aws-sdk-guardduty 1.36.0 → 1.41.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-guardduty.rb +3 -2
- data/lib/aws-sdk-guardduty/client.rb +246 -13
- data/lib/aws-sdk-guardduty/client_api.rb +182 -0
- data/lib/aws-sdk-guardduty/types.rb +608 -8
- metadata +2 -2
@@ -228,7 +228,7 @@ module Aws::GuardDuty
|
|
228
228
|
#
|
229
229
|
class ArchiveFindingsResponse < Aws::EmptyStructure; end
|
230
230
|
|
231
|
-
# Contains information about the API
|
231
|
+
# Contains information about the API action.
|
232
232
|
#
|
233
233
|
# @!attribute [rw] api
|
234
234
|
# The AWS API name.
|
@@ -242,8 +242,13 @@ module Aws::GuardDuty
|
|
242
242
|
# The domain information for the AWS API call.
|
243
243
|
# @return [Types::DomainDetails]
|
244
244
|
#
|
245
|
+
# @!attribute [rw] error_code
|
246
|
+
# The error code of the failed AWS API action.
|
247
|
+
# @return [String]
|
248
|
+
#
|
245
249
|
# @!attribute [rw] remote_ip_details
|
246
|
-
# The remote IP information of the connection
|
250
|
+
# The remote IP information of the connection that initiated the AWS
|
251
|
+
# API call.
|
247
252
|
# @return [Types::RemoteIpDetails]
|
248
253
|
#
|
249
254
|
# @!attribute [rw] service_name
|
@@ -256,6 +261,7 @@ module Aws::GuardDuty
|
|
256
261
|
:api,
|
257
262
|
:caller_type,
|
258
263
|
:domain_details,
|
264
|
+
:error_code,
|
259
265
|
:remote_ip_details,
|
260
266
|
:service_name)
|
261
267
|
SENSITIVE = []
|
@@ -379,6 +385,22 @@ module Aws::GuardDuty
|
|
379
385
|
include Aws::Structure
|
380
386
|
end
|
381
387
|
|
388
|
+
# Contains information on the status of CloudTrail as a data source for
|
389
|
+
# the detector.
|
390
|
+
#
|
391
|
+
# @!attribute [rw] status
|
392
|
+
# Describes whether CloudTrail is enabled as a data source for the
|
393
|
+
# detector.
|
394
|
+
# @return [String]
|
395
|
+
#
|
396
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CloudTrailConfigurationResult AWS API Documentation
|
397
|
+
#
|
398
|
+
class CloudTrailConfigurationResult < Struct.new(
|
399
|
+
:status)
|
400
|
+
SENSITIVE = []
|
401
|
+
include Aws::Structure
|
402
|
+
end
|
403
|
+
|
382
404
|
# Contains information about the condition.
|
383
405
|
#
|
384
406
|
# @note When making an API call, you may pass Condition
|
@@ -505,6 +527,11 @@ module Aws::GuardDuty
|
|
505
527
|
# enable: false, # required
|
506
528
|
# client_token: "ClientToken",
|
507
529
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
530
|
+
# data_sources: {
|
531
|
+
# s3_logs: {
|
532
|
+
# enable: false, # required
|
533
|
+
# },
|
534
|
+
# },
|
508
535
|
# tags: {
|
509
536
|
# "TagKey" => "TagValue",
|
510
537
|
# },
|
@@ -527,6 +554,11 @@ module Aws::GuardDuty
|
|
527
554
|
# exported.
|
528
555
|
# @return [String]
|
529
556
|
#
|
557
|
+
# @!attribute [rw] data_sources
|
558
|
+
# An object that describes which data sources will be enabled for the
|
559
|
+
# detector.
|
560
|
+
# @return [Types::DataSourceConfigurations]
|
561
|
+
#
|
530
562
|
# @!attribute [rw] tags
|
531
563
|
# The tags to be added to a new detector resource.
|
532
564
|
# @return [Hash<String,String>]
|
@@ -537,6 +569,7 @@ module Aws::GuardDuty
|
|
537
569
|
:enable,
|
538
570
|
:client_token,
|
539
571
|
:finding_publishing_frequency,
|
572
|
+
:data_sources,
|
540
573
|
:tags)
|
541
574
|
SENSITIVE = []
