aws-sdk-guardduty 1.35.1 → 1.40.0

data/lib/aws-sdk-guardduty/errors.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:

data/lib/aws-sdk-guardduty/resource.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:

data/lib/aws-sdk-guardduty/types.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
@@ -37,6 +39,7 @@ module Aws::GuardDuty
       :detector_id,
       :master_id,
       :invitation_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -62,6 +65,7 @@ module Aws::GuardDuty
     class AccessControlList < Struct.new(
       :allows_public_read_access,
       :allows_public_write_access)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -90,6 +94,7 @@ module Aws::GuardDuty
       :principal_id,
       :user_name,
       :user_type)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -116,6 +121,7 @@ module Aws::GuardDuty
     class AccountDetail < Struct.new(
       :account_id,
       :email)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -131,6 +137,7 @@ module Aws::GuardDuty
     #
     class AccountLevelPermissions < Struct.new(
       :block_public_access)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -166,6 +173,7 @@ module Aws::GuardDuty
       :dns_request_action,
       :network_connection_action,
       :port_probe_action)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -186,6 +194,7 @@ module Aws::GuardDuty
     class AdminAccount < Struct.new(
       :admin_account_id,
       :admin_status)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -211,6 +220,7 @@ module Aws::GuardDuty
     class ArchiveFindingsRequest < Struct.new(
       :detector_id,
       :finding_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -218,7 +228,7 @@ module Aws::GuardDuty
     #
     class ArchiveFindingsResponse < Aws::EmptyStructure; end
 
-    # Contains information about the API operation.
+    # Contains information about the API action.
     #
     # @!attribute [rw] api
     #   The AWS API name.
@@ -232,8 +242,13 @@ module Aws::GuardDuty
     #   The domain information for the AWS API call.
     #   @return [Types::DomainDetails]
     #
+    # @!attribute [rw] error_code
+    #   The error code of the failed AWS API action.
+    #   @return [String]
+    #
     # @!attribute [rw] remote_ip_details
-    #   The remote IP information of the connection.
+    #   The remote IP information of the connection that initiated the AWS
+    #   API call.
     #   @return [Types::RemoteIpDetails]
     #
     # @!attribute [rw] service_name
@@ -246,8 +261,10 @@ module Aws::GuardDuty
       :api,
       :caller_type,
       :domain_details,
+      :error_code,
       :remote_ip_details,
       :service_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -266,6 +283,7 @@ module Aws::GuardDuty
     class BadRequestException < Struct.new(
       :message,
       :type)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -301,6 +319,7 @@ module Aws::GuardDuty
       :restrict_public_buckets,
       :block_public_acls,
       :block_public_policy)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -327,6 +346,7 @@ module Aws::GuardDuty
       :access_control_list,
       :bucket_policy,
       :block_public_access)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -347,6 +367,7 @@ module Aws::GuardDuty
     class BucketPolicy < Struct.new(
       :allows_public_read_access,
       :allows_public_write_access)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -360,6 +381,23 @@ module Aws::GuardDuty
     #
     class City < Struct.new(
       :city_name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the status of CloudTrail as a data source for
+    # the detector.
+    #
+    # @!attribute [rw] status
+    #   Describes whether CloudTrail is enabled as a data source for the
+    #   detector.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CloudTrailConfigurationResult AWS API Documentation
+    #
+    class CloudTrailConfigurationResult < Struct.new(
+      :status)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -458,6 +496,7 @@ module Aws::GuardDuty
       :greater_than_or_equal,
       :less_than,
       :less_than_or_equal)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -477,6 +516,7 @@ module Aws::GuardDuty
     class Country < Struct.new(
       :country_code,
       :country_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -487,6 +527,11 @@ module Aws::GuardDuty
     #         enable: false, # required
     #         client_token: "ClientToken",
     #         finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
+    #         data_sources: {
+    #           s3_logs: {
+    #             enable: false, # required
+    #           },
+    #         },
     #         tags: {
     #           "TagKey" => "TagValue",
     #         },
@@ -509,6 +554,11 @@ module Aws::GuardDuty
     #   exported.
     #   @return [String]
     #
+    # @!attribute [rw] data_sources
+    #   An object that describes which data sources will be enabled for the
+    #   detector.
