aws-sdk-guardduty 1.53.0 → 1.56.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 17b3f3bea4ddcd2bc98bb6358d91e3deeacbdcc1624ebc046970b8f2ec814498
-  data.tar.gz: 4a2a233baf7377d8ca1d48fb0ca6f1330a7ac1db47dbb99a229f744ffe5d5cda
+  metadata.gz: f517f78b7c342c1fbaca28c2beb0bdbe6e8612a3605f8fed91bd2aded61ce06a
+  data.tar.gz: cbd43cf75785fa129b7b6edfa4487a9d3dcc9d496249569d28e001bd20648ccd
 SHA512:
-  metadata.gz: 19541da8bdeb995280d58b013c01a97d77e0624f78e95e7221de1f1e6c1a517abfea62c3ed45f5489c83096fdb0a02a1d599292ff845b5b1461b16fb107c9076
-  data.tar.gz: b3aa2a323a1eb62110fa1e15ffd30cedc5ad428b400447e282e03cd73fdfcf94278aad93978fe8c78fc1926a3edb3dcd24298f0df7f5766f1a8cb00e36e65a92
+  metadata.gz: 695a0ddb6f38650944b5f83e0ba60bef91a1451e7e12810ac89d412266075b7cf65267bd4261f3b75974677ea6a2e3c7cfcf211dfe76919ab7ecc4b67490e3a8
+  data.tar.gz: a9dfeabea56bd4cca1034d6a4c6f384586a9fb74ba4ec3384478a7f7692d52d373891bdcd7cae41b6b4f86d34b4e4fceaad9750f5bfdff3242eb899b2155717e

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
 
+1.56.0 (2022-02-24)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.55.0 (2022-02-03)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.54.0 (2022-01-25)
+------------------
+
+* Feature - Amazon GuardDuty expands threat detection coverage to protect Amazon Elastic Kubernetes Service (EKS) workloads.
+
 1.53.0 (2022-01-20)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.53.0
+1.56.0

data/lib/aws-sdk-guardduty/client.rb

@@ -27,7 +27,9 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/checksum_algorithm.rb'
 require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/rest_json.rb'
 
@@ -74,7 +76,9 @@ module Aws::GuardDuty
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::ChecksumAlgorithm)
     add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::RestJson)
 
@@ -451,6 +455,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #     tags: {
     #       "TagKey" => "TagValue",
@@ -1202,6 +1211,7 @@ module Aws::GuardDuty
     #   resp.auto_enable #=> Boolean
     #   resp.member_account_limit_reached #=> Boolean
     #   resp.data_sources.s3_logs.auto_enable #=> Boolean
+    #   resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
     #
@@ -1395,6 +1405,7 @@ module Aws::GuardDuty
     #   resp.data_sources.dns_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.tags #=> Hash
     #   resp.tags["TagKey"] #=> String
     #
@@ -1565,6 +1576,36 @@ module Aws::GuardDuty
     #   resp.findings[0].resource.instance_details.tags #=> Array
     #   resp.findings[0].resource.instance_details.tags[0].key #=> String
     #   resp.findings[0].resource.instance_details.tags[0].value #=> String
+    #   resp.findings[0].resource.eks_cluster_details.name #=> String
+    #   resp.findings[0].resource.eks_cluster_details.arn #=> String
+    #   resp.findings[0].resource.eks_cluster_details.vpc_id #=> String
+    #   resp.findings[0].resource.eks_cluster_details.status #=> String
+    #   resp.findings[0].resource.eks_cluster_details.tags #=> Array
+    #   resp.findings[0].resource.eks_cluster_details.tags[0].key #=> String
+    #   resp.findings[0].resource.eks_cluster_details.tags[0].value #=> String
+    #   resp.findings[0].resource.eks_cluster_details.created_at #=> Time
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.username #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.uid #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups[0] #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.type #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.uid #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.namespace #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.host_network #=> Boolean
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].container_runtime #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].id #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].image #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].image_prefix #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].volume_mounts[0].mount_path #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.containers[0].security_context.privileged #=> Boolean
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].name #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].host_path.path #=> String
     #   resp.findings[0].resource.resource_type #=> String
     #   resp.findings[0].schema_version #=> String
     #   resp.findings[0].service.action.action_type #=> String
@@ -1572,6 +1613,7 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.aws_api_call_action.caller_type #=> String
     #   resp.findings[0].service.action.aws_api_call_action.domain_details.domain #=> String
     #   resp.findings[0].service.action.aws_api_call_action.error_code #=> String
+    #   resp.findings[0].service.action.aws_api_call_action.user_agent #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.city.city_name #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_code #=> String
     #   resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_name #=> String
@@ -1619,6 +1661,23 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
     #   resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.request_uri #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.verb #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.source_ips #=> Array
+    #   resp.findings[0].service.action.kubernetes_api_call_action.source_ips[0] #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.user_agent #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.city.city_name #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.country.country_code #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.country.country_name #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.geo_location.lat #=> Float
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.geo_location.lon #=> Float
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.ip_address_v4 #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.asn #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.asn_org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.isp #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
+    #   resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
+    #   resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
     #   resp.findings[0].service.evidence.threat_intelligence_details #=> Array
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
@@ -1824,6 +1883,7 @@ module Aws::GuardDuty
     #   resp.member_data_source_configurations[0].data_sources.dns_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.member_data_source_configurations[0].data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.member_data_source_configurations[0].data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.member_data_source_configurations[0].data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].result #=> String
@@ -1975,7 +2035,7 @@ module Aws::GuardDuty
     #     usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
     #     usage_criteria: { # required
     #       account_ids: ["AccountId"],
-    #       data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #       data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
     #       resources: ["String"],
     #     },
     #     unit: "String",
@@ -1990,7 +2050,7 @@ module Aws::GuardDuty
     #   resp.usage_statistics.sum_by_account[0].total.amount #=> String
     #   resp.usage_statistics.sum_by_account[0].total.unit #=> String
     #   resp.usage_statistics.sum_by_data_source #=> Array
-    #   resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS"
+    #   resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS"
     #   resp.usage_statistics.sum_by_data_source[0].total.amount #=> String
     #   resp.usage_statistics.sum_by_data_source[0].total.unit #=> String
     #   resp.usage_statistics.sum_by_resource #=> Array
@@ -2846,6 +2906,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -3027,6 +3092,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -3068,6 +3138,11 @@ module Aws::GuardDuty
     #       s3_logs: {
     #         auto_enable: false, # required
     #       },
+    #       kubernetes: {
+    #         audit_logs: { # required
+    #           auto_enable: false, # required
+    #         },
+    #       },
     #     },
     #   })
     #
@@ -3171,7 +3246,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.53.0'
+      context[:gem_version] = '1.56.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-guardduty/client_api.rb

