aws-sdk-guardduty 1.33.0 → 1.34.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9f9b68221cee35901f261381ef95b37afbc170cb46e24b82b8999dbcb4fa4f89
4
- data.tar.gz: 3ff66ccd7d3dde96ec16e6cc2487fcf1b9717aa992501067dddad0a17c0809f5
3
+ metadata.gz: 3a333c6baf705d8536f84ad5136f7d64f9e495792fe1164bef8acafaf31dddcd
4
+ data.tar.gz: 50b5d7378c910efa29c5542cd9d858f57fedf5d884031afb753381901a79545c
5
5
  SHA512:
6
- metadata.gz: cedd57f50a723b82e372971c6d963e56675d065c7c68c3fb85d5c204c19a7966923e38ab19d9ae4ad7a29bd1141a0e3c695665e07ffeb1a398db9397306e7177
7
- data.tar.gz: 0005b5eaf77dd5ed96e5493f2dfa0cbb4431f888aa428cb05c9fcb85b53442ae28d154f86e79362e365f0772084596cac633f7cd7d704aa7ce94d2c13459574c
6
+ metadata.gz: 4d6aaecee89faae6e63f8a05dd0c279f7408a70951b6cf69752c3f5204dbfb85e21755ed941b8f7cd309e2edf5c2edc6175094fd8a0a8f20b1e91b906964bcd0
7
+ data.tar.gz: '09d0983289499979e531740a2c39fb31793ab66640eb850b12c23e4f6b0c614af9a26403601a1289e8016bfbd0577e9524d70792559d7287953d8eb46f4b970b'
@@ -45,6 +45,6 @@ require_relative 'aws-sdk-guardduty/customizations'
45
45
  # @service
46
46
  module Aws::GuardDuty
47
47
 
48
- GEM_VERSION = '1.33.0'
48
+ GEM_VERSION = '1.34.0'
49
49
 
50
50
  end
@@ -637,7 +637,8 @@ module Aws::GuardDuty
637
637
  # The format of the file that contains the IPSet.
638
638
  #
639
639
  # @option params [required, String] :location
640
- # The URI of the file that contains the IPSet.
640
+ # The URI of the file that contains the IPSet. For example:
641
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
641
642
  #
642
643
  # @option params [required, Boolean] :activate
643
644
  # A Boolean value that indicates whether GuardDuty is to start using the
@@ -822,7 +823,8 @@ module Aws::GuardDuty
822
823
  # The format of the file that contains the ThreatIntelSet.
823
824
  #
824
825
  # @option params [required, String] :location
825
- # The URI of the file that contains the ThreatIntelSet.
826
+ # The URI of the file that contains the ThreatIntelSet. For example:
827
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
826
828
  #
827
829
  # @option params [required, Boolean] :activate
828
830
  # A Boolean value that indicates whether GuardDuty is to start using the
@@ -1422,6 +1424,30 @@ module Aws::GuardDuty
1422
1424
  # resp.findings[0].resource.access_key_details.principal_id #=> String
1423
1425
  # resp.findings[0].resource.access_key_details.user_name #=> String
1424
1426
  # resp.findings[0].resource.access_key_details.user_type #=> String
1427
+ # resp.findings[0].resource.s3_bucket_details #=> Array
1428
+ # resp.findings[0].resource.s3_bucket_details[0].arn #=> String
1429
+ # resp.findings[0].resource.s3_bucket_details[0].name #=> String
1430
+ # resp.findings[0].resource.s3_bucket_details[0].type #=> String
1431
+ # resp.findings[0].resource.s3_bucket_details[0].created_at #=> Time
1432
+ # resp.findings[0].resource.s3_bucket_details[0].owner.id #=> String
1433
+ # resp.findings[0].resource.s3_bucket_details[0].tags #=> Array
1434
+ # resp.findings[0].resource.s3_bucket_details[0].tags[0].key #=> String
1435
+ # resp.findings[0].resource.s3_bucket_details[0].tags[0].value #=> String
1436
+ # resp.findings[0].resource.s3_bucket_details[0].default_server_side_encryption.encryption_type #=> String
1437
+ # resp.findings[0].resource.s3_bucket_details[0].default_server_side_encryption.kms_master_key_arn #=> String
1438
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_read_access #=> Boolean
1439
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.access_control_list.allows_public_write_access #=> Boolean
1440
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_read_access #=> Boolean
1441
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.bucket_policy.allows_public_write_access #=> Boolean
1442
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.ignore_public_acls #=> Boolean
1443
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
1444
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_acls #=> Boolean
1445
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.bucket_level_permissions.block_public_access.block_public_policy #=> Boolean
1446
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.ignore_public_acls #=> Boolean
1447
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.restrict_public_buckets #=> Boolean
1448
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_acls #=> Boolean
1449
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.permission_configuration.account_level_permissions.block_public_access.block_public_policy #=> Boolean
1450
+ # resp.findings[0].resource.s3_bucket_details[0].public_access.effective_permission #=> String
1425
1451
  # resp.findings[0].resource.instance_details.availability_zone #=> String
1426
1452
  # resp.findings[0].resource.instance_details.iam_instance_profile.arn #=> String
1427
1453
  # resp.findings[0].resource.instance_details.iam_instance_profile.id #=> String
@@ -1946,8 +1972,6 @@ module Aws::GuardDuty
1946
1972
  #
1947
1973
  # * resource.instanceDetails.instanceId
1948
1974
  #
1949
- # * resource.instanceDetails.outpostArn
1950
- #
1951
1975
  # * resource.instanceDetails.networkInterfaces.ipv6Addresses
1952
1976
  #
1953
1977
  # * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
@@ -1998,8 +2022,6 @@ module Aws::GuardDuty
1998
2022
  #
1999
2023
  # * service.action.networkConnectionAction.protocol
2000
2024
  #
2001
- # * service.action.networkConnectionAction.localIpDetails.ipAddressV4
2002
- #
2003
2025
  # * service.action.networkConnectionAction.remoteIpDetails.city.cityName
2004
2026
  #
2005
2027
  # * service.action.networkConnectionAction.remoteIpDetails.country.countryName
@@ -2194,8 +2216,8 @@ module Aws::GuardDuty
2194
2216
  req.send_request(options)
2195
2217
  end
2196
2218
 