+    #   @return [Types::DataSourceConfigurations]
+    #
     # @!attribute [rw] tags
     #   The tags to be added to a new detector resource.
     #   @return [Hash<String,String>]
@@ -519,7 +569,9 @@ module Aws::GuardDuty
       :enable,
       :client_token,
       :finding_publishing_frequency,
+      :data_sources,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -531,6 +583,7 @@ module Aws::GuardDuty
     #
     class CreateDetectorResponse < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -729,6 +782,7 @@ module Aws::GuardDuty
       :finding_criteria,
       :client_token,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -740,6 +794,7 @@ module Aws::GuardDuty
     #
     class CreateFilterResponse < Struct.new(
       :name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -805,6 +860,7 @@ module Aws::GuardDuty
       :activate,
       :client_token,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -816,6 +872,7 @@ module Aws::GuardDuty
     #
     class CreateIPSetResponse < Struct.new(
       :ip_set_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -847,6 +904,7 @@ module Aws::GuardDuty
     class CreateMembersRequest < Struct.new(
       :detector_id,
       :account_details)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -859,6 +917,7 @@ module Aws::GuardDuty
     #
     class CreateMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -904,6 +963,7 @@ module Aws::GuardDuty
       :destination_type,
       :destination_properties,
       :client_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -915,6 +975,7 @@ module Aws::GuardDuty
     #
     class CreatePublishingDestinationResponse < Struct.new(
       :destination_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -939,6 +1000,7 @@ module Aws::GuardDuty
     class CreateSampleFindingsRequest < Struct.new(
       :detector_id,
       :finding_types)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1007,6 +1069,7 @@ module Aws::GuardDuty
       :activate,
       :client_token,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1018,6 +1081,77 @@ module Aws::GuardDuty
     #
     class CreateThreatIntelSetResponse < Struct.new(
       :threat_intel_set_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the status of DNS logs as a data source.
+    #
+    # @!attribute [rw] status
+    #   Denotes whether DNS logs is enabled as a data source.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DNSLogsConfigurationResult AWS API Documentation
+    #
+    class DNSLogsConfigurationResult < Struct.new(
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information about which data sources are enabled.
+    #
+    # @note When making an API call, you may pass DataSourceConfigurations
+    #   data as a hash:
+    #
+    #       {
+    #         s3_logs: {
+    #           enable: false, # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] s3_logs
+    #   Describes whether S3 data event logs are enabled as a data source.
+    #   @return [Types::S3LogsConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurations AWS API Documentation
+    #
+    class DataSourceConfigurations < Struct.new(
+      :s3_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the status of data sources for the detector.
+    #
+    # @!attribute [rw] cloud_trail
+    #   An object that contains information on the status of CloudTrail as a
+    #   data source.
+    #   @return [Types::CloudTrailConfigurationResult]
+    #
+    # @!attribute [rw] dns_logs
+    #   An object that contains information on the status of DNS logs as a
+    #   data source.
+    #   @return [Types::DNSLogsConfigurationResult]
+    #
+    # @!attribute [rw] flow_logs
+    #   An object that contains information on the status of VPC flow logs
+    #   as a data source.
+    #   @return [Types::FlowLogsConfigurationResult]
+    #
+    # @!attribute [rw] s3_logs
+    #   An object that contains information on the status of S3 Data event
+    #   logs as a data source.
+    #   @return [Types::S3LogsConfigurationResult]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurationsResult AWS API Documentation
+    #
+    class DataSourceConfigurationsResult < Struct.new(
+      :cloud_trail,
+      :dns_logs,
+      :flow_logs,
+      :s3_logs)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1038,6 +1172,7 @@ module Aws::GuardDuty
     #
     class DeclineInvitationsRequest < Struct.new(
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1050,6 +1185,7 @@ module Aws::GuardDuty
     #
     class DeclineInvitationsResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1058,7 +1194,7 @@ module Aws::GuardDuty
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/AmazonS3/atest/dev/serv-side-encryption.html
+    # [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
     #
     # @!attribute [rw] encryption_type
     #   The type of encryption used for objects within the S3 bucket.
@@ -1074,6 +1210,7 @@ module Aws::GuardDuty
     class DefaultServerSideEncryption < Struct.new(
       :encryption_type,
       :kms_master_key_arn)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1092,6 +1229,7 @@ module Aws::GuardDuty
     #
     class DeleteDetectorRequest < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1120,6 +1258,7 @@ module Aws::GuardDuty
     class DeleteFilterRequest < Struct.new(
       :detector_id,
       :filter_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1148,6 +1287,7 @@ module Aws::GuardDuty
     class DeleteIPSetRequest < Struct.new(
       :detector_id,
       :ip_set_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1171,6 +1311,7 @@ module Aws::GuardDuty
     #
     class DeleteInvitationsRequest < Struct.new(
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1183,6 +1324,7 @@ module Aws::GuardDuty
     #
     class DeleteInvitationsResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1209,6 +1351,7 @@ module Aws::GuardDuty
     class DeleteMembersRequest < Struct.new(
       :detector_id,
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1220,6 +1363,7 @@ module Aws::GuardDuty
     #
     class DeleteMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1245,6 +1389,7 @@ module Aws::GuardDuty
     class DeletePublishingDestinationRequest < Struct.new(
       :detector_id,
       :destination_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1274,6 +1419,7 @@ module Aws::GuardDuty
     class DeleteThreatIntelSetRequest < Struct.new(
       :detector_id,
       :threat_intel_set_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1297,6 +1443,7 @@ module Aws::GuardDuty
     #
     class DescribeOrganizationConfigurationRequest < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1310,11 +1457,18 @@ module Aws::GuardDuty