|
542
575
|
include Aws::Structure
|
@@ -1052,6 +1085,76 @@ module Aws::GuardDuty
|
|
1052
1085
|
include Aws::Structure
|
1053
1086
|
end
|
1054
1087
|
|
1088
|
+
# Contains information on the status of DNS logs as a data source.
|
1089
|
+
#
|
1090
|
+
# @!attribute [rw] status
|
1091
|
+
# Denotes whether DNS logs is enabled as a data source.
|
1092
|
+
# @return [String]
|
1093
|
+
#
|
1094
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DNSLogsConfigurationResult AWS API Documentation
|
1095
|
+
#
|
1096
|
+
class DNSLogsConfigurationResult < Struct.new(
|
1097
|
+
:status)
|
1098
|
+
SENSITIVE = []
|
1099
|
+
include Aws::Structure
|
1100
|
+
end
|
1101
|
+
|
1102
|
+
# Contains information about which data sources are enabled.
|
1103
|
+
#
|
1104
|
+
# @note When making an API call, you may pass DataSourceConfigurations
|
1105
|
+
# data as a hash:
|
1106
|
+
#
|
1107
|
+
# {
|
1108
|
+
# s3_logs: {
|
1109
|
+
# enable: false, # required
|
1110
|
+
# },
|
1111
|
+
# }
|
1112
|
+
#
|
1113
|
+
# @!attribute [rw] s3_logs
|
1114
|
+
# Describes whether S3 data event logs are enabled as a data source.
|
1115
|
+
# @return [Types::S3LogsConfiguration]
|
1116
|
+
#
|
1117
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurations AWS API Documentation
|
1118
|
+
#
|
1119
|
+
class DataSourceConfigurations < Struct.new(
|
1120
|
+
:s3_logs)
|
1121
|
+
SENSITIVE = []
|
1122
|
+
include Aws::Structure
|
1123
|
+
end
|
1124
|
+
|
1125
|
+
# Contains information on the status of data sources for the detector.
|
1126
|
+
#
|
1127
|
+
# @!attribute [rw] cloud_trail
|
1128
|
+
# An object that contains information on the status of CloudTrail as a
|
1129
|
+
# data source.
|
1130
|
+
# @return [Types::CloudTrailConfigurationResult]
|
1131
|
+
#
|
1132
|
+
# @!attribute [rw] dns_logs
|
1133
|
+
# An object that contains information on the status of DNS logs as a
|
1134
|
+
# data source.
|
1135
|
+
# @return [Types::DNSLogsConfigurationResult]
|
1136
|
+
#
|
1137
|
+
# @!attribute [rw] flow_logs
|
1138
|
+
# An object that contains information on the status of VPC flow logs
|
1139
|
+
# as a data source.
|
1140
|
+
# @return [Types::FlowLogsConfigurationResult]
|
1141
|
+
#
|
1142
|
+
# @!attribute [rw] s3_logs
|
1143
|
+
# An object that contains information on the status of S3 Data event
|
1144
|
+
# logs as a data source.
|
1145
|
+
# @return [Types::S3LogsConfigurationResult]
|
1146
|
+
#
|
1147
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurationsResult AWS API Documentation
|
1148
|
+
#
|
1149
|
+
class DataSourceConfigurationsResult < Struct.new(
|
1150
|
+
:cloud_trail,
|
1151
|
+
:dns_logs,
|
1152
|
+
:flow_logs,
|
1153
|
+
:s3_logs)
|
1154
|
+
SENSITIVE = []
|
1155
|
+
include Aws::Structure
|
1156
|
+
end
|
1157
|
+
|
1055
1158
|
# @note When making an API call, you may pass DeclineInvitationsRequest
|
1056
1159
|
# data as a hash:
|
1057
1160
|
#
|
@@ -1091,7 +1194,7 @@ module Aws::GuardDuty
|
|
1091
1194
|
#
|
1092
1195
|
#
|
1093
1196
|
#
|
1094
|
-
# [1]: https://docs.aws.amazon.com/AmazonS3/
|
1197
|
+
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
|
1095
1198
|
#
|
1096
1199
|
# @!attribute [rw] encryption_type
|
1097
1200
|
# The type of encryption used for objects within the S3 bucket.
|
@@ -1354,11 +1457,17 @@ module Aws::GuardDuty
|
|
1354
1457
|
# already associated with the delegated administrator master account.
|
1355
1458
|
# @return [Boolean]
|
1356
1459
|
#
|
1460
|
+
# @!attribute [rw] data_sources
|
1461
|
+
# An object that describes which data sources are enabled
|
1462
|
+
# automatically for member accounts.
|
1463
|
+
# @return [Types::OrganizationDataSourceConfigurationsResult]
|
1464
|
+
#
|
1357
1465
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfigurationResponse AWS API Documentation
|
1358
1466
|
#
|
1359
1467
|
class DescribeOrganizationConfigurationResponse < Struct.new(
|
1360
1468
|
:auto_enable,
|
1361
|
-
:member_account_limit_reached
|
1469
|
+
:member_account_limit_reached,
|
1470
|
+
:data_sources)
|
1362
1471
|
SENSITIVE = []
