aws-sdk-guardduty 1.30.0 → 1.35.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/lib/aws-sdk-guardduty/client.rb +43 -18
- data/lib/aws-sdk-guardduty/client_api.rb +62 -0
- data/lib/aws-sdk-guardduty/types.rb +259 -7
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8eff2859a16e01960d8fc96ff79bf0708654a4acffef3d614779f67ace8524c1
|
4
|
+
data.tar.gz: '039e5deba9bc98a62e2cb6cc1b8d05a11c66ef33e78802aa5adf3b011e8ee5ad'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6695fe0941cefc0c9d86d00cb21c8bc46922ec959be36a4e9e6397f8a959fc31e37e55c688f580208f2dfe677de4a7bb42a7e3ce6f7da31201d14765a5975dfb
|
7
|
+
data.tar.gz: 583b6e76f3182210ec1e6d7243a8a87138a5a07e7992aab97c6755453ff371063c28d6966a5dfa49afa9d123717c2f44523299ead6a4c63786020e062c001ce2
|
data/lib/aws-sdk-guardduty.rb
CHANGED
@@ -24,6 +24,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
24
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
25
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
26
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
27
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
28
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
29
|
require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
29
30
|
|
@@ -69,6 +70,7 @@ module Aws::GuardDuty
|
|
69
70
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
71
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
72
|
add_plugin(Aws::Plugins::TransferEncoding)
|
73
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
74
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
75
|
add_plugin(Aws::Plugins::Protocols::RestJson)
|
74
76
|
|
@@ -161,7 +163,7 @@ module Aws::GuardDuty
|
|
161
163
|
# @option options [String] :endpoint
|
162
164
|
# The client endpoint is normally constructed from the `:region`
|
163
165
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be a valid HTTP(S) URI.
|
166
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
167
|
#
|
166
168
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
169
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +178,7 @@ module Aws::GuardDuty
|
|
176
178
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
179
|
#
|
178
180
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
181
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
182
|
#
|
181
183
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
184
|
# The log formatter.
|
@@ -523,6 +525,8 @@ module Aws::GuardDuty
|
|
523
525
|
#
|
524
526
|
# * service.action.networkConnectionAction.protocol
|
525
527
|
#
|
528
|
+
# * service.action.networkConnectionAction.localIpDetails.ipAddressV4
|
529
|
+
#
|
526
530
|
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
527
531
|
#
|
528
532
|
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
@@ -1174,11 +1178,11 @@ module Aws::GuardDuty
|
|
1174
1178
|
req.send_request(options)
|
1175
1179
|
end
|
1176
1180
|
|
1177
|
-
# Disables
|
1178
|
-
#
|
1181
|
+
# Disables an AWS account within the Organization as the GuardDuty
|
1182
|
+
# delegated administrator.
|
1179
1183
|
#
|
1180
1184
|
# @option params [required, String] :admin_account_id
|
1181
|
-
# The AWS Account ID for the
|
1185
|
+
# The AWS Account ID for the organizations account to be disabled as a
|
1182
1186
|
# GuardDuty delegated administrator.
|
1183
1187
|
#
|
1184
1188
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -1258,11 +1262,11 @@ module Aws::GuardDuty
|
|
1258
1262
|
req.send_request(options)