     #   already associated with the delegated administrator master account.
     #   @return [Boolean]
     #
+    # @!attribute [rw] data_sources
+    #   An object that describes which data sources are enabled
+    #   automatically for member accounts.
+    #   @return [Types::OrganizationDataSourceConfigurationsResult]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfigurationResponse AWS API Documentation
     #
     class DescribeOrganizationConfigurationResponse < Struct.new(
       :auto_enable,
-      :member_account_limit_reached)
+      :member_account_limit_reached,
+      :data_sources)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1340,6 +1494,7 @@ module Aws::GuardDuty
     class DescribePublishingDestinationRequest < Struct.new(
       :detector_id,
       :destination_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1374,6 +1529,7 @@ module Aws::GuardDuty
       :status,
       :publishing_failure_start_timestamp,
       :destination_properties)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1399,6 +1555,7 @@ module Aws::GuardDuty
       :destination_id,
       :destination_type,
       :status)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1427,6 +1584,7 @@ module Aws::GuardDuty
     class DestinationProperties < Struct.new(
       :destination_arn,
       :kms_key_arn)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1446,6 +1604,7 @@ module Aws::GuardDuty
     #
     class DisableOrganizationAdminAccountRequest < Struct.new(
       :admin_account_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1468,6 +1627,7 @@ module Aws::GuardDuty
     #
     class DisassociateFromMasterAccountRequest < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1498,6 +1658,7 @@ module Aws::GuardDuty
     class DisassociateMembersRequest < Struct.new(
       :detector_id,
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1510,6 +1671,7 @@ module Aws::GuardDuty
     #
     class DisassociateMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1524,6 +1686,7 @@ module Aws::GuardDuty
     #
     class DnsRequestAction < Struct.new(
       :domain)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1537,6 +1700,7 @@ module Aws::GuardDuty
     #
     class DomainDetails < Struct.new(
       :domain)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1556,6 +1720,7 @@ module Aws::GuardDuty
     #
     class EnableOrganizationAdminAccountRequest < Struct.new(
       :admin_account_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1573,6 +1738,7 @@ module Aws::GuardDuty
     #
     class Evidence < Struct.new(
       :threat_intelligence_details)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1658,6 +1824,7 @@ module Aws::GuardDuty
       :title,
       :type,
       :updated_at)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1694,6 +1861,7 @@ module Aws::GuardDuty
     #
     class FindingCriteria < Struct.new(
       :criterion)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1708,6 +1876,21 @@ module Aws::GuardDuty
     #
     class FindingStatistics < Struct.new(
       :count_by_severity)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the status of VPC flow logs as a data source.
+    #
+    # @!attribute [rw] status
+    #   Denotes whether VPC flow logs is enabled as a data source.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/FlowLogsConfigurationResult AWS API Documentation
+    #
+    class FlowLogsConfigurationResult < Struct.new(
+      :status)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1726,6 +1909,7 @@ module Aws::GuardDuty
     class GeoLocation < Struct.new(
       :lat,
       :lon)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1744,6 +1928,7 @@ module Aws::GuardDuty
     #
     class GetDetectorRequest < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1767,6 +1952,11 @@ module Aws::GuardDuty
     #   The last-updated timestamp for the detector.
     #   @return [String]
     #
+    # @!attribute [rw] data_sources
+    #   An object that describes which data sources are enabled for the
+    #   detector.