|
1363
1472
|
include Aws::Structure
|
1364
1473
|
end
|
@@ -1771,6 +1880,20 @@ module Aws::GuardDuty
|
|
1771
1880
|
include Aws::Structure
|
1772
1881
|
end
|
1773
1882
|
|
1883
|
+
# Contains information on the status of VPC flow logs as a data source.
|
1884
|
+
#
|
1885
|
+
# @!attribute [rw] status
|
1886
|
+
# Denotes whether VPC flow logs is enabled as a data source.
|
1887
|
+
# @return [String]
|
1888
|
+
#
|
1889
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/FlowLogsConfigurationResult AWS API Documentation
|
1890
|
+
#
|
1891
|
+
class FlowLogsConfigurationResult < Struct.new(
|
1892
|
+
:status)
|
1893
|
+
SENSITIVE = []
|
1894
|
+
include Aws::Structure
|
1895
|
+
end
|
1896
|
+
|
1774
1897
|
# Contains information about the location of the remote IP address.
|
1775
1898
|
#
|
1776
1899
|
# @!attribute [rw] lat
|
@@ -1829,6 +1952,11 @@ module Aws::GuardDuty
|
|
1829
1952
|
# The last-updated timestamp for the detector.
|
1830
1953
|
# @return [String]
|
1831
1954
|
#
|
1955
|
+
# @!attribute [rw] data_sources
|
1956
|
+
# An object that describes which data sources are enabled for the
|
1957
|
+
# detector.
|
1958
|
+
# @return [Types::DataSourceConfigurationsResult]
|
1959
|
+
#
|
1832
1960
|
# @!attribute [rw] tags
|
1833
1961
|
# The tags of the detector resource.
|
1834
1962
|
# @return [Hash<String,String>]
|
@@ -1841,6 +1969,7 @@ module Aws::GuardDuty
|
|
1841
1969
|
:service_role,
|
1842
1970
|
:status,
|
1843
1971
|
:updated_at,
|
1972
|
+
:data_sources,
|
1844
1973
|
:tags)
|
1845
1974
|
SENSITIVE = []
|
1846
1975
|
include Aws::Structure
|
@@ -2127,6 +2256,50 @@ module Aws::GuardDuty
|
|
2127
2256
|
include Aws::Structure
|
2128
2257
|
end
|
2129
2258
|
|
2259
|
+
# @note When making an API call, you may pass GetMemberDetectorsRequest
|
2260
|
+
# data as a hash:
|
2261
|
+
#
|
2262
|
+
# {
|
2263
|
+
# detector_id: "DetectorId", # required
|
2264
|
+
# account_ids: ["AccountId"], # required
|
2265
|
+
# }
|
2266
|
+
#
|
2267
|
+
# @!attribute [rw] detector_id
|
2268
|
+
# The detector ID for the master account.
|
2269
|
+
# @return [String]
|
2270
|
+
#
|
2271
|
+
# @!attribute [rw] account_ids
|
2272
|
+
# The account ID of the member account.
|
2273
|
+
# @return [Array<String>]
|
2274
|
+
#
|
2275
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMemberDetectorsRequest AWS API Documentation
|
2276
|
+
#
|
2277
|
+
class GetMemberDetectorsRequest < Struct.new(
|
2278
|
+
:detector_id,
|
2279
|
+
:account_ids)
|
2280
|
+
SENSITIVE = []
|
2281
|
+
include Aws::Structure
|
2282
|
+
end
|
2283
|
+
|
2284
|
+
# @!attribute [rw] member_data_source_configurations
|
2285
|
+
# An object that describes which data sources are enabled for a member
|
2286
|
+
# account.
|
2287
|
+
# @return [Array<Types::MemberDataSourceConfiguration>]
|
2288
|
+
#
|
2289
|
+
# @!attribute [rw] unprocessed_accounts
|
2290
|
+
# A list of member account IDs that were unable to be processed along
|
2291
|
+
# with an explanation for why they were not processed.
|
2292
|
+
# @return [Array<Types::UnprocessedAccount>]
|
2293
|
+
#
|
2294
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMemberDetectorsResponse AWS API Documentation
|
2295
|
+
#
|
2296
|
+
class GetMemberDetectorsResponse < Struct.new(
|
2297
|
+
:member_data_source_configurations,
|
2298
|
+
:unprocessed_accounts)
|
2299
|
+
SENSITIVE = []