@@ -38,6 +38,8 @@ module Aws::GuardDuty
     ClientToken = Shapes::StringShape.new(name: 'ClientToken')
     CloudTrailConfigurationResult = Shapes::StructureShape.new(name: 'CloudTrailConfigurationResult')
     Condition = Shapes::StructureShape.new(name: 'Condition')
+    Container = Shapes::StructureShape.new(name: 'Container')
+    Containers = Shapes::ListShape.new(name: 'Containers')
     CountBySeverity = Shapes::MapShape.new(name: 'CountBySeverity')
     Country = Shapes::StructureShape.new(name: 'Country')
     CreateDetectorRequest = Shapes::StructureShape.new(name: 'CreateDetectorRequest')
@@ -98,6 +100,7 @@ module Aws::GuardDuty
     DnsRequestAction = Shapes::StructureShape.new(name: 'DnsRequestAction')
     DomainDetails = Shapes::StructureShape.new(name: 'DomainDetails')
     Double = Shapes::FloatShape.new(name: 'Double')
+    EksClusterDetails = Shapes::StructureShape.new(name: 'EksClusterDetails')
     Email = Shapes::StringShape.new(name: 'Email')
     EnableOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountRequest')
     EnableOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountResponse')
@@ -145,7 +148,9 @@ module Aws::GuardDuty
     GetThreatIntelSetResponse = Shapes::StructureShape.new(name: 'GetThreatIntelSetResponse')
     GetUsageStatisticsRequest = Shapes::StructureShape.new(name: 'GetUsageStatisticsRequest')
     GetUsageStatisticsResponse = Shapes::StructureShape.new(name: 'GetUsageStatisticsResponse')
+    Groups = Shapes::ListShape.new(name: 'Groups')
     GuardDutyArn = Shapes::StringShape.new(name: 'GuardDutyArn')
+    HostPath = Shapes::StructureShape.new(name: 'HostPath')
     IamInstanceProfile = Shapes::StructureShape.new(name: 'IamInstanceProfile')
     InstanceDetails = Shapes::StructureShape.new(name: 'InstanceDetails')
     Integer = Shapes::IntegerShape.new(name: 'Integer')
@@ -158,6 +163,14 @@ module Aws::GuardDuty
     IpSetIds = Shapes::ListShape.new(name: 'IpSetIds')
     IpSetStatus = Shapes::StringShape.new(name: 'IpSetStatus')
     Ipv6Addresses = Shapes::ListShape.new(name: 'Ipv6Addresses')
+    KubernetesApiCallAction = Shapes::StructureShape.new(name: 'KubernetesApiCallAction')
+    KubernetesAuditLogsConfiguration = Shapes::StructureShape.new(name: 'KubernetesAuditLogsConfiguration')
+    KubernetesAuditLogsConfigurationResult = Shapes::StructureShape.new(name: 'KubernetesAuditLogsConfigurationResult')
+    KubernetesConfiguration = Shapes::StructureShape.new(name: 'KubernetesConfiguration')
+    KubernetesConfigurationResult = Shapes::StructureShape.new(name: 'KubernetesConfigurationResult')
+    KubernetesDetails = Shapes::StructureShape.new(name: 'KubernetesDetails')
+    KubernetesUserDetails = Shapes::StructureShape.new(name: 'KubernetesUserDetails')
+    KubernetesWorkloadDetails = Shapes::StructureShape.new(name: 'KubernetesWorkloadDetails')
     ListDetectorsRequest = Shapes::StructureShape.new(name: 'ListDetectorsRequest')
     ListDetectorsResponse = Shapes::StructureShape.new(name: 'ListDetectorsResponse')
     ListFiltersRequest = Shapes::StructureShape.new(name: 'ListFiltersRequest')
@@ -198,6 +211,10 @@ module Aws::GuardDuty
     Organization = Shapes::StructureShape.new(name: 'Organization')
     OrganizationDataSourceConfigurations = Shapes::StructureShape.new(name: 'OrganizationDataSourceConfigurations')
     OrganizationDataSourceConfigurationsResult = Shapes::StructureShape.new(name: 'OrganizationDataSourceConfigurationsResult')
+    OrganizationKubernetesAuditLogsConfiguration = Shapes::StructureShape.new(name: 'OrganizationKubernetesAuditLogsConfiguration')
+    OrganizationKubernetesAuditLogsConfigurationResult = Shapes::StructureShape.new(name: 'OrganizationKubernetesAuditLogsConfigurationResult')
+    OrganizationKubernetesConfiguration = Shapes::StructureShape.new(name: 'OrganizationKubernetesConfiguration')
+    OrganizationKubernetesConfigurationResult = Shapes::StructureShape.new(name: 'OrganizationKubernetesConfigurationResult')
     OrganizationS3LogsConfiguration = Shapes::StructureShape.new(name: 'OrganizationS3LogsConfiguration')
     OrganizationS3LogsConfigurationResult = Shapes::StructureShape.new(name: 'OrganizationS3LogsConfigurationResult')
     Owner = Shapes::StructureShape.new(name: 'Owner')
@@ -220,10 +237,12 @@ module Aws::GuardDuty
     S3BucketDetails = Shapes::ListShape.new(name: 'S3BucketDetails')
     S3LogsConfiguration = Shapes::StructureShape.new(name: 'S3LogsConfiguration')
     S3LogsConfigurationResult = Shapes::StructureShape.new(name: 'S3LogsConfigurationResult')
+    SecurityContext = Shapes::StructureShape.new(name: 'SecurityContext')
     SecurityGroup = Shapes::StructureShape.new(name: 'SecurityGroup')
     SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
     Service = Shapes::StructureShape.new(name: 'Service')
     SortCriteria = Shapes::StructureShape.new(name: 'SortCriteria')
+    SourceIps = Shapes::ListShape.new(name: 'SourceIps')
     StartMonitoringMembersRequest = Shapes::StructureShape.new(name: 'StartMonitoringMembersRequest')
     StartMonitoringMembersResponse = Shapes::StructureShape.new(name: 'StartMonitoringMembersResponse')
     StopMonitoringMembersRequest = Shapes::StructureShape.new(name: 'StopMonitoringMembersRequest')
@@ -276,6 +295,10 @@ module Aws::GuardDuty
     UsageResourceResultList = Shapes::ListShape.new(name: 'UsageResourceResultList')
     UsageStatisticType = Shapes::StringShape.new(name: 'UsageStatisticType')
     UsageStatistics = Shapes::StructureShape.new(name: 'UsageStatistics')
+    Volume = Shapes::StructureShape.new(name: 'Volume')
+    VolumeMount = Shapes::StructureShape.new(name: 'VolumeMount')
+    VolumeMounts = Shapes::ListShape.new(name: 'VolumeMounts')
+    Volumes = Shapes::ListShape.new(name: 'Volumes')
 
     AcceptInvitationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
     AcceptInvitationRequest.add_member(:master_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "masterId"))
@@ -310,6 +333,7 @@ module Aws::GuardDuty
     Action.add_member(:dns_request_action, Shapes::ShapeRef.new(shape: DnsRequestAction, location_name: "dnsRequestAction"))
     Action.add_member(:network_connection_action, Shapes::ShapeRef.new(shape: NetworkConnectionAction, location_name: "networkConnectionAction"))
     Action.add_member(:port_probe_action, Shapes::ShapeRef.new(shape: PortProbeAction, location_name: "portProbeAction"))
+    Action.add_member(:kubernetes_api_call_action, Shapes::ShapeRef.new(shape: KubernetesApiCallAction, location_name: "kubernetesApiCallAction"))
     Action.struct_class = Types::Action
 
     AdminAccount.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: String, location_name: "adminAccountId"))
@@ -328,6 +352,7 @@ module Aws::GuardDuty
     AwsApiCallAction.add_member(:caller_type, Shapes::ShapeRef.new(shape: String, location_name: "callerType"))
     AwsApiCallAction.add_member(:domain_details, Shapes::ShapeRef.new(shape: DomainDetails, location_name: "domainDetails"))
     AwsApiCallAction.add_member(:error_code, Shapes::ShapeRef.new(shape: String, location_name: "errorCode"))
+    AwsApiCallAction.add_member(:user_agent, Shapes::ShapeRef.new(shape: String, location_name: "userAgent"))
     AwsApiCallAction.add_member(:remote_ip_details, Shapes::ShapeRef.new(shape: RemoteIpDetails, location_name: "remoteIpDetails"))
     AwsApiCallAction.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
     AwsApiCallAction.add_member(:remote_account_details, Shapes::ShapeRef.new(shape: RemoteAccountDetails, location_name: "remoteAccountDetails"))
@@ -372,6 +397,17 @@ module Aws::GuardDuty
     Condition.add_member(:less_than_or_equal, Shapes::ShapeRef.new(shape: Long, location_name: "lessThanOrEqual"))
     Condition.struct_class = Types::Condition
 
+    Container.add_member(:container_runtime, Shapes::ShapeRef.new(shape: String, location_name: "containerRuntime"))
+    Container.add_member(:id, Shapes::ShapeRef.new(shape: String, location_name: "id"))
+    Container.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
+    Container.add_member(:image, Shapes::ShapeRef.new(shape: String, location_name: "image"))
+    Container.add_member(:image_prefix, Shapes::ShapeRef.new(shape: String, location_name: "imagePrefix"))
+    Container.add_member(:volume_mounts, Shapes::ShapeRef.new(shape: VolumeMounts, location_name: "volumeMounts"))
+    Container.add_member(:security_context, Shapes::ShapeRef.new(shape: SecurityContext, location_name: "securityContext"))
+    Container.struct_class = Types::Container
+
+    Containers.member = Shapes::ShapeRef.new(shape: Container)
+
     CountBySeverity.key = Shapes::ShapeRef.new(shape: String)
     CountBySeverity.value = Shapes::ShapeRef.new(shape: Integer)
 
@@ -455,12 +491,14 @@ module Aws::GuardDuty
     DNSLogsConfigurationResult.struct_class = Types::DNSLogsConfigurationResult
 
     DataSourceConfigurations.add_member(:s3_logs, Shapes::ShapeRef.new(shape: S3LogsConfiguration, location_name: "s3Logs"))
+    DataSourceConfigurations.add_member(:kubernetes, Shapes::ShapeRef.new(shape: KubernetesConfiguration, location_name: "kubernetes"))
     DataSourceConfigurations.struct_class = Types::DataSourceConfigurations
 
     DataSourceConfigurationsResult.add_member(:cloud_trail, Shapes::ShapeRef.new(shape: CloudTrailConfigurationResult, required: true, location_name: "cloudTrail"))
     DataSourceConfigurationsResult.add_member(:dns_logs, Shapes::ShapeRef.new(shape: DNSLogsConfigurationResult, required: true, location_name: "dnsLogs"))
     DataSourceConfigurationsResult.add_member(:flow_logs, Shapes::ShapeRef.new(shape: FlowLogsConfigurationResult, required: true, location_name: "flowLogs"))
     DataSourceConfigurationsResult.add_member(:s3_logs, Shapes::ShapeRef.new(shape: S3LogsConfigurationResult, required: true, location_name: "s3Logs"))
+    DataSourceConfigurationsResult.add_member(:kubernetes, Shapes::ShapeRef.new(shape: KubernetesConfigurationResult, location_name: "kubernetes"))
     DataSourceConfigurationsResult.struct_class = Types::DataSourceConfigurationsResult
 