2197
- # Lists details about associated member accounts for the current
2198
- # GuardDuty master account.
2219
+ # Lists details about all member accounts for the current GuardDuty
2220
+ # master account.
2199
2221
  #
2200
2222
  # @option params [required, String] :detector_id
2201
2223
  # The unique ID of the detector the member is associated with.
@@ -2213,11 +2235,9 @@ module Aws::GuardDuty
2213
2235
  # data.
2214
2236
  #
2215
2237
  # @option params [String] :only_associated
2216
- # Specifies what member accounts the response includes based on their
2217
- # relationship status with the master account. The default value is
2218
- # "true". If set to "false" the response includes all existing
2219
- # member accounts (including members who haven't been invited yet or
2220
- # have been disassociated).
2238
+ # Specifies whether to only return associated members or to return all
2239
+ # members (including members who haven't been invited yet or have been
2240
+ # disassociated).
2221
2241
  #
2222
2242
  # @return [Types::ListMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2223
2243
  #
@@ -2733,7 +2753,8 @@ module Aws::GuardDuty
2733
2753
  # The unique ID that specifies the IPSet that you want to update.
2734
2754
  #
2735
2755
  # @option params [String] :location
2736
- # The updated URI of the file that contains the IPSet.
2756
+ # The updated URI of the file that contains the IPSet. For example:
2757
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
2737
2758
  #
2738
2759
  # @option params [Boolean] :activate
2739
2760
  # The updated Boolean value that specifies whether the IPSet is active
@@ -2838,7 +2859,8 @@ module Aws::GuardDuty
2838
2859
  # update.
2839
2860
  #
2840
2861
  # @option params [String] :location
2841
- # The updated URI of the file that contains the ThreateIntelSet.
2862
+ # The updated URI of the file that contains the ThreateIntelSet. For
2863
+ # example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
2842
2864
  #
2843
2865
  # @option params [Boolean] :activate
2844
2866
  # The updated Boolean value that specifies whether the ThreateIntelSet
@@ -2878,7 +2900,7 @@ module Aws::GuardDuty
2878
2900
  params: params,
2879
2901
  config: config)
2880
2902
  context[:gem_name] = 'aws-sdk-guardduty'
2881
- context[:gem_version] = '1.33.0'
2903
+ context[:gem_version] = '1.34.0'
2882
2904
  Seahorse::Client::Request.new(handlers, context)
2883
2905
  end
2884
2906
 