|
2300
|
+
include Aws::Structure
|
2301
|
+
end
|
2302
|
+
|
2130
2303
|
# @note When making an API call, you may pass GetMembersRequest
|
2131
2304
|
# data as a hash:
|
2132
2305
|
#
|
@@ -2233,6 +2406,84 @@ module Aws::GuardDuty
|
|
2233
2406
|
include Aws::Structure
|
2234
2407
|
end
|
2235
2408
|
|
2409
|
+
# @note When making an API call, you may pass GetUsageStatisticsRequest
|
2410
|
+
# data as a hash:
|
2411
|
+
#
|
2412
|
+
# {
|
2413
|
+
# detector_id: "DetectorId", # required
|
2414
|
+
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
2415
|
+
# usage_criteria: { # required
|
2416
|
+
# account_ids: ["AccountId"],
|
2417
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
|
2418
|
+
# resources: ["String"],
|
2419
|
+
# },
|
2420
|
+
# unit: "String",
|
2421
|
+
# max_results: 1,
|
2422
|
+
# next_token: "String",
|
2423
|
+
# }
|
2424
|
+
#
|
2425
|
+
# @!attribute [rw] detector_id
|
2426
|
+
# The ID of the detector that specifies the GuardDuty service whose
|
2427
|
+
# usage statistics you want to retrieve.
|
2428
|
+
# @return [String]
|
2429
|
+
#
|
2430
|
+
# @!attribute [rw] usage_statistic_type
|
2431
|
+
# The type of usage statistics to retrieve.
|
2432
|
+
# @return [String]
|
2433
|
+
#
|
2434
|
+
# @!attribute [rw] usage_criteria
|
2435
|
+
# Represents the criteria used for querying usage.
|
2436
|
+
# @return [Types::UsageCriteria]
|
2437
|
+
#
|
2438
|
+
# @!attribute [rw] unit
|
2439
|
+
# The currency unit you would like to view your usage statistics in.
|
2440
|
+
# Current valid values are USD.
|
2441
|
+
# @return [String]
|
2442
|
+
#
|
2443
|
+
# @!attribute [rw] max_results
|
2444
|
+
# The maximum number of results to return in the response.
|
2445
|
+
# @return [Integer]
|
2446
|
+
#
|
2447
|
+
# @!attribute [rw] next_token
|
2448
|
+
# A token to use for paginating results that are returned in the
|
2449
|
+
# response. Set the value of this parameter to null for the first
|
2450
|
+
# request to a list action. For subsequent calls, use the NextToken
|
2451
|
+
# value returned from the previous request to continue listing results
|
2452
|
+
# after the first page.
|
2453
|
+
# @return [String]
|
2454
|
+
#
|
2455
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatisticsRequest AWS API Documentation
|
2456
|
+
#
|
2457
|
+
class GetUsageStatisticsRequest < Struct.new(
|
2458
|
+
:detector_id,
|
2459
|
+
:usage_statistic_type,
|
2460
|
+
:usage_criteria,
|
2461
|
+
:unit,
|
2462
|
+
:max_results,
|
2463
|
+
:next_token)
|
2464
|
+
SENSITIVE = []
|
2465
|
+
include Aws::Structure
|
2466
|
+
end
|
2467
|
+
|
2468
|
+
# @!attribute [rw] usage_statistics
|
2469
|
+
# The usage statistics object. If a UsageStatisticType was provided,
|
2470
|
+
# the objects representing other types will be null.
|
2471
|
+
# @return [Types::UsageStatistics]
|
2472
|
+
#
|
2473
|
+
# @!attribute [rw] next_token
|
2474
|
+
# The pagination parameter to be used on the next list operation to
|
2475
|
+
# retrieve more items.
|
2476
|
+
# @return [String]
|
2477
|
+
#
|
2478
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatisticsResponse AWS API Documentation
|
2479
|
+
#
|
2480
|
+
class GetUsageStatisticsResponse < Struct.new(
|
2481
|
+
:usage_statistics,
|
2482
|
+
:next_token)
|
2483
|
+
SENSITIVE = []
|
2484
|
+
include Aws::Structure
|
2485
|
+
end
|
2486
|
+
|
2236
2487
|
# Contains information about the EC2 instance profile.
|
2237
2488
|
#
|
2238
2489
|
# @!attribute [rw] arn
|
@@ -2399,13 +2650,13 @@ module Aws::GuardDuty
|
|
2399
2650
|
#
|
2400
2651
|
# @!attribute [rw] disable_email_notification
|
2401
2652
|
# A Boolean value that specifies whether you want to disable email
|
2402
|
-
# notification to the accounts that you
|
2653
|
+
# notification to the accounts that you are inviting to GuardDuty as
|
2403
2654
|
# members.
|
2404
2655
|
# @return [Boolean]
|
2405
2656
|
#
|
2406
2657
|
# @!attribute [rw] message
|
2407
2658
|
# The invitation message that you want to send to the accounts that
|
2408
|
-
# you
|
2659
|
+
# you're inviting to GuardDuty as members.
|
2409
2660
|
# @return [String]
|
2410
2661
|
#
|
2411
2662
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/InviteMembersRequest AWS API Documentation