     DataSourceList.member = Shapes::ShapeRef.new(shape: DataSource)
@@ -572,6 +610,14 @@ module Aws::GuardDuty
     DomainDetails.add_member(:domain, Shapes::ShapeRef.new(shape: String, location_name: "domain"))
     DomainDetails.struct_class = Types::DomainDetails
 
+    EksClusterDetails.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
+    EksClusterDetails.add_member(:arn, Shapes::ShapeRef.new(shape: String, location_name: "arn"))
+    EksClusterDetails.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, location_name: "vpcId"))
+    EksClusterDetails.add_member(:status, Shapes::ShapeRef.new(shape: String, location_name: "status"))
+    EksClusterDetails.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
+    EksClusterDetails.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
+    EksClusterDetails.struct_class = Types::EksClusterDetails
+
     EnableOrganizationAdminAccountRequest.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "adminAccountId"))
     EnableOrganizationAdminAccountRequest.struct_class = Types::EnableOrganizationAdminAccountRequest
 
@@ -725,6 +771,11 @@ module Aws::GuardDuty
     GetUsageStatisticsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
     GetUsageStatisticsResponse.struct_class = Types::GetUsageStatisticsResponse
 
+    Groups.member = Shapes::ShapeRef.new(shape: String)
+
+    HostPath.add_member(:path, Shapes::ShapeRef.new(shape: String, location_name: "path"))
+    HostPath.struct_class = Types::HostPath
+
     IamInstanceProfile.add_member(:arn, Shapes::ShapeRef.new(shape: String, location_name: "arn"))
     IamInstanceProfile.add_member(:id, Shapes::ShapeRef.new(shape: String, location_name: "id"))
     IamInstanceProfile.struct_class = Types::IamInstanceProfile
@@ -769,6 +820,45 @@ module Aws::GuardDuty
 
     Ipv6Addresses.member = Shapes::ShapeRef.new(shape: String)
 
+    KubernetesApiCallAction.add_member(:request_uri, Shapes::ShapeRef.new(shape: String, location_name: "requestUri"))
+    KubernetesApiCallAction.add_member(:verb, Shapes::ShapeRef.new(shape: String, location_name: "verb"))
+    KubernetesApiCallAction.add_member(:source_ips, Shapes::ShapeRef.new(shape: SourceIps, location_name: "sourceIps"))
+    KubernetesApiCallAction.add_member(:user_agent, Shapes::ShapeRef.new(shape: String, location_name: "userAgent"))
+    KubernetesApiCallAction.add_member(:remote_ip_details, Shapes::ShapeRef.new(shape: RemoteIpDetails, location_name: "remoteIpDetails"))
+    KubernetesApiCallAction.add_member(:status_code, Shapes::ShapeRef.new(shape: Integer, location_name: "statusCode"))
+    KubernetesApiCallAction.add_member(:parameters, Shapes::ShapeRef.new(shape: String, location_name: "parameters"))
+    KubernetesApiCallAction.struct_class = Types::KubernetesApiCallAction
+
+    KubernetesAuditLogsConfiguration.add_member(:enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "enable"))
+    KubernetesAuditLogsConfiguration.struct_class = Types::KubernetesAuditLogsConfiguration
+
+    KubernetesAuditLogsConfigurationResult.add_member(:status, Shapes::ShapeRef.new(shape: DataSourceStatus, required: true, location_name: "status"))
+    KubernetesAuditLogsConfigurationResult.struct_class = Types::KubernetesAuditLogsConfigurationResult
+
+    KubernetesConfiguration.add_member(:audit_logs, Shapes::ShapeRef.new(shape: KubernetesAuditLogsConfiguration, required: true, location_name: "auditLogs"))
+    KubernetesConfiguration.struct_class = Types::KubernetesConfiguration
+
+    KubernetesConfigurationResult.add_member(:audit_logs, Shapes::ShapeRef.new(shape: KubernetesAuditLogsConfigurationResult, required: true, location_name: "auditLogs"))
+    KubernetesConfigurationResult.struct_class = Types::KubernetesConfigurationResult
+
+    KubernetesDetails.add_member(:kubernetes_user_details, Shapes::ShapeRef.new(shape: KubernetesUserDetails, location_name: "kubernetesUserDetails"))
+    KubernetesDetails.add_member(:kubernetes_workload_details, Shapes::ShapeRef.new(shape: KubernetesWorkloadDetails, location_name: "kubernetesWorkloadDetails"))
+    KubernetesDetails.struct_class = Types::KubernetesDetails
+
+    KubernetesUserDetails.add_member(:username, Shapes::ShapeRef.new(shape: String, location_name: "username"))
+    KubernetesUserDetails.add_member(:uid, Shapes::ShapeRef.new(shape: String, location_name: "uid"))
+    KubernetesUserDetails.add_member(:groups, Shapes::ShapeRef.new(shape: Groups, location_name: "groups"))
+    KubernetesUserDetails.struct_class = Types::KubernetesUserDetails
+
+    KubernetesWorkloadDetails.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
+    KubernetesWorkloadDetails.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "type"))
+    KubernetesWorkloadDetails.add_member(:uid, Shapes::ShapeRef.new(shape: String, location_name: "uid"))
+    KubernetesWorkloadDetails.add_member(:namespace, Shapes::ShapeRef.new(shape: String, location_name: "namespace"))
+    KubernetesWorkloadDetails.add_member(:host_network, Shapes::ShapeRef.new(shape: Boolean, location_name: "hostNetwork"))
+    KubernetesWorkloadDetails.add_member(:containers, Shapes::ShapeRef.new(shape: Containers, location_name: "containers"))
+    KubernetesWorkloadDetails.add_member(:volumes, Shapes::ShapeRef.new(shape: Volumes, location_name: "volumes"))
+    KubernetesWorkloadDetails.struct_class = Types::KubernetesWorkloadDetails
+
     ListDetectorsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "maxResults"))
     ListDetectorsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location: "querystring", location_name: "nextToken"))
     ListDetectorsRequest.struct_class = Types::ListDetectorsRequest
@@ -920,11 +1010,25 @@ module Aws::GuardDuty
     Organization.struct_class = Types::Organization
 