+    #   @return [Types::DataSourceConfigurationsResult]
+    #
     # @!attribute [rw] tags
     #   The tags of the detector resource.
     #   @return [Hash<String,String>]
@@ -1779,7 +1969,9 @@ module Aws::GuardDuty
       :service_role,
       :status,
       :updated_at,
+      :data_sources,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1804,6 +1996,7 @@ module Aws::GuardDuty
     class GetFilterRequest < Struct.new(
       :detector_id,
       :filter_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1844,6 +2037,7 @@ module Aws::GuardDuty
       :rank,
       :finding_criteria,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1878,6 +2072,7 @@ module Aws::GuardDuty
       :detector_id,
       :finding_ids,
       :sort_criteria)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1889,6 +2084,7 @@ module Aws::GuardDuty
     #
     class GetFindingsResponse < Struct.new(
       :findings)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1937,6 +2133,7 @@ module Aws::GuardDuty
       :detector_id,
       :finding_statistic_types,
       :finding_criteria)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1948,6 +2145,7 @@ module Aws::GuardDuty
     #
     class GetFindingsStatisticsResponse < Struct.new(
       :finding_statistics)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -1972,6 +2170,7 @@ module Aws::GuardDuty
     class GetIPSetRequest < Struct.new(
       :detector_id,
       :ip_set_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2004,6 +2203,7 @@ module Aws::GuardDuty
       :location,
       :status,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2021,6 +2221,7 @@ module Aws::GuardDuty
     #
     class GetInvitationsCountResponse < Struct.new(
       :invitations_count)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2039,6 +2240,7 @@ module Aws::GuardDuty
     #
     class GetMasterAccountRequest < Struct.new(
       :detector_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2050,6 +2252,51 @@ module Aws::GuardDuty
     #
     class GetMasterAccountResponse < Struct.new(
       :master)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetMemberDetectorsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         detector_id: "DetectorId", # required
+    #         account_ids: ["AccountId"], # required
+    #       }
+    #
+    # @!attribute [rw] detector_id
+    #   The detector ID for the master account.
+    #   @return [String]
+    #
+    # @!attribute [rw] account_ids
+    #   The account ID of the member account.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMemberDetectorsRequest AWS API Documentation
+    #
+    class GetMemberDetectorsRequest < Struct.new(
+      :detector_id,
+      :account_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] member_data_source_configurations
+    #   An object that describes which data sources are enabled for a member
+    #   account.
+    #   @return [Array<Types::MemberDataSourceConfiguration>]
+    #
+    # @!attribute [rw] unprocessed_accounts
+    #   A list of member account IDs that were unable to be processed along
+    #   with an explanation for why they were not processed.
+    #   @return [Array<Types::UnprocessedAccount>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMemberDetectorsResponse AWS API Documentation
+    #
+    class GetMemberDetectorsResponse < Struct.new(
+      :member_data_source_configurations,
+      :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2076,6 +2323,7 @@ module Aws::GuardDuty
     class GetMembersRequest < Struct.new(
       :detector_id,
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2093,6 +2341,7 @@ module Aws::GuardDuty
     class GetMembersResponse < Struct.new(
       :members,
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2118,6 +2367,7 @@ module Aws::GuardDuty
     class GetThreatIntelSetRequest < Struct.new(
       :detector_id,
       :threat_intel_set_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2152,6 +2402,85 @@ module Aws::GuardDuty
       :location,
       :status,
       :tags)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetUsageStatisticsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         detector_id: "DetectorId", # required
+    #         usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
+    #         usage_criteria: { # required
+    #           account_ids: ["AccountId"],
+    #           data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #           resources: ["String"],
+    #         },
+    #         unit: "String",
+    #         max_results: 1,
+    #         next_token: "String",
+    #       }
+    #
+    # @!attribute [rw] detector_id
+    #   The ID of the detector that specifies the GuardDuty service whose
+    #   usage statistics you want to retrieve.
+    #   @return [String]
+    #
+    # @!attribute [rw] usage_statistic_type
+    #   The type of usage statistics to retrieve.
+    #   @return [String]
+    #
+    # @!attribute [rw] usage_criteria
+    #   Represents the criteria used for querying usage.
+    #   @return [Types::UsageCriteria]
+    #
+    # @!attribute [rw] unit
+    #   The currency unit you would like to view your usage statistics in.
+    #   Current valid values are USD.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return in the response.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   A token to use for paginating results that are returned in the
+    #   response. Set the value of this parameter to null for the first
+    #   request to a list action. For subsequent calls, use the NextToken
+    #   value returned from the previous request to continue listing results
+    #   after the first page.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatisticsRequest AWS API Documentation
+    #
+    class GetUsageStatisticsRequest < Struct.new(
+      :detector_id,
+      :usage_statistic_type,
+      :usage_criteria,
+      :unit,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] usage_statistics
+    #   The usage statistics object. If a UsageStatisticType was provided,
+    #   the objects representing other types will be null.