|
@@ -3196,6 +3447,26 @@ module Aws::GuardDuty
|
|
3196
3447
|
include Aws::Structure
|
3197
3448
|
end
|
3198
3449
|
|
3450
|
+
# Contains information on which data sources are enabled for a member
|
3451
|
+
# account.
|
3452
|
+
#
|
3453
|
+
# @!attribute [rw] account_id
|
3454
|
+
# The account ID for the member account.
|
3455
|
+
# @return [String]
|
3456
|
+
#
|
3457
|
+
# @!attribute [rw] data_sources
|
3458
|
+
# Contains information on the status of data sources for the account.
|
3459
|
+
# @return [Types::DataSourceConfigurationsResult]
|
3460
|
+
#
|
3461
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/MemberDataSourceConfiguration AWS API Documentation
|
3462
|
+
#
|
3463
|
+
class MemberDataSourceConfiguration < Struct.new(
|
3464
|
+
:account_id,
|
3465
|
+
:data_sources)
|
3466
|
+
SENSITIVE = []
|
3467
|
+
include Aws::Structure
|
3468
|
+
end
|
3469
|
+
|
3199
3470
|
# Contains information about the NETWORK\_CONNECTION action described in
|
3200
3471
|
# the finding.
|
3201
3472
|
#
|
@@ -3333,6 +3604,86 @@ module Aws::GuardDuty
|
|
3333
3604
|
include Aws::Structure
|
3334
3605
|
end
|
3335
3606
|
|
3607
|
+
# An object that contains information on which data sources will be
|
3608
|
+
# configured to be automatically enabled for new members within the
|
3609
|
+
# organization.
|
3610
|
+
#
|
3611
|
+
# @note When making an API call, you may pass OrganizationDataSourceConfigurations
|
3612
|
+
# data as a hash:
|
3613
|
+
#
|
3614
|
+
# {
|
3615
|
+
# s3_logs: {
|
3616
|
+
# auto_enable: false, # required
|
3617
|
+
# },
|
3618
|
+
# }
|
3619
|
+
#
|
3620
|
+
# @!attribute [rw] s3_logs
|
3621
|
+
# Describes whether S3 data event logs are enabled for new members of
|
3622
|
+
# the organization.
|
3623
|
+
# @return [Types::OrganizationS3LogsConfiguration]
|
3624
|
+
#
|
3625
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurations AWS API Documentation
|
3626
|
+
#
|
3627
|
+
class OrganizationDataSourceConfigurations < Struct.new(
|
3628
|
+
:s3_logs)
|
3629
|
+
SENSITIVE = []
|
3630
|
+
include Aws::Structure
|
3631
|
+
end
|
3632
|
+
|
3633
|
+
# An object that contains information on which data sources are
|
3634
|
+
# automatically enabled for new members within the organization.
|
3635
|
+
#
|
3636
|
+
# @!attribute [rw] s3_logs
|
3637
|
+
# Describes whether S3 data event logs are enabled as a data source.
|
3638
|
+
# @return [Types::OrganizationS3LogsConfigurationResult]
|
3639
|
+
#
|
3640
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurationsResult AWS API Documentation
|
3641
|
+
#
|
3642
|
+
class OrganizationDataSourceConfigurationsResult < Struct.new(
|
3643
|
+
:s3_logs)
|
3644
|
+
SENSITIVE = []
|
3645
|
+
include Aws::Structure
|
3646
|
+
end
|
3647
|
+
|
3648
|
+
# Describes whether S3 data event logs will be automatically enabled for
|
3649
|
+
# new members of the organization.
|
3650
|
+
#
|
3651
|
+
# @note When making an API call, you may pass OrganizationS3LogsConfiguration
|
3652
|
+
# data as a hash:
|
3653
|
+
#
|
3654
|
+
# {
|
3655
|
+
# auto_enable: false, # required
|
3656
|
+
# }
|
3657
|
+
#
|
3658
|
+
# @!attribute [rw] auto_enable
|
3659
|
+
# A value that contains information on whether S3 data event logs will
|
3660
|
+
# be enabled automatically as a data source for the organization.
|
3661
|
+
# @return [Boolean]
|
3662
|
+
#
|
3663
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationS3LogsConfiguration AWS API Documentation
|
3664
|
+
#
|
3665
|
+
class OrganizationS3LogsConfiguration < Struct.new(
|
3666
|
+
:auto_enable)
|
3667
|
+
SENSITIVE = []
|
3668
|
+
include Aws::Structure
|
3669
|
+
end
|
3670
|
+
|
3671
|
+
# The current configuration of S3 data event logs as a data source for
|
3672
|
+
# the organization.
|
3673
|
+
#
|
3674
|
+
# @!attribute [rw] auto_enable
|
3675
|
+
# A value that describes whether S3 data event logs are automatically
|
3676
|
+
# enabled for new members of the organization.
|
3677
|
+
# @return [Boolean]
|
3678
|
+
#
|
3679
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationS3LogsConfigurationResult AWS API Documentation
|
3680
|
+
#
|
3681
|
+
class OrganizationS3LogsConfigurationResult < Struct.new(
|
3682
|
+
:auto_enable)
|
3683
|
+
SENSITIVE = []
