|
|
473
|
+
#
|
|
474
|
+
# * resource.instanceDetails.outpostArn
|
|
475
|
+
#
|
|
476
|
+
# * resource.instanceDetails.networkInterfaces.ipv6Addresses
|
|
477
|
+
#
|
|
478
|
+
# * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
|
|
479
|
+
#
|
|
480
|
+
# * resource.instanceDetails.networkInterfaces.publicDnsName
|
|
481
|
+
#
|
|
482
|
+
# * resource.instanceDetails.networkInterfaces.publicIp
|
|
483
|
+
#
|
|
484
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupId
|
|
485
|
+
#
|
|
486
|
+
# * resource.instanceDetails.networkInterfaces.securityGroups.groupName
|
|
487
|
+
#
|
|
488
|
+
# * resource.instanceDetails.networkInterfaces.subnetId
|
|
489
|
+
#
|
|
490
|
+
# * resource.instanceDetails.networkInterfaces.vpcId
|
|
491
|
+
#
|
|
492
|
+
# * resource.instanceDetails.tags.key
|
|
493
|
+
#
|
|
494
|
+
# * resource.instanceDetails.tags.value
|
|
495
|
+
#
|
|
496
|
+
# * resource.resourceType
|
|
497
|
+
#
|
|
498
|
+
# * service.action.actionType
|
|
499
|
+
#
|
|
500
|
+
# * service.action.awsApiCallAction.api
|
|
501
|
+
#
|
|
502
|
+
# * service.action.awsApiCallAction.callerType
|
|
503
|
+
#
|
|
504
|
+
# * service.action.awsApiCallAction.remoteIpDetails.city.cityName
|
|
505
|
+
#
|
|
506
|
+
# * service.action.awsApiCallAction.remoteIpDetails.country.countryName
|
|
507
|
+
#
|
|
508
|
+
# * service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
|
|
509
|
+
#
|
|
510
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asn
|
|
511
|
+
#
|
|
512
|
+
# * service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
|
|
513
|
+
#
|
|
514
|
+
# * service.action.awsApiCallAction.serviceName
|
|
515
|
+
#
|
|
516
|
+
# * service.action.dnsRequestAction.domain
|
|
517
|
+
#
|
|
518
|
+
# * service.action.networkConnectionAction.blocked
|
|
519
|
+
#
|
|
520
|
+
# * service.action.networkConnectionAction.connectionDirection
|
|
521
|
+
#
|
|
522
|
+
# * service.action.networkConnectionAction.localPortDetails.port
|
|
523
|
+
#
|
|
524
|
+
# * service.action.networkConnectionAction.protocol
|
|
525
|
+
#
|
|
526
|
+
# * service.action.networkConnectionAction.localIpDetails.ipAddressV4
|
|
527
|
+
#
|
|
528
|
+
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
|
529
|
+
#
|
|
530
|
+
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
|
531
|
+
#
|
|
532
|
+
# * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
|
|
533
|
+
#
|
|
534
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asn
|
|
535
|
+
#
|
|
536
|
+
# * service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
|
|
537
|
+
#
|
|
538
|
+
# * service.action.networkConnectionAction.remotePortDetails.port
|
|
539
|
+
#
|
|
540
|
+
# * service.additionalInfo.threatListName
|
|
541
|
+
#
|
|
542
|
+
# * service.archived
|
|
543
|
+
#
|
|
544
|
+
# When this attribute is set to TRUE, only archived findings are
|
|
545
|
+
# listed. When it's set to FALSE, only unarchived findings are
|
|
546
|
+
# listed. When this attribute is not set, all existing findings are
|
|
547
|
+
# listed.
|
|
548
|
+
#
|
|
549
|
+
# * service.resourceRole
|
|
550
|
+
#
|
|
551
|
+
# * severity
|
|
552
|
+
#
|
|
553
|
+
# * type
|
|
554
|
+
#
|
|
555
|
+
# * updatedAt
|
|
556
|
+
#
|
|
557
|
+
# Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or
|
|
558
|
+
# YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains
|
|
559
|
+
# milliseconds.
|
|
560
|
+
#
|
|
446
561
|
# @option params [String] :client_token
|
|
447
562
|
# The idempotency token for the create request.
|
|
448
563
|
#
|
|
@@ -501,30 +616,31 @@ module Aws::GuardDuty
|
|
|
501
616
|
req.send_request(options)