+    #   @return [Types::UsageStatistics]
+    #
+    # @!attribute [rw] next_token
+    #   The pagination parameter to be used on the next list operation to
+    #   retrieve more items.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatisticsResponse AWS API Documentation
+    #
+    class GetUsageStatisticsResponse < Struct.new(
+      :usage_statistics,
+      :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2170,6 +2499,7 @@ module Aws::GuardDuty
     class IamInstanceProfile < Struct.new(
       :arn,
       :id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2244,6 +2574,7 @@ module Aws::GuardDuty
       :platform,
       :product_codes,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2262,6 +2593,7 @@ module Aws::GuardDuty
     class InternalServerErrorException < Struct.new(
       :message,
       :type)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2292,6 +2624,7 @@ module Aws::GuardDuty
       :invitation_id,
       :relationship_status,
       :invited_at)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2317,13 +2650,13 @@ module Aws::GuardDuty
     #
     # @!attribute [rw] disable_email_notification
     #   A Boolean value that specifies whether you want to disable email
-    #   notification to the accounts that you’re inviting to GuardDuty as
+    #   notification to the accounts that you are inviting to GuardDuty as
     #   members.
     #   @return [Boolean]
     #
     # @!attribute [rw] message
     #   The invitation message that you want to send to the accounts that
-    #   you’re inviting to GuardDuty as members.
+    #   you're inviting to GuardDuty as members.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InviteMembersRequest AWS API Documentation
@@ -2333,6 +2666,7 @@ module Aws::GuardDuty
       :account_ids,
       :disable_email_notification,
       :message)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2345,6 +2679,7 @@ module Aws::GuardDuty
     #
     class InviteMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2375,6 +2710,7 @@ module Aws::GuardDuty
     class ListDetectorsRequest < Struct.new(
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2392,6 +2728,7 @@ module Aws::GuardDuty
     class ListDetectorsResponse < Struct.new(
       :detector_ids,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2428,6 +2765,7 @@ module Aws::GuardDuty
       :detector_id,
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2445,6 +2783,7 @@ module Aws::GuardDuty
     class ListFiltersResponse < Struct.new(
       :filter_names,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2620,6 +2959,7 @@ module Aws::GuardDuty
       :sort_criteria,
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2637,6 +2977,7 @@ module Aws::GuardDuty
     class ListFindingsResponse < Struct.new(
       :finding_ids,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2673,6 +3014,7 @@ module Aws::GuardDuty
       :detector_id,
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2690,6 +3032,7 @@ module Aws::GuardDuty
     class ListIPSetsResponse < Struct.new(
       :ip_set_ids,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2720,6 +3063,7 @@ module Aws::GuardDuty
     class ListInvitationsRequest < Struct.new(
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2737,6 +3081,7 @@ module Aws::GuardDuty
     class ListInvitationsResponse < Struct.new(
       :invitations,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2781,6 +3126,7 @@ module Aws::GuardDuty
       :max_results,
       :next_token,
       :only_associated)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2798,6 +3144,7 @@ module Aws::GuardDuty
     class ListMembersResponse < Struct.new(
       :members,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2826,6 +3173,7 @@ module Aws::GuardDuty
     class ListOrganizationAdminAccountsRequest < Struct.new(
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2844,6 +3192,7 @@ module Aws::GuardDuty
     class ListOrganizationAdminAccountsResponse < Struct.new(
       :admin_accounts,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2878,6 +3227,7 @@ module Aws::GuardDuty
       :detector_id,
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2899,6 +3249,7 @@ module Aws::GuardDuty
     class ListPublishingDestinationsResponse < Struct.new(
       :destinations,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2917,6 +3268,7 @@ module Aws::GuardDuty
     #
     class ListTagsForResourceRequest < Struct.new(
       :resource_arn)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2928,6 +3280,7 @@ module Aws::GuardDuty
     #
     class ListTagsForResourceResponse < Struct.new(
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2965,6 +3318,7 @@ module Aws::GuardDuty
       :detector_id,
       :max_results,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2982,6 +3336,7 @@ module Aws::GuardDuty
     class ListThreatIntelSetsResponse < Struct.new(
       :threat_intel_set_ids,
       :next_token)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -2995,6 +3350,7 @@ module Aws::GuardDuty
     #
     class LocalIpDetails < Struct.new(
       :ip_address_v4)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3013,6 +3369,7 @@ module Aws::GuardDuty
     class LocalPortDetails < Struct.new(
       :port,
       :port_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3042,6 +3399,7 @@ module Aws::GuardDuty
       :invitation_id,
       :relationship_status,
       :invited_at)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3085,6 +3443,27 @@ module Aws::GuardDuty
       :relationship_status,
       :invited_at,
       :updated_at)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on which data sources are enabled for a member
+    # account.
+    #
+    # @!attribute [rw] account_id
+    #   The account ID for the member account.
+    #   @return [String]
+    #
+    # @!attribute [rw] data_sources
+    #   Contains information on the status of data sources for the account.