|
3684
|
+
include Aws::Structure
|
3685
|
+
end
|
3686
|
+
|
3336
3687
|
# Contains information on the owner of the bucket.
|
3337
3688
|
#
|
3338
3689
|
# @!attribute [rw] id
|
@@ -3565,6 +3916,8 @@ module Aws::GuardDuty
|
|
3565
3916
|
include Aws::Structure
|
3566
3917
|
end
|
3567
3918
|
|
3919
|
+
# Contains information on the S3 bucket.
|
3920
|
+
#
|
3568
3921
|
# @!attribute [rw] arn
|
3569
3922
|
# The Amazon Resource Name (ARN) of the S3 bucket.
|
3570
3923
|
# @return [String]
|
@@ -3612,6 +3965,42 @@ module Aws::GuardDuty
|
|
3612
3965
|
include Aws::Structure
|
3613
3966
|
end
|
3614
3967
|
|
3968
|
+
# Describes whether S3 data event logs will be enabled as a data source.
|
3969
|
+
#
|
3970
|
+
# @note When making an API call, you may pass S3LogsConfiguration
|
3971
|
+
# data as a hash:
|
3972
|
+
#
|
3973
|
+
# {
|
3974
|
+
# enable: false, # required
|
3975
|
+
# }
|
3976
|
+
#
|
3977
|
+
# @!attribute [rw] enable
|
3978
|
+
# The status of S3 data event logs as a data source.
|
3979
|
+
# @return [Boolean]
|
3980
|
+
#
|
3981
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3LogsConfiguration AWS API Documentation
|
3982
|
+
#
|
3983
|
+
class S3LogsConfiguration < Struct.new(
|
3984
|
+
:enable)
|
3985
|
+
SENSITIVE = []
|
3986
|
+
include Aws::Structure
|
3987
|
+
end
|
3988
|
+
|
3989
|
+
# Describes whether S3 data event logs will be enabled as a data source.
|
3990
|
+
#
|
3991
|
+
# @!attribute [rw] status
|
3992
|
+
# A value that describes whether S3 data event logs are automatically
|
3993
|
+
# enabled for new members of the organization.
|
3994
|
+
# @return [String]
|
3995
|
+
#
|
3996
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/S3LogsConfigurationResult AWS API Documentation
|
3997
|
+
#
|
3998
|
+
class S3LogsConfigurationResult < Struct.new(
|
3999
|
+
:status)
|
4000
|
+
SENSITIVE = []
|
4001
|
+
include Aws::Structure
|
4002
|
+
end
|
4003
|
+
|
3615
4004
|
# Contains information about the security groups associated with the EC2
|
3616
4005
|
# instance.
|
3617
4006
|
#
|
@@ -3873,6 +4262,26 @@ module Aws::GuardDuty
|
|
3873
4262
|
include Aws::Structure
|
3874
4263
|
end
|
3875
4264
|
|
4265
|
+
# Contains the total usage with the corresponding currency unit for that
|
4266
|
+
# value.
|
4267
|
+
#
|
4268
|
+
# @!attribute [rw] amount
|
4269
|
+
# The total usage.
|
4270
|
+
# @return [String]
|
4271
|
+
#
|
4272
|
+
# @!attribute [rw] unit
|
4273
|
+
# The currency unit that the amount is given in.
|
4274
|
+
# @return [String]
|
4275
|
+
#
|
4276
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Total AWS API Documentation
|
4277
|
+
#
|
4278
|
+
class Total < Struct.new(
|
4279
|
+
:amount,
|
4280
|
+
:unit)
|
4281
|
+
SENSITIVE = []
|
4282
|
+
include Aws::Structure
|
4283
|
+
end
|
4284
|
+
|
3876
4285
|
# @note When making an API call, you may pass UnarchiveFindingsRequest
|
3877
4286
|
# data as a hash:
|
3878
4287
|
#
|
@@ -3957,6 +4366,11 @@ module Aws::GuardDuty
|
|
3957
4366
|
# detector_id: "DetectorId", # required
|
3958
4367
|
# enable: false,
|
3959
4368
|
# finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
|
4369
|
+
# data_sources: {
|
4370
|
+
# s3_logs: {
|
4371
|
+
# enable: false, # required
|
4372
|
+
# },
|
4373
|
+
# },
|
3960
4374
|
# }
|
3961
4375
|
#
|
3962
4376
|
# @!attribute [rw] detector_id
|
@@ -3972,12 +4386,17 @@ module Aws::GuardDuty
|
|
3972
4386
|
# such as to CloudWatch Events.
|
3973
4387
|
# @return [String]
|
3974
4388
|
#
|
4389
|
+
# @!attribute [rw] data_sources
|
4390
|
+
# An object that describes which data sources will be updated.
|
4391
|
+
# @return [Types::DataSourceConfigurations]
|
4392
|
+
#
|
3975
4393
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetectorRequest AWS API Documentation
|
3976
4394
|
#
|
3977
4395
|
class UpdateDetectorRequest < Struct.new(
|
3978
4396
|
:detector_id,
|
3979
4397
|
:enable,
|
3980
|
-
:finding_publishing_frequency
|
4398
|
+
:finding_publishing_frequency,
|
4399
|
+
:data_sources)
|
3981
4400
|
SENSITIVE = []
