aws-sdk-guardduty 1.50.0 → 1.54.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: db11381a9f44179ee9080cbf575e6f10383f67f408722fc0fbf2b686d175c05e
-  data.tar.gz: 6e82a95835a069407e24ac96a1f01570e7209d22fe2fe88c3f2b6036929a9baa
+  metadata.gz: e147e69f8acd9cb6dd498c5a69df832b4e7d0fb43325ddac96f12077bcf98909
+  data.tar.gz: '090cbcb445fcba86d7b7f0e1eaa8cbef74370ff8c037e581004d4e8afce02358'
 SHA512:
-  metadata.gz: fffbcb3adf1634c3ee1ae1bd609a2f34cd1efa1ffcbfc592b7e0936fa0e58b127cfe0a902e88591a3c9433c99ef3b8b85ff2e2bd56f5a0ac3d7a9122a68ff939
-  data.tar.gz: c2bb2282ee42ea81e40d9eae20b8bcc3769d2d71d1aff63ab42c329a00f41240c0ff91c85515f8c7491e7cb6837d69e7d9fa84040c21cc6c7752b158fb75445f
+  metadata.gz: 902aeb9916eebf8e0e4b1ac9f8a5db1ef0d4fd1f40a06a1fa0616b86b7ae055acf1fa7db6eab0b67bb8e39f313b99d236e8f51267c735476f57ba5653f6c0c6b
+  data.tar.gz: 46deb062685b564f8cf90ee5dbb327c189bab832d49e95d900c487186305d75369e10b1a2a255857dd8276ad67f18146efa4812cf47302bcf83ec1c2910af694

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.54.0 (2022-01-25)
+------------------
+
+* Feature - Amazon GuardDuty expands threat detection coverage to protect Amazon Elastic Kubernetes Service (EKS) workloads.
+
+1.53.0 (2022-01-20)
+------------------
+
+* Feature - Amazon GuardDuty findings now include remoteAccountDetails under AwsApiCallAction section if instance credential is exfiltrated.
+
+1.52.0 (2021-12-21)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.51.0 (2021-11-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.50.0 (2021-11-04)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.50.0
+1.54.0

data/lib/aws-sdk-guardduty/client.rb

@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/rest_json.rb'
 
@@ -73,6 +74,7 @@ module Aws::GuardDuty
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::RestJson)
 
@@ -119,7 +121,9 @@ module Aws::GuardDuty
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -173,6 +177,10 @@ module Aws::GuardDuty
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -295,7 +303,7 @@ module Aws::GuardDuty
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -311,6 +319,9 @@ module Aws::GuardDuty
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -440,6 +451,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #     tags: {
     #       "TagKey" => "TagValue",
@@ -580,6 +596,16 @@ module Aws::GuardDuty
     #
     #   * service.additionalInfo.threatListName
     #
+    #   * resource.s3BucketDetails.publicAccess.effectivePermissions
+    #
+    #   * resource.s3BucketDetails.name
+    #
+    #   * resource.s3BucketDetails.tags.key
+    #
+    #   * resource.s3BucketDetails.tags.value
+    #
+    #   * resource.s3BucketDetails.type
+    #
     #   * service.archived
     #
     #     When this attribute is set to TRUE, only archived findings are
@@ -659,10 +685,10 @@ module Aws::GuardDuty
 
     # Creates a new IPSet, which is called a trusted IP list in the console
     # user interface. An IPSet is a list of IP addresses that are trusted
-    # for secure communication with AWS infrastructure and applications.
-    # GuardDuty doesn't generate findings for IP addresses that are
-    # included in IPSets. Only users from the administrator account can use
-    # this operation.
+    # for secure communication with Amazon Web Services infrastructure and
+    # applications. GuardDuty doesn't generate findings for IP addresses
+    # that are included in IPSets. Only users from the administrator account
+    # can use this operation.
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
@@ -678,8 +704,7 @@ module Aws::GuardDuty
     #   The format of the file that contains the IPSet.
     #
     # @option params [required, String] :location
-    #   The URI of the file that contains the IPSet. For example:
-    #   https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
+    #   The URI of the file that contains the IPSet.
     #
     # @option params [required, Boolean] :activate
     #   A Boolean value that indicates whether GuardDuty is to start using the
@@ -725,10 +750,10 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Creates member accounts of the current AWS account by specifying a
-    # list of AWS account IDs. This step is a prerequisite for managing the
-    # associated member accounts either by invitation or through an
-    # organization.
+    # Creates member accounts of the current Amazon Web Services account by
+    # specifying a list of Amazon Web Services account IDs. This step is a
+    # prerequisite for managing the associated member accounts either by
+    # invitation or through an organization.
     #
     # When using `Create Members` as an organizations delegated
     # administrator this action will enable GuardDuty in the added member
@@ -879,8 +904,7 @@ module Aws::GuardDuty
     #   The format of the file that contains the ThreatIntelSet.
     #
     # @option params [required, String] :location
-    #   The URI of the file that contains the ThreatIntelSet. For example:
-    #   https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
+    #   The URI of the file that contains the ThreatIntelSet.
     #
     # @option params [required, Boolean] :activate
     #   A Boolean value that indicates whether GuardDuty is to start using the
@@ -926,12 +950,13 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Declines invitations sent to the current member account by AWS
-    # accounts specified by their account IDs.
+    # Declines invitations sent to the current member account by Amazon Web
+    # Services accounts specified by their account IDs.
     #
     # @option params [required, Array<String>] :account_ids
-    #   A list of account IDs of the AWS accounts that sent invitations to the
-    #   current member account that you want to decline invitations from.
+    #   A list of account IDs of the Amazon Web Services accounts that sent
+    #   invitations to the current member account that you want to decline
+    #   invitations from.
     #
     # @return [Types::DeclineInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1034,12 +1059,13 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Deletes invitations sent to the current member account by AWS accounts
-    # specified by their account IDs.
+    # Deletes invitations sent to the current member account by Amazon Web
+    # Services accounts specified by their account IDs.
     #
     # @option params [required, Array<String>] :account_ids
-    #   A list of account IDs of the AWS accounts that sent invitations to the
-    #   current member account that you want to delete invitations from.
+    #   A list of account IDs of the Amazon Web Services accounts that sent
+    #   invitations to the current member account that you want to delete
+    #   invitations from.
     #
     # @return [Types::DeleteInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1181,6 +1207,7 @@ module Aws::GuardDuty
     #   resp.auto_enable #=> Boolean
     #   resp.member_account_limit_reached #=> Boolean
     #   resp.data_sources.s3_logs.auto_enable #=> Boolean
+    #   resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
     #
@@ -1234,12 +1261,12 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Disables an AWS account within the Organization as the GuardDuty
-    # delegated administrator.
+    # Disables an Amazon Web Services account within the Organization as the
+    # GuardDuty delegated administrator.
     #
     # @option params [required, String] :admin_account_id
-    #   The AWS Account ID for the organizations account to be disabled as a
-    #   GuardDuty delegated administrator.
+    #   The Amazon Web Services Account ID for the organizations account to be
+    #   disabled as a GuardDuty delegated administrator.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1318,12 +1345,12 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Enables an AWS account within the organization as the GuardDuty
-    # delegated administrator.
+    # Enables an Amazon Web Services account within the organization as the
+    # GuardDuty delegated administrator.
     #
     # @option params [required, String] :admin_account_id
-    #   The AWS Account ID for the organization account to be enabled as a
-    #   GuardDuty delegated administrator.
+    #   The Amazon Web Services Account ID for the organization account to be
+    #   enabled as a GuardDuty delegated administrator.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1374,6 +1401,7 @@ module Aws::GuardDuty
     #   resp.data_sources.dns_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.tags #=> Hash
     #   resp.tags["TagKey"] #=> String
     #
@@ -1544,6 +1572,36 @@ module Aws::GuardDuty
     #   resp.findings[0].resource.instance_details.tags #=> Array
     #   resp.findings[0].resource.instance_details.tags[0].key #=> String
     #   resp.findings[0].resource.instance_details.tags[0].value #=> String
+    #   resp.findings[0].resource.eks_cluster_details.name #=> String
+    #   resp.findings[0].resource.eks_cluster_details.arn #=> String
+    #   resp.findings[0].resource.eks_cluster_details.vpc_id #=> String
+    #   resp.findings[0].resource.eks_cluster_details.status #=> String
+    #   resp.findings[0].resource.eks_cluster_details.tags #=> Array
+    #   resp.findings[0].resource.eks_cluster_details.tags[0].key #=> String
+    #   resp.findings[0].resource.eks_cluster_details.tags[0].value #=> String
+    #   resp.findings[0].resource.eks_cluster_details.created_at #=> Time
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.username #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.uid #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups[0] #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.type #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.uid #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.namespace #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.host_network #=> Boolean
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].container_runtime #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].id #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].image #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].image_prefix #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts[0].mount_path #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].security_context.privileged #=> Boolean
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].host_path.path #=> String
     #   resp.findings[0].resource.resource_type #=> String
     #   resp.findings[0].schema_version #=> String
     #   resp.findings[0].service.action.action_type #=> String
@@ -1551,6 +1609,7 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.aws_api_call_action.caller_type #=> String
     #   resp.findings[0].service.action.aws_api_call_action.domain_details.domain #=> String
     #   resp.findings[0].service.action.aws_api_call_action.error_code #=> String
+    #   resp.findings[0].service.action.aws_api_call_action.user_agent #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.city.city_name #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_code #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_name #=> String
@@ -1562,6 +1621,8 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.isp #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.org #=> String
     #   resp.findings[0].service.action.aws_api_call_action.service_name #=> String
+    #   resp.findings[0].service.action.aws_api_call_action.remote_account_details.account_id #=> String
+    #   resp.findings[0].service.action.aws_api_call_action.remote_account_details.affiliated #=> Boolean
     #   resp.findings[0].service.action.dns_request_action.domain #=> String
     #   resp.findings[0].service.action.network_connection_action.blocked #=> Boolean
     #   resp.findings[0].service.action.network_connection_action.connection_direction #=> String
@@ -1596,6 +1657,23 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.request_uri #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.verb #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.source_ips #=> Array
+    #   resp.findings[0].service.action.kubernetes_api_call_action.source_ips[0] #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.user_agent #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.city.city_name #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.country.country_code #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.country.country_name #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.geo_location.lat #=> Float
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.geo_location.lon #=> Float
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.ip_address_v4 #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.asn #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.asn_org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.isp #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
+    #   resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
     #   resp.findings[0].service.evidence.threat_intelligence_details #=> Array
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
@@ -1801,6 +1879,7 @@ module Aws::GuardDuty
     #   resp.member_data_source_configurations[0].data_sources.dns_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.member_data_source_configurations[0].data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.member_data_source_configurations[0].data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.member_data_source_configurations[0].data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].result #=> String
@@ -1952,7 +2031,7 @@ module Aws::GuardDuty
     #     usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
     #     usage_criteria: { # required
     #       account_ids: ["AccountId"],
-    #       data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #       data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
     #       resources: ["String"],
     #     },
     #     unit: "String",
@@ -1967,7 +2046,7 @@ module Aws::GuardDuty
     #   resp.usage_statistics.sum_by_account[0].total.amount #=> String
     #   resp.usage_statistics.sum_by_account[0].total.unit #=> String
     #   resp.usage_statistics.sum_by_data_source #=> Array
-    #   resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS"
+    #   resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS"
     #   resp.usage_statistics.sum_by_data_source[0].total.amount #=> String
     #   resp.usage_statistics.sum_by_data_source[0].total.unit #=> String
     #   resp.usage_statistics.sum_by_resource #=> Array
@@ -1989,10 +2068,11 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Invites other AWS accounts (created as members of the current AWS
-    # account by CreateMembers) to enable GuardDuty, and allow the current
-    # AWS account to view and manage these accounts' findings on their
-    # behalf as the GuardDuty administrator account.
+    # Invites other Amazon Web Services accounts (created as members of the
+    # current Amazon Web Services account by CreateMembers) to enable
+    # GuardDuty, and allow the current Amazon Web Services account to view
+    # and manage these accounts' findings on their behalf as the GuardDuty
+    # administrator account.
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
@@ -2214,8 +2294,6 @@ module Aws::GuardDuty
     #
     #   * service.action.networkConnectionAction.protocol
     #
-    #   * service.action.networkConnectionAction.remoteIpDetails.city.cityName
-    #
     #   * service.action.networkConnectionAction.remoteIpDetails.country.countryName
     #
     #   * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
@@ -2362,7 +2440,7 @@ module Aws::GuardDuty
     end
 
     # Lists all GuardDuty membership invitations that were sent to the
-    # current AWS account.
+    # current Amazon Web Services account.
     #
     # @option params [Integer] :max_results
     #   You can use this parameter to indicate the maximum number of items
@@ -2511,7 +2589,7 @@ module Aws::GuardDuty
     end
 
     # Returns a list of publishing destinations associated with the
-    # specified `dectectorId`.
+    # specified `detectorId`.
     #
     # @option params [required, String] :detector_id
     #   The ID of the detector to retrieve publishing destinations for.
@@ -2824,6 +2902,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -2954,8 +3037,7 @@ module Aws::GuardDuty
     #   The unique ID that specifies the IPSet that you want to update.
     #
     # @option params [String] :location
-    #   The updated URI of the file that contains the IPSet. For example:
-    #   https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
+    #   The updated URI of the file that contains the IPSet.
     #
     # @option params [Boolean] :activate
     #   The updated Boolean value that specifies whether the IPSet is active
@@ -3006,6 +3088,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -3047,6 +3134,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         auto_enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           auto_enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -3150,7 +3242,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.50.0'
+      context[:gem_version] = '1.54.0'
       Seahorse::Client::Request.new(handlers, context)
     end