|
|
502
617
|
end
|
|
503
618
|
|
|
504
|
-
# Creates a new IPSet, called
|
|
505
|
-
# interface. An IPSet is a list IP addresses
|
|
506
|
-
# communication with AWS infrastructure and applications.
|
|
507
|
-
#
|
|
508
|
-
# from the master account can use this
|
|
619
|
+
# Creates a new IPSet, which is called a trusted IP list in the console
|
|
620
|
+
# user interface. An IPSet is a list of IP addresses that are trusted
|
|
621
|
+
# for secure communication with AWS infrastructure and applications.
|
|
622
|
+
# GuardDuty doesn't generate findings for IP addresses that are
|
|
623
|
+
# included in IPSets. Only users from the master account can use this
|
|
624
|
+
# operation.
|
|
509
625
|
#
|
|
510
626
|
# @option params [required, String] :detector_id
|
|
511
|
-
# The unique ID of the detector of the GuardDuty account
|
|
512
|
-
#
|
|
627
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
|
628
|
+
# to create an IPSet for.
|
|
513
629
|
#
|
|
514
630
|
# @option params [required, String] :name
|
|
515
|
-
# The user
|
|
516
|
-
#
|
|
517
|
-
#
|
|
631
|
+
# The user-friendly name to identify the IPSet.
|
|
632
|
+
#
|
|
633
|
+
# Allowed characters are alphanumerics, spaces, hyphens (-), and
|
|
634
|
+
# underscores (\_).
|
|
518
635
|
#
|
|
519
636
|
# @option params [required, String] :format
|
|
520
637
|
# The format of the file that contains the IPSet.
|
|
521
638
|
#
|
|
522
639
|
# @option params [required, String] :location
|
|
523
|
-
# The URI of the file that contains the IPSet.
|
|
524
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
|
640
|
+
# The URI of the file that contains the IPSet.
|
|
525
641
|
#
|
|
526
642
|
# @option params [required, Boolean] :activate
|
|
527
|
-
# A
|
|
643
|
+
# A Boolean value that indicates whether GuardDuty is to start using the
|
|
528
644
|
# uploaded IPSet.
|
|
529
645
|
#
|
|
530
646
|
# @option params [String] :client_token
|
|
@@ -572,8 +688,8 @@ module Aws::GuardDuty
|
|
|
572
688
|
# members to manage GuardDuty in their accounts.
|
|
573
689
|
#
|
|
574
690
|
# @option params [required, String] :detector_id
|
|
575
|
-
# The unique ID of the detector of the GuardDuty account
|
|
576
|
-
#
|
|
691
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
|
692
|
+
# to associate member accounts with.
|
|
577
693
|
#
|
|
578
694
|
# @option params [required, Array<Types::AccountDetail>] :account_details
|
|
579
695
|
# A list of account ID and email address pairs of the accounts that you
|
|
@@ -610,20 +726,20 @@ module Aws::GuardDuty
|
|
|
610
726
|
req.send_request(options)
|
|
611
727
|
end
|
|
612
728
|
|
|
613
|
-
# Creates a publishing destination to
|
|
614
|
-
#
|
|
729
|
+
# Creates a publishing destination to export findings to. The resource
|
|
730
|
+
# to export findings to must exist before you use this operation.
|
|
615
731
|
#
|
|
616
732
|
# @option params [required, String] :detector_id
|
|
617
733
|
# The ID of the GuardDuty detector associated with the publishing
|
|
618
734
|
# destination.
|
|
619
735
|
#
|
|
620
736
|
# @option params [required, String] :destination_type
|
|
621
|
-
# The type of resource for the publishing destination. Currently only
|
|
622
|
-
#
|
|
737
|
+
# The type of resource for the publishing destination. Currently only
|
|
738
|
+
# Amazon S3 buckets are supported.
|
|
623
739
|
#
|
|
624
740
|
# @option params [required, Types::DestinationProperties] :destination_properties
|
|
625
|
-
#
|
|
626
|
-
# destination and the KMS key used for encryption.
|
|
741
|
+
# The properties of the publishing destination, including the ARNs for
|
|
742
|
+
# the destination and the KMS key used for encryption.
|
|
627
743
|
#
|
|
628
744
|
# @option params [String] :client_token
|
|
629
745
|
# The idempotency token for the request.
|
|
@@ -668,7 +784,7 @@ module Aws::GuardDuty
|
|
|
668
784
|
# The ID of the detector to create sample findings for.
|
|
669
785
|
#
|
|
670
786
|
# @option params [Array<String>] :finding_types
|
|
671
|
-
#
|
|
787
|
+
# The types of sample findings to generate.
|
|
672
788
|
#
|
|
673
789
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
674
790
|
#
|
|
@@ -688,17 +804,17 @@ module Aws::GuardDuty
|
|
|
688
804
|
req.send_request(options)
|
|
689
805
|
end
|
|
690
806
|
|
|
691
|
-
#
|
|
807
|
+
# Creates a new ThreatIntelSet. ThreatIntelSets consist of known
|
|
692
808
|
# malicious IP addresses. GuardDuty generates findings based on
|
|
693
809
|
# ThreatIntelSets. Only users of the master account can use this
|
|
694
810
|
# operation.
|
|
695
811
|
#
|
|
696
812
|
# @option params [required, String] :detector_id
|
|
697
|
-
# The unique ID of the detector of the GuardDuty account
|
|
698
|
-
#
|
|
813
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
|
814
|
+
# to create a threatIntelSet for.
|
|
699
815
|
#
|
|
700
816
|
# @option params [required, String] :name
|
|
701
|
-
# A user-friendly ThreatIntelSet name
|
|
817
|
+
# A user-friendly ThreatIntelSet name displayed in all findings that are
|
|
702
818
|
# generated by activity that involves IP addresses included in this
|
|
703
819
|
# ThreatIntelSet.
|
|
704
820
|
#
|
|
@@ -706,11 +822,10 @@ module Aws::GuardDuty
|
|
|
706
822
|
# The format of the file that contains the ThreatIntelSet.
|
|
707
823
|
#
|
|
708
824
|
# @option params [required, String] :location
|
|
709
|
-
# The URI of the file that contains the ThreatIntelSet.
|
|
710
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
|
825
|
+
# The URI of the file that contains the ThreatIntelSet.
|
|
711
826
|
#
|
|
712
827
|
# @option params [required, Boolean] :activate
|
|
713
|
-
# A
|
|
828
|
+
# A Boolean value that indicates whether GuardDuty is to start using the
|
|
714
829
|
# uploaded ThreatIntelSet.
|
|
715
830
|
#
|
|
716
831
|
# @option params [String] :client_token
|
|
@@ -720,7 +835,7 @@ module Aws::GuardDuty
|
|
|
720
835
|
# not need to pass this option.**
|
|
721
836
|
#
|
|
722
837
|
# @option params [Hash<String,String>] :tags
|
|
723
|
-
# The tags to be added to a new
|
|
838
|
+
# The tags to be added to a new threat list resource.
|
|
724
839
|
#
|
|
725
840
|
# @return [Types::CreateThreatIntelSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
726
841
|
#
|
|
@@ -753,8 +868,8 @@ module Aws::GuardDuty
|
|
|
753
868
|
req.send_request(options)
|
|
754
869
|
end
|
|
755
870
|
|
|
756
|
-
# Declines invitations sent to the current member account by AWS
|
|
757
|
-
# specified by their account IDs.
|
|
871
|
+
# Declines invitations sent to the current member account by AWS
|
|
872
|
+
# accounts specified by their account IDs.
|
|
758
873
|
#
|
|
759
874
|
# @option params [required, Array<String>] :account_ids
|
|
760
875
|
# A list of account IDs of the AWS accounts that sent invitations to the
|
|
@@ -785,7 +900,8 @@ module Aws::GuardDuty
|
|
|
785
900
|
req.send_request(options)