|
3982
4401
|
include Aws::Structure
|
3983
4402
|
end
|
@@ -4162,12 +4581,65 @@ module Aws::GuardDuty
|
|
4162
4581
|
#
|
4163
4582
|
class UpdateIPSetResponse < Aws::EmptyStructure; end
|
4164
4583
|
|
4584
|
+
# @note When making an API call, you may pass UpdateMemberDetectorsRequest
|
4585
|
+
# data as a hash:
|
4586
|
+
#
|
4587
|
+
# {
|
4588
|
+
# detector_id: "DetectorId", # required
|
4589
|
+
# account_ids: ["AccountId"], # required
|
4590
|
+
# data_sources: {
|
4591
|
+
# s3_logs: {
|
4592
|
+
# enable: false, # required
|
4593
|
+
# },
|
4594
|
+
# },
|
4595
|
+
# }
|
4596
|
+
#
|
4597
|
+
# @!attribute [rw] detector_id
|
4598
|
+
# The detector ID of the master account.
|
4599
|
+
# @return [String]
|
4600
|
+
#
|
4601
|
+
# @!attribute [rw] account_ids
|
4602
|
+
# A list of member account IDs to be updated.
|
4603
|
+
# @return [Array<String>]
|
4604
|
+
#
|
4605
|
+
# @!attribute [rw] data_sources
|
4606
|
+
# An object describes which data sources will be updated.
|
4607
|
+
# @return [Types::DataSourceConfigurations]
|
4608
|
+
#
|
4609
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMemberDetectorsRequest AWS API Documentation
|
4610
|
+
#
|
4611
|
+
class UpdateMemberDetectorsRequest < Struct.new(
|
4612
|
+
:detector_id,
|
4613
|
+
:account_ids,
|
4614
|
+
:data_sources)
|
4615
|
+
SENSITIVE = []
|
4616
|
+
include Aws::Structure
|
4617
|
+
end
|
4618
|
+
|
4619
|
+
# @!attribute [rw] unprocessed_accounts
|
4620
|
+
# A list of member account IDs that were unable to be processed along
|
4621
|
+
# with an explanation for why they were not processed.
|
4622
|
+
# @return [Array<Types::UnprocessedAccount>]
|
4623
|
+
#
|
4624
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMemberDetectorsResponse AWS API Documentation
|
4625
|
+
#
|
4626
|
+
class UpdateMemberDetectorsResponse < Struct.new(
|
4627
|
+
:unprocessed_accounts)
|
4628
|
+
SENSITIVE = []
|
4629
|
+
include Aws::Structure
|
4630
|
+
end
|
4631
|
+
|
4165
4632
|
# @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
|
4166
4633
|
# data as a hash:
|
4167
4634
|
#
|
4168
4635
|
# {
|
4169
4636
|
# detector_id: "DetectorId", # required
|
4170
4637
|
# auto_enable: false, # required
|
4638
|
+
# data_sources: {
|
4639
|
+
# s3_logs: {
|
4640
|
+
# auto_enable: false, # required
|
4641
|
+
# },
|
4642
|
+
# },
|
4171
4643
|
# }
|
4172
4644
|
#
|
4173
4645
|
# @!attribute [rw] detector_id
|
@@ -4179,11 +4651,16 @@ module Aws::GuardDuty
|
|
4179
4651
|
# organization.
|
4180
4652
|
# @return [Boolean]
|
4181
4653
|
#
|
4654
|
+
# @!attribute [rw] data_sources
|
4655
|
+
# An object describes which data sources will be updated.
|
4656
|
+
# @return [Types::OrganizationDataSourceConfigurations]
|
4657
|
+
#
|
4182
4658
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfigurationRequest AWS API Documentation
|
4183
4659
|
#
|
4184
4660
|
class UpdateOrganizationConfigurationRequest < Struct.new(
|
4185
4661
|
:detector_id,
|
4186
|
-
:auto_enable
|
4662
|
+
:auto_enable,
|
4663
|
+
:data_sources)
|
4187
4664
|
SENSITIVE = []
|
4188
4665
|
include Aws::Structure
|
4189
4666
|
end
|
@@ -4284,5 +4761,128 @@ module Aws::GuardDuty
|
|
4284
4761
|
#
|
4285
4762
|
class UpdateThreatIntelSetResponse < Aws::EmptyStructure; end
|
4286
4763
|
|
4764
|
+
# Contains information on the total of usage based on account IDs.
|
4765
|
+
#
|
4766
|
+
# @!attribute [rw] account_id
|
4767
|
+
# The Account ID that generated usage.
|
4768
|
+
# @return [String]
|
4769
|
+
#
|
4770
|
+
# @!attribute [rw] total
|
4771
|
+
# Represents the total of usage for the Account ID.
|
4772
|
+
# @return [Types::Total]
|
4773
|
+
#
|
4774
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageAccountResult AWS API Documentation
|
4775
|
+
#
|
4776
|
+
class UsageAccountResult < Struct.new(
|
4777
|
+
:account_id,
|
4778
|
+
:total)
|
4779
|
+
SENSITIVE = []