|
1259
1263
|
end
|
1260
1264
|
|
1261
|
-
# Enables
|
1262
|
-
#
|
1265
|
+
# Enables an AWS account within the organization as the GuardDuty
|
1266
|
+
# delegated administrator.
|
1263
1267
|
#
|
1264
1268
|
# @option params [required, String] :admin_account_id
|
1265
|
-
# The AWS Account ID for the
|
1269
|
+
# The AWS Account ID for the organization account to be enabled as a
|
1266
1270
|
# GuardDuty delegated administrator.
|
1267
1271
|
#
|
1268
1272
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
@@ -1422,6 +1426,30 @@ module Aws::GuardDuty
|
|
1422
1426
|
# resp.findings[0].resource.access_key_details.principal_id #=> String
|
1423
1427
|
# resp.findings[0].resource.access_key_details.user_name #=> String
|
1424
1428
|
# resp.findings[0].resource.access_key_details.user_type #=> String
|
1429
|
+
# resp.findings[0].resource.s3_bucket_details #=> Array
|
1430
|
+
# resp.findings[0].resource.s3_bucket_details[0].arn #=> String
|
1431
|
+
# resp.findings[0].resource.s3_bucket_details[0].name #=> String
|
1432
|
+
# resp.findings[0].resource.s3_bucket_details[0].type #=> String
|
1433
|
+
# resp.findings[0].resource.s3_bucket_details[0].created_at #=> Time
|
1434
|
+
# resp.findings[0].resource.s3_bucket_details[0].owner.id #=> String
|
1435
|
+
# resp.findings[0].resource.s3_bucket_details[0].tags #=> Array
|
1436
|
+
# resp.findings[0].resource.s3_bucket_details[0].tags[0].key #=> String
|
1437
|
+
# resp.findings[0].resource.s3_bucket_details[0].tags[0].value #=> String
|
1438
|
+
# resp.findings[0].resource.s3_bucket_details[0].default_server_side_encryption.encryption_type #=> String
|
1439
|
+
# resp.findings[0].resource.s3_bucket_details[0].default_server_side_encryption.kms_master_key_arn #=> String
|
1440
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_read_access #=> Boolean
|
1441
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_write_access #=> Boolean
|
1442
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_read_access #=> Boolean
|
1443
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_write_access #=> Boolean
|
1444
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.ignore_public_acls #=> Boolean
|
1445
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
|
1446
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_acls #=> Boolean
|
1447
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_policy #=> Boolean
|
1448
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.ignore_public_acls #=> Boolean
|
1449
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
|
1450
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_acls #=> Boolean
|
1451
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_policy #=> Boolean
|
1452
|
+
# resp.findings[0].resource.s3_bucket_details[0].public_access.effective_permission #=> String
|
1425
1453
|
# resp.findings[0].resource.instance_details.availability_zone #=> String
|
1426
1454
|
# resp.findings[0].resource.instance_details.iam_instance_profile.arn #=> String
|
1427
1455
|
# resp.findings[0].resource.instance_details.iam_instance_profile.id #=> String
|
@@ -2190,8 +2218,8 @@ module Aws::GuardDuty
|
|
2190
2218
|
req.send_request(options)
|
2191
2219
|
end
|
2192
2220
|
|
2193
|
-
# Lists details about
|
2194
|
-
#
|
2221
|
+
# Lists details about all member accounts for the current GuardDuty
|
2222
|
+
# master account.
|
2195
2223
|
#
|
2196
2224
|
# @option params [required, String] :detector_id
|
2197
2225
|
# The unique ID of the detector the member is associated with.
|
@@ -2209,11 +2237,9 @@ module Aws::GuardDuty
|
|
2209
2237
|
# data.
|
2210
2238
|
#
|
2211
2239
|
# @option params [String] :only_associated
|
2212
|
-
# Specifies
|
2213
|
-
#
|
2214
|
-
#
|
2215
|
-
# member accounts (including members who haven't been invited yet or
|
2216
|
-
# have been disassociated).
|
2240
|
+
# Specifies whether to only return associated members or to return all
|
2241
|
+
# members (including members who haven't been invited yet or have been
|
2242
|
+
# disassociated).
|
2217
2243
|
#
|
2218
2244
|
# @return [Types::ListMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2219
2245
|
#
|
@@ -2252,8 +2278,7 @@ module Aws::GuardDuty
|
|
2252
2278
|
req.send_request(options)
|
2253
2279
|
end
|
2254
2280
|
|
2255
|
-
# Lists the accounts configured as
|
2256
|
-
# administrators.
|
2281
|
+
# Lists the accounts configured as GuardDuty delegated administrators.
|
2257
2282
|
#
|
2258
2283
|
# @option params [Integer] :max_results
|
2259
2284
|
# The maximum number of results to return in the response.
|
@@ -2877,7 +2902,7 @@ module Aws::GuardDuty
|
|
2877
2902
|
params: params,
|
2878
2903
|
config: config)
|
2879
2904