@@ -13,11 +13,13 @@ module Aws::GuardDuty
13
13
 
14
14
  AcceptInvitationRequest = Shapes::StructureShape.new(name: 'AcceptInvitationRequest')
15
15
  AcceptInvitationResponse = Shapes::StructureShape.new(name: 'AcceptInvitationResponse')
16
+ AccessControlList = Shapes::StructureShape.new(name: 'AccessControlList')
16
17
  AccessKeyDetails = Shapes::StructureShape.new(name: 'AccessKeyDetails')
17
18
  AccountDetail = Shapes::StructureShape.new(name: 'AccountDetail')
18
19
  AccountDetails = Shapes::ListShape.new(name: 'AccountDetails')
19
20
  AccountId = Shapes::StringShape.new(name: 'AccountId')
20
21
  AccountIds = Shapes::ListShape.new(name: 'AccountIds')
22
+ AccountLevelPermissions = Shapes::StructureShape.new(name: 'AccountLevelPermissions')
21
23
  Action = Shapes::StructureShape.new(name: 'Action')
22
24
  AdminAccount = Shapes::StructureShape.new(name: 'AdminAccount')
23
25
  AdminAccounts = Shapes::ListShape.new(name: 'AdminAccounts')
@@ -26,7 +28,10 @@ module Aws::GuardDuty
26
28
  ArchiveFindingsResponse = Shapes::StructureShape.new(name: 'ArchiveFindingsResponse')
27
29
  AwsApiCallAction = Shapes::StructureShape.new(name: 'AwsApiCallAction')
28
30
  BadRequestException = Shapes::StructureShape.new(name: 'BadRequestException')
31
+ BlockPublicAccess = Shapes::StructureShape.new(name: 'BlockPublicAccess')
29
32
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
33
+ BucketLevelPermissions = Shapes::StructureShape.new(name: 'BucketLevelPermissions')
34
+ BucketPolicy = Shapes::StructureShape.new(name: 'BucketPolicy')
30
35
  City = Shapes::StructureShape.new(name: 'City')
31
36
  ClientToken = Shapes::StringShape.new(name: 'ClientToken')
32
37
  Condition = Shapes::StructureShape.new(name: 'Condition')
@@ -49,6 +54,7 @@ module Aws::GuardDuty
49
54
  Criterion = Shapes::MapShape.new(name: 'Criterion')
50
55
  DeclineInvitationsRequest = Shapes::StructureShape.new(name: 'DeclineInvitationsRequest')
51
56
  DeclineInvitationsResponse = Shapes::StructureShape.new(name: 'DeclineInvitationsResponse')
57
+ DefaultServerSideEncryption = Shapes::StructureShape.new(name: 'DefaultServerSideEncryption')
52
58
  DeleteDetectorRequest = Shapes::StructureShape.new(name: 'DeleteDetectorRequest')
53
59
  DeleteDetectorResponse = Shapes::StructureShape.new(name: 'DeleteDetectorResponse')
54
60
  DeleteFilterRequest = Shapes::StructureShape.new(name: 'DeleteFilterRequest')
@@ -174,6 +180,8 @@ module Aws::GuardDuty
174
180
  NotEquals = Shapes::ListShape.new(name: 'NotEquals')
175
181
  OrderBy = Shapes::StringShape.new(name: 'OrderBy')
176
182
  Organization = Shapes::StructureShape.new(name: 'Organization')
183
+ Owner = Shapes::StructureShape.new(name: 'Owner')
184
+ PermissionConfiguration = Shapes::StructureShape.new(name: 'PermissionConfiguration')
177
185
  PortProbeAction = Shapes::StructureShape.new(name: 'PortProbeAction')
178
186
  PortProbeDetail = Shapes::StructureShape.new(name: 'PortProbeDetail')
179
187
  PortProbeDetails = Shapes::ListShape.new(name: 'PortProbeDetails')
@@ -181,10 +189,13 @@ module Aws::GuardDuty
181
189
  PrivateIpAddresses = Shapes::ListShape.new(name: 'PrivateIpAddresses')
182
190
  ProductCode = Shapes::StructureShape.new(name: 'ProductCode')
183
191
  ProductCodes = Shapes::ListShape.new(name: 'ProductCodes')
192
+ PublicAccess = Shapes::StructureShape.new(name: 'PublicAccess')
184
193
  PublishingStatus = Shapes::StringShape.new(name: 'PublishingStatus')
185
194
  RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
186
195
  RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
187
196
  Resource = Shapes::StructureShape.new(name: 'Resource')
197
+ S3BucketDetail = Shapes::StructureShape.new(name: 'S3BucketDetail')
198
+ S3BucketDetails = Shapes::ListShape.new(name: 'S3BucketDetails')
188
199
  SecurityGroup = Shapes::StructureShape.new(name: 'SecurityGroup')
189
200
  SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
190
201
  Service = Shapes::StructureShape.new(name: 'Service')
@@ -208,6 +219,7 @@ module Aws::GuardDuty
208
219
  ThreatIntelligenceDetail = Shapes::StructureShape.new(name: 'ThreatIntelligenceDetail')
209
220
  ThreatIntelligenceDetails = Shapes::ListShape.new(name: 'ThreatIntelligenceDetails')
210
221
  ThreatNames = Shapes::ListShape.new(name: 'ThreatNames')
222
+ Timestamp = Shapes::TimestampShape.new(name: 'Timestamp')
211
223
  UnarchiveFindingsRequest = Shapes::StructureShape.new(name: 'UnarchiveFindingsRequest')
212
224
  UnarchiveFindingsResponse = Shapes::StructureShape.new(name: 'UnarchiveFindingsResponse')
213
225
  UnprocessedAccount = Shapes::StructureShape.new(name: 'UnprocessedAccount')
@@ -236,6 +248,10 @@ module Aws::GuardDuty
236
248
 
237
249
  AcceptInvitationResponse.struct_class = Types::AcceptInvitationResponse
238
250
 