     OrganizationDataSourceConfigurations.add_member(:s3_logs, Shapes::ShapeRef.new(shape: OrganizationS3LogsConfiguration, location_name: "s3Logs"))
+    OrganizationDataSourceConfigurations.add_member(:kubernetes, Shapes::ShapeRef.new(shape: OrganizationKubernetesConfiguration, location_name: "kubernetes"))
     OrganizationDataSourceConfigurations.struct_class = Types::OrganizationDataSourceConfigurations
 
     OrganizationDataSourceConfigurationsResult.add_member(:s3_logs, Shapes::ShapeRef.new(shape: OrganizationS3LogsConfigurationResult, required: true, location_name: "s3Logs"))
+    OrganizationDataSourceConfigurationsResult.add_member(:kubernetes, Shapes::ShapeRef.new(shape: OrganizationKubernetesConfigurationResult, location_name: "kubernetes"))
     OrganizationDataSourceConfigurationsResult.struct_class = Types::OrganizationDataSourceConfigurationsResult
 
+    OrganizationKubernetesAuditLogsConfiguration.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "autoEnable"))
+    OrganizationKubernetesAuditLogsConfiguration.struct_class = Types::OrganizationKubernetesAuditLogsConfiguration
+
+    OrganizationKubernetesAuditLogsConfigurationResult.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "autoEnable"))
+    OrganizationKubernetesAuditLogsConfigurationResult.struct_class = Types::OrganizationKubernetesAuditLogsConfigurationResult
+
+    OrganizationKubernetesConfiguration.add_member(:audit_logs, Shapes::ShapeRef.new(shape: OrganizationKubernetesAuditLogsConfiguration, required: true, location_name: "auditLogs"))
+    OrganizationKubernetesConfiguration.struct_class = Types::OrganizationKubernetesConfiguration
+
+    OrganizationKubernetesConfigurationResult.add_member(:audit_logs, Shapes::ShapeRef.new(shape: OrganizationKubernetesAuditLogsConfigurationResult, required: true, location_name: "auditLogs"))
+    OrganizationKubernetesConfigurationResult.struct_class = Types::OrganizationKubernetesConfigurationResult
+
     OrganizationS3LogsConfiguration.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "autoEnable"))
     OrganizationS3LogsConfiguration.struct_class = Types::OrganizationS3LogsConfiguration
 
@@ -983,6 +1087,8 @@ module Aws::GuardDuty
     Resource.add_member(:access_key_details, Shapes::ShapeRef.new(shape: AccessKeyDetails, location_name: "accessKeyDetails"))
     Resource.add_member(:s3_bucket_details, Shapes::ShapeRef.new(shape: S3BucketDetails, location_name: "s3BucketDetails"))
     Resource.add_member(:instance_details, Shapes::ShapeRef.new(shape: InstanceDetails, location_name: "instanceDetails"))
+    Resource.add_member(:eks_cluster_details, Shapes::ShapeRef.new(shape: EksClusterDetails, location_name: "eksClusterDetails"))
+    Resource.add_member(:kubernetes_details, Shapes::ShapeRef.new(shape: KubernetesDetails, location_name: "kubernetesDetails"))
     Resource.add_member(:resource_type, Shapes::ShapeRef.new(shape: String, location_name: "resourceType"))
     Resource.struct_class = Types::Resource
 
@@ -1006,6 +1112,9 @@ module Aws::GuardDuty
     S3LogsConfigurationResult.add_member(:status, Shapes::ShapeRef.new(shape: DataSourceStatus, required: true, location_name: "status"))
     S3LogsConfigurationResult.struct_class = Types::S3LogsConfigurationResult
 
+    SecurityContext.add_member(:privileged, Shapes::ShapeRef.new(shape: Boolean, location_name: "privileged"))
+    SecurityContext.struct_class = Types::SecurityContext
+
     SecurityGroup.add_member(:group_id, Shapes::ShapeRef.new(shape: String, location_name: "groupId"))
     SecurityGroup.add_member(:group_name, Shapes::ShapeRef.new(shape: String, location_name: "groupName"))
     SecurityGroup.struct_class = Types::SecurityGroup
@@ -1028,6 +1137,8 @@ module Aws::GuardDuty
     SortCriteria.add_member(:order_by, Shapes::ShapeRef.new(shape: OrderBy, location_name: "orderBy"))
     SortCriteria.struct_class = Types::SortCriteria
 
+    SourceIps.member = Shapes::ShapeRef.new(shape: String)
+
     StartMonitoringMembersRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
     StartMonitoringMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIds, required: true, location_name: "accountIds"))
     StartMonitoringMembersRequest.struct_class = Types::StartMonitoringMembersRequest
@@ -1187,6 +1298,18 @@ module Aws::GuardDuty
     UsageStatistics.add_member(:top_resources, Shapes::ShapeRef.new(shape: UsageResourceResultList, location_name: "topResources"))
     UsageStatistics.struct_class = Types::UsageStatistics
 
+    Volume.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
+    Volume.add_member(:host_path, Shapes::ShapeRef.new(shape: HostPath, location_name: "hostPath"))
+    Volume.struct_class = Types::Volume
+
+    VolumeMount.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
+    VolumeMount.add_member(:mount_path, Shapes::ShapeRef.new(shape: String, location_name: "mountPath"))
+    VolumeMount.struct_class = Types::VolumeMount
+
+    VolumeMounts.member = Shapes::ShapeRef.new(shape: VolumeMount)
+
+    Volumes.member = Shapes::ShapeRef.new(shape: Volume)
+
 