|
context[:gem_name] = 'aws-sdk-guardduty'
|
2880
|
-
context[:gem_version] = '1.
|
2905
|
+
context[:gem_version] = '1.35.1'
|
2881
2906
|
Seahorse::Client::Request.new(handlers, context)
|
2882
2907
|
end
|
2883
2908
|
|
@@ -13,11 +13,13 @@ module Aws::GuardDuty
|
|
13
13
|
|
14
14
|
AcceptInvitationRequest = Shapes::StructureShape.new(name: 'AcceptInvitationRequest')
|
15
15
|
AcceptInvitationResponse = Shapes::StructureShape.new(name: 'AcceptInvitationResponse')
|
16
|
+
AccessControlList = Shapes::StructureShape.new(name: 'AccessControlList')
|
16
17
|
AccessKeyDetails = Shapes::StructureShape.new(name: 'AccessKeyDetails')
|
17
18
|
AccountDetail = Shapes::StructureShape.new(name: 'AccountDetail')
|
18
19
|
AccountDetails = Shapes::ListShape.new(name: 'AccountDetails')
|
19
20
|
AccountId = Shapes::StringShape.new(name: 'AccountId')
|
20
21
|
AccountIds = Shapes::ListShape.new(name: 'AccountIds')
|
22
|
+
AccountLevelPermissions = Shapes::StructureShape.new(name: 'AccountLevelPermissions')
|
21
23
|
Action = Shapes::StructureShape.new(name: 'Action')
|
22
24
|
AdminAccount = Shapes::StructureShape.new(name: 'AdminAccount')
|
23
25
|
AdminAccounts = Shapes::ListShape.new(name: 'AdminAccounts')
|
@@ -26,7 +28,10 @@ module Aws::GuardDuty
|
|
26
28
|
ArchiveFindingsResponse = Shapes::StructureShape.new(name: 'ArchiveFindingsResponse')
|
27
29
|
AwsApiCallAction = Shapes::StructureShape.new(name: 'AwsApiCallAction')
|
28
30
|
BadRequestException = Shapes::StructureShape.new(name: 'BadRequestException')
|
31
|
+
BlockPublicAccess = Shapes::StructureShape.new(name: 'BlockPublicAccess')
|
29
32
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
33
|
+
BucketLevelPermissions = Shapes::StructureShape.new(name: 'BucketLevelPermissions')
|
34
|
+
BucketPolicy = Shapes::StructureShape.new(name: 'BucketPolicy')
|
30
35
|
City = Shapes::StructureShape.new(name: 'City')
|
31
36
|
ClientToken = Shapes::StringShape.new(name: 'ClientToken')
|
32
37
|
Condition = Shapes::StructureShape.new(name: 'Condition')
|
@@ -49,6 +54,7 @@ module Aws::GuardDuty
|
|
49
54
|
Criterion = Shapes::MapShape.new(name: 'Criterion')
|
50
55
|
DeclineInvitationsRequest = Shapes::StructureShape.new(name: 'DeclineInvitationsRequest')
|
51
56
|
DeclineInvitationsResponse = Shapes::StructureShape.new(name: 'DeclineInvitationsResponse')
|
57
|
+
DefaultServerSideEncryption = Shapes::StructureShape.new(name: 'DefaultServerSideEncryption')
|
52
58
|
DeleteDetectorRequest = Shapes::StructureShape.new(name: 'DeleteDetectorRequest')
|
53
59
|
DeleteDetectorResponse = Shapes::StructureShape.new(name: 'DeleteDetectorResponse')
|
54
60
|
DeleteFilterRequest = Shapes::StructureShape.new(name: 'DeleteFilterRequest')
|
@@ -174,6 +180,8 @@ module Aws::GuardDuty
|
|
174
180
|
NotEquals = Shapes::ListShape.new(name: 'NotEquals')
|
175
181
|
OrderBy = Shapes::StringShape.new(name: 'OrderBy')
|
176
182
|
Organization = Shapes::StructureShape.new(name: 'Organization')
|
183
|
+
Owner = Shapes::StructureShape.new(name: 'Owner')
|
184
|
+
PermissionConfiguration = Shapes::StructureShape.new(name: 'PermissionConfiguration')
|
177
185
|
PortProbeAction = Shapes::StructureShape.new(name: 'PortProbeAction')
|
178
186
|
PortProbeDetail = Shapes::StructureShape.new(name: 'PortProbeDetail')
|
179
187
|
PortProbeDetails = Shapes::ListShape.new(name: 'PortProbeDetails')
|
@@ -181,10 +189,13 @@ module Aws::GuardDuty
|
|
181
189
|
PrivateIpAddresses = Shapes::ListShape.new(name: 'PrivateIpAddresses')
|
182
190
|
ProductCode = Shapes::StructureShape.new(name: 'ProductCode')
|
183
191
|
ProductCodes = Shapes::ListShape.new(name: 'ProductCodes')
|
192
|
+
PublicAccess = Shapes::StructureShape.new(name: 'PublicAccess')
|
184
193
|
PublishingStatus = Shapes::StringShape.new(name: 'PublishingStatus')
|
185
194
|
RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
|
186
195
|
RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
|
187
196
|
Resource = Shapes::StructureShape.new(name: 'Resource')
|
197
|
+
S3BucketDetail = Shapes::StructureShape.new(name: 'S3BucketDetail')
|
198
|
+
S3BucketDetails = Shapes::ListShape.new(name: 'S3BucketDetails')
|
188
199
|
SecurityGroup = Shapes::StructureShape.new(name: 'SecurityGroup')
|
189
200
|
SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
|
190
201
|
Service = Shapes::StructureShape.new(name: 'Service')
|
@@ -208,6 +219,7 @@ module Aws::GuardDuty
|
|
208
219
|
ThreatIntelligenceDetail = Shapes::StructureShape.new(name: 'ThreatIntelligenceDetail')
|
209
220
|
ThreatIntelligenceDetails = Shapes::ListShape.new(name: 'ThreatIntelligenceDetails')
|
210
221
|
ThreatNames = Shapes::ListShape.new(name: 'ThreatNames')
|
222
|
+
Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
|
211
223
|
UnarchiveFindingsRequest = Shapes::StructureShape.new(name: 'UnarchiveFindingsRequest')
|
212
224
|
UnarchiveFindingsResponse = Shapes::StructureShape.new(name: 'UnarchiveFindingsResponse')
|
213
225
|
UnprocessedAccount = Shapes::StructureShape.new(name: 'UnprocessedAccount')
|
@@ -236,6 +248,10 @@ module Aws::GuardDuty
|
|
236
248
|
|
237
249
|
AcceptInvitationResponse.struct_class = Types::AcceptInvitationResponse
|
238
250
|
|
251
|
+
AccessControlList.add_member(:allows_public_read_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicReadAccess"))
|
252
|
+
AccessControlList.add_member(:allows_public_write_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicWriteAccess"))
|
253
|
+
AccessControlList.struct_class = Types::AccessControlList
|
254
|
+
|
239
255
|
AccessKeyDetails.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, location_name: "accessKeyId"))
|
240
256
|
AccessKeyDetails.add_member(:principal_id, Shapes::ShapeRef.new(shape: String, location_name: "principalId"))
|
241
257
|
AccessKeyDetails.add_member(:user_name, Shapes::ShapeRef.new(shape: String, location_name: "userName"))
|
@@ -250,6 +266,9 @@ module Aws::GuardDuty
|
|
250
266
|
|
251
267
|
AccountIds.member = Shapes::ShapeRef.new(shape: AccountId)
|
252
268
|
|
269
|
+
AccountLevelPermissions.add_member(:block_public_access, Shapes::ShapeRef.new(shape: BlockPublicAccess, location_name: "blockPublicAccess"))
|
270
|
+
AccountLevelPermissions.struct_class = Types::AccountLevelPermissions
|
271
|
+
|
253
272
|
Action.add_member(:action_type, Shapes::ShapeRef.new(shape: String, location_name: "actionType"))
|
254
273
|
Action.add_member(:aws_api_call_action, Shapes::ShapeRef.new(shape: AwsApiCallAction, location_name: "awsApiCallAction"))
|
255
274
|
Action.add_member(:dns_request_action, Shapes::ShapeRef.new(shape: DnsRequestAction, location_name: "dnsRequestAction"))
|
@@ -280,6 +299,21 @@ module Aws::GuardDuty
|
|
280
299
|
BadRequestException.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "__type"))
|
281
300
|
BadRequestException.struct_class = Types::BadRequestException
|
282
301
|
|
302
|
+
BlockPublicAccess.add_member(:ignore_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "ignorePublicAcls"))
|
303
|
+
BlockPublicAccess.add_member(:restrict_public_buckets, Shapes::ShapeRef.new(shape: Boolean, location_name: "restrictPublicBuckets"))
|
304
|
+
BlockPublicAccess.add_member(:block_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "blockPublicAcls"))
|
305
|
+
BlockPublicAccess.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "blockPublicPolicy"))
|
306
|
+
BlockPublicAccess.struct_class = Types::BlockPublicAccess
|
307
|
+
|
308
|
+
BucketLevelPermissions.add_member(:access_control_list, Shapes::ShapeRef.new(shape: AccessControlList, location_name: "accessControlList"))
|
309
|
+
BucketLevelPermissions.add_member(:bucket_policy, Shapes::ShapeRef.new(shape: BucketPolicy, location_name: "bucketPolicy"))
|
310
|
+
BucketLevelPermissions.add_member(:block_public_access, Shapes::ShapeRef.new(shape: BlockPublicAccess, location_name: "blockPublicAccess"))
|
311
|
+
BucketLevelPermissions.struct_class = Types::BucketLevelPermissions
|
312
|
+
|
313
|
+
BucketPolicy.add_member(:allows_public_read_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicReadAccess"))
|
314
|
+
BucketPolicy.add_member(:allows_public_write_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicWriteAccess"))
|
315
|
+
BucketPolicy.struct_class = Types::BucketPolicy
|
316
|
+
|
283
317
|
City.add_member(:city_name, Shapes::ShapeRef.new(shape: String, location_name: "cityName"))
|
284
318
|
City.struct_class = Types::City
|
285
319
|
|
@@ -381,6 +415,10 @@ module Aws::GuardDuty
|
|
381
415
|
DeclineInvitationsResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
|
382
416
|
DeclineInvitationsResponse.struct_class = Types::DeclineInvitationsResponse
|
383
417
|
|
418
|
+
DefaultServerSideEncryption.add_member(:encryption_type, Shapes::ShapeRef.new(shape: String, location_name: "encryptionType"))
|
419
|
+
DefaultServerSideEncryption.add_member(:kms_master_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "kmsMasterKeyArn"))
|
420
|
+
DefaultServerSideEncryption.struct_class = Types::DefaultServerSideEncryption
|
421
|
+
|
384
422
|
DeleteDetectorRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
|
385
423
|
DeleteDetectorRequest.struct_class = Types::DeleteDetectorRequest
|
386
424
|
|
@@ -794,6 +832,13 @@ module Aws::GuardDuty
|
|
794
832
|
Organization.add_member(:org, Shapes::ShapeRef.new(shape: String, location_name: "org"))
|
795
833
|