|
4780
|
+
include Aws::Structure
|
4781
|
+
end
|
4782
|
+
|
4783
|
+
# Contains information about the criteria used to query usage
|
4784
|
+
# statistics.
|
4785
|
+
#
|
4786
|
+
# @note When making an API call, you may pass UsageCriteria
|
4787
|
+
# data as a hash:
|
4788
|
+
#
|
4789
|
+
# {
|
4790
|
+
# account_ids: ["AccountId"],
|
4791
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
|
4792
|
+
# resources: ["String"],
|
4793
|
+
# }
|
4794
|
+
#
|
4795
|
+
# @!attribute [rw] account_ids
|
4796
|
+
# The account IDs to aggregate usage statistics from.
|
4797
|
+
# @return [Array<String>]
|
4798
|
+
#
|
4799
|
+
# @!attribute [rw] data_sources
|
4800
|
+
# The data sources to aggregate usage statistics from.
|
4801
|
+
# @return [Array<String>]
|
4802
|
+
#
|
4803
|
+
# @!attribute [rw] resources
|
4804
|
+
# The resources to aggregate usage statistics from. Only accepts exact
|
4805
|
+
# resource names.
|
4806
|
+
# @return [Array<String>]
|
4807
|
+
#
|
4808
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageCriteria AWS API Documentation
|
4809
|
+
#
|
4810
|
+
class UsageCriteria < Struct.new(
|
4811
|
+
:account_ids,
|
4812
|
+
:data_sources,
|
4813
|
+
:resources)
|
4814
|
+
SENSITIVE = []
|
4815
|
+
include Aws::Structure
|
4816
|
+
end
|
4817
|
+
|
4818
|
+
# Contains information on the result of usage based on data source type.
|
4819
|
+
#
|
4820
|
+
# @!attribute [rw] data_source
|
4821
|
+
# The data source type that generated usage.
|
4822
|
+
# @return [String]
|
4823
|
+
#
|
4824
|
+
# @!attribute [rw] total
|
4825
|
+
# Represents the total of usage for the specified data source.
|
4826
|
+
# @return [Types::Total]
|
4827
|
+
#
|
4828
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageDataSourceResult AWS API Documentation
|
4829
|
+
#
|
4830
|
+
class UsageDataSourceResult < Struct.new(
|
4831
|
+
:data_source,
|
4832
|
+
:total)
|
4833
|
+
SENSITIVE = []
|
4834
|
+
include Aws::Structure
|
4835
|
+
end
|
4836
|
+
|
4837
|
+
# Contains information on the sum of usage based on an AWS resource.
|
4838
|
+
#
|
4839
|
+
# @!attribute [rw] resource
|
4840
|
+
# The AWS resource that generated usage.
|
4841
|
+
# @return [String]
|
4842
|
+
#
|
4843
|
+
# @!attribute [rw] total
|
4844
|
+
# Represents the sum total of usage for the specified resource type.
|
4845
|
+
# @return [Types::Total]
|
4846
|
+
#
|
4847
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageResourceResult AWS API Documentation
|
4848
|
+
#
|
4849
|
+
class UsageResourceResult < Struct.new(
|
4850
|
+
:resource,
|
4851
|
+
:total)
|
4852
|
+
SENSITIVE = []
|
4853
|
+
include Aws::Structure
|
4854
|
+
end
|
4855
|
+
|
4856
|
+
# Contains the result of GuardDuty usage. If a UsageStatisticType is
|
4857
|
+
# provided the result for other types will be null.
|
4858
|
+
#
|
4859
|
+
# @!attribute [rw] sum_by_account
|
4860
|
+
# The usage statistic sum organized by account ID.
|
4861
|
+
# @return [Array<Types::UsageAccountResult>]
|
4862
|
+
#
|
4863
|
+
# @!attribute [rw] sum_by_data_source
|
4864
|
+
# The usage statistic sum organized by on data source.
|
4865
|
+
# @return [Array<Types::UsageDataSourceResult>]
|
4866
|
+
#
|
4867
|
+
# @!attribute [rw] sum_by_resource
|
4868
|
+
# The usage statistic sum organized by resource.
|
4869
|
+
# @return [Array<Types::UsageResourceResult>]
|
4870
|
+
#
|
4871
|
+
# @!attribute [rw] top_resources
|
4872
|
+
# Lists the top 50 resources that have generated the most GuardDuty
|
4873
|
+
# usage, in order from most to least expensive.
|
4874
|
+
# @return [Array<Types::UsageResourceResult>]
|
4875
|
+
#
|
4876
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UsageStatistics AWS API Documentation
|
4877
|
+
#
|
4878
|
+
class UsageStatistics < Struct.new(
|
4879
|
+
:sum_by_account,
|
4880
|
+
:sum_by_data_source,
|
4881
|
+
:sum_by_resource,
|
4882
|
+
:top_resources)
|
4883
|
+
SENSITIVE = []
|
4884
|
+
include Aws::Structure
|
4885
|
+
end
|
4886
|
+
|
4287
4887
|
end
|
4288
4888
|
end
|