     # @api private
     API = Seahorse::Model::Api.new.tap do |api|

data/lib/aws-sdk-guardduty/types.rb

@@ -165,6 +165,11 @@ module Aws::GuardDuty
     #   Information about the PORT\_PROBE action described in this finding.
     #   @return [Types::PortProbeAction]
     #
+    # @!attribute [rw] kubernetes_api_call_action
+    #   Information about the Kubernetes API call action described in this
+    #   finding.
+    #   @return [Types::KubernetesApiCallAction]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Action AWS API Documentation
     #
     class Action < Struct.new(
@@ -172,7 +177,8 @@ module Aws::GuardDuty
       :aws_api_call_action,
       :dns_request_action,
       :network_connection_action,
-      :port_probe_action)
+      :port_probe_action,
+      :kubernetes_api_call_action)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -246,6 +252,9 @@ module Aws::GuardDuty
     #   The error code of the failed Amazon Web Services API action.
     #   @return [String]
     #
+    # @!attribute [rw] user_agent
+    #   @return [String]
+    #
     # @!attribute [rw] remote_ip_details
     #   The remote IP information of the connection that initiated the
     #   Amazon Web Services API call.
@@ -268,6 +277,7 @@ module Aws::GuardDuty
       :caller_type,
       :domain_details,
       :error_code,
+      :user_agent,
       :remote_ip_details,
       :service_name,
       :remote_account_details)
@@ -507,6 +517,54 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Details of a container.
+    #
+    # @!attribute [rw] container_runtime
+    #   The container runtime (such as, Docker or containerd) used to run
+    #   the container.
+    #   @return [String]
+    #
+    # @!attribute [rw] id
+    #   Container ID.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   Container name.
+    #   @return [String]
+    #
+    # @!attribute [rw] image
+    #   Container image.
+    #   @return [String]
+    #
+    # @!attribute [rw] image_prefix
+    #   Part of the image name before the last slash. For example,
+    #   imagePrefix for public.ecr.aws/amazonlinux/amazonlinux:latest would
+    #   be public.ecr.aws/amazonlinux. If the image name is relative and
+    #   does not have a slash, this field is empty.
+    #   @return [String]
+    #
+    # @!attribute [rw] volume_mounts
+    #   Container volume mounts.
+    #   @return [Array<Types::VolumeMount>]
+    #
+    # @!attribute [rw] security_context
+    #   Container security context.
+    #   @return [Types::SecurityContext]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Container AWS API Documentation
+    #
+    class Container < Struct.new(
+      :container_runtime,
+      :id,
+      :name,
+      :image,
+      :image_prefix,
+      :volume_mounts,
+      :security_context)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about the country where the remote IP address is
     # located.
     #
@@ -538,6 +596,11 @@ module Aws::GuardDuty
     #           s3_logs: {
     #             enable: false, # required
     #           },
+    #           kubernetes: {
+    #             audit_logs: { # required
+    #               enable: false, # required
+    #             },
+    #           },
     #         },
     #         tags: {
     #           "TagKey" => "TagValue",
@@ -1125,16 +1188,26 @@ module Aws::GuardDuty
     #         s3_logs: {
     #           enable: false, # required
     #         },
+    #         kubernetes: {
+    #           audit_logs: { # required
+    #             enable: false, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] s3_logs
     #   Describes whether S3 data event logs are enabled as a data source.
     #   @return [Types::S3LogsConfiguration]
     #
+    # @!attribute [rw] kubernetes
+    #   Describes whether any Kubernetes logs are enabled as data sources.
+    #   @return [Types::KubernetesConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurations AWS API Documentation
     #
     class DataSourceConfigurations < Struct.new(
-      :s3_logs)
+      :s3_logs,
+      :kubernetes)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1161,13 +1234,19 @@ module Aws::GuardDuty
     #   logs as a data source.
     #   @return [Types::S3LogsConfigurationResult]
     #
+    # @!attribute [rw] kubernetes
+    #   An object that contains information on the status of all Kubernetes
+    #   data sources.
+    #   @return [Types::KubernetesConfigurationResult]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DataSourceConfigurationsResult AWS API Documentation
     #
     class DataSourceConfigurationsResult < Struct.new(
       :cloud_trail,
       :dns_logs,
       :flow_logs,
-      :s3_logs)
+      :s3_logs,
+      :kubernetes)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1726,6 +1805,45 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Details about the EKS cluster involved in a Kubernetes finding.
+    #
+    # @!attribute [rw] name
+    #   EKS cluster name.
+    #   @return [String]
+    #
+    # @!attribute [rw] arn
+    #   EKS cluster ARN.
+    #   @return [String]
+    #
+    # @!attribute [rw] vpc_id
+    #   The VPC ID to which the EKS cluster is attached.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The EKS cluster status.
+    #   @return [String]
+    #
+    # @!attribute [rw] tags
+    #   The EKS cluster tags.
+    #   @return [Array<Types::Tag>]
+    #
+    # @!attribute [rw] created_at
+    #   The timestamp when the EKS cluster was created.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EksClusterDetails AWS API Documentation
+    #
+    class EksClusterDetails < Struct.new(
+      :name,
+      :arn,
+      :vpc_id,
+      :status,
+      :tags,
+      :created_at)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
     #   data as a hash:
     #
@@ -2434,7 +2552,7 @@ module Aws::GuardDuty
     #         usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
     #         usage_criteria: { # required
     #           account_ids: ["AccountId"],
-    #           data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #           data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
     #           resources: ["String"],
     #         },
     #         unit: "String",
@@ -2504,6 +2622,21 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Represents a pre-existing file or directory on the host machine that
+    # the volume maps to.
+    #
+    # @!attribute [rw] path
+    #   Path of the file or directory on the host that the volume maps to.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/HostPath AWS API Documentation
+    #
+    class HostPath < Struct.new(
+      :path)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about the EC2 instance profile.
     #
     # @!attribute [rw] arn
@@ -2703,6 +2836,218 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Information about the Kubernetes API call action described in this
+    # finding.
+    #
+    # @!attribute [rw] request_uri
+    #   The Kubernetes API request URI.
+    #   @return [String]
+    #
+    # @!attribute [rw] verb
+    #   The Kubernetes API request HTTP verb.
+    #   @return [String]
+    #
+    # @!attribute [rw] source_ips