Organization.struct_class = Types::Organization
|
796
834
|
|
835
|
+
Owner.add_member(:id, Shapes::ShapeRef.new(shape: String, location_name: "id"))
|
836
|
+
Owner.struct_class = Types::Owner
|
837
|
+
|
838
|
+
PermissionConfiguration.add_member(:bucket_level_permissions, Shapes::ShapeRef.new(shape: BucketLevelPermissions, location_name: "bucketLevelPermissions"))
|
839
|
+
PermissionConfiguration.add_member(:account_level_permissions, Shapes::ShapeRef.new(shape: AccountLevelPermissions, location_name: "accountLevelPermissions"))
|
840
|
+
PermissionConfiguration.struct_class = Types::PermissionConfiguration
|
841
|
+
|
797
842
|
PortProbeAction.add_member(:blocked, Shapes::ShapeRef.new(shape: Boolean, location_name: "blocked"))
|
798
843
|
PortProbeAction.add_member(:port_probe_details, Shapes::ShapeRef.new(shape: PortProbeDetails, location_name: "portProbeDetails"))
|
799
844
|
PortProbeAction.struct_class = Types::PortProbeAction
|
@@ -817,6 +862,10 @@ module Aws::GuardDuty
|
|
817
862
|
|
818
863
|
ProductCodes.member = Shapes::ShapeRef.new(shape: ProductCode)
|
819
864
|
|
865
|
+
PublicAccess.add_member(:permission_configuration, Shapes::ShapeRef.new(shape: PermissionConfiguration, location_name: "permissionConfiguration"))
|
866
|
+
PublicAccess.add_member(:effective_permission, Shapes::ShapeRef.new(shape: String, location_name: "effectivePermission"))
|
867
|
+
PublicAccess.struct_class = Types::PublicAccess
|
868
|
+
|
820
869
|
RemoteIpDetails.add_member(:city, Shapes::ShapeRef.new(shape: City, location_name: "city"))
|
821
870
|
RemoteIpDetails.add_member(:country, Shapes::ShapeRef.new(shape: Country, location_name: "country"))
|
822
871
|
RemoteIpDetails.add_member(:geo_location, Shapes::ShapeRef.new(shape: GeoLocation, location_name: "geoLocation"))
|
@@ -829,10 +878,23 @@ module Aws::GuardDuty
|
|
829
878
|
RemotePortDetails.struct_class = Types::RemotePortDetails
|
830
879
|
|
831
880
|
Resource.add_member(:access_key_details, Shapes::ShapeRef.new(shape: AccessKeyDetails, location_name: "accessKeyDetails"))
|
881
|
+
Resource.add_member(:s3_bucket_details, Shapes::ShapeRef.new(shape: S3BucketDetails, location_name: "s3BucketDetails"))
|
832
882
|
Resource.add_member(:instance_details, Shapes::ShapeRef.new(shape: InstanceDetails, location_name: "instanceDetails"))
|
833
883
|
Resource.add_member(:resource_type, Shapes::ShapeRef.new(shape: String, location_name: "resourceType"))
|
834
884
|
Resource.struct_class = Types::Resource
|
835
885
|
|
886
|
+
S3BucketDetail.add_member(:arn, Shapes::ShapeRef.new(shape: String, location_name: "arn"))
|
887
|
+
S3BucketDetail.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
|
888
|
+
S3BucketDetail.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "type"))
|
889
|
+
S3BucketDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
|
890
|
+
S3BucketDetail.add_member(:owner, Shapes::ShapeRef.new(shape: Owner, location_name: "owner"))
|
891
|
+
S3BucketDetail.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
|
892
|
+
S3BucketDetail.add_member(:default_server_side_encryption, Shapes::ShapeRef.new(shape: DefaultServerSideEncryption, location_name: "defaultServerSideEncryption"))
|
893
|
+
S3BucketDetail.add_member(:public_access, Shapes::ShapeRef.new(shape: PublicAccess, location_name: "publicAccess"))
|
894
|
+
S3BucketDetail.struct_class = Types::S3BucketDetail
|
895
|
+
|
896
|
+
S3BucketDetails.member = Shapes::ShapeRef.new(shape: S3BucketDetail)
|
897
|
+
|
836
898
|
SecurityGroup.add_member(:group_id, Shapes::ShapeRef.new(shape: String, location_name: "groupId"))
|
837
899
|
SecurityGroup.add_member(:group_name, Shapes::ShapeRef.new(shape: String, location_name: "groupName"))
|
838
900
|
SecurityGroup.struct_class = Types::SecurityGroup
|
@@ -44,6 +44,27 @@ module Aws::GuardDuty
|
|
44
44
|
#
|
45
45
|
class AcceptInvitationResponse < Aws::EmptyStructure; end
|
46
46
|
|
47
|
+
# Contains information on the current access control policies for the
|
48
|
+
# bucket.
|
49
|
+
#
|
50
|
+
# @!attribute [rw] allows_public_read_access
|
51
|
+
# A value that indicates whether public read access for the bucket is
|
52
|
+
# enabled through an Access Control List (ACL).
|
53
|
+
# @return [Boolean]
|
54
|
+
#
|
55
|
+
# @!attribute [rw] allows_public_write_access
|
56
|
+
# A value that indicates whether public write access for the bucket is
|
57
|
+
# enabled through an Access Control List (ACL).
|
58
|
+
# @return [Boolean]
|
59
|
+
#
|
60
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AccessControlList AWS API Documentation
|
61
|
+
#
|
62
|
+
class AccessControlList < Struct.new(
|
63
|
+
:allows_public_read_access,
|
64
|
+
:allows_public_write_access)
|
65
|
+
include Aws::Structure
|
66
|
+
end
|
67
|
+
|
47
68
|
# Contains information about the access keys.
|
48
69
|
#
|
49
70
|
# @!attribute [rw] access_key_id
|
@@ -98,6 +119,21 @@ module Aws::GuardDuty
|
|
98
119
|
include Aws::Structure
|
99
120
|
end
|
100
121
|
|
122
|
+
# Contains information about the account level permissions on the S3
|
123
|
+
# bucket.
|
124
|
+
#
|
125
|
+
# @!attribute [rw] block_public_access
|
126
|
+
# Describes the S3 Block Public Access settings of the bucket's
|
127
|
+
# parent account.
|
128
|
+
# @return [Types::BlockPublicAccess]
|
129
|
+
#
|
130
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AccountLevelPermissions AWS API Documentation
|
131
|
+
#
|
132
|
+
class AccountLevelPermissions < Struct.new(
|
133
|
+
:block_public_access)
|
134
|
+
include Aws::Structure
|
135
|
+
end
|
136
|
+
|
101
137
|
# Contains information about actions.
|
102
138
|
#
|
103
139
|
# @!attribute [rw] action_type
|
@@ -233,6 +269,87 @@ module Aws::GuardDuty
|
|
233
269
|
include Aws::Structure
|
234
270
|
end
|
235
271
|
|
272
|
+
# Contains information on how the bucker owner's S3 Block Public Access
|
273
|
+
# settings are being applied to the S3 bucket. See [S3 Block Public
|
274
|
+
# Access][1] for more information.
|
275
|
+
#
|
276
|
+
#
|
277
|
+
#
|
278
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
|
279
|
+
#
|
280
|
+
# @!attribute [rw] ignore_public_acls
|
281
|
+
# Indicates if S3 Block Public Access is set to `IgnorePublicAcls`.
|
282
|
+
# @return [Boolean]
|
283
|
+
#
|
284
|
+
# @!attribute [rw] restrict_public_buckets
|
285
|
+
# Indicates if S3 Block Public Access is set to
|
286
|
+
# `RestrictPublicBuckets`.
|
287
|
+
# @return [Boolean]
|
288
|
+
#
|
289
|
+
# @!attribute [rw] block_public_acls
|
290
|
+
# Indicates if S3 Block Public Access is set to `BlockPublicAcls`.
|
291
|
+
# @return [Boolean]
|
292
|
+
#
|
293
|
+
# @!attribute [rw] block_public_policy
|
294
|
+
# Indicates if S3 Block Public Access is set to `BlockPublicPolicy`.
|
295
|
+
# @return [Boolean]
|
296
|
+
#
|
297
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BlockPublicAccess AWS API Documentation
|
298
|
+
#
|
299
|
+
class BlockPublicAccess < Struct.new(
|
300
|
+
:ignore_public_acls,
|
301
|
+
:restrict_public_buckets,
|
302
|
+
:block_public_acls,
|
303
|
+
:block_public_policy)
|
304
|
+
include Aws::Structure
|
305
|
+
end
|
306
|
+
|
307
|
+
# Contains information about the bucket level permissions for the S3
|
308
|
+
# bucket.
|
309
|
+
#
|
310
|
+
# @!attribute [rw] access_control_list
|
311
|
+
# Contains information on how Access Control Policies are applied to
|
312
|
+
# the bucket.
|
313
|
+
# @return [Types::AccessControlList]
|
314
|
+
#
|
315
|
+
# @!attribute [rw] bucket_policy
|
316
|
+
# Contains information on the bucket policies for the S3 bucket.
|
317
|
+
# @return [Types::BucketPolicy]
|
318
|
+
#
|
319
|
+
# @!attribute [rw] block_public_access
|
320
|
+
# Contains information on which account level S3 Block Public Access
|
321
|
+
# settings are applied to the S3 bucket.
|
322
|
+
# @return [Types::BlockPublicAccess]
|
323
|
+
#
|
324
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BucketLevelPermissions AWS API Documentation
|
325
|
+
#
|
326
|
+
class BucketLevelPermissions < Struct.new(
|
327
|
+
:access_control_list,
|
328
|
+
:bucket_policy,
|
329
|
+
:block_public_access)
|
330
|
+
include Aws::Structure
|
331
|
+
end
|
332
|
+
|
333
|
+
# Contains information on the current bucket policies for the S3 bucket.
|
334
|
+
#
|
335
|
+
# @!attribute [rw] allows_public_read_access
|
336
|
+
# A value that indicates whether public read access for the bucket is
|
337
|
+
# enabled through a bucket policy.
|
338
|
+
# @return [Boolean]
|
339
|
+
#
|
340
|
+
# @!attribute [rw] allows_public_write_access
|
341
|
+
# A value that indicates whether public write access for the bucket is
|
342
|
+
# enabled through a bucket policy.
|
343
|
+
# @return [Boolean]
|
344
|
+
#
|
345
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BucketPolicy AWS API Documentation
|
346
|
+
#
|
347
|
+
class BucketPolicy < Struct.new(
|
348
|
+
:allows_public_read_access,
|
349
|
+
:allows_public_write_access)
|
350
|
+
include Aws::Structure
|
351
|
+
end
|
352
|
+
|
236
353
|
# Contains information about the city associated with the IP address.
|
237
354
|
#
|
238
355
|
# @!attribute [rw] city_name
|
@@ -554,6 +671,8 @@ module Aws::GuardDuty
|
|
554
671
|
#
|
555
672
|
# * service.action.networkConnectionAction.protocol
|
556
673
|
#
|
674
|
+
# * service.action.networkConnectionAction.localIpDetails.ipAddressV4
|
675
|
+
#
|
557
676
|
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
558
677
|
#
|
559
678
|
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
@@ -934,6 +1053,30 @@ module Aws::GuardDuty
|
|
934
1053
|
include Aws::Structure
|
935
1054
|
end
|
936
1055
|
|
1056
|
+
# Contains information on the server side encryption method used in the
|
1057
|
+
# S3 bucket. See [S3 Server-Side Encryption][1] for more information.
|
1058
|
+
#
|
1059
|
+
#
|
1060
|
+
#
|
1061
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/atest/dev/serv-side-encryption.html
|
1062
|
+
#
|
1063
|
+
# @!attribute [rw] encryption_type
|
1064
|
+
# The type of encryption used for objects within the S3 bucket.
|
1065
|
+
# @return [String]
|
1066
|
+
#
|
1067
|
+
# @!attribute [rw] kms_master_key_arn
|
1068
|
+
# The Amazon Resource Name (ARN) of the KMS encryption key. Only
|
1069
|
+
# available if the bucket `EncryptionType` is `aws:kms`.
|
1070
|
+
# @return [String]
|
1071
|
+
#
|
1072
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DefaultServerSideEncryption AWS API Documentation
|
1073
|
+
#
|
1074
|
+
class DefaultServerSideEncryption < Struct.new(
|
1075
|
+
:encryption_type,
|
1076
|
+
:kms_master_key_arn)
|
1077
|
+
include Aws::Structure
|
1078
|
+
end
|
1079
|
+
|
937
1080
|
# @note When making an API call, you may pass DeleteDetectorRequest
|
938
1081
|
# data as a hash:
|
939
1082
|
#
|
@@ -1295,7 +1438,7 @@ module Aws::GuardDuty
|
|
1295
1438
|
# }
|
1296
1439
|
#
|
1297
1440
|
# @!attribute [rw] admin_account_id
|
1298
|
-
# The AWS Account ID for the
|
1441
|
+
# The AWS Account ID for the organizations account to be disabled as a
|
1299
1442
|
# GuardDuty delegated administrator.
|
1300
1443
|
# @return [String]
|
1301
1444
|
#
|
@@ -1405,7 +1548,7 @@ module Aws::GuardDuty
|
|
1405
1548
|
# }
|
1406
1549
|
#
|
1407
1550
|
# @!attribute [rw] admin_account_id
|
1408
|
-
# The AWS Account ID for the
|
1551
|
+
# The AWS Account ID for the organization account to be enabled as a
|
1409
1552
|
# GuardDuty delegated administrator.
|
1410
1553
|
# @return [String]
|
1411
1554
|
#
|
@@ -2626,11 +2769,9 @@ module Aws::GuardDuty
|
|
2626
2769
|
# @return [String]
|
2627
2770
|
#
|
2628
2771
|
# @!attribute [rw] only_associated
|
2629
|
-
# Specifies
|
2630
|
-
#
|
2631
|
-
#
|
2632
|
-
# member accounts (including members who haven't been invited yet or
|
2633
|
-
# have been disassociated).
|
2772
|
+
# Specifies whether to only return associated members or to return all
|
2773
|
+
# members (including members who haven't been invited yet or have
|
2774
|
+
# been disassociated).
|
2634
2775
|
# @return [String]
|
2635
2776
|
#
|
2636
2777
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersRequest AWS API Documentation
|
@@ -3081,6 +3222,46 @@ module Aws::GuardDuty
|
|
3081
3222
|
include Aws::Structure
|
3082
3223
|
end
|
3083
3224
|
|
3225
|
+
# Contains information on the owner of the bucket.
|
3226
|
+
#
|
3227
|
+
# @!attribute [rw] id
|
3228
|
+
# The canonical user ID of the bucket owner. For information about
|
3229
|
+
# locating your canonical user ID see [Finding Your Account Canonical
|
3230
|
+
# User ID.][1]
|
3231
|
+
#
|
3232
|
+
#
|
3233
|
+
#
|
3234
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId
|
3235
|
+
# @return [String]
|
3236
|
+
#
|
3237
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Owner AWS API Documentation
|
3238
|
+
#
|
3239
|
+
class Owner < Struct.new(
|
3240
|
+
:id)
|
3241
|
+
include Aws::Structure
|
3242
|
+
end
|
3243
|
+
|
3244
|
+
# Contains information about how permissions are configured for the S3
|
3245
|
+
# bucket.
|
3246
|
+
#
|
3247
|
+
# @!attribute [rw] bucket_level_permissions
|
3248
|
+
# Contains information about the bucket level permissions for the S3
|
3249
|
+
# bucket.
|
3250
|
+
# @return [Types::BucketLevelPermissions]
|
3251
|
+
#
|
3252
|
+
# @!attribute [rw] account_level_permissions
|
3253
|
+
# Contains information about the account level permissions on the S3
|
3254
|
+
# bucket.
|
3255
|
+
# @return [Types::AccountLevelPermissions]
|
3256
|
+
#
|
3257
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/PermissionConfiguration AWS API Documentation
|
3258
|
+
#
|
3259
|
+
class PermissionConfiguration < Struct.new(
|
3260
|
+
:bucket_level_permissions,
|
3261
|
+
:account_level_permissions)
|
3262
|
+
include Aws::Structure
|
3263
|
+
end
|
3264
|
+
|
3084
3265
|
# Contains information about the PORT\_PROBE action described in the
|
3085
3266
|
# finding.
|
3086
3267
|
#
|
@@ -3160,6 +3341,26 @@ module Aws::GuardDuty
|
|
3160
3341
|
include Aws::Structure
|
3161
3342
|
end
|
3162
3343
|
|
3344
|
+
# Describes the public access policies that apply to the S3 bucket.
|
3345
|
+
#
|
3346
|
+
# @!attribute [rw] permission_configuration
|
3347
|
+
# Contains information about how permissions are configured for the S3
|
3348
|
+
# bucket.
|
3349
|
+
# @return [Types::PermissionConfiguration]
|
3350
|
+
#
|
3351
|
+
# @!attribute [rw] effective_permission
|
3352
|
+
# Describes the effective permission on this bucket after factoring
|
3353
|
+
# all attached policies.
|
3354
|
+
# @return [String]
|
3355
|
+
#
|
3356
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/PublicAccess AWS API Documentation
|
3357
|
+
#
|
3358
|
+
class PublicAccess < Struct.new(
|
3359
|
+
:permission_configuration,
|
3360
|
+
:effective_permission)
|
3361
|
+
include Aws::Structure
|
3362
|
+
end
|
3363
|
+
|
3163
3364
|
# Contains information about the remote IP address of the connection.
|
3164
3365
|
#
|
3165
3366
|
# @!attribute [rw] city
|
@@ -3220,6 +3421,10 @@ module Aws::GuardDuty
|
|
3220
3421
|
# finding.
|
3221
3422
|
# @return [Types::AccessKeyDetails]
|
3222
3423
|
#
|
3424
|
+
# @!attribute [rw] s3_bucket_details
|
3425
|
+
# Contains information on the S3 bucket.
|
3426
|
+
# @return [Array<Types::S3BucketDetail>]
|
3427
|
+
#
|
3223
3428
|
# @!attribute [rw] instance_details
|
3224
3429
|
# The information about the EC2 instance associated with the activity
|
3225
3430
|
# that prompted GuardDuty to generate a finding.
|
@@ -3233,11 +3438,58 @@ module Aws::GuardDuty
|
|
3233
3438
|
#
|
3234
3439
|
class Resource < Struct.new(
|
3235
3440
|
:access_key_details,
|
3441
|
+
:s3_bucket_details,
|
3236
3442
|
:instance_details,
|
3237
3443
|
:resource_type)
|
3238
3444
|
include Aws::Structure
|
3239
3445
|
end
|
3240
3446
|
|
3447
|
+
# @!attribute [rw] arn
|
3448
|
+
# The Amazon Resource Name (ARN) of the S3 bucket.
|
3449
|
+
# @return [String]
|
3450
|
+
#
|
3451
|
+
# @!attribute [rw] name
|
3452
|
+
# The name of the S3 bucket.
|
3453
|
+
# @return [String]
|
3454
|
+
#
|
3455
|
+
# @!attribute [rw] type
|
3456
|
+
# Describes whether the bucket is a source or destination bucket.
|
3457
|
+
# @return [String]
|
3458
|
+
#
|
3459
|
+
# @!attribute [rw] created_at
|
3460
|
+
# The date and time the bucket was created at.
|
3461
|
+
# @return [Time]
|
3462
|
+
#
|
3463
|
+
# @!attribute [rw] owner
|
3464
|
+
# The owner of the S3 bucket.
|
3465
|
+
# @return [Types::Owner]
|
3466
|
+
#
|
3467
|
+
# @!attribute [rw] tags
|
3468
|
+
# All tags attached to the S3 bucket
|
3469
|
+
# @return [Array<Types::Tag>]
|
3470
|
+
#
|
3471
|
+
# @!attribute [rw] default_server_side_encryption
|
3472
|
+
# Describes the server side encryption method used in the S3 bucket.
|
3473
|
+
# @return [Types::DefaultServerSideEncryption]
|
3474
|
+
#
|
3475
|
+
# @!attribute [rw] public_access
|
3476
|
+
# Describes the public access policies that apply to the S3 bucket.
|
3477
|
+
# @return [Types::PublicAccess]
|
3478
|
+
#
|
3479
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3BucketDetail AWS API Documentation
|
3480
|
+
#
|
3481
|
+
class S3BucketDetail < Struct.new(
|
3482
|
+
:arn,
|
3483
|
+
:name,
|
3484
|
+
:type,
|
3485
|
+
:created_at,
|
3486
|
+
:owner,
|
3487
|
+
:tags,
|
3488
|
+
:default_server_side_encryption,
|
3489
|
+
:public_access)
|
3490
|
+
include Aws::Structure
|
3491
|
+
end
|
3492
|
+
|
3241
3493
|
# Contains information about the security groups associated with the EC2
|
3242
3494
|
# instance.
|
3243
3495
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-guardduty
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.35.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-06-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.99.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.99.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|