+    #   @return [Types::DataSourceConfigurationsResult]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/MemberDataSourceConfiguration AWS API Documentation
+    #
+    class MemberDataSourceConfiguration < Struct.new(
+      :account_id,
+      :data_sources)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3130,6 +3509,7 @@ module Aws::GuardDuty
       :local_ip_details,
       :remote_ip_details,
       :remote_port_details)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3189,6 +3569,7 @@ module Aws::GuardDuty
       :security_groups,
       :subnet_id,
       :vpc_id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3219,6 +3600,87 @@ module Aws::GuardDuty
       :asn_org,
       :isp,
       :org)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # An object that contains information on which data sources will be
+    # configured to be automatically enabled for new members within the
+    # organization.
+    #
+    # @note When making an API call, you may pass OrganizationDataSourceConfigurations
+    #   data as a hash:
+    #
+    #       {
+    #         s3_logs: {
+    #           auto_enable: false, # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] s3_logs
+    #   Describes whether S3 data event logs are enabled for new members of
+    #   the organization.
+    #   @return [Types::OrganizationS3LogsConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurations AWS API Documentation
+    #
+    class OrganizationDataSourceConfigurations < Struct.new(
+      :s3_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # An object that contains information on which data sources are
+    # automatically enabled for new members within the organization.
+    #
+    # @!attribute [rw] s3_logs
+    #   Describes whether S3 data event logs are enabled as a data source.
+    #   @return [Types::OrganizationS3LogsConfigurationResult]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurationsResult AWS API Documentation
+    #
+    class OrganizationDataSourceConfigurationsResult < Struct.new(
+      :s3_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether S3 data event logs will be automatically enabled for
+    # new members of the organization.
+    #
+    # @note When making an API call, you may pass OrganizationS3LogsConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         auto_enable: false, # required
+    #       }
+    #
+    # @!attribute [rw] auto_enable
+    #   A value that contains information on whether S3 data event logs will
+    #   be enabled automatically as a data source for the organization.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationS3LogsConfiguration AWS API Documentation
+    #
+    class OrganizationS3LogsConfiguration < Struct.new(
+      :auto_enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The current configuration of S3 data event logs as a data source for
+    # the organization.
+    #
+    # @!attribute [rw] auto_enable
+    #   A value that describes whether S3 data event logs are automatically
+    #   enabled for new members of the organization.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationS3LogsConfigurationResult AWS API Documentation
+    #
+    class OrganizationS3LogsConfigurationResult < Struct.new(
+      :auto_enable)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3238,6 +3700,7 @@ module Aws::GuardDuty
     #
     class Owner < Struct.new(
       :id)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3259,6 +3722,7 @@ module Aws::GuardDuty
     class PermissionConfiguration < Struct.new(
       :bucket_level_permissions,
       :account_level_permissions)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3279,6 +3743,7 @@ module Aws::GuardDuty
     class PortProbeAction < Struct.new(
       :blocked,
       :port_probe_details)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3302,6 +3767,7 @@ module Aws::GuardDuty
       :local_port_details,
       :local_ip_details,
       :remote_ip_details)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3320,6 +3786,7 @@ module Aws::GuardDuty
     class PrivateIpAddressDetails < Struct.new(
       :private_dns_name,
       :private_ip_address)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3338,6 +3805,7 @@ module Aws::GuardDuty
     class ProductCode < Struct.new(
       :code,
       :product_type)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3358,6 +3826,7 @@ module Aws::GuardDuty
     class PublicAccess < Struct.new(
       :permission_configuration,
       :effective_permission)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3391,6 +3860,7 @@ module Aws::GuardDuty
       :geo_location,
       :ip_address_v4,
       :organization)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3409,6 +3879,7 @@ module Aws::GuardDuty
     class RemotePortDetails < Struct.new(
       :port,
       :port_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3441,9 +3912,12 @@ module Aws::GuardDuty
       :s3_bucket_details,
       :instance_details,
       :resource_type)
+      SENSITIVE = []
       include Aws::Structure
     end
 
+    # Contains information on the S3 bucket.
+    #
     # @!attribute [rw] arn
     #   The Amazon Resource Name (ARN) of the S3 bucket.
     #   @return [String]
@@ -3487,6 +3961,43 @@ module Aws::GuardDuty
       :tags,
       :default_server_side_encryption,
       :public_access)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether S3 data event logs will be enabled as a data source.
+    #
+    # @note When making an API call, you may pass S3LogsConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         enable: false, # required
+    #       }
+    #
+    # @!attribute [rw] enable
+    #   The status of S3 data event logs as a data source.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3LogsConfiguration AWS API Documentation
+    #
+    class S3LogsConfiguration < Struct.new(
+      :enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether S3 data event logs will be enabled as a data source.