+    #   The IP of the Kubernetes API caller and the IPs of any proxies or
+    #   load balancers between the caller and the API endpoint.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] user_agent
+    #   The user agent of the caller of the Kubernetes API.
+    #   @return [String]
+    #
+    # @!attribute [rw] remote_ip_details
+    #   Contains information about the remote IP address of the connection.
+    #   @return [Types::RemoteIpDetails]
+    #
+    # @!attribute [rw] status_code
+    #   The resulting HTTP response code of the Kubernetes API call action.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] parameters
+    #   Parameters related to the Kubernetes API call action.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesApiCallAction AWS API Documentation
+    #
+    class KubernetesApiCallAction < Struct.new(
+      :request_uri,
+      :verb,
+      :source_ips,
+      :user_agent,
+      :remote_ip_details,
+      :status_code,
+      :parameters)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether Kubernetes audit logs are enabled as a data source.
+    #
+    # @note When making an API call, you may pass KubernetesAuditLogsConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         enable: false, # required
+    #       }
+    #
+    # @!attribute [rw] enable
+    #   The status of Kubernetes audit logs as a data source.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesAuditLogsConfiguration AWS API Documentation
+    #
+    class KubernetesAuditLogsConfiguration < Struct.new(
+      :enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether Kubernetes audit logs are enabled as a data source.
+    #
+    # @!attribute [rw] status
+    #   A value that describes whether Kubernetes audit logs are enabled as
+    #   a data source.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesAuditLogsConfigurationResult AWS API Documentation
+    #
+    class KubernetesAuditLogsConfigurationResult < Struct.new(
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether any Kubernetes data sources are enabled.
+    #
+    # @note When making an API call, you may pass KubernetesConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         audit_logs: { # required
+    #           enable: false, # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] audit_logs
+    #   The status of Kubernetes audit logs as a data source.
+    #   @return [Types::KubernetesAuditLogsConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesConfiguration AWS API Documentation
+    #
+    class KubernetesConfiguration < Struct.new(
+      :audit_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes whether any Kubernetes logs will be enabled as a data
+    # source.
+    #
+    # @!attribute [rw] audit_logs
+    #   Describes whether Kubernetes audit logs are enabled as a data
+    #   source.
+    #   @return [Types::KubernetesAuditLogsConfigurationResult]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesConfigurationResult AWS API Documentation
+    #
+    class KubernetesConfigurationResult < Struct.new(
+      :audit_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Details about Kubernetes resources such as a Kubernetes user or
+    # workload resource involved in a Kubernetes finding.
+    #
+    # @!attribute [rw] kubernetes_user_details
+    #   Details about the Kubernetes user involved in a Kubernetes finding.
+    #   @return [Types::KubernetesUserDetails]
+    #
+    # @!attribute [rw] kubernetes_workload_details
+    #   Details about the Kubernetes workload involved in a Kubernetes
+    #   finding.
+    #   @return [Types::KubernetesWorkloadDetails]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesDetails AWS API Documentation
+    #
+    class KubernetesDetails < Struct.new(
+      :kubernetes_user_details,
+      :kubernetes_workload_details)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Details about the Kubernetes user involved in a Kubernetes finding.
+    #
+    # @!attribute [rw] username
+    #   The username of the user who called the Kubernetes API.
+    #   @return [String]
+    #
+    # @!attribute [rw] uid
+    #   The user ID of the user who called the Kubernetes API.
+    #   @return [String]
+    #
+    # @!attribute [rw] groups
+    #   The groups that include the user who called the Kubernetes API.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesUserDetails AWS API Documentation
+    #
+    class KubernetesUserDetails < Struct.new(
+      :username,
+      :uid,
+      :groups)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Details about the Kubernetes workload involved in a Kubernetes
+    # finding.
+    #
+    # @!attribute [rw] name
+    #   Kubernetes workload name.
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   Kubernetes workload type (e.g. Pod, Deployment, etc.).
+    #   @return [String]
+    #
+    # @!attribute [rw] uid
+    #   Kubernetes workload ID.
+    #   @return [String]
+    #
+    # @!attribute [rw] namespace
+    #   Kubernetes namespace that the workload is part of.
+    #   @return [String]
+    #
+    # @!attribute [rw] host_network
+    #   Whether the hostNetwork flag is enabled for the pods included in the
+    #   workload.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] containers
+    #   Containers running as part of the Kubernetes workload.
+    #   @return [Array<Types::Container>]
+    #
+    # @!attribute [rw] volumes
+    #   Volumes used by the Kubernetes workload.
+    #   @return [Array<Types::Volume>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesWorkloadDetails AWS API Documentation
+    #
+    class KubernetesWorkloadDetails < Struct.new(
+      :name,
+      :type,
+      :uid,
+      :namespace,
+      :host_network,
+      :containers,
+      :volumes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListDetectorsRequest
     #   data as a hash:
     #
@@ -3634,6 +3979,11 @@ module Aws::GuardDuty
     #         s3_logs: {
     #           auto_enable: false, # required
     #         },
+    #         kubernetes: {
+    #           audit_logs: { # required
+    #             auto_enable: false, # required
+    #           },
+    #         },
     #       }
     #
     # @!attribute [rw] s3_logs
@@ -3641,10 +3991,16 @@ module Aws::GuardDuty
     #   the organization.
     #   @return [Types::OrganizationS3LogsConfiguration]
     #
+    # @!attribute [rw] kubernetes
+    #   Describes the configuration of Kubernetes data sources for new
+    #   members of the organization.
+    #   @return [Types::OrganizationKubernetesConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurations AWS API Documentation
     #
     class OrganizationDataSourceConfigurations < Struct.new(
-      :s3_logs)
+      :s3_logs,
+      :kubernetes)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3656,10 +4012,94 @@ module Aws::GuardDuty
     #   Describes whether S3 data event logs are enabled as a data source.
     #   @return [Types::OrganizationS3LogsConfigurationResult]
     #
+    # @!attribute [rw] kubernetes
+    #   Describes the configuration of Kubernetes data sources.