|
|
786
901
|
end
|
|
787
902
|
|
|
788
|
-
# Deletes
|
|
903
|
+
# Deletes an Amazon GuardDuty detector that is specified by the detector
|
|
904
|
+
# ID.
|
|
789
905
|
#
|
|
790
906
|
# @option params [required, String] :detector_id
|
|
791
907
|
# The unique ID of the detector that you want to delete.
|
|
@@ -810,10 +926,10 @@ module Aws::GuardDuty
|
|
|
810
926
|
# Deletes the filter specified by the filter name.
|
|
811
927
|
#
|
|
812
928
|
# @option params [required, String] :detector_id
|
|
813
|
-
# The unique ID of the detector the filter is associated with.
|
|
929
|
+
# The unique ID of the detector that the filter is associated with.
|
|
814
930
|
#
|
|
815
931
|
# @option params [required, String] :filter_name
|
|
816
|
-
# The name of the filter you want to delete.
|
|
932
|
+
# The name of the filter that you want to delete.
|
|
817
933
|
#
|
|
818
934
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
819
935
|
#
|
|
@@ -834,7 +950,7 @@ module Aws::GuardDuty
|
|
|
834
950
|
end
|
|
835
951
|
|
|
836
952
|
# Deletes the IPSet specified by the `ipSetId`. IPSets are called
|
|
837
|
-
#
|
|
953
|
+
# trusted IP lists in the console user interface.
|
|
838
954
|
#
|
|
839
955
|
# @option params [required, String] :detector_id
|
|
840
956
|
# The unique ID of the detector associated with the IPSet.
|
|
@@ -956,13 +1072,14 @@ module Aws::GuardDuty
|
|
|
956
1072
|
req.send_request(options)
|
|
957
1073
|
end
|
|
958
1074
|
|
|
959
|
-
# Deletes ThreatIntelSet specified by the ThreatIntelSet ID.
|
|
1075
|
+
# Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
|
|
960
1076
|
#
|
|
961
1077
|
# @option params [required, String] :detector_id
|
|
962
|
-
# The unique ID of the detector the threatIntelSet is associated
|
|
1078
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
|
1079
|
+
# with.
|
|
963
1080
|
#
|
|
964
1081
|
# @option params [required, String] :threat_intel_set_id
|
|
965
|
-
# The unique ID of the threatIntelSet you want to delete.
|
|
1082
|
+
# The unique ID of the threatIntelSet that you want to delete.
|
|
966
1083
|
#
|
|
967
1084
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
968
1085
|
#
|
|
@@ -982,6 +1099,38 @@ module Aws::GuardDuty
|
|
|
982
1099
|
req.send_request(options)
|
|
983
1100
|
end
|
|
984
1101
|
|
|
1102
|
+
# Returns information about the account selected as the delegated
|
|
1103
|
+
# administrator for GuardDuty.
|
|
1104
|
+
#
|
|
1105
|
+
# @option params [required, String] :detector_id
|
|
1106
|
+
# The ID of the detector to retrieve information about the delegated
|
|
1107
|
+
# administrator from.
|
|
1108
|
+
#
|
|
1109
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1110
|
+
#
|
|
1111
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
1112
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
1113
|
+
#
|
|
1114
|
+
# @example Request syntax with placeholder values
|
|
1115
|
+
#
|
|
1116
|
+
# resp = client.describe_organization_configuration({
|
|
1117
|
+
# detector_id: "DetectorId", # required
|
|
1118
|
+
# })
|
|
1119
|
+
#
|
|
1120
|
+
# @example Response structure
|
|
1121
|
+
#
|
|
1122
|
+
# resp.auto_enable #=> Boolean
|
|
1123
|
+
# resp.member_account_limit_reached #=> Boolean
|
|
1124
|
+
#
|
|
1125
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1126
|
+
#
|
|
1127
|
+
# @overload describe_organization_configuration(params = {})
|
|
1128
|
+
# @param [Hash] params ({})
|
|
1129
|
+
def describe_organization_configuration(params = {}, options = {})
|
|
1130
|
+
req = build_request(:describe_organization_configuration, params)
|
|
1131
|
+
req.send_request(options)
|
|
1132
|
+
end
|
|
1133
|
+
|
|
985
1134
|
# Returns information about the publishing destination specified by the
|
|
986
1135
|
# provided `destinationId`.
|
|
987
1136
|
#
|
|
@@ -1025,6 +1174,30 @@ module Aws::GuardDuty
|
|
|
1025
1174
|
req.send_request(options)
|
|
1026
1175
|
end
|
|
1027
1176
|
|
|
1177
|
+
# Disables an AWS account within the Organization as the GuardDuty
|
|
1178
|
+
# delegated administrator.
|
|
1179
|
+
#
|
|
1180
|
+
# @option params [required, String] :admin_account_id
|
|
1181
|
+
# The AWS Account ID for the organizations account to be disabled as a
|
|
1182
|
+
# GuardDuty delegated administrator.
|
|
1183
|
+
#
|
|
1184
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1185
|
+
#
|
|
1186
|
+
# @example Request syntax with placeholder values
|
|
1187
|
+
#
|
|
1188
|
+
# resp = client.disable_organization_admin_account({
|
|
1189
|
+
# admin_account_id: "String", # required
|
|
1190
|
+
# })
|
|
1191
|
+
#
|
|
1192
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisableOrganizationAdminAccount AWS API Documentation
|
|
1193
|
+
#
|
|
1194
|
+
# @overload disable_organization_admin_account(params = {})
|
|
1195
|
+
# @param [Hash] params ({})
|
|
1196
|
+
def disable_organization_admin_account(params = {}, options = {})
|
|
1197
|
+
req = build_request(:disable_organization_admin_account, params)
|
|
1198
|
+
req.send_request(options)
|
|
1199
|
+
end
|
|
1200
|
+
|
|
1028
1201
|
# Disassociates the current GuardDuty member account from its master
|
|
1029
1202
|
# account.
|
|
1030
1203
|
#
|
|
@@ -1053,11 +1226,11 @@ module Aws::GuardDuty
|
|
|
1053
1226
|
#
|
|
1054
1227
|
# @option params [required, String] :detector_id
|
|
1055
1228
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1056
|
-
# you want to disassociate from master.
|
|
1229
|
+
# you want to disassociate from the master account.
|
|
1057
1230
|
#
|
|
1058
1231
|
# @option params [required, Array<String>] :account_ids
|
|
1059
1232
|
# A list of account IDs of the GuardDuty member accounts that you want
|
|
1060
|
-
# to disassociate from master.
|
|
1233
|
+
# to disassociate from the master account.
|
|
1061
1234
|
#
|
|
1062
1235
|
# @return [Types::DisassociateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1063
1236
|
#
|
|
@@ -1085,6 +1258,30 @@ module Aws::GuardDuty
|
|
|
1085
1258
|
req.send_request(options)
|
|
1086
1259
|
end
|
|
1087
1260
|
|
|
1261
|
+
# Enables an AWS account within the organization as the GuardDuty
|
|
1262
|
+
# delegated administrator.
|
|
1263
|
+
#
|
|
1264
|
+
# @option params [required, String] :admin_account_id
|
|
1265
|
+
# The AWS Account ID for the organization account to be enabled as a
|
|
1266
|
+
# GuardDuty delegated administrator.
|
|
1267
|
+
#
|
|
1268
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1269
|
+
#
|
|
1270
|
+
# @example Request syntax with placeholder values
|
|
1271
|
+
#
|
|
1272
|
+
# resp = client.enable_organization_admin_account({
|
|
1273
|
+
# admin_account_id: "String", # required
|
|
1274
|
+
# })
|
|
1275
|
+
#
|
|
1276
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EnableOrganizationAdminAccount AWS API Documentation
|
|
1277
|
+
#
|
|
1278
|
+
# @overload enable_organization_admin_account(params = {})
|
|
1279
|
+
# @param [Hash] params ({})
|
|
1280
|
+
def enable_organization_admin_account(params = {}, options = {})
|
|
1281
|
+
req = build_request(:enable_organization_admin_account, params)
|
|
1282
|
+
req.send_request(options)
|
|
1283
|
+
end
|
|
1284
|
+
|
|
1088
1285
|
# Retrieves an Amazon GuardDuty detector specified by the detectorId.
|
|
1089
1286
|
#
|
|
1090
1287
|
# @option params [required, String] :detector_id
|
|
@@ -1127,7 +1324,7 @@ module Aws::GuardDuty
|
|
|
1127
1324
|
# Returns the details of the filter specified by the filter name.
|
|
1128
1325
|
#
|
|
1129
1326
|
# @option params [required, String] :detector_id
|
|
1130
|
-
# The unique ID of the detector the filter is associated with.
|
|
1327
|
+
# The unique ID of the detector that the filter is associated with.
|
|
1131
1328
|
#
|
|
1132
1329
|
# @option params [required, String] :filter_name
|
|
1133
1330
|
# The name of the filter you want to get.
|
|
@@ -1190,7 +1387,7 @@ module Aws::GuardDuty
|
|
|
1190
1387
|
# findings you want to retrieve.
|
|
1191
1388
|
#
|
|
1192
1389
|
# @option params [required, Array<String>] :finding_ids
|
|
1193
|
-
# IDs of the findings that you want to retrieve.
|
|
1390
|
+
# The IDs of the findings that you want to retrieve.
|
|
1194
1391
|
#
|
|
1195
1392
|
# @option params [Types::SortCriteria] :sort_criteria
|
|
1196
1393
|
# Represents the criteria used for sorting findings.
|
|
@@ -1335,18 +1532,18 @@ module Aws::GuardDuty
|
|
|
1335
1532
|
req.send_request(options)
|
|
1336
1533
|
end
|
|
1337
1534
|
|
|
1338
|
-
# Lists Amazon GuardDuty findings
|
|
1339
|
-
#
|
|
1535
|
+
# Lists Amazon GuardDuty findings statistics for the specified detector
|
|
1536
|
+
# ID.
|
|
1340
1537
|
#
|
|
1341
1538
|
# @option params [required, String] :detector_id
|
|
1342
1539
|
# The ID of the detector that specifies the GuardDuty service whose
|
|
1343
1540
|
# findings' statistics you want to retrieve.
|
|
1344
1541
|
#
|
|
1345
1542
|
# @option params [required, Array<String>] :finding_statistic_types
|
|
1346
|
-
#
|
|
1543
|
+
# The types of finding statistics to retrieve.
|
|
1347
1544
|
#
|
|
1348
1545
|
# @option params [Types::FindingCriteria] :finding_criteria
|
|
1349
|
-
# Represents the criteria used for querying findings.
|
|
1546
|
+
# Represents the criteria that is used for querying findings.
|
|
1350
1547
|
#
|
|
1351
1548
|
# @return [Types::GetFindingsStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1352
1549
|
#
|
|
@@ -1394,7 +1591,7 @@ module Aws::GuardDuty
|
|
|
1394
1591
|
# Retrieves the IPSet specified by the `ipSetId`.
|
|
1395
1592
|
#
|
|
1396
1593
|
# @option params [required, String] :detector_id
|
|
1397
|
-
# The unique ID of the detector the
|
|
1594
|
+
# The unique ID of the detector that the IPSet is associated with.
|
|
1398
1595
|
#
|
|
1399
1596
|
# @option params [required, String] :ip_set_id
|
|
1400
1597
|
# The unique ID of the IPSet to retrieve.
|
|
@@ -1535,10 +1732,11 @@ module Aws::GuardDuty
|
|
|
1535
1732
|
# ID.
|
|
1536
1733
|
#
|
|
1537
1734
|
# @option params [required, String] :detector_id
|
|
1538
|
-
# The unique ID of the detector the threatIntelSet is associated
|
|
1735
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
|
1736
|
+
# with.
|
|
1539
1737
|
#
|
|
1540
1738
|
# @option params [required, String] :threat_intel_set_id
|
|
1541
|
-
# The unique ID of the threatIntelSet you want to get.
|
|
1739
|
+
# The unique ID of the threatIntelSet that you want to get.
|
|
1542
1740
|
#
|
|
1543
1741
|
# @return [Types::GetThreatIntelSetResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1544
1742
|
#
|
|
@@ -1574,20 +1772,20 @@ module Aws::GuardDuty
|
|
|
1574
1772
|
end
|
|
1575
1773
|
|
|
1576
1774
|
# Invites other AWS accounts (created as members of the current AWS
|
|
1577
|
-
# account by CreateMembers) to enable GuardDuty and allow the current
|
|
1775
|
+
# account by CreateMembers) to enable GuardDuty, and allow the current
|
|
1578
1776
|
# AWS account to view and manage these accounts' GuardDuty findings on
|
|
1579
1777
|
# their behalf as the master account.
|
|
1580
1778
|
#
|
|
1581
1779
|
# @option params [required, String] :detector_id
|
|
1582
|
-
# The unique ID of the detector of the GuardDuty account
|
|
1583
|
-
#
|
|
1780
|
+
# The unique ID of the detector of the GuardDuty account that you want
|
|
1781
|
+
# to invite members with.
|
|
1584
1782
|
#
|
|
1585
1783
|
# @option params [required, Array<String>] :account_ids
|
|
1586
1784
|
# A list of account IDs of the accounts that you want to invite to
|
|
1587
1785
|
# GuardDuty as members.
|
|
1588
1786
|
#
|
|
1589
1787
|
# @option params [Boolean] :disable_email_notification
|
|
1590
|
-
# A
|
|
1788
|
+
# A Boolean value that specifies whether you want to disable email
|
|
1591
1789
|
# notification to the accounts that you’re inviting to GuardDuty as
|
|
1592
1790
|
# members.
|
|
1593
1791
|
#
|
|
@@ -1627,14 +1825,14 @@ module Aws::GuardDuty
|
|
|
1627
1825
|
# resources.
|
|
1628
1826
|
#
|
|
1629
1827
|
# @option params [Integer] :max_results
|
|
1630
|
-
# You can use this parameter to indicate the maximum number of items
|
|
1631
|
-
# want in the response. The default value is 50. The maximum
|
|
1632
|
-
# 50.
|
|
1828
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1829
|
+
# that you want in the response. The default value is 50. The maximum
|
|
1830
|
+
# value is 50.
|
|
1633
1831
|
#
|
|
1634
1832
|
# @option params [String] :next_token
|
|
1635
1833
|
# You can use this parameter when paginating results. Set the value of
|
|
1636
1834
|
# this parameter to null on your first call to the list action. For
|
|
1637
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
1835
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1638
1836
|
# value of NextToken from the previous response to continue listing
|
|
1639
1837
|
# data.
|
|
1640
1838
|
#
|
|
@@ -1643,6 +1841,8 @@ module Aws::GuardDuty
|
|
|
1643
1841
|
# * {Types::ListDetectorsResponse#detector_ids #detector_ids} => Array<String>
|
|
1644
1842
|
# * {Types::ListDetectorsResponse#next_token #next_token} => String
|
|
1645
1843
|
#
|
|
1844
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1845
|
+
#
|
|
1646
1846
|
# @example Request syntax with placeholder values
|
|
1647
1847
|
#
|
|
1648
1848
|
# resp = client.list_detectors({
|
|
@@ -1668,17 +1868,17 @@ module Aws::GuardDuty
|
|
|
1668
1868
|
# Returns a paginated list of the current filters.
|
|
1669
1869
|
#
|
|
1670
1870
|
# @option params [required, String] :detector_id
|
|
1671
|
-
# The unique ID of the detector the filter is associated with.
|
|
1871
|
+
# The unique ID of the detector that the filter is associated with.
|
|
1672
1872
|
#
|
|
1673
1873
|
# @option params [Integer] :max_results
|
|
1674
|
-
# You can use this parameter to indicate the maximum number of items
|
|
1675
|
-
# want in the response. The default value is 50. The maximum
|
|
1676
|
-
# 50.
|
|
1874
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1875
|
+
# that you want in the response. The default value is 50. The maximum
|
|
1876
|
+
# value is 50.
|
|
1677
1877
|
#
|
|
1678
1878
|
# @option params [String] :next_token
|
|
1679
1879
|
# You can use this parameter when paginating results. Set the value of
|
|
1680
1880
|
# this parameter to null on your first call to the list action. For
|
|
1681
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
1881
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1682
1882
|
# value of NextToken from the previous response to continue listing
|
|
1683
1883
|
# data.
|
|
1684
1884
|
#
|
|
@@ -1687,6 +1887,8 @@ module Aws::GuardDuty
|
|
|
1687
1887
|
# * {Types::ListFiltersResponse#filter_names #filter_names} => Array<String>
|
|
1688
1888
|
# * {Types::ListFiltersResponse#next_token #next_token} => String
|
|
1689
1889
|
#
|
|
1890
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1891
|
+
#
|
|
1690
1892
|
# @example Request syntax with placeholder values
|
|
1691
1893
|
#
|
|
1692
1894
|
# resp = client.list_filters({
|
|
@@ -1840,7 +2042,7 @@ module Aws::GuardDuty
|
|
|
1840
2042
|
# @option params [String] :next_token
|
|
1841
2043
|
# You can use this parameter when paginating results. Set the value of
|
|
1842
2044
|
# this parameter to null on your first call to the list action. For
|
|
1843
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
2045
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1844
2046
|
# value of NextToken from the previous response to continue listing
|
|
1845
2047
|
# data.
|
|
1846
2048
|
#
|
|
@@ -1849,6 +2051,8 @@ module Aws::GuardDuty
|
|
|
1849
2051
|
# * {Types::ListFindingsResponse#finding_ids #finding_ids} => Array<String>
|
|
1850
2052
|
# * {Types::ListFindingsResponse#next_token #next_token} => String
|
|
1851
2053
|
#
|
|
2054
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2055
|
+
#
|
|
1852
2056
|
# @example Request syntax with placeholder values
|
|
1853
2057
|
#
|
|
1854
2058
|
# resp = client.list_findings({
|
|
@@ -1899,7 +2103,7 @@ module Aws::GuardDuty
|
|
|
1899
2103
|
# returned are the IPSets from the associated master account.
|
|
1900
2104
|
#
|
|
1901
2105
|
# @option params [required, String] :detector_id
|
|
1902
|
-
# The unique ID of the detector the
|
|
2106
|
+
# The unique ID of the detector that the IPSet is associated with.
|
|
1903
2107
|
#
|
|
1904
2108
|
# @option params [Integer] :max_results
|
|
1905
2109
|
# You can use this parameter to indicate the maximum number of items you
|
|
@@ -1909,7 +2113,7 @@ module Aws::GuardDuty
|
|
|
1909
2113
|
# @option params [String] :next_token
|
|
1910
2114
|
# You can use this parameter when paginating results. Set the value of
|
|
1911
2115
|
# this parameter to null on your first call to the list action. For
|
|
1912
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
2116
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1913
2117
|
# value of NextToken from the previous response to continue listing
|
|
1914
2118
|
# data.
|
|
1915
2119
|
#
|
|
@@ -1918,6 +2122,8 @@ module Aws::GuardDuty
|
|
|
1918
2122
|
# * {Types::ListIPSetsResponse#ip_set_ids #ip_set_ids} => Array<String>
|
|
1919
2123
|
# * {Types::ListIPSetsResponse#next_token #next_token} => String
|
|
1920
2124
|
#
|
|
2125
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2126
|
+
#
|
|
1921
2127
|
# @example Request syntax with placeholder values
|
|
1922
2128
|
#
|
|
1923
2129
|
# resp = client.list_ip_sets({
|
|
@@ -1945,14 +2151,14 @@ module Aws::GuardDuty
|
|
|
1945
2151
|
# current AWS account.
|
|
1946
2152
|
#
|
|
1947
2153
|
# @option params [Integer] :max_results
|
|
1948
|
-
# You can use this parameter to indicate the maximum number of items
|
|
1949
|
-
# want in the response. The default value is 50. The maximum
|
|
1950
|
-
# 50.
|
|
2154
|
+
# You can use this parameter to indicate the maximum number of items
|
|
2155
|
+
# that you want in the response. The default value is 50. The maximum
|
|
2156
|
+
# value is 50.
|
|
1951
2157
|
#
|
|
1952
2158
|
# @option params [String] :next_token
|
|
1953
2159
|
# You can use this parameter when paginating results. Set the value of
|
|
1954
2160
|
# this parameter to null on your first call to the list action. For
|
|
1955
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
2161
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1956
2162
|
# value of NextToken from the previous response to continue listing
|
|
1957
2163
|
# data.
|
|
1958
2164
|
#
|
|
@@ -1961,6 +2167,8 @@ module Aws::GuardDuty
|
|
|
1961
2167
|
# * {Types::ListInvitationsResponse#invitations #invitations} => Array<Types::Invitation>
|
|
1962
2168
|
# * {Types::ListInvitationsResponse#next_token #next_token} => String
|
|
1963
2169
|
#
|
|
2170
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2171
|
+
#
|
|
1964
2172
|
# @example Request syntax with placeholder values
|
|
1965
2173
|
#
|
|
1966
2174
|
# resp = client.list_invitations({
|
|
@@ -1986,8 +2194,8 @@ module Aws::GuardDuty
|
|
|
1986
2194
|
req.send_request(options)
|
|
1987
2195
|
end
|
|
1988
2196
|
|
|
1989
|
-
# Lists details about
|
|
1990
|
-
# master account.
|
|
2197
|
+
# Lists details about associated member accounts for the current
|
|
2198
|
+
# GuardDuty master account.
|
|
1991
2199
|
#
|
|
1992
2200
|
# @option params [required, String] :detector_id
|
|
1993
2201
|
# The unique ID of the detector the member is associated with.
|
|
@@ -2000,20 +2208,24 @@ module Aws::GuardDuty
|
|
|
2000
2208
|
# @option params [String] :next_token
|
|
2001
2209
|
# You can use this parameter when paginating results. Set the value of
|
|
2002
2210
|
# this parameter to null on your first call to the list action. For
|
|
2003
|
-
# subsequent calls to the action fill nextToken in the request with the
|
|
2211
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
2004
2212
|
# value of NextToken from the previous response to continue listing
|
|
2005
2213
|
# data.
|
|
2006
2214
|
#
|
|
2007
2215
|
# @option params [String] :only_associated
|
|
2008
|
-
# Specifies
|
|
2009
|
-
#
|
|
2010
|
-
#
|
|
2216
|
+
# Specifies what member accounts the response includes based on their
|
|
2217
|
+
# relationship status with the master account. The default value is
|
|
2218
|
+
# "true". If set to "false" the response includes all existing
|
|
2219
|
+
# member accounts (including members who haven't been invited yet or
|
|
2220
|
+
# have been disassociated).
|
|
2011
2221
|
#
|
|
2012
2222
|
# @return [Types::ListMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2013
2223
|
#
|
|
2014
2224
|
# * {Types::ListMembersResponse#members #members} => Array<Types::Member>
|
|
2015
2225
|
# * {Types::ListMembersResponse#next_token #next_token} => String
|
|
2016
2226
|
#
|
|
2227
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2228
|
+
#
|
|
2017
2229
|
# @example Request syntax with placeholder values
|
|
2018
2230
|
#
|
|
2019
2231
|
# resp = client.list_members({
|
|
@@ -2044,6 +2256,48 @@ module Aws::GuardDuty
|
|
|
2044
2256
|
req.send_request(options)
|
|
2045
2257
|
end
|
|
2046
2258
|
|
|
2259
|
+
# Lists the accounts configured as GuardDuty delegated administrators.
|
|
2260
|
+
#
|
|
2261
|
+
# @option params [Integer] :max_results
|
|
2262
|
+
# The maximum number of results to return in the response.
|
|
2263
|
+
#
|
|
2264
|
+
# @option params [String] :next_token
|
|
2265
|
+
# A token to use for paginating results that are returned in the
|
|
2266
|
+
# response. Set the value of this parameter to null for the first
|
|
2267
|
+
# request to a list action. For subsequent calls, use the `NextToken`
|
|
2268
|
+
# value returned from the previous request to continue listing results
|
|
2269
|
+
# after the first page.
|
|
2270
|
+
#
|
|
2271
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2272
|
+
#
|
|
2273
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
|
2274
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
|
2275
|
+
#
|
|
2276
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2277
|
+
#
|
|
2278
|
+
# @example Request syntax with placeholder values
|
|
2279
|
+
#
|
|
2280
|
+
# resp = client.list_organization_admin_accounts({
|
|
2281
|
+
# max_results: 1,
|
|
2282
|
+
# next_token: "String",
|
|
2283
|
+
# })
|
|
2284
|
+
#
|
|
2285
|
+
# @example Response structure
|
|
2286
|
+
#
|
|
2287
|
+
# resp.admin_accounts #=> Array
|
|
2288
|
+
# resp.admin_accounts[0].admin_account_id #=> String
|
|
2289
|
+
# resp.admin_accounts[0].admin_status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
|
2290
|
+
# resp.next_token #=> String
|
|
2291
|
+
#
|
|
2292
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListOrganizationAdminAccounts AWS API Documentation
|
|
2293
|
+
#
|
|
2294
|
+
# @overload list_organization_admin_accounts(params = {})
|
|
2295
|
+
# @param [Hash] params ({})
|
|
2296
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
|
2297
|
+
req = build_request(:list_organization_admin_accounts, params)
|
|
2298
|
+
req.send_request(options)
|
|
2299
|
+
end
|
|
2300
|
+
|
|
2047
2301
|
# Returns a list of publishing destinations associated with the
|
|
2048
2302
|
# specified `dectectorId`.
|
|
2049
2303
|
#
|
|
@@ -2054,16 +2308,19 @@ module Aws::GuardDuty
|
|
|
2054
2308
|
# The maximum number of results to return in the response.
|
|
2055
2309
|
#
|
|
2056
2310
|
# @option params [String] :next_token
|
|
2057
|
-
# A token to use for paginating results returned in the
|
|
2058
|
-
# the value of this parameter to null for the first
|
|
2059
|
-
# action. For subsequent calls, use the `NextToken`
|
|
2060
|
-
# the previous request to continue listing results
|
|
2311
|
+
# A token to use for paginating results that are returned in the
|
|
2312
|
+
# response. Set the value of this parameter to null for the first
|
|
2313
|
+
# request to a list action. For subsequent calls, use the `NextToken`
|
|
2314
|
+
# value returned from the previous request to continue listing results
|
|
2315
|
+
# after the first page.
|
|
2061
2316
|
#
|
|
2062
2317
|
# @return [Types::ListPublishingDestinationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2063
2318
|
#
|
|
2064
2319
|
# * {Types::ListPublishingDestinationsResponse#destinations #destinations} => Array<Types::Destination>
|
|
2065
2320
|
# * {Types::ListPublishingDestinationsResponse#next_token #next_token} => String
|
|
2066
2321
|
#
|
|
2322
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2323
|
+
#
|
|
2067
2324
|
# @example Request syntax with placeholder values
|
|
2068
2325
|
#
|
|
2069
2326
|
# resp = client.list_publishing_destinations({
|
|
@@ -2090,12 +2347,12 @@ module Aws::GuardDuty
|
|
|
2090
2347
|
end
|
|
2091
2348
|
|
|
2092
2349
|
# Lists tags for a resource. Tagging is currently supported for
|
|
2093
|
-
# detectors, finding filters, IP sets, and
|
|
2350
|
+
# detectors, finding filters, IP sets, and threat intel sets, with a
|
|
2094
2351
|
# limit of 50 tags per resource. When invoked, this operation returns
|
|
2095
|
-
# all assigned tags for a given resource
|
|
2352
|
+
# all assigned tags for a given resource.
|
|
2096
2353
|
#
|
|
2097
2354
|
# @option params [required, String] :resource_arn
|
|
2098
|
-
# The Amazon Resource Name (ARN) for the given GuardDuty resource
|
|
2355
|
+
# The Amazon Resource Name (ARN) for the given GuardDuty resource.
|
|
2099
2356
|
#
|
|
2100
2357
|
# @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2101
2358
|
#
|
|
@@ -2126,17 +2383,18 @@ module Aws::GuardDuty
|
|
|
2126
2383
|
# ThreatIntelSets associated with the master account are returned.
|
|
2127
2384
|
#
|
|
2128
2385
|
# @option params [required, String] :detector_id
|
|
2129
|
-
# The unique ID of the detector the threatIntelSet is associated
|
|
2386
|
+
# The unique ID of the detector that the threatIntelSet is associated
|
|
2387
|
+
# with.
|
|
2130
2388
|
#
|
|
2131
2389
|
# @option params [Integer] :max_results
|
|
2132
|
-
# You can use this parameter to indicate the maximum number of items
|
|
2133
|
-
# want in the response. The default value is 50. The maximum
|
|
2134
|
-
# 50.
|
|
2390
|
+
# You can use this parameter to indicate the maximum number of items
|
|
2391
|
+
# that you want in the response. The default value is 50. The maximum
|
|
2392
|
+
# value is 50.
|
|
2135
2393
|
#
|
|
2136
2394
|
# @option params [String] :next_token
|
|
2137
2395
|
# You can use this parameter to paginate results in the response. Set
|
|
2138
2396
|
# the value of this parameter to null on your first call to the list
|
|
2139
|
-
# action. For subsequent calls to the action fill nextToken in the
|
|
2397
|
+
# action. For subsequent calls to the action, fill nextToken in the
|
|
2140
2398
|
# request with the value of NextToken from the previous response to
|
|
2141
2399
|
# continue listing data.
|
|
2142
2400
|
#
|
|
@@ -2145,6 +2403,8 @@ module Aws::GuardDuty
|
|
|
2145
2403
|
# * {Types::ListThreatIntelSetsResponse#threat_intel_set_ids #threat_intel_set_ids} => Array<String>
|
|
2146
2404
|
# * {Types::ListThreatIntelSetsResponse#next_token #next_token} => String
|
|
2147
2405
|
#
|
|
2406
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2407
|
+
#
|
|
2148
2408
|
# @example Request syntax with placeholder values
|
|
2149
2409
|
#
|
|
2150
2410
|
# resp = client.list_threat_intel_sets({
|
|
@@ -2206,16 +2466,16 @@ module Aws::GuardDuty
|
|
|
2206
2466
|
req.send_request(options)