251
+ AccessControlList.add_member(:allows_public_read_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicReadAccess"))
252
+ AccessControlList.add_member(:allows_public_write_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicWriteAccess"))
253
+ AccessControlList.struct_class = Types::AccessControlList
254
+
239
255
  AccessKeyDetails.add_member(:access_key_id, Shapes::ShapeRef.new(shape: String, location_name: "accessKeyId"))
240
256
  AccessKeyDetails.add_member(:principal_id, Shapes::ShapeRef.new(shape: String, location_name: "principalId"))
241
257
  AccessKeyDetails.add_member(:user_name, Shapes::ShapeRef.new(shape: String, location_name: "userName"))
@@ -250,6 +266,9 @@ module Aws::GuardDuty
250
266
 
251
267
  AccountIds.member = Shapes::ShapeRef.new(shape: AccountId)
252
268
 
269
+ AccountLevelPermissions.add_member(:block_public_access, Shapes::ShapeRef.new(shape: BlockPublicAccess, location_name: "blockPublicAccess"))
270
+ AccountLevelPermissions.struct_class = Types::AccountLevelPermissions
271
+
253
272
  Action.add_member(:action_type, Shapes::ShapeRef.new(shape: String, location_name: "actionType"))
254
273
  Action.add_member(:aws_api_call_action, Shapes::ShapeRef.new(shape: AwsApiCallAction, location_name: "awsApiCallAction"))
255
274
  Action.add_member(:dns_request_action, Shapes::ShapeRef.new(shape: DnsRequestAction, location_name: "dnsRequestAction"))
@@ -280,6 +299,21 @@ module Aws::GuardDuty
280
299
  BadRequestException.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "__type"))
281
300
  BadRequestException.struct_class = Types::BadRequestException
282
301
 
302
+ BlockPublicAccess.add_member(:ignore_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "ignorePublicAcls"))
303
+ BlockPublicAccess.add_member(:restrict_public_buckets, Shapes::ShapeRef.new(shape: Boolean, location_name: "restrictPublicBuckets"))
304
+ BlockPublicAccess.add_member(:block_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "blockPublicAcls"))
305
+ BlockPublicAccess.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "blockPublicPolicy"))
306
+ BlockPublicAccess.struct_class = Types::BlockPublicAccess
307
+
308
+ BucketLevelPermissions.add_member(:access_control_list, Shapes::ShapeRef.new(shape: AccessControlList, location_name: "accessControlList"))
309
+ BucketLevelPermissions.add_member(:bucket_policy, Shapes::ShapeRef.new(shape: BucketPolicy, location_name: "bucketPolicy"))
310
+ BucketLevelPermissions.add_member(:block_public_access, Shapes::ShapeRef.new(shape: BlockPublicAccess, location_name: "blockPublicAccess"))
311
+ BucketLevelPermissions.struct_class = Types::BucketLevelPermissions
312
+
313
+ BucketPolicy.add_member(:allows_public_read_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicReadAccess"))
314
+ BucketPolicy.add_member(:allows_public_write_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "allowsPublicWriteAccess"))
315
+ BucketPolicy.struct_class = Types::BucketPolicy
316
+
283
317
  City.add_member(:city_name, Shapes::ShapeRef.new(shape: String, location_name: "cityName"))
284
318
  City.struct_class = Types::City
285
319
 
@@ -381,6 +415,10 @@ module Aws::GuardDuty
381
415
  DeclineInvitationsResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: UnprocessedAccounts, required: true, location_name: "unprocessedAccounts"))
382
416
  DeclineInvitationsResponse.struct_class = Types::DeclineInvitationsResponse
383
417
 
418
+ DefaultServerSideEncryption.add_member(:encryption_type, Shapes::ShapeRef.new(shape: String, location_name: "encryptionType"))
419
+ DefaultServerSideEncryption.add_member(:kms_master_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "kmsMasterKeyArn"))
420
+ DefaultServerSideEncryption.struct_class = Types::DefaultServerSideEncryption
421
+
384
422
  DeleteDetectorRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
385
423
  DeleteDetectorRequest.struct_class = Types::DeleteDetectorRequest
386
424
 
@@ -794,6 +832,13 @@ module Aws::GuardDuty
794
832
  Organization.add_member(:org, Shapes::ShapeRef.new(shape: String, location_name: "org"))
795
833
  Organization.struct_class = Types::Organization
796
834
 
835
+ Owner.add_member(:id, Shapes::ShapeRef.new(shape: String, location_name: "id"))
836
+ Owner.struct_class = Types::Owner
837
+
838
+ PermissionConfiguration.add_member(:bucket_level_permissions, Shapes::ShapeRef.new(shape: BucketLevelPermissions, location_name: "bucketLevelPermissions"))
839
+ PermissionConfiguration.add_member(:account_level_permissions, Shapes::ShapeRef.new(shape: AccountLevelPermissions, location_name: "accountLevelPermissions"))
840
+ PermissionConfiguration.struct_class = Types::PermissionConfiguration
841
+
797
842
  PortProbeAction.add_member(:blocked, Shapes::ShapeRef.new(shape: Boolean, location_name: "blocked"))
798
843
  PortProbeAction.add_member(:port_probe_details, Shapes::ShapeRef.new(shape: PortProbeDetails, location_name: "portProbeDetails"))
799
844
  PortProbeAction.struct_class = Types::PortProbeAction
@@ -817,6 +862,10 @@ module Aws::GuardDuty
817
862
 