+    #   @return [Types::OrganizationKubernetesConfigurationResult]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationDataSourceConfigurationsResult AWS API Documentation
     #
     class OrganizationDataSourceConfigurationsResult < Struct.new(
-      :s3_logs)
+      :s3_logs,
+      :kubernetes)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Organization-wide Kubernetes audit logs configuration.
+    #
+    # @note When making an API call, you may pass OrganizationKubernetesAuditLogsConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         auto_enable: false, # required
+    #       }
+    #
+    # @!attribute [rw] auto_enable
+    #   A value that contains information on whether Kubernetes audit logs
+    #   should be enabled automatically as a data source for the
+    #   organization.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesAuditLogsConfiguration AWS API Documentation
+    #
+    class OrganizationKubernetesAuditLogsConfiguration < Struct.new(
+      :auto_enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The current configuration of Kubernetes audit logs as a data source
+    # for the organization.
+    #
+    # @!attribute [rw] auto_enable
+    #   Whether Kubernetes audit logs data source should be auto-enabled for
+    #   new members joining the organization.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesAuditLogsConfigurationResult AWS API Documentation
+    #
+    class OrganizationKubernetesAuditLogsConfigurationResult < Struct.new(
+      :auto_enable)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Organization-wide Kubernetes data sources configurations.
+    #
+    # @note When making an API call, you may pass OrganizationKubernetesConfiguration
+    #   data as a hash:
+    #
+    #       {
+    #         audit_logs: { # required
+    #           auto_enable: false, # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] audit_logs
+    #   Whether Kubernetes audit logs data source should be auto-enabled for
+    #   new members joining the organization.
+    #   @return [Types::OrganizationKubernetesAuditLogsConfiguration]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesConfiguration AWS API Documentation
+    #
+    class OrganizationKubernetesConfiguration < Struct.new(
+      :audit_logs)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The current configuration of all Kubernetes data sources for the
+    # organization.
+    #
+    # @!attribute [rw] audit_logs
+    #   The current configuration of Kubernetes audit logs as a data source
+    #   for the organization.
+    #   @return [Types::OrganizationKubernetesAuditLogsConfigurationResult]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/OrganizationKubernetesConfigurationResult AWS API Documentation
+    #
+    class OrganizationKubernetesConfigurationResult < Struct.new(
+      :audit_logs)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3943,6 +4383,15 @@ module Aws::GuardDuty
     #   that prompted GuardDuty to generate a finding.
     #   @return [Types::InstanceDetails]
     #
+    # @!attribute [rw] eks_cluster_details
+    #   Details about the EKS cluster involved in a Kubernetes finding.
+    #   @return [Types::EksClusterDetails]
+    #
+    # @!attribute [rw] kubernetes_details
+    #   Details about the Kubernetes user and workload involved in a
+    #   Kubernetes finding.
+    #   @return [Types::KubernetesDetails]
+    #
     # @!attribute [rw] resource_type
     #   The type of Amazon Web Services resource.
     #   @return [String]
@@ -3953,6 +4402,8 @@ module Aws::GuardDuty
       :access_key_details,
       :s3_bucket_details,
       :instance_details,
+      :eks_cluster_details,
+      :kubernetes_details,
       :resource_type)
       SENSITIVE = []
       include Aws::Structure
@@ -4043,6 +4494,20 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Container security context.
+    #
+    # @!attribute [rw] privileged
+    #   Whether the container is privileged.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/SecurityContext AWS API Documentation
+    #
+    class SecurityContext < Struct.new(
+      :privileged)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains information about the security groups associated with the EC2
     # instance.
     #
@@ -4413,6 +4878,11 @@ module Aws::GuardDuty
     #           s3_logs: {
     #             enable: false, # required
     #           },
+    #           kubernetes: {
+    #             audit_logs: { # required
+    #               enable: false, # required
+    #             },
+    #           },
     #         },
     #       }
     #
@@ -4633,6 +5103,11 @@ module Aws::GuardDuty
     #           s3_logs: {
     #             enable: false, # required
     #           },
+    #           kubernetes: {
+    #             audit_logs: { # required
+    #               enable: false, # required
+    #             },
+    #           },
     #         },
     #       }
     #
@@ -4681,6 +5156,11 @@ module Aws::GuardDuty
     #           s3_logs: {
     #             auto_enable: false, # required
     #           },
+    #           kubernetes: {
+    #             audit_logs: { # required
+    #               auto_enable: false, # required
+    #             },
+    #           },
     #         },
     #       }
     #
@@ -4829,7 +5309,7 @@ module Aws::GuardDuty
     #
     #       {
     #         account_ids: ["AccountId"],
-    #         data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS
+    #         data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
     #         resources: ["String"],
     #       }
     #
@@ -4926,5 +5406,44 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # Volume used by the Kubernetes workload.
+    #
+    # @!attribute [rw] name
+    #   Volume name.
+    #   @return [String]
+    #
+    # @!attribute [rw] host_path
+    #   Represents a pre-existing file or directory on the host machine that
+    #   the volume maps to.
+    #   @return [Types::HostPath]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Volume AWS API Documentation
+    #
+    class Volume < Struct.new(
+      :name,
+      :host_path)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Container volume mount.
+    #
+    # @!attribute [rw] name
+    #   Volume mount name.
+    #   @return [String]
+    #
+    # @!attribute [rw] mount_path
+    #   Volume mount path.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/VolumeMount AWS API Documentation
+    #
+    class VolumeMount < Struct.new(
+      :name,
+      :mount_path)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
   end
 end

data/lib/aws-sdk-guardduty.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-guardduty/customizations'
 # @!group service
 module Aws::GuardDuty
 
-  GEM_VERSION = '1.53.0'
+  GEM_VERSION = '1.56.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-guardduty
 version: !ruby/object:Gem::Version
-  version: 1.53.0
+  version: 1.56.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-01-20 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.125.0
+        version: 3.127.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.125.0
+        version: 3.127.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement