aws-sdk-guardduty 1.51.0 → 1.55.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +134 -42
- data/lib/aws-sdk-guardduty/client_api.rb +129 -0
- data/lib/aws-sdk-guardduty/types.rb +608 -49
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +4 -4
@@ -165,6 +165,11 @@ module Aws::GuardDuty
|
|
165
165
|
# Information about the PORT\_PROBE action described in this finding.
|
166
166
|
# @return [Types::PortProbeAction]
|
167
167
|
#
|
168
|
+
# @!attribute [rw] kubernetes_api_call_action
|
169
|
+
# Information about the Kubernetes API call action described in this
|
170
|
+
# finding.
|
171
|
+
# @return [Types::KubernetesApiCallAction]
|
172
|
+
#
|
168
173
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Action AWS API Documentation
|
169
174
|
#
|
170
175
|
class Action < Struct.new(
|
@@ -172,7 +177,8 @@ module Aws::GuardDuty
|
|
172
177
|
:aws_api_call_action,
|
173
178
|
:dns_request_action,
|
174
179
|
:network_connection_action,
|
175
|
-
:port_probe_action
|
180
|
+
:port_probe_action,
|
181
|
+
:kubernetes_api_call_action)
|
176
182
|
SENSITIVE = []
|
177
183
|
include Aws::Structure
|
178
184
|
end
|
@@ -181,7 +187,7 @@ module Aws::GuardDuty
|
|
181
187
|
# delegated administrator.
|
182
188
|
#
|
183
189
|
# @!attribute [rw] admin_account_id
|
184
|
-
# The
|
190
|
+
# The Amazon Web Services account ID for the account.
|
185
191
|
# @return [String]
|
186
192
|
#
|
187
193
|
# @!attribute [rw] admin_status
|
@@ -231,30 +237,39 @@ module Aws::GuardDuty
|
|
231
237
|
# Contains information about the API action.
|
232
238
|
#
|
233
239
|
# @!attribute [rw] api
|
234
|
-
# The
|
240
|
+
# The Amazon Web Services API name.
|
235
241
|
# @return [String]
|
236
242
|
#
|
237
243
|
# @!attribute [rw] caller_type
|
238
|
-
# The
|
244
|
+
# The Amazon Web Services API caller type.
|
239
245
|
# @return [String]
|
240
246
|
#
|
241
247
|
# @!attribute [rw] domain_details
|
242
|
-
# The domain information for the
|
248
|
+
# The domain information for the Amazon Web Services API call.
|
243
249
|
# @return [Types::DomainDetails]
|
244
250
|
#
|
245
251
|
# @!attribute [rw] error_code
|
246
|
-
# The error code of the failed
|
252
|
+
# The error code of the failed Amazon Web Services API action.
|
253
|
+
# @return [String]
|
254
|
+
#
|
255
|
+
# @!attribute [rw] user_agent
|
247
256
|
# @return [String]
|
248
257
|
#
|
249
258
|
# @!attribute [rw] remote_ip_details
|
250
|
-
# The remote IP information of the connection that initiated the
|
251
|
-
# API call.
|
259
|
+
# The remote IP information of the connection that initiated the
|
260
|
+
# Amazon Web Services API call.
|
252
261
|
# @return [Types::RemoteIpDetails]
|
253
262
|
#
|
254
263
|
# @!attribute [rw] service_name
|
255
|
-
# The
|
264
|
+
# The Amazon Web Services service name whose API was invoked.
|
256
265
|
# @return [String]
|
257
266
|
#
|
267
|
+
# @!attribute [rw] remote_account_details
|
268
|
+
# The details of the Amazon Web Services account that made the API
|
269
|
+
# call. This field appears if the call was made from outside your
|
270
|
+
# account.
|
271
|
+
# @return [Types::RemoteAccountDetails]
|
272
|
+
#
|
258
273
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AwsApiCallAction AWS API Documentation
|
259
274
|
#
|
260
275
|
class AwsApiCallAction < Struct.new(
|
@@ -262,8 +277,10 @@ module Aws::GuardDuty
|
|
262
277
|
:caller_type,
|
263
278
|
:domain_details,
|
264
279
|
:error_code,
|
280
|
+
:user_agent,
|
265
281
|
:remote_ip_details,
|
266
|
-
:service_name
|
282
|
+
:service_name,
|
283
|
+
:remote_account_details)
|
267
284
|
SENSITIVE = []
|
268
285
|
include Aws::Structure
|
269
286
|
end
|
@@ -500,6 +517,54 @@ module Aws::GuardDuty
|
|
500
517
|
include Aws::Structure
|
501
518
|
end
|
502
519
|
|
520
|
+
# Details of a container.
|
521
|
+
#
|
522
|
+
# @!attribute [rw] container_runtime
|
523
|
+
# The container runtime (such as, Docker or containerd) used to run
|
524
|
+
# the container.
|
525
|
+
# @return [String]
|
526
|
+
#
|
527
|
+
# @!attribute [rw] id
|
528
|
+
# Container ID.
|
529
|
+
# @return [String]
|
530
|
+
#
|
531
|
+
# @!attribute [rw] name
|
532
|
+
# Container name.
|
533
|
+
# @return [String]
|
534
|
+
#
|
535
|
+
# @!attribute [rw] image
|
536
|
+
# Container image.
|
537
|
+
# @return [String]
|
538
|
+
#
|
539
|
+
# @!attribute [rw] image_prefix
|
540
|
+
# Part of the image name before the last slash. For example,
|
541
|
+
# imagePrefix for public.ecr.aws/amazonlinux/amazonlinux:latest would
|
542
|
+
# be public.ecr.aws/amazonlinux. If the image name is relative and
|
543
|
+
# does not have a slash, this field is empty.
|
544
|
+
# @return [String]
|
545
|
+
#
|
546
|
+
# @!attribute [rw] volume_mounts
|
547
|
+
# Container volume mounts.
|
548
|
+
# @return [Array<Types::VolumeMount>]
|
549
|
+
#
|
550
|
+
# @!attribute [rw] security_context
|
551
|
+
# Container security context.
|
552
|
+
# @return [Types::SecurityContext]
|
553
|
+
#
|
554
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Container AWS API Documentation
|
555
|
+
#
|
556
|
+
class Container < Struct.new(
|
557
|
+
:container_runtime,
|
558
|
+
:id,
|
559
|
+
:name,
|
560
|
+
:image,
|
561
|
+
:image_prefix,
|
562
|
+
:volume_mounts,
|
563
|
+
:security_context)
|
564
|
+
SENSITIVE = []
|
565
|
+
include Aws::Structure
|
566
|
+
end
|
567
|
+
|
503
568
|
# Contains information about the country where the remote IP address is
|
504
569
|
# located.
|
505
570
|
#
|
@@ -531,6 +596,11 @@ module Aws::GuardDuty
|
|
531
596
|
# s3_logs: {
|
532
597
|
# enable: false, # required
|
533
598
|
# },
|
599
|
+
# kubernetes: {
|
600
|
+
# audit_logs: { # required
|
601
|
+
# enable: false, # required
|
602
|
+
# },
|
603
|
+
# },
|
534
604
|
# },
|
535
605
|
# tags: {
|
536
606
|
# "TagKey" => "TagValue",
|
@@ -742,6 +812,16 @@ module Aws::GuardDuty
|
|
742
812
|
#
|
743
813
|
# * service.additionalInfo.threatListName
|
744
814
|
#
|
815
|
+
# * resource.s3BucketDetails.publicAccess.effectivePermissions
|
816
|
+
#
|
817
|
+
# * resource.s3BucketDetails.name
|
818
|
+
#
|
819
|
+
# * resource.s3BucketDetails.tags.key
|
820
|
+
#
|
821
|
+
# * resource.s3BucketDetails.tags.value
|
822
|
+
#
|
823
|
+
# * resource.s3BucketDetails.type
|
824
|
+
#
|
745
825
|
# * service.archived
|
746
826
|
#
|
747
827
|
# When this attribute is set to TRUE, only archived findings are
|
@@ -832,8 +912,7 @@ module Aws::GuardDuty
|
|
832
912
|
# @return [String]
|
833
913
|
#
|
834
914
|
# @!attribute [rw] location
|
835
|
-
# The URI of the file that contains the IPSet.
|
836
|
-
# https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
|
915
|
+
# The URI of the file that contains the IPSet.
|
837
916
|
# @return [String]
|
838
917
|
#
|
839
918
|
# @!attribute [rw] activate
|
@@ -1041,8 +1120,7 @@ module Aws::GuardDuty
|
|
1041
1120
|
# @return [String]
|
1042
1121
|
#
|
1043
1122
|
# @!attribute [rw] location
|
1044
|
-
# The URI of the file that contains the ThreatIntelSet.
|
1045
|
-
# https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
|
1123
|
+
# The URI of the file that contains the ThreatIntelSet.
|
1046
1124
|
# @return [String]
|
1047
1125
|
#
|
1048
1126
|
# @!attribute [rw] activate
|
@@ -1110,16 +1188,26 @@ module Aws::GuardDuty
|
|
1110
1188
|
# s3_logs: {
|
1111
1189
|
# enable: false, # required
|
1112
1190
|
# },
|
1191
|
+
# kubernetes: {
|
1192
|
+
# audit_logs: { # required
|
1193
|
+
# enable: false, # required
|
1194
|
+
# },
|
1195
|
+
# },
|
1113
1196
|
# }
|
1114
1197
|
#
|
1115
1198
|
# @!attribute [rw] s3_logs
|
1116
1199
|
# Describes whether S3 data event logs are enabled as a data source.
|
1117
1200
|
# @return [Types::S3LogsConfiguration]
|
1118
1201
|
#
|
1202
|
+
# @!attribute [rw] kubernetes
|
1203
|
+
# Describes whether any Kubernetes logs are enabled as data sources.
|
1204
|
+
# @return [Types::KubernetesConfiguration]
|
1205
|
+
#
|
1119
1206
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurations AWS API Documentation
|
1120
1207
|
#
|
1121
1208
|
class DataSourceConfigurations < Struct.new(
|
1122
|
-
:s3_logs
|
1209
|
+
:s3_logs,
|
1210
|
+
:kubernetes)
|
1123
1211
|
SENSITIVE = []
|
1124
1212
|
include Aws::Structure
|
1125
1213
|
end
|
@@ -1146,13 +1234,19 @@ module Aws::GuardDuty
|
|
1146
1234
|
# logs as a data source.
|
1147
1235
|
# @return [Types::S3LogsConfigurationResult]
|
1148
1236
|
#
|
1237
|
+
# @!attribute [rw] kubernetes
|
1238
|
+
# An object that contains information on the status of all Kubernetes
|
1239
|
+
# data sources.
|
1240
|
+
# @return [Types::KubernetesConfigurationResult]
|
1241
|
+
#
|
1149
1242
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurationsResult AWS API Documentation
|
1150
1243
|
#
|
1151
1244
|
class DataSourceConfigurationsResult < Struct.new(
|
1152
1245
|
:cloud_trail,
|
1153
1246
|
:dns_logs,
|
1154
1247
|
:flow_logs,
|
1155
|
-
:s3_logs
|
1248
|
+
:s3_logs,
|
1249
|
+
:kubernetes)
|
1156
1250
|
SENSITIVE = []
|
1157
1251
|
include Aws::Structure
|
1158
1252
|
end
|
@@ -1165,9 +1259,9 @@ module Aws::GuardDuty
|
|
1165
1259
|
# }
|
1166
1260
|
#
|
1167
1261
|
# @!attribute [rw] account_ids
|
1168
|
-
# A list of account IDs of the
|
1169
|
-
# the current member account that you want to decline
|
1170
|
-
# from.
|
1262
|
+
# A list of account IDs of the Amazon Web Services accounts that sent
|
1263
|
+
# invitations to the current member account that you want to decline
|
1264
|
+
# invitations from.
|
1171
1265
|
# @return [Array<String>]
|
1172
1266
|
#
|
1173
1267
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeclineInvitationsRequest AWS API Documentation
|
@@ -1305,8 +1399,9 @@ module Aws::GuardDuty
|
|
1305
1399
|
# }
|
1306
1400
|
#
|
1307
1401
|
# @!attribute [rw] account_ids
|
1308
|
-
# A list of account IDs of the
|
1309
|
-
# the current member account that you want to delete
|
1402
|
+
# A list of account IDs of the Amazon Web Services accounts that sent
|
1403
|
+
# invitations to the current member account that you want to delete
|
1404
|
+
# invitations from.
|
1310
1405
|
# @return [Array<String>]
|
1311
1406
|
#
|
1312
1407
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DeleteInvitationsRequest AWS API Documentation
|
@@ -1576,6 +1671,9 @@ module Aws::GuardDuty
|
|
1576
1671
|
#
|
1577
1672
|
# @!attribute [rw] destination_arn
|
1578
1673
|
# The ARN of the resource to publish to.
|
1674
|
+
#
|
1675
|
+
# To specify an S3 bucket folder use the following format:
|
1676
|
+
# `arn:aws:s3:::DOC-EXAMPLE-BUCKET/myFolder/`
|
1579
1677
|
# @return [String]
|
1580
1678
|
#
|
1581
1679
|
# @!attribute [rw] kms_key_arn
|
@@ -1599,8 +1697,8 @@ module Aws::GuardDuty
|
|
1599
1697
|
# }
|
1600
1698
|
#
|
1601
1699
|
# @!attribute [rw] admin_account_id
|
1602
|
-
# The
|
1603
|
-
# GuardDuty delegated administrator.
|
1700
|
+
# The Amazon Web Services Account ID for the organizations account to
|
1701
|
+
# be disabled as a GuardDuty delegated administrator.
|
1604
1702
|
# @return [String]
|
1605
1703
|
#
|
1606
1704
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisableOrganizationAdminAccountRequest AWS API Documentation
|
@@ -1696,7 +1794,7 @@ module Aws::GuardDuty
|
|
1696
1794
|
# Contains information about the domain.
|
1697
1795
|
#
|
1698
1796
|
# @!attribute [rw] domain
|
1699
|
-
# The domain information for the
|
1797
|
+
# The domain information for the Amazon Web Services API call.
|
1700
1798
|
# @return [String]
|
1701
1799
|
#
|
1702
1800
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DomainDetails AWS API Documentation
|
@@ -1707,6 +1805,45 @@ module Aws::GuardDuty
|
|
1707
1805
|
include Aws::Structure
|
1708
1806
|
end
|
1709
1807
|
|
1808
|
+
# Details about the EKS cluster involved in a Kubernetes finding.
|
1809
|
+
#
|
1810
|
+
# @!attribute [rw] name
|
1811
|
+
# EKS cluster name.
|
1812
|
+
# @return [String]
|
1813
|
+
#
|
1814
|
+
# @!attribute [rw] arn
|
1815
|
+
# EKS cluster ARN.
|
1816
|
+
# @return [String]
|
1817
|
+
#
|
1818
|
+
# @!attribute [rw] vpc_id
|
1819
|
+
# The VPC ID to which the EKS cluster is attached.
|
1820
|
+
# @return [String]
|
1821
|
+
#
|
1822
|
+
# @!attribute [rw] status
|
1823
|
+
# The EKS cluster status.
|
1824
|
+
# @return [String]
|
1825
|
+
#
|
1826
|
+
# @!attribute [rw] tags
|
1827
|
+
# The EKS cluster tags.
|
1828
|
+
# @return [Array<Types::Tag>]
|
1829
|
+
#
|
1830
|
+
# @!attribute [rw] created_at
|
1831
|
+
# The timestamp when the EKS cluster was created.
|
1832
|
+
# @return [Time]
|
1833
|
+
#
|
1834
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EksClusterDetails AWS API Documentation
|
1835
|
+
#
|
1836
|
+
class EksClusterDetails < Struct.new(
|
1837
|
+
:name,
|
1838
|
+
:arn,
|
1839
|
+
:vpc_id,
|
1840
|
+
:status,
|
1841
|
+
:tags,
|
1842
|
+
:created_at)
|
1843
|
+
SENSITIVE = []
|
1844
|
+
include Aws::Structure
|
1845
|
+
end
|
1846
|
+
|
1710
1847
|
# @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
|
1711
1848
|
# data as a hash:
|
1712
1849
|
#
|
@@ -1715,8 +1852,8 @@ module Aws::GuardDuty
|
|
1715
1852
|
# }
|
1716
1853
|
#
|
1717
1854
|
# @!attribute [rw] admin_account_id
|
1718
|
-
# The
|
1719
|
-
# GuardDuty delegated administrator.
|
1855
|
+
# The Amazon Web Services Account ID for the organization account to
|
1856
|
+
# be enabled as a GuardDuty delegated administrator.
|
1720
1857
|
# @return [String]
|
1721
1858
|
#
|
1722
1859
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EnableOrganizationAdminAccountRequest AWS API Documentation
|
@@ -1781,8 +1918,9 @@ module Aws::GuardDuty
|
|
1781
1918
|
# @return [String]
|
1782
1919
|
#
|
1783
1920
|
# @!attribute [rw] resource
|
1784
|
-
# Contains information about the
|
1785
|
-
# activity that prompted GuardDuty to generate a
|
1921
|
+
# Contains information about the Amazon Web Services resource
|
1922
|
+
# associated with the activity that prompted GuardDuty to generate a
|
1923
|
+
# finding.
|
1786
1924
|
# @return [Types::Resource]
|
1787
1925
|
#
|
1788
1926
|
# @!attribute [rw] schema_version
|
@@ -2185,8 +2323,7 @@ module Aws::GuardDuty
|
|
2185
2323
|
# @return [String]
|
2186
2324
|
#
|
2187
2325
|
# @!attribute [rw] location
|
2188
|
-
# The URI of the file that contains the IPSet.
|
2189
|
-
# https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
|
2326
|
+
# The URI of the file that contains the IPSet.
|
2190
2327
|
# @return [String]
|
2191
2328
|
#
|
2192
2329
|
# @!attribute [rw] status
|
@@ -2384,8 +2521,7 @@ module Aws::GuardDuty
|
|
2384
2521
|
# @return [String]
|
2385
2522
|
#
|
2386
2523
|
# @!attribute [rw] location
|
2387
|
-
# The URI of the file that contains the ThreatIntelSet.
|
2388
|
-
# https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
|
2524
|
+
# The URI of the file that contains the ThreatIntelSet.
|
2389
2525
|
# @return [String]
|
2390
2526
|
#
|
2391
2527
|
# @!attribute [rw] status
|
@@ -2416,7 +2552,7 @@ module Aws::GuardDuty
|
|
2416
2552
|
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
2417
2553
|
# usage_criteria: { # required
|
2418
2554
|
# account_ids: ["AccountId"],
|
2419
|
-
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
|
2555
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
|
2420
2556
|
# resources: ["String"],
|
2421
2557
|
# },
|
2422
2558
|
# unit: "String",
|
@@ -2486,6 +2622,21 @@ module Aws::GuardDuty
|
|
2486
2622
|
include Aws::Structure
|
2487
2623
|
end
|
2488
2624
|
|
2625
|
+
# Represents a pre-existing file or directory on the host machine that
|
2626
|
+
# the volume maps to.
|
2627
|
+
#
|
2628
|
+
# @!attribute [rw] path
|
2629
|
+
# Path of the file or directory on the host that the volume maps to.
|
2630
|
+
# @return [String]
|
2631
|
+
#
|
2632
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/HostPath AWS API Documentation
|
2633
|
+
#
|
2634
|
+
class HostPath < Struct.new(
|
2635
|
+
:path)
|
2636
|
+
SENSITIVE = []
|
2637
|
+
include Aws::Structure
|
2638
|
+
end
|
2639
|
+
|
2489
2640
|
# Contains information about the EC2 instance profile.
|
2490
2641
|
#
|
2491
2642
|
# @!attribute [rw] arn
|
@@ -2536,8 +2687,8 @@ module Aws::GuardDuty
|
|
2536
2687
|
# @return [String]
|
2537
2688
|
#
|
2538
2689
|
# @!attribute [rw] outpost_arn
|
2539
|
-
# The Amazon Resource Name (ARN) of the
|
2540
|
-
# to
|
2690
|
+
# The Amazon Resource Name (ARN) of the Amazon Web Services Outpost.
|
2691
|
+
# Only applicable to Amazon Web Services Outposts instances.
|
2541
2692
|
# @return [String]
|
2542
2693
|
#
|
2543
2694
|
# @!attribute [rw] launch_time
|
@@ -2685,6 +2836,218 @@ module Aws::GuardDuty
|
|
2685
2836
|
include Aws::Structure
|
2686
2837
|
end
|
2687
2838
|
|
2839
|
+
# Information about the Kubernetes API call action described in this
|
2840
|
+
# finding.
|
2841
|
+
#
|
2842
|
+
# @!attribute [rw] request_uri
|
2843
|
+
# The Kubernetes API request URI.
|
2844
|
+
# @return [String]
|
2845
|
+
#
|
2846
|
+
# @!attribute [rw] verb
|
2847
|
+
# The Kubernetes API request HTTP verb.
|
2848
|
+
# @return [String]
|
2849
|
+
#
|
2850
|
+
# @!attribute [rw] source_ips
|
2851
|
+
# The IP of the Kubernetes API caller and the IPs of any proxies or
|
2852
|
+
# load balancers between the caller and the API endpoint.
|
2853
|
+
# @return [Array<String>]
|
2854
|
+
#
|
2855
|
+
# @!attribute [rw] user_agent
|
2856
|
+
# The user agent of the caller of the Kubernetes API.
|
2857
|
+
# @return [String]
|
2858
|
+
#
|
2859
|
+
# @!attribute [rw] remote_ip_details
|
2860
|
+
# Contains information about the remote IP address of the connection.
|
2861
|
+
# @return [Types::RemoteIpDetails]
|
2862
|
+
#
|
2863
|
+
# @!attribute [rw] status_code
|
2864
|
+
# The resulting HTTP response code of the Kubernetes API call action.
|
2865
|
+
# @return [Integer]
|
2866
|
+
#
|
2867
|
+
# @!attribute [rw] parameters
|
2868
|
+
# Parameters related to the Kubernetes API call action.
|
2869
|
+
# @return [String]
|
2870
|
+
#
|
2871
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesApiCallAction AWS API Documentation
|
2872
|
+
#
|
2873
|
+
class KubernetesApiCallAction < Struct.new(
|
2874
|
+
:request_uri,
|
2875
|
+
:verb,
|
2876
|
+
:source_ips,
|
2877
|
+
:user_agent,
|
2878
|
+
:remote_ip_details,
|
2879
|
+
:status_code,
|
2880
|
+
:parameters)
|
2881
|
+
SENSITIVE = []
|
2882
|
+
include Aws::Structure
|
2883
|
+
end
|
2884
|
+
|
2885
|
+
# Describes whether Kubernetes audit logs are enabled as a data source.
|
2886
|
+
#
|
2887
|
+
# @note When making an API call, you may pass KubernetesAuditLogsConfiguration
|
2888
|
+
# data as a hash:
|
2889
|
+
#
|
2890
|
+
# {
|
2891
|
+
# enable: false, # required
|
2892
|
+
# }
|
2893
|
+
#
|
2894
|
+
# @!attribute [rw] enable
|
2895
|
+
# The status of Kubernetes audit logs as a data source.
|
2896
|
+
# @return [Boolean]
|
2897
|
+
#
|
2898
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesAuditLogsConfiguration AWS API Documentation
|
2899
|
+
#
|
2900
|
+
class KubernetesAuditLogsConfiguration < Struct.new(
|
2901
|
+
:enable)
|
2902
|
+
SENSITIVE = []
|
2903
|
+
include Aws::Structure
|
2904
|
+
end
|
2905
|
+
|
2906
|
+
# Describes whether Kubernetes audit logs are enabled as a data source.
|
2907
|
+
#
|
2908
|
+
# @!attribute [rw] status
|
2909
|
+
# A value that describes whether Kubernetes audit logs are enabled as
|
2910
|
+
# a data source.
|
2911
|
+
# @return [String]
|
2912
|
+
#
|
2913
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesAuditLogsConfigurationResult AWS API Documentation
|
2914
|
+
#
|
2915
|
+
class KubernetesAuditLogsConfigurationResult < Struct.new(
|
2916
|
+
:status)
|
2917
|
+
SENSITIVE = []
|
2918
|
+
include Aws::Structure
|
2919
|
+
end
|
2920
|
+
|
2921
|
+
# Describes whether any Kubernetes data sources are enabled.
|
2922
|
+
#
|
2923
|
+
# @note When making an API call, you may pass KubernetesConfiguration
|
2924
|
+
# data as a hash:
|
2925
|
+
#
|
2926
|
+
# {
|
2927
|
+
# audit_logs: { # required
|
2928
|
+
# enable: false, # required
|
2929
|
+
# },
|
2930
|
+
# }
|
2931
|
+
#
|
2932
|
+
# @!attribute [rw] audit_logs
|
2933
|
+
# The status of Kubernetes audit logs as a data source.
|
2934
|
+
# @return [Types::KubernetesAuditLogsConfiguration]
|
2935
|
+
#
|
2936
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesConfiguration AWS API Documentation
|
2937
|
+
#
|
2938
|
+
class KubernetesConfiguration < Struct.new(
|
2939
|
+
:audit_logs)
|
2940
|
+
SENSITIVE = []
|
2941
|
+
include Aws::Structure
|
2942
|
+
end
|
2943
|
+
|
2944
|
+
# Describes whether any Kubernetes logs will be enabled as a data
|
2945
|
+
# source.
|
2946
|
+
#
|
2947
|
+
# @!attribute [rw] audit_logs
|
2948
|
+
# Describes whether Kubernetes audit logs are enabled as a data
|
2949
|
+
# source.
|
2950
|
+
# @return [Types::KubernetesAuditLogsConfigurationResult]
|
2951
|
+
#
|
2952
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesConfigurationResult AWS API Documentation
|
2953
|
+
#
|
2954
|
+
class KubernetesConfigurationResult < Struct.new(
|
2955
|
+
:audit_logs)
|
2956
|
+
SENSITIVE = []
|
2957
|
+
include Aws::Structure
|
2958
|
+
end
|
2959
|
+
|
2960
|
+
# Details about Kubernetes resources such as a Kubernetes user or
|
2961
|
+
# workload resource involved in a Kubernetes finding.
|
2962
|
+
#
|
2963
|
+
# @!attribute [rw] kubernetes_user_details
|
2964
|
+
# Details about the Kubernetes user involved in a Kubernetes finding.
|
2965
|
+
# @return [Types::KubernetesUserDetails]
|
2966
|
+
#
|
2967
|
+
# @!attribute [rw] kubernetes_workload_details
|
2968
|
+
# Details about the Kubernetes workload involved in a Kubernetes
|
2969
|
+
# finding.
|
2970
|
+
# @return [Types::KubernetesWorkloadDetails]
|
2971
|
+
#
|
2972
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesDetails AWS API Documentation
|
2973
|
+
#
|
2974
|
+
class KubernetesDetails < Struct.new(
|
2975
|
+
:kubernetes_user_details,
|
2976
|
+
:kubernetes_workload_details)
|
2977
|
+
SENSITIVE = []
|
2978
|
+
include Aws::Structure
|
2979
|
+
end
|
2980
|
+
|
2981
|
+
# Details about the Kubernetes user involved in a Kubernetes finding.
|
2982
|
+
#
|
2983
|
+
# @!attribute [rw] username
|
2984
|
+
# The username of the user who called the Kubernetes API.
|
2985
|
+
# @return [String]
|
2986
|
+
#
|
2987
|
+
# @!attribute [rw] uid
|
2988
|
+
# The user ID of the user who called the Kubernetes API.
|
2989
|
+
# @return [String]
|
2990
|
+
#
|
2991
|
+
# @!attribute [rw] groups
|
2992
|
+
# The groups that include the user who called the Kubernetes API.
|
2993
|
+
# @return [Array<String>]
|
2994
|
+
#
|
2995
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesUserDetails AWS API Documentation
|
2996
|
+
#
|
2997
|
+
class KubernetesUserDetails < Struct.new(
|
2998
|
+
:username,
|
2999
|
+
:uid,
|
3000
|
+
:groups)
|
3001
|
+
SENSITIVE = []
|
3002
|
+
include Aws::Structure
|
3003
|
+
end
|
3004
|
+
|
3005
|
+
# Details about the Kubernetes workload involved in a Kubernetes
|
3006
|
+
# finding.
|
3007
|
+
#
|
3008
|
+
# @!attribute [rw] name
|
3009
|
+
# Kubernetes workload name.
|
3010
|
+
# @return [String]
|
3011
|
+
#
|
3012
|
+
# @!attribute [rw] type
|
3013
|
+
# Kubernetes workload type (e.g. Pod, Deployment, etc.).
|
3014
|
+
# @return [String]
|
3015
|
+
#
|
3016
|
+
# @!attribute [rw] uid
|
3017
|
+
# Kubernetes workload ID.
|
3018
|
+
# @return [String]
|
3019
|
+
#
|
3020
|
+
# @!attribute [rw] namespace
|
3021
|
+
# Kubernetes namespace that the workload is part of.
|
3022
|
+
# @return [String]
|
3023
|
+
#
|
3024
|
+
# @!attribute [rw] host_network
|
3025
|
+
# Whether the hostNetwork flag is enabled for the pods included in the
|
3026
|
+
# workload.
|
3027
|
+
# @return [Boolean]
|
3028
|
+
#
|
3029
|
+
# @!attribute [rw] containers
|
3030
|
+
# Containers running as part of the Kubernetes workload.
|
3031
|
+
# @return [Array<Types::Container>]
|
3032
|
+
#
|
3033
|
+
# @!attribute [rw] volumes
|
3034
|
+
# Volumes used by the Kubernetes workload.
|
3035
|
+
# @return [Array<Types::Volume>]
|
3036
|
+
#
|
3037
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesWorkloadDetails AWS API Documentation
|
3038
|
+
#
|
3039
|
+
class KubernetesWorkloadDetails < Struct.new(
|
3040
|
+
:name,
|
3041
|
+
:type,
|
3042
|
+
:uid,
|
3043
|
+
:namespace,
|
3044
|
+
:host_network,
|
3045
|
+
:containers,
|
3046
|
+
:volumes)
|
3047
|
+
SENSITIVE = []
|
3048
|
+
include Aws::Structure
|
3049
|
+
end
|
3050
|
+
|
2688
3051
|
# @note When making an API call, you may pass ListDetectorsRequest
|
2689
3052
|
# data as a hash:
|
2690
3053
|
#
|
@@ -2903,8 +3266,6 @@ module Aws::GuardDuty
|
|
2903
3266
|
#
|
2904
3267
|
# * service.action.networkConnectionAction.protocol
|
2905
3268
|
#
|
2906
|
-
# * service.action.networkConnectionAction.remoteIpDetails.city.cityName
|
2907
|
-
#
|
2908
3269
|
# * service.action.networkConnectionAction.remoteIpDetails.country.countryName
|
2909
3270
|
#
|
2910
3271
|
# * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
|
@@ -3618,6 +3979,11 @@ module Aws::GuardDuty
|
|
3618
3979
|
# s3_logs: {
|
3619
3980
|
# auto_enable: false, # required
|
3620
3981
|
# },
|
3982
|
+
# kubernetes: {
|
3983
|
+
# audit_logs: { # required
|
3984
|
+
# auto_enable: false, # required
|
3985
|
+
# },
|
3986
|
+
# },
|
3621
3987
|
# }
|
3622
3988
|
#
|
3623
3989
|
# @!attribute [rw] s3_logs
|
@@ -3625,10 +3991,16 @@ module Aws::GuardDuty
|
|
3625
3991
|
# the organization.
|
3626
3992
|
# @return [Types::OrganizationS3LogsConfiguration]
|
3627
3993
|
#
|
3994
|
+
# @!attribute [rw] kubernetes
|
3995
|
+
# Describes the configuration of Kubernetes data sources for new
|
3996
|
+
# members of the organization.
|
3997
|
+
# @return [Types::OrganizationKubernetesConfiguration]
|
3998
|
+
#
|
3628
3999
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurations AWS API Documentation
|
3629
4000
|
#
|
3630
4001
|
class OrganizationDataSourceConfigurations < Struct.new(
|
3631
|
-
:s3_logs
|
4002
|
+
:s3_logs,
|
4003
|
+
:kubernetes)
|
3632
4004
|
SENSITIVE = []
|
3633
4005
|
include Aws::Structure
|
3634
4006
|
end
|
@@ -3640,10 +4012,94 @@ module Aws::GuardDuty
|
|
3640
4012
|
# Describes whether S3 data event logs are enabled as a data source.
|
3641
4013
|
# @return [Types::OrganizationS3LogsConfigurationResult]
|
3642
4014
|
#
|
4015
|
+
# @!attribute [rw] kubernetes
|
4016
|
+
# Describes the configuration of Kubernetes data sources.
|
4017
|
+
# @return [Types::OrganizationKubernetesConfigurationResult]
|
4018
|
+
#
|
3643
4019
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurationsResult AWS API Documentation
|
3644
4020
|
#
|
3645
4021
|
class OrganizationDataSourceConfigurationsResult < Struct.new(
|
3646
|
-
:s3_logs
|
4022
|
+
:s3_logs,
|
4023
|
+
:kubernetes)
|
4024
|
+
SENSITIVE = []
|
4025
|
+
include Aws::Structure
|
4026
|
+
end
|
4027
|
+
|
4028
|
+
# Organization-wide Kubernetes audit logs configuration.
|
4029
|
+
#
|
4030
|
+
# @note When making an API call, you may pass OrganizationKubernetesAuditLogsConfiguration
|
4031
|
+
# data as a hash:
|
4032
|
+
#
|
4033
|
+
# {
|
4034
|
+
# auto_enable: false, # required
|
4035
|
+
# }
|
4036
|
+
#
|
4037
|
+
# @!attribute [rw] auto_enable
|
4038
|
+
# A value that contains information on whether Kubernetes audit logs
|
4039
|
+
# should be enabled automatically as a data source for the
|
4040
|
+
# organization.
|
4041
|
+
# @return [Boolean]
|
4042
|
+
#
|
4043
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesAuditLogsConfiguration AWS API Documentation
|
4044
|
+
#
|
4045
|
+
class OrganizationKubernetesAuditLogsConfiguration < Struct.new(
|
4046
|
+
:auto_enable)
|
4047
|
+
SENSITIVE = []
|
4048
|
+
include Aws::Structure
|
4049
|
+
end
|
4050
|
+
|
4051
|
+
# The current configuration of Kubernetes audit logs as a data source
|
4052
|
+
# for the organization.
|
4053
|
+
#
|
4054
|
+
# @!attribute [rw] auto_enable
|
4055
|
+
# Whether Kubernetes audit logs data source should be auto-enabled for
|
4056
|
+
# new members joining the organization.
|
4057
|
+
# @return [Boolean]
|
4058
|
+
#
|
4059
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesAuditLogsConfigurationResult AWS API Documentation
|
4060
|
+
#
|
4061
|
+
class OrganizationKubernetesAuditLogsConfigurationResult < Struct.new(
|
4062
|
+
:auto_enable)
|
4063
|
+
SENSITIVE = []
|
4064
|
+
include Aws::Structure
|
4065
|
+
end
|
4066
|
+
|
4067
|
+
# Organization-wide Kubernetes data sources configurations.
|
4068
|
+
#
|
4069
|
+
# @note When making an API call, you may pass OrganizationKubernetesConfiguration
|
4070
|
+
# data as a hash:
|
4071
|
+
#
|
4072
|
+
# {
|
4073
|
+
# audit_logs: { # required
|
4074
|
+
# auto_enable: false, # required
|
4075
|
+
# },
|
4076
|
+
# }
|
4077
|
+
#
|
4078
|
+
# @!attribute [rw] audit_logs
|
4079
|
+
# Whether Kubernetes audit logs data source should be auto-enabled for
|
4080
|
+
# new members joining the organization.
|
4081
|
+
# @return [Types::OrganizationKubernetesAuditLogsConfiguration]
|
4082
|
+
#
|
4083
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesConfiguration AWS API Documentation
|
4084
|
+
#
|
4085
|
+
class OrganizationKubernetesConfiguration < Struct.new(
|
4086
|
+
:audit_logs)
|
4087
|
+
SENSITIVE = []
|
4088
|
+
include Aws::Structure
|
4089
|
+
end
|
4090
|
+
|
4091
|
+
# The current configuration of all Kubernetes data sources for the
|
4092
|
+
# organization.
|
4093
|
+
#
|
4094
|
+
# @!attribute [rw] audit_logs
|
4095
|
+
# The current configuration of Kubernetes audit logs as a data source
|
4096
|
+
# for the organization.
|
4097
|
+
# @return [Types::OrganizationKubernetesAuditLogsConfigurationResult]
|
4098
|
+
#
|
4099
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesConfigurationResult AWS API Documentation
|
4100
|
+
#
|
4101
|
+
class OrganizationKubernetesConfigurationResult < Struct.new(
|
4102
|
+
:audit_logs)
|
3647
4103
|
SENSITIVE = []
|
3648
4104
|
include Aws::Structure
|
3649
4105
|
end
|
@@ -3833,6 +4289,29 @@ module Aws::GuardDuty
|
|
3833
4289
|
include Aws::Structure
|
3834
4290
|
end
|
3835
4291
|
|
4292
|
+
# Contains details about the remote Amazon Web Services account that
|
4293
|
+
# made the API call.
|
4294
|
+
#
|
4295
|
+
# @!attribute [rw] account_id
|
4296
|
+
# The Amazon Web Services account ID of the remote API caller.
|
4297
|
+
# @return [String]
|
4298
|
+
#
|
4299
|
+
# @!attribute [rw] affiliated
|
4300
|
+
# Details on whether the Amazon Web Services account of the remote API
|
4301
|
+
# caller is related to your GuardDuty environment. If this value is
|
4302
|
+
# `True` the API caller is affiliated to your account in some way. If
|
4303
|
+
# it is `False` the API caller is from outside your environment.
|
4304
|
+
# @return [Boolean]
|
4305
|
+
#
|
4306
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/RemoteAccountDetails AWS API Documentation
|
4307
|
+
#
|
4308
|
+
class RemoteAccountDetails < Struct.new(
|
4309
|
+
:account_id,
|
4310
|
+
:affiliated)
|
4311
|
+
SENSITIVE = []
|
4312
|
+
include Aws::Structure
|
4313
|
+
end
|
4314
|
+
|
3836
4315
|
# Contains information about the remote IP address of the connection.
|
3837
4316
|
#
|
3838
4317
|
# @!attribute [rw] city
|
@@ -3886,8 +4365,8 @@ module Aws::GuardDuty
|
|
3886
4365
|
include Aws::Structure
|
3887
4366
|
end
|
3888
4367
|
|
3889
|
-
# Contains information about the
|
3890
|
-
# activity that prompted GuardDuty to generate a finding.
|
4368
|
+
# Contains information about the Amazon Web Services resource associated
|
4369
|
+
# with the activity that prompted GuardDuty to generate a finding.
|
3891
4370
|
#
|
3892
4371
|
# @!attribute [rw] access_key_details
|
3893
4372
|
# The IAM access key details (IAM user information) of a user that
|
@@ -3904,8 +4383,17 @@ module Aws::GuardDuty
|
|
3904
4383
|
# that prompted GuardDuty to generate a finding.
|
3905
4384
|
# @return [Types::InstanceDetails]
|
3906
4385
|
#
|
4386
|
+
# @!attribute [rw] eks_cluster_details
|
4387
|
+
# Details about the EKS cluster involved in a Kubernetes finding.
|
4388
|
+
# @return [Types::EksClusterDetails]
|
4389
|
+
#
|
4390
|
+
# @!attribute [rw] kubernetes_details
|
4391
|
+
# Details about the Kubernetes user and workload involved in a
|
4392
|
+
# Kubernetes finding.
|
4393
|
+
# @return [Types::KubernetesDetails]
|
4394
|
+
#
|
3907
4395
|
# @!attribute [rw] resource_type
|
3908
|
-
# The type of
|
4396
|
+
# The type of Amazon Web Services resource.
|
3909
4397
|
# @return [String]
|
3910
4398
|
#
|
3911
4399
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Resource AWS API Documentation
|
@@ -3914,6 +4402,8 @@ module Aws::GuardDuty
|
|
3914
4402
|
:access_key_details,
|
3915
4403
|
:s3_bucket_details,
|
3916
4404
|
:instance_details,
|
4405
|
+
:eks_cluster_details,
|
4406
|
+
:kubernetes_details,
|
3917
4407
|
:resource_type)
|
3918
4408
|
SENSITIVE = []
|
3919
4409
|
include Aws::Structure
|
@@ -4004,6 +4494,20 @@ module Aws::GuardDuty
|
|
4004
4494
|
include Aws::Structure
|
4005
4495
|
end
|
4006
4496
|
|
4497
|
+
# Container security context.
|
4498
|
+
#
|
4499
|
+
# @!attribute [rw] privileged
|
4500
|
+
# Whether the container is privileged.
|
4501
|
+
# @return [Boolean]
|
4502
|
+
#
|
4503
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/SecurityContext AWS API Documentation
|
4504
|
+
#
|
4505
|
+
class SecurityContext < Struct.new(
|
4506
|
+
:privileged)
|
4507
|
+
SENSITIVE = []
|
4508
|
+
include Aws::Structure
|
4509
|
+
end
|
4510
|
+
|
4007
4511
|
# Contains information about the security groups associated with the EC2
|
4008
4512
|
# instance.
|
4009
4513
|
#
|
@@ -4061,7 +4565,8 @@ module Aws::GuardDuty
|
|
4061
4565
|
# @return [String]
|
4062
4566
|
#
|
4063
4567
|
# @!attribute [rw] service_name
|
4064
|
-
# The name of the
|
4568
|
+
# The name of the Amazon Web Services service (GuardDuty) that
|
4569
|
+
# generated a finding.
|
4065
4570
|
# @return [String]
|
4066
4571
|
#
|
4067
4572
|
# @!attribute [rw] user_feedback
|
@@ -4317,7 +4822,7 @@ module Aws::GuardDuty
|
|
4317
4822
|
# Contains information about the accounts that weren't processed.
|
4318
4823
|
#
|
4319
4824
|
# @!attribute [rw] account_id
|
4320
|
-
# The
|
4825
|
+
# The Amazon Web Services account ID.
|
4321
4826
|
# @return [String]
|
4322
4827
|
#
|
4323
4828
|
# @!attribute [rw] result
|
@@ -4373,6 +4878,11 @@ module Aws::GuardDuty
|
|
4373
4878
|
# s3_logs: {
|
4374
4879
|
# enable: false, # required
|
4375
4880
|
# },
|
4881
|
+
# kubernetes: {
|
4882
|
+
# audit_logs: { # required
|
4883
|
+
# enable: false, # required
|
4884
|
+
# },
|
4885
|
+
# },
|
4376
4886
|
# },
|
4377
4887
|
# }
|
4378
4888
|
#
|
@@ -4559,8 +5069,7 @@ module Aws::GuardDuty
|
|
4559
5069
|
# @return [String]
|
4560
5070
|
#
|
4561
5071
|
# @!attribute [rw] location
|
4562
|
-
# The updated URI of the file that contains the IPSet.
|
4563
|
-
# https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
|
5072
|
+
# The updated URI of the file that contains the IPSet.
|
4564
5073
|
# @return [String]
|
4565
5074
|
#
|
4566
5075
|
# @!attribute [rw] activate
|
@@ -4594,6 +5103,11 @@ module Aws::GuardDuty
|
|
4594
5103
|
# s3_logs: {
|
4595
5104
|
# enable: false, # required
|
4596
5105
|
# },
|
5106
|
+
# kubernetes: {
|
5107
|
+
# audit_logs: { # required
|
5108
|
+
# enable: false, # required
|
5109
|
+
# },
|
5110
|
+
# },
|
4597
5111
|
# },
|
4598
5112
|
# }
|
4599
5113
|
#
|
@@ -4642,6 +5156,11 @@ module Aws::GuardDuty
|
|
4642
5156
|
# s3_logs: {
|
4643
5157
|
# auto_enable: false, # required
|
4644
5158
|
# },
|
5159
|
+
# kubernetes: {
|
5160
|
+
# audit_logs: { # required
|
5161
|
+
# auto_enable: false, # required
|
5162
|
+
# },
|
5163
|
+
# },
|
4645
5164
|
# },
|
4646
5165
|
# }
|
4647
5166
|
#
|
@@ -4790,7 +5309,7 @@ module Aws::GuardDuty
|
|
4790
5309
|
#
|
4791
5310
|
# {
|
4792
5311
|
# account_ids: ["AccountId"],
|
4793
|
-
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
|
5312
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
|
4794
5313
|
# resources: ["String"],
|
4795
5314
|
# }
|
4796
5315
|
#
|
@@ -4836,10 +5355,11 @@ module Aws::GuardDuty
|
|
4836
5355
|
include Aws::Structure
|
4837
5356
|
end
|
4838
5357
|
|
4839
|
-
# Contains information on the sum of usage based on an
|
5358
|
+
# Contains information on the sum of usage based on an Amazon Web
|
5359
|
+
# Services resource.
|
4840
5360
|
#
|
4841
5361
|
# @!attribute [rw] resource
|
4842
|
-
# The
|
5362
|
+
# The Amazon Web Services resource that generated usage.
|
4843
5363
|
# @return [String]
|
4844
5364
|
#
|
4845
5365
|
# @!attribute [rw] total
|
@@ -4886,5 +5406,44 @@ module Aws::GuardDuty
|
|
4886
5406
|
include Aws::Structure
|
4887
5407
|
end
|
4888
5408
|
|
5409
|
+
# Volume used by the Kubernetes workload.
|
5410
|
+
#
|
5411
|
+
# @!attribute [rw] name
|
5412
|
+
# Volume name.
|
5413
|
+
# @return [String]
|
5414
|
+
#
|
5415
|
+
# @!attribute [rw] host_path
|
5416
|
+
# Represents a pre-existing file or directory on the host machine that
|
5417
|
+
# the volume maps to.
|
5418
|
+
# @return [Types::HostPath]
|
5419
|
+
#
|
5420
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Volume AWS API Documentation
|
5421
|
+
#
|
5422
|
+
class Volume < Struct.new(
|
5423
|
+
:name,
|
5424
|
+
:host_path)
|
5425
|
+
SENSITIVE = []
|
5426
|
+
include Aws::Structure
|
5427
|
+
end
|
5428
|
+
|
5429
|
+
# Container volume mount.
|
5430
|
+
#
|
5431
|
+
# @!attribute [rw] name
|
5432
|
+
# Volume mount name.
|
5433
|
+
# @return [String]
|
5434
|
+
#
|
5435
|
+
# @!attribute [rw] mount_path
|
5436
|
+
# Volume mount path.
|
5437
|
+
# @return [String]
|
5438
|
+
#
|
5439
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/VolumeMount AWS API Documentation
|
5440
|
+
#
|
5441
|
+
class VolumeMount < Struct.new(
|
5442
|
+
:name,
|
5443
|
+
:mount_path)
|
5444
|
+
SENSITIVE = []
|
5445
|
+
include Aws::Structure
|
5446
|
+
end
|
5447
|
+
|
4889
5448
|
end
|
4890
5449
|
end
|