818
863
  ProductCodes.member = Shapes::ShapeRef.new(shape: ProductCode)
819
864
 
865
+ PublicAccess.add_member(:permission_configuration, Shapes::ShapeRef.new(shape: PermissionConfiguration, location_name: "permissionConfiguration"))
866
+ PublicAccess.add_member(:effective_permission, Shapes::ShapeRef.new(shape: String, location_name: "effectivePermission"))
867
+ PublicAccess.struct_class = Types::PublicAccess
868
+
820
869
  RemoteIpDetails.add_member(:city, Shapes::ShapeRef.new(shape: City, location_name: "city"))
821
870
  RemoteIpDetails.add_member(:country, Shapes::ShapeRef.new(shape: Country, location_name: "country"))
822
871
  RemoteIpDetails.add_member(:geo_location, Shapes::ShapeRef.new(shape: GeoLocation, location_name: "geoLocation"))
@@ -829,10 +878,23 @@ module Aws::GuardDuty
829
878
  RemotePortDetails.struct_class = Types::RemotePortDetails
830
879
 
831
880
  Resource.add_member(:access_key_details, Shapes::ShapeRef.new(shape: AccessKeyDetails, location_name: "accessKeyDetails"))
881
+ Resource.add_member(:s3_bucket_details, Shapes::ShapeRef.new(shape: S3BucketDetails, location_name: "s3BucketDetails"))
832
882
  Resource.add_member(:instance_details, Shapes::ShapeRef.new(shape: InstanceDetails, location_name: "instanceDetails"))
833
883
  Resource.add_member(:resource_type, Shapes::ShapeRef.new(shape: String, location_name: "resourceType"))
834
884
  Resource.struct_class = Types::Resource
835
885
 
886
+ S3BucketDetail.add_member(:arn, Shapes::ShapeRef.new(shape: String, location_name: "arn"))
887
+ S3BucketDetail.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
888
+ S3BucketDetail.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "type"))
889
+ S3BucketDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
890
+ S3BucketDetail.add_member(:owner, Shapes::ShapeRef.new(shape: Owner, location_name: "owner"))
891
+ S3BucketDetail.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
892
+ S3BucketDetail.add_member(:default_server_side_encryption, Shapes::ShapeRef.new(shape: DefaultServerSideEncryption, location_name: "defaultServerSideEncryption"))
893
+ S3BucketDetail.add_member(:public_access, Shapes::ShapeRef.new(shape: PublicAccess, location_name: "publicAccess"))
894
+ S3BucketDetail.struct_class = Types::S3BucketDetail
895
+
896
+ S3BucketDetails.member = Shapes::ShapeRef.new(shape: S3BucketDetail)
897
+
836
898
  SecurityGroup.add_member(:group_id, Shapes::ShapeRef.new(shape: String, location_name: "groupId"))
837
899
  SecurityGroup.add_member(:group_name, Shapes::ShapeRef.new(shape: String, location_name: "groupName"))
838
900
  SecurityGroup.struct_class = Types::SecurityGroup
@@ -44,6 +44,27 @@ module Aws::GuardDuty
44
44
  #
45
45
  class AcceptInvitationResponse < Aws::EmptyStructure; end
46
46
 
47
+ # Contains information on the current access control policies for the
48
+ # bucket.
49
+ #
50
+ # @!attribute [rw] allows_public_read_access
51
+ # A value that indicates whether public read access for the bucket is
52
+ # enabled through an Access Control List (ACL).
53
+ # @return [Boolean]
54
+ #
55
+ # @!attribute [rw] allows_public_write_access
56
+ # A value that indicates whether public write access for the bucket is
57
+ # enabled through an Access Control List (ACL).
58
+ # @return [Boolean]
59
+ #
60
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AccessControlList AWS API Documentation
61
+ #
62
+ class AccessControlList < Struct.new(
63
+ :allows_public_read_access,
64
+ :allows_public_write_access)
65
+ include Aws::Structure
66
+ end
67
+
47
68
  # Contains information about the access keys.
48
69
  #
49
70
  # @!attribute [rw] access_key_id
@@ -98,6 +119,21 @@ module Aws::GuardDuty
98
119
  include Aws::Structure
99
120
  end
100
121
 