|
|
2207
2467
|
end
|
|
2208
2468
|
|
|
2209
|
-
# Stops GuardDuty monitoring for the specified member
|
|
2210
|
-
# `StartMonitoringMembers` to restart monitoring for those
|
|
2469
|
+
# Stops GuardDuty monitoring for the specified member accounts. Use the
|
|
2470
|
+
# `StartMonitoringMembers` operation to restart monitoring for those
|
|
2471
|
+
# accounts.
|
|
2211
2472
|
#
|
|
2212
2473
|
# @option params [required, String] :detector_id
|
|
2213
|
-
# The unique ID of the detector
|
|
2214
|
-
#
|
|
2474
|
+
# The unique ID of the detector associated with the GuardDuty master
|
|
2475
|
+
# account that is monitoring member accounts.
|
|
2215
2476
|
#
|
|
2216
2477
|
# @option params [required, Array<String>] :account_ids
|
|
2217
|
-
# A list of account IDs
|
|
2218
|
-
# you want the master account to stop monitoring.
|
|
2478
|
+
# A list of account IDs for the member accounts to stop monitoring.
|
|
2219
2479
|
#
|
|
2220
2480
|
# @return [Types::StopMonitoringMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2221
2481
|
#
|
|
@@ -2278,7 +2538,7 @@ module Aws::GuardDuty
|
|
|
2278
2538
|
# The ID of the detector associated with the findings to unarchive.
|
|
2279
2539
|
#
|
|
2280
2540
|
# @option params [required, Array<String>] :finding_ids
|
|
2281
|
-
# IDs of the findings to unarchive.
|
|
2541
|
+
# The IDs of the findings to unarchive.
|
|
2282
2542
|
#
|
|
2283
2543
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
2284
2544
|
#
|
|
@@ -2333,8 +2593,8 @@ module Aws::GuardDuty
|
|
|
2333
2593
|
# Specifies whether the detector is enabled or not enabled.
|
|
2334
2594
|
#
|
|
2335
2595
|
# @option params [String] :finding_publishing_frequency
|
|
2336
|
-
#
|
|
2337
|
-
# as to CloudWatch Events.
|
|
2596
|
+
# An enum value that specifies how frequently findings are exported,
|
|
2597
|
+
# such as to CloudWatch Events.
|
|
2338
2598
|
#
|
|
2339
2599
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
2340
2600
|
#
|
|
@@ -2432,7 +2692,7 @@ module Aws::GuardDuty
|
|
|
2432
2692
|
# for.
|
|
2433
2693
|
#
|
|
2434
2694
|
# @option params [required, Array<String>] :finding_ids
|
|
2435
|
-
# IDs of the findings that you want to mark as useful or not useful.
|
|
2695
|
+
# The IDs of the findings that you want to mark as useful or not useful.
|
|
2436
2696
|
#
|
|
2437
2697
|
# @option params [required, String] :feedback
|
|
2438
2698
|
# The feedback for the finding.
|
|
@@ -2473,11 +2733,10 @@ module Aws::GuardDuty
|
|
|
2473
2733
|
# The unique ID that specifies the IPSet that you want to update.
|
|
2474
2734
|
#
|
|
2475
2735
|
# @option params [String] :location
|
|
2476
|
-
# The updated URI of the file that contains the IPSet.
|
|
2477
|
-
# (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).
|
|
2736
|
+
# The updated URI of the file that contains the IPSet.
|
|
2478
2737
|
#
|
|
2479
2738
|
# @option params [Boolean] :activate
|
|
2480
|
-
# The updated
|
|
2739
|
+
# The updated Boolean value that specifies whether the IPSet is active
|
|
2481
2740
|
# or not.
|
|
2482
2741
|
#
|
|
2483
2742
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
@@ -2501,16 +2760,43 @@ module Aws::GuardDuty
|
|
|
2501
2760
|
req.send_request(options)
|
|
2502
2761
|
end
|
|
2503
2762
|
|
|
2763
|
+
# Updates the delegated administrator account with the values provided.
|
|
2764
|
+
#
|
|
2765
|
+
# @option params [required, String] :detector_id
|
|
2766
|
+
# The ID of the detector to update the delegated administrator for.
|
|
2767
|
+
#
|
|
2768
|
+
# @option params [required, Boolean] :auto_enable
|
|
2769
|
+
# Indicates whether to automatically enable member accounts in the
|
|
2770
|
+
# organization.
|
|
2771
|
+
#
|
|
2772
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
2773
|
+
#
|
|
2774
|
+
# @example Request syntax with placeholder values
|
|
2775
|
+
#
|
|
2776
|
+
# resp = client.update_organization_configuration({
|
|
2777
|
+
# detector_id: "DetectorId", # required
|
|
2778
|
+
# auto_enable: false, # required
|
|
2779
|
+
# })
|
|
2780
|
+
#
|
|
2781
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
|
2782
|
+
#
|
|
2783
|
+
# @overload update_organization_configuration(params = {})
|
|
2784
|
+
# @param [Hash] params ({})
|
|
2785
|
+
def update_organization_configuration(params = {}, options = {})
|
|
2786
|
+
req = build_request(:update_organization_configuration, params)
|
|
2787
|
+
req.send_request(options)
|
|
2788
|
+
end
|
|
2789
|
+
|
|
2504
2790
|
# Updates information about the publishing destination specified by the
|
|
2505
2791
|
# `destinationId`.
|
|
2506
2792
|
#
|
|
2507
2793
|
# @option params [required, String] :detector_id
|
|
2508
|
-
# The ID of the
|
|
2509
|
-
#
|
|
2510
|
-
# @option params [required, String] :destination_id
|
|
2511
2794
|
# The ID of the detector associated with the publishing destinations to
|
|
2512
2795
|
# update.
|
|
2513
2796
|
#
|
|
2797
|
+
# @option params [required, String] :destination_id
|
|
2798
|
+
# The ID of the publishing destination to update.
|
|
2799
|
+
#
|
|
2514
2800
|
# @option params [Types::DestinationProperties] :destination_properties
|
|
2515
2801
|
# A `DestinationProperties` object that includes the `DestinationArn`
|
|
2516
2802
|
# and `KmsKeyArn` of the publishing destination.
|
|
@@ -2537,7 +2823,7 @@ module Aws::GuardDuty
|
|
|
2537
2823
|
req.send_request(options)
|
|
2538
2824
|
end
|
|
2539
2825
|
|
|
2540
|
-
# Updates the ThreatIntelSet specified by ThreatIntelSet ID.
|
|
2826
|
+
# Updates the ThreatIntelSet specified by the ThreatIntelSet ID.
|
|
2541
2827
|
#
|
|
2542
2828
|
# @option params [required, String] :detector_id
|
|
2543
2829
|
# The detectorID that specifies the GuardDuty service whose
|
|
@@ -2552,11 +2838,10 @@ module Aws::GuardDuty
|
|
|
2552
2838
|
# update.
|
|
2553
2839
|
#
|
|
2554
2840
|
# @option params [String] :location
|
|
2555
|
-
# The updated URI of the file that contains the ThreateIntelSet.
|
|
2556
|
-
# example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)
|
|
2841
|
+
# The updated URI of the file that contains the ThreateIntelSet.
|
|
2557
2842
|
#
|
|
2558
2843
|
# @option params [Boolean] :activate
|
|
2559
|
-
# The updated
|
|
2844
|
+
# The updated Boolean value that specifies whether the ThreateIntelSet
|
|
2560
2845
|
# is active or not.
|
|
2561
2846
|
#
|
|
2562
2847
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
@@ -2593,7 +2878,7 @@ module Aws::GuardDuty
|
|
|
2593
2878
|
params: params,
|
|
2594
2879
|
config: config)
|
|
2595
2880
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
2596
|
-
context[:gem_version] = '1.
|
|
2881
|
+
context[:gem_version] = '1.33.0'
|
|
2597
2882
|
Seahorse::Client::Request.new(handlers, context)
|
|
2598
2883
|
end
|
|
2599
2884
|
|