+    #
+    # @!attribute [rw] status
+    #   A value that describes whether S3 data event logs are automatically
+    #   enabled for new members of the organization.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3LogsConfigurationResult AWS API Documentation
+    #
+    class S3LogsConfigurationResult < Struct.new(
+      :status)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3506,6 +4017,7 @@ module Aws::GuardDuty
     class SecurityGroup < Struct.new(
       :group_id,
       :group_name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3566,6 +4078,7 @@ module Aws::GuardDuty
       :resource_role,
       :service_name,
       :user_feedback)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3593,6 +4106,7 @@ module Aws::GuardDuty
     class SortCriteria < Struct.new(
       :attribute_name,
       :order_by)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3619,6 +4133,7 @@ module Aws::GuardDuty
     class StartMonitoringMembersRequest < Struct.new(
       :detector_id,
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3631,6 +4146,7 @@ module Aws::GuardDuty
     #
     class StartMonitoringMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3656,6 +4172,7 @@ module Aws::GuardDuty
     class StopMonitoringMembersRequest < Struct.new(
       :detector_id,
       :account_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3669,6 +4186,7 @@ module Aws::GuardDuty
     #
     class StopMonitoringMembersResponse < Struct.new(
       :unprocessed_accounts)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3687,6 +4205,7 @@ module Aws::GuardDuty
     class Tag < Struct.new(
       :key,
       :value)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3714,6 +4233,7 @@ module Aws::GuardDuty
     class TagResourceRequest < Struct.new(
       :resource_arn,
       :tags)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3738,6 +4258,27 @@ module Aws::GuardDuty
     class ThreatIntelligenceDetail < Struct.new(
       :threat_list_name,
       :threat_names)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains the total usage with the corresponding currency unit for that
+    # value.
+    #
+    # @!attribute [rw] amount
+    #   The total usage.
+    #   @return [String]
+    #
+    # @!attribute [rw] unit
+    #   The currency unit that the amount is given in.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Total AWS API Documentation
+    #
+    class Total < Struct.new(
+      :amount,
+      :unit)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3762,6 +4303,7 @@ module Aws::GuardDuty
     class UnarchiveFindingsRequest < Struct.new(
       :detector_id,
       :finding_ids)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3784,6 +4326,7 @@ module Aws::GuardDuty
     class UnprocessedAccount < Struct.new(
       :account_id,
       :result)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3808,6 +4351,7 @@ module Aws::GuardDuty
     class UntagResourceRequest < Struct.new(
       :resource_arn,
       :tag_keys)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3822,6 +4366,11 @@ module Aws::GuardDuty
     #         detector_id: "DetectorId", # required
     #         enable: false,
     #         finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
+    #         data_sources: {
+    #           s3_logs: {
+    #             enable: false, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] detector_id
@@ -3837,12 +4386,18 @@ module Aws::GuardDuty
     #   such as to CloudWatch Events.
     #   @return [String]
     #
+    # @!attribute [rw] data_sources
+    #   An object that describes which data sources will be updated.
+    #   @return [Types::DataSourceConfigurations]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetectorRequest AWS API Documentation
     #
     class UpdateDetectorRequest < Struct.new(
       :detector_id,
       :enable,
-      :finding_publishing_frequency)
+      :finding_publishing_frequency,
+      :data_sources)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3917,6 +4472,7 @@ module Aws::GuardDuty
       :action,
       :rank,
       :finding_criteria)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3928,6 +4484,7 @@ module Aws::GuardDuty
     #
     class UpdateFilterResponse < Struct.new(
       :name)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -3966,6 +4523,7 @@ module Aws::GuardDuty
       :finding_ids,
       :feedback,
       :comments)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -4015,6 +4573,7 @@ module Aws::GuardDuty
       :name,
       :location,
       :activate)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -4022,12 +4581,65 @@ module Aws::GuardDuty
     #
     class UpdateIPSetResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass UpdateMemberDetectorsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         detector_id: "DetectorId", # required
+    #         account_ids: ["AccountId"], # required
+    #         data_sources: {
+    #           s3_logs: {
+    #             enable: false, # required
+    #           },
+    #         },
+    #       }
+    #
+    # @!attribute [rw] detector_id
+    #   The detector ID of the master account.
+    #   @return [String]
+    #
+    # @!attribute [rw] account_ids
+    #   A list of member account IDs to be updated.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] data_sources
+    #   An object describes which data sources will be updated.
+    #   @return [Types::DataSourceConfigurations]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMemberDetectorsRequest AWS API Documentation
+    #
+    class UpdateMemberDetectorsRequest < Struct.new(
+      :detector_id,
+      :account_ids,
+      :data_sources)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] unprocessed_accounts
+    #   A list of member account IDs that were unable to be processed along
+    #   with an explanation for why they were not processed.
+    #   @return [Array<Types::UnprocessedAccount>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMemberDetectorsResponse AWS API Documentation
+    #
+    class UpdateMemberDetectorsResponse < Struct.new(
+      :unprocessed_accounts)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
     #   data as a hash:
     #
     #       {
     #         detector_id: "DetectorId", # required
     #         auto_enable: false, # required
+    #         data_sources: {
+    #           s3_logs: {
+    #             auto_enable: false, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] detector_id
@@ -4039,11 +4651,17 @@ module Aws::GuardDuty
     #   organization.
     #   @return [Boolean]
     #
+    # @!attribute [rw] data_sources
+    #   An object describes which data sources will be updated.
+    #   @return [Types::OrganizationDataSourceConfigurations]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfigurationRequest AWS API Documentation
     #
     class UpdateOrganizationConfigurationRequest < Struct.new(
       :detector_id,
-      :auto_enable)
+      :auto_enable,
+      :data_sources)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -4083,6 +4701,7 @@ module Aws::GuardDuty
       :detector_id,
       :destination_id,
       :destination_properties)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -4134,6 +4753,7 @@ module Aws::GuardDuty
       :name,
       :location,
       :activate)
+      SENSITIVE = []
       include Aws::Structure
     end
 
@@ -4141,5 +4761,128 @@ module Aws::GuardDuty
     #
     class UpdateThreatIntelSetResponse < Aws::EmptyStructure; end
 
+    # Contains information on the total of usage based on account IDs.
+    #
+    # @!attribute [rw] account_id
+    #   The Account ID that generated usage.
+    #   @return [String]
+    #
+    # @!attribute [rw] total
+    #   Represents the total of usage for the Account ID.
+    #   @return [Types::Total]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageAccountResult AWS API Documentation
+    #
+    class UsageAccountResult < Struct.new(
+      :account_id,
+      :total)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information about the criteria used to query usage
+    # statistics.
+    #
+    # @note When making an API call, you may pass UsageCriteria
+    #   data as a hash:
+    #
+    #       {
+    #         account_ids: ["AccountId"],
+    #         data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #         resources: ["String"],
+    #       }
+    #
+    # @!attribute [rw] account_ids
+    #   The account IDs to aggregate usage statistics from.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] data_sources
+    #   The data sources to aggregate usage statistics from.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] resources
+    #   The resources to aggregate usage statistics from. Only accepts exact
+    #   resource names.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageCriteria AWS API Documentation
+    #
+    class UsageCriteria < Struct.new(
+      :account_ids,
+      :data_sources,
+      :resources)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the result of usage based on data source type.
+    #
+    # @!attribute [rw] data_source
+    #   The data source type that generated usage.
+    #   @return [String]
+    #
+    # @!attribute [rw] total
+    #   Represents the total of usage for the specified data source.
+    #   @return [Types::Total]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageDataSourceResult AWS API Documentation
+    #
+    class UsageDataSourceResult < Struct.new(
+      :data_source,
+      :total)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information on the sum of usage based on an AWS resource.
+    #
+    # @!attribute [rw] resource
+    #   The AWS resource that generated usage.
+    #   @return [String]
+    #
+    # @!attribute [rw] total
+    #   Represents the sum total of usage for the specified resource type.
+    #   @return [Types::Total]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageResourceResult AWS API Documentation
+    #
+    class UsageResourceResult < Struct.new(
+      :resource,
+      :total)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains the result of GuardDuty usage. If a UsageStatisticType is
+    # provided the result for other types will be null.
+    #
+    # @!attribute [rw] sum_by_account
+    #   The usage statistic sum organized by account ID.
+    #   @return [Array<Types::UsageAccountResult>]
+    #
+    # @!attribute [rw] sum_by_data_source
+    #   The usage statistic sum organized by on data source.
+    #   @return [Array<Types::UsageDataSourceResult>]
+    #
+    # @!attribute [rw] sum_by_resource
+    #   The usage statistic sum organized by resource.
+    #   @return [Array<Types::UsageResourceResult>]
+    #
+    # @!attribute [rw] top_resources
+    #   Lists the top 50 resources that have generated the most GuardDuty
+    #   usage, in order from most to least expensive.
+    #   @return [Array<Types::UsageResourceResult>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageStatistics AWS API Documentation
+    #
+    class UsageStatistics < Struct.new(
+      :sum_by_account,
+      :sum_by_data_source,
+      :sum_by_resource,
+      :top_resources)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
   end
 end