122
+ # Contains information about the account level permissions on the S3
123
+ # bucket.
124
+ #
125
+ # @!attribute [rw] block_public_access
126
+ # Describes the S3 Block Public Access settings of the bucket's
127
+ # parent account.
128
+ # @return [Types::BlockPublicAccess]
129
+ #
130
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AccountLevelPermissions AWS API Documentation
131
+ #
132
+ class AccountLevelPermissions < Struct.new(
133
+ :block_public_access)
134
+ include Aws::Structure
135
+ end
136
+
101
137
  # Contains information about actions.
102
138
  #
103
139
  # @!attribute [rw] action_type
@@ -233,6 +269,87 @@ module Aws::GuardDuty
233
269
  include Aws::Structure
234
270
  end
235
271
 
272
+ # Contains information on how the bucker owner's S3 Block Public Access
273
+ # settings are being applied to the S3 bucket. See [S3 Block Public
274
+ # Access][1] for more information.
275
+ #
276
+ #
277
+ #
278
+ # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
279
+ #
280
+ # @!attribute [rw] ignore_public_acls
281
+ # Indicates if S3 Block Public Access is set to `IgnorePublicAcls`.
282
+ # @return [Boolean]
283
+ #
284
+ # @!attribute [rw] restrict_public_buckets
285
+ # Indicates if S3 Block Public Access is set to
286
+ # `RestrictPublicBuckets`.
287
+ # @return [Boolean]
288
+ #
289
+ # @!attribute [rw] block_public_acls
290
+ # Indicates if S3 Block Public Access is set to `BlockPublicAcls`.
291
+ # @return [Boolean]
292
+ #
293
+ # @!attribute [rw] block_public_policy
294
+ # Indicates if S3 Block Public Access is set to `BlockPublicPolicy`.
295
+ # @return [Boolean]
296
+ #
297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BlockPublicAccess AWS API Documentation
298
+ #
299
+ class BlockPublicAccess < Struct.new(
300
+ :ignore_public_acls,
301
+ :restrict_public_buckets,
302
+ :block_public_acls,
303
+ :block_public_policy)
304
+ include Aws::Structure
305
+ end
306
+
307
+ # Contains information about the bucket level permissions for the S3
308
+ # bucket.
309
+ #
310
+ # @!attribute [rw] access_control_list
311
+ # Contains information on how Access Control Policies are applied to
312
+ # the bucket.
313
+ # @return [Types::AccessControlList]
314
+ #
315
+ # @!attribute [rw] bucket_policy
316
+ # Contains information on the bucket policies for the S3 bucket.
317
+ # @return [Types::BucketPolicy]
318
+ #
319
+ # @!attribute [rw] block_public_access
320
+ # Contains information on which account level S3 Block Public Access
321
+ # settings are applied to the S3 bucket.
322
+ # @return [Types::BlockPublicAccess]
323
+ #
324
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BucketLevelPermissions AWS API Documentation
325
+ #
326
+ class BucketLevelPermissions < Struct.new(
327
+ :access_control_list,
328
+ :bucket_policy,
329
+ :block_public_access)
330
+ include Aws::Structure
331
+ end
332
+
333
+ # Contains information on the current bucket policies for the S3 bucket.
334
+ #
335
+ # @!attribute [rw] allows_public_read_access
336
+ # A value that indicates whether public read access for the bucket is
337
+ # enabled through a bucket policy.
338
+ # @return [Boolean]
339
+ #
340
+ # @!attribute [rw] allows_public_write_access
341
+ # A value that indicates whether public write access for the bucket is
342
+ # enabled through a bucket policy.
343
+ # @return [Boolean]
344
+ #
345
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/BucketPolicy AWS API Documentation
346
+ #
347
+ class BucketPolicy < Struct.new(
348
+ :allows_public_read_access,
349
+ :allows_public_write_access)
350
+ include Aws::Structure
351
+ end
352
+
236
353
  # Contains information about the city associated with the IP address.
237
354
  #
238
355
  # @!attribute [rw] city_name
@@ -658,7 +775,8 @@ module Aws::GuardDuty
658
775
  # @return [String]
659
776
  #
660
777
  # @!attribute [rw] location
661
- # The URI of the file that contains the IPSet.
778
+ # The URI of the file that contains the IPSet. For example:
779
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
662
780
  # @return [String]
663
781
  #
664
782
  # @!attribute [rw] activate
@@ -859,7 +977,8 @@ module Aws::GuardDuty
859
977
  # @return [String]
860
978
  #
861
979
  # @!attribute [rw] location
862
- # The URI of the file that contains the ThreatIntelSet.
980
+ # The URI of the file that contains the ThreatIntelSet. For example:
981
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
863
982
  # @return [String]
864
983
  #
865
984
  # @!attribute [rw] activate
@@ -934,6 +1053,30 @@ module Aws::GuardDuty
934
1053
  include Aws::Structure
935
1054
  end
936
1055
 
1056
+ # Contains information on the server side encryption method used in the
1057
+ # S3 bucket. See [S3 Server-Side Encryption][1] for more information.
1058
+ #
1059
+ #
1060
+ #
1061
+ # [1]: https://docs.aws.amazon.com/AmazonS3/atest/dev/serv-side-encryption.html
1062
+ #
1063
+ # @!attribute [rw] encryption_type
1064
+ # The type of encryption used for objects within the S3 bucket.
1065
+ # @return [String]
1066
+ #
1067
+ # @!attribute [rw] kms_master_key_arn
1068
+ # The Amazon Resource Name (ARN) of the KMS encryption key. Only
1069
+ # available if the bucket `EncryptionType` is `aws:kms`.
1070
+ # @return [String]
1071
+ #
1072
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DefaultServerSideEncryption AWS API Documentation
1073
+ #
1074
+ class DefaultServerSideEncryption < Struct.new(
1075
+ :encryption_type,
1076
+ :kms_master_key_arn)
1077
+ include Aws::Structure
1078
+ end
1079
+
937
1080
  # @note When making an API call, you may pass DeleteDetectorRequest
938
1081
  # data as a hash:
939
1082
  #
@@ -1841,7 +1984,8 @@ module Aws::GuardDuty
1841
1984
  # @return [String]
1842
1985
  #
1843
1986
  # @!attribute [rw] location
1844
- # The URI of the file that contains the IPSet.
1987
+ # The URI of the file that contains the IPSet. For example:
1988
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
1845
1989
  # @return [String]
1846
1990
  #
1847
1991
  # @!attribute [rw] status
@@ -1988,7 +2132,8 @@ module Aws::GuardDuty
1988
2132
  # @return [String]
1989
2133
  #
1990
2134
  # @!attribute [rw] location
1991
- # The URI of the file that contains the ThreatIntelSet.
2135
+ # The URI of the file that contains the ThreatIntelSet. For example:
2136
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
1992
2137
  # @return [String]
1993
2138
  #
1994
2139
  # @!attribute [rw] status
@@ -2367,8 +2512,6 @@ module Aws::GuardDuty
2367
2512
  #
2368
2513
  # * resource.instanceDetails.instanceId
2369
2514
  #
2370
- # * resource.instanceDetails.outpostArn
2371
- #
2372
2515
  # * resource.instanceDetails.networkInterfaces.ipv6Addresses
2373
2516
  #
2374
2517
  # * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
@@ -2419,8 +2562,6 @@ module Aws::GuardDuty
2419
2562
  #
2420
2563
  # * service.action.networkConnectionAction.protocol
2421
2564
  #
2422
- # * service.action.networkConnectionAction.localIpDetails.ipAddressV4
2423
- #
2424
2565
  # * service.action.networkConnectionAction.remoteIpDetails.city.cityName
2425
2566
  #
2426
2567
  # * service.action.networkConnectionAction.remoteIpDetails.country.countryName
@@ -2628,11 +2769,9 @@ module Aws::GuardDuty
2628
2769
  # @return [String]
2629
2770
  #
2630
2771
  # @!attribute [rw] only_associated
2631
- # Specifies what member accounts the response includes based on their
2632
- # relationship status with the master account. The default value is
2633
- # "true". If set to "false" the response includes all existing
2634
- # member accounts (including members who haven't been invited yet or
2635
- # have been disassociated).
2772
+ # Specifies whether to only return associated members or to return all
2773
+ # members (including members who haven't been invited yet or have
2774
+ # been disassociated).
2636
2775
  # @return [String]
2637
2776
  #
2638
2777
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembersRequest AWS API Documentation
@@ -3083,6 +3222,46 @@ module Aws::GuardDuty
3083
3222
  include Aws::Structure
3084
3223
  end
3085
3224
 
3225
+ # Contains information on the owner of the bucket.
3226
+ #
3227
+ # @!attribute [rw] id
3228
+ # The canonical user ID of the bucket owner. For information about
3229
+ # locating your canonical user ID see [Finding Your Account Canonical
3230
+ # User ID.][1]
3231
+ #
3232
+ #
3233
+ #
3234
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html#FindingCanonicalId
3235
+ # @return [String]
3236
+ #
3237
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Owner AWS API Documentation
3238
+ #
3239
+ class Owner < Struct.new(
3240
+ :id)
3241
+ include Aws::Structure
3242
+ end
3243
+
3244
+ # Contains information about how permissions are configured for the S3
3245
+ # bucket.
3246
+ #
3247
+ # @!attribute [rw] bucket_level_permissions
3248
+ # Contains information about the bucket level permissions for the S3
3249
+ # bucket.
3250
+ # @return [Types::BucketLevelPermissions]
3251
+ #
3252
+ # @!attribute [rw] account_level_permissions
3253
+ # Contains information about the account level permissions on the S3
3254
+ # bucket.
3255
+ # @return [Types::AccountLevelPermissions]
3256
+ #
3257
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/PermissionConfiguration AWS API Documentation
3258
+ #
3259
+ class PermissionConfiguration < Struct.new(
3260
+ :bucket_level_permissions,
3261
+ :account_level_permissions)
3262
+ include Aws::Structure
3263
+ end
3264
+
3086
3265
  # Contains information about the PORT\_PROBE action described in the
3087
3266
  # finding.
3088
3267
  #
@@ -3162,6 +3341,26 @@ module Aws::GuardDuty
3162
3341
  include Aws::Structure
3163
3342
  end
3164
3343
 
3344
+ # Describes the public access policies that apply to the S3 bucket.
3345
+ #
3346
+ # @!attribute [rw] permission_configuration
3347
+ # Contains information about how permissions are configured for the S3
3348
+ # bucket.
3349
+ # @return [Types::PermissionConfiguration]
3350
+ #
3351
+ # @!attribute [rw] effective_permission
3352
+ # Describes the effective permission on this bucket after factoring
3353
+ # all attached policies.
3354
+ # @return [String]
3355
+ #
3356
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/PublicAccess AWS API Documentation
3357
+ #
3358
+ class PublicAccess < Struct.new(
3359
+ :permission_configuration,
3360
+ :effective_permission)
3361
+ include Aws::Structure
3362
+ end
3363
+
3165
3364
  # Contains information about the remote IP address of the connection.
3166
3365
  #
3167
3366
  # @!attribute [rw] city
@@ -3222,6 +3421,10 @@ module Aws::GuardDuty
3222
3421
  # finding.
3223
3422
  # @return [Types::AccessKeyDetails]
3224
3423
  #
3424
+ # @!attribute [rw] s3_bucket_details
3425
+ # Contains information on the S3 bucket.
3426
+ # @return [Array<Types::S3BucketDetail>]
3427
+ #
3225
3428
  # @!attribute [rw] instance_details
3226
3429
  # The information about the EC2 instance associated with the activity
3227
3430
  # that prompted GuardDuty to generate a finding.
@@ -3235,11 +3438,58 @@ module Aws::GuardDuty
3235
3438
  #
3236
3439
  class Resource < Struct.new(
3237
3440
  :access_key_details,
3441
+ :s3_bucket_details,
3238
3442
  :instance_details,
3239
3443
  :resource_type)
3240
3444
  include Aws::Structure
3241
3445
  end
3242
3446
 
3447
+ # @!attribute [rw] arn
3448
+ # The Amazon Resource Name (ARN) of the S3 bucket.
3449
+ # @return [String]
3450
+ #
3451
+ # @!attribute [rw] name
3452
+ # The name of the S3 bucket.
3453
+ # @return [String]
3454
+ #
3455
+ # @!attribute [rw] type
3456
+ # Describes whether the bucket is a source or destination bucket.
3457
+ # @return [String]
3458
+ #
3459
+ # @!attribute [rw] created_at
3460
+ # The date and time the bucket was created at.
3461
+ # @return [Time]
3462
+ #
3463
+ # @!attribute [rw] owner
3464
+ # The owner of the S3 bucket.
3465
+ # @return [Types::Owner]
3466
+ #
3467
+ # @!attribute [rw] tags
3468
+ # All tags attached to the S3 bucket
3469
+ # @return [Array<Types::Tag>]
3470
+ #
3471
+ # @!attribute [rw] default_server_side_encryption
3472
+ # Describes the server side encryption method used in the S3 bucket.
3473
+ # @return [Types::DefaultServerSideEncryption]
3474
+ #
3475
+ # @!attribute [rw] public_access
3476
+ # Describes the public access policies that apply to the S3 bucket.
3477
+ # @return [Types::PublicAccess]
3478
+ #
3479
+ # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3BucketDetail AWS API Documentation
3480
+ #
3481
+ class S3BucketDetail < Struct.new(
3482
+ :arn,
3483
+ :name,
3484
+ :type,
3485
+ :created_at,
3486
+ :owner,
3487
+ :tags,
3488
+ :default_server_side_encryption,
3489
+ :public_access)
3490
+ include Aws::Structure
3491
+ end
3492
+
3243
3493
  # Contains information about the security groups associated with the EC2
3244
3494
  # instance.
3245
3495
  #
@@ -3748,7 +3998,8 @@ module Aws::GuardDuty
3748
3998
  # @return [String]
3749
3999
  #
3750
4000
  # @!attribute [rw] location
3751
- # The updated URI of the file that contains the IPSet.
4001
+ # The updated URI of the file that contains the IPSet. For example:
4002
+ # https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
3752
4003
  # @return [String]
3753
4004
  #
3754
4005
  # @!attribute [rw] activate
@@ -3866,7 +4117,8 @@ module Aws::GuardDuty
3866
4117
  # @return [String]
3867
4118
  #
3868
4119
  # @!attribute [rw] location
3869
- # The updated URI of the file that contains the ThreateIntelSet.
4120
+ # The updated URI of the file that contains the ThreateIntelSet. For
4121
+ # example: https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
3870
4122
  # @return [String]
3871
4123
  #
3872
4124
  # @!attribute [rw] activate
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-guardduty
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.33.0
4
+ version: 1.34.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-28 00:00:00.000000000 Z
11
+ date: 2020-06-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core