aws-sdk-guardduty 1.56.0 → 1.59.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +442 -8
- data/lib/aws-sdk-guardduty/client_api.rb +436 -2
- data/lib/aws-sdk-guardduty/types.rb +1701 -168
- data/lib/aws-sdk-guardduty.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 14858a583fa7b814db83884128fdc343437d8e63aeb571f460bee977d8a874e2
|
|
4
|
+
data.tar.gz: 5249beafe46d31cd9251c589248137958f5fbf2851fe433900570e7542bbbc88
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3aa05b0122bfc802c1428b911004a0bbb9600e997488389153ac0e163b55e885decba26acad14ed104d86d8ddfd9cd3b30577d9269121e0def97ed146874d75c
|
|
7
|
+
data.tar.gz: ebbae9e1e0e553ad0dcfddd379805a2bf89a76777574af33ffef4f6f66f9d1a4d1af84e8505d16865d8838c4b7655da3215cb0004c6bb51c9725a57fe1e3bf82
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,21 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.59.0 (2022-07-26)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Amazon GuardDuty introduces a new Malware Protection feature that triggers malware scan on selected EC2 instance resources, after the service detects a potentially malicious activity.
|
|
8
|
+
|
|
9
|
+
1.58.0 (2022-06-15)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Adds finding fields available from GuardDuty Console. Adds FreeTrial related operations. Deprecates the use of various APIs related to Master Accounts and Replace them with Administrator Accounts.
|
|
13
|
+
|
|
14
|
+
1.57.0 (2022-04-28)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Documentation update for API description.
|
|
18
|
+
|
|
4
19
|
1.56.0 (2022-02-24)
|
|
5
20
|
------------------
|
|
6
21
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.59.0
|
|
@@ -351,6 +351,39 @@ module Aws::GuardDuty
|
|
|
351
351
|
|
|
352
352
|
# @!group API Operations
|
|
353
353
|
|
|
354
|
+
# Accepts the invitation to be a member account and get monitored by a
|
|
355
|
+
# GuardDuty administrator account that sent the invitation.
|
|
356
|
+
#
|
|
357
|
+
# @option params [required, String] :detector_id
|
|
358
|
+
# The unique ID of the detector of the GuardDuty member account.
|
|
359
|
+
#
|
|
360
|
+
# @option params [required, String] :administrator_id
|
|
361
|
+
# The account ID of the GuardDuty administrator account whose invitation
|
|
362
|
+
# you're accepting.
|
|
363
|
+
#
|
|
364
|
+
# @option params [required, String] :invitation_id
|
|
365
|
+
# The value that is used to validate the administrator account to the
|
|
366
|
+
# member account.
|
|
367
|
+
#
|
|
368
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
369
|
+
#
|
|
370
|
+
# @example Request syntax with placeholder values
|
|
371
|
+
#
|
|
372
|
+
# resp = client.accept_administrator_invitation({
|
|
373
|
+
# detector_id: "DetectorId", # required
|
|
374
|
+
# administrator_id: "String", # required
|
|
375
|
+
# invitation_id: "String", # required
|
|
376
|
+
# })
|
|
377
|
+
#
|
|
378
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/AcceptAdministratorInvitation AWS API Documentation
|
|
379
|
+
#
|
|
380
|
+
# @overload accept_administrator_invitation(params = {})
|
|
381
|
+
# @param [Hash] params ({})
|
|
382
|
+
def accept_administrator_invitation(params = {}, options = {})
|
|
383
|
+
req = build_request(:accept_administrator_invitation, params)
|
|
384
|
+
req.send_request(options)
|
|
385
|
+
end
|
|
386
|
+
|
|
354
387
|
# Accepts the invitation to be monitored by a GuardDuty administrator
|
|
355
388
|
# account.
|
|
356
389
|
#
|
|
@@ -460,6 +493,11 @@ module Aws::GuardDuty
|
|
|
460
493
|
# enable: false, # required
|
|
461
494
|
# },
|
|
462
495
|
# },
|
|
496
|
+
# malware_protection: {
|
|
497
|
+
# scan_ec2_instance_with_findings: {
|
|
498
|
+
# ebs_volumes: false,
|
|
499
|
+
# },
|
|
500
|
+
# },
|
|
463
501
|
# },
|
|
464
502
|
# tags: {
|
|
465
503
|
# "TagKey" => "TagValue",
|
|
@@ -562,6 +600,8 @@ module Aws::GuardDuty
|
|
|
562
600
|
#
|
|
563
601
|
# * service.action.awsApiCallAction.errorCode
|
|
564
602
|
#
|
|
603
|
+
# * service.action.awsApiCallAction.userAgent
|
|
604
|
+
#
|
|
565
605
|
# * service.action.awsApiCallAction.remoteIpDetails.city.cityName
|
|
566
606
|
#
|
|
567
607
|
# * service.action.awsApiCallAction.remoteIpDetails.country.countryName
|
|
@@ -1187,6 +1227,97 @@ module Aws::GuardDuty
|
|
|
1187
1227
|
req.send_request(options)
|
|
1188
1228
|
end
|
|
1189
1229
|
|
|
1230
|
+
# Returns a list of malware scans.
|
|
1231
|
+
#
|
|
1232
|
+
# @option params [required, String] :detector_id
|
|
1233
|
+
# The unique ID of the detector that the request is associated with.
|
|
1234
|
+
#
|
|
1235
|
+
# @option params [String] :next_token
|
|
1236
|
+
# You can use this parameter when paginating results. Set the value of
|
|
1237
|
+
# this parameter to null on your first call to the list action. For
|
|
1238
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1239
|
+
# value of NextToken from the previous response to continue listing
|
|
1240
|
+
# data.
|
|
1241
|
+
#
|
|
1242
|
+
# @option params [Integer] :max_results
|
|
1243
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1244
|
+
# that you want in the response. The default value is 50. The maximum
|
|
1245
|
+
# value is 50.
|
|
1246
|
+
#
|
|
1247
|
+
# @option params [Types::FilterCriteria] :filter_criteria
|
|
1248
|
+
# Represents the criteria to be used in the filter for describing scan
|
|
1249
|
+
# entries.
|
|
1250
|
+
#
|
|
1251
|
+
# @option params [Types::SortCriteria] :sort_criteria
|
|
1252
|
+
# Represents the criteria used for sorting scan entries.
|
|
1253
|
+
#
|
|
1254
|
+
# @return [Types::DescribeMalwareScansResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1255
|
+
#
|
|
1256
|
+
# * {Types::DescribeMalwareScansResponse#scans #scans} => Array<Types::Scan>
|
|
1257
|
+
# * {Types::DescribeMalwareScansResponse#next_token #next_token} => String
|
|
1258
|
+
#
|
|
1259
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1260
|
+
#
|
|
1261
|
+
# @example Request syntax with placeholder values
|
|
1262
|
+
#
|
|
1263
|
+
# resp = client.describe_malware_scans({
|
|
1264
|
+
# detector_id: "DetectorId", # required
|
|
1265
|
+
# next_token: "String",
|
|
1266
|
+
# max_results: 1,
|
|
1267
|
+
# filter_criteria: {
|
|
1268
|
+
# filter_criterion: [
|
|
1269
|
+
# {
|
|
1270
|
+
# criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
|
|
1271
|
+
# filter_condition: {
|
|
1272
|
+
# equals_value: "NonEmptyString",
|
|
1273
|
+
# greater_than: 1,
|
|
1274
|
+
# less_than: 1,
|
|
1275
|
+
# },
|
|
1276
|
+
# },
|
|
1277
|
+
# ],
|
|
1278
|
+
# },
|
|
1279
|
+
# sort_criteria: {
|
|
1280
|
+
# attribute_name: "String",
|
|
1281
|
+
# order_by: "ASC", # accepts ASC, DESC
|
|
1282
|
+
# },
|
|
1283
|
+
# })
|
|
1284
|
+
#
|
|
1285
|
+
# @example Response structure
|
|
1286
|
+
#
|
|
1287
|
+
# resp.scans #=> Array
|
|
1288
|
+
# resp.scans[0].detector_id #=> String
|
|
1289
|
+
# resp.scans[0].admin_detector_id #=> String
|
|
1290
|
+
# resp.scans[0].scan_id #=> String
|
|
1291
|
+
# resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "FAILED"
|
|
1292
|
+
# resp.scans[0].failure_reason #=> String
|
|
1293
|
+
# resp.scans[0].scan_start_time #=> Time
|
|
1294
|
+
# resp.scans[0].scan_end_time #=> Time
|
|
1295
|
+
# resp.scans[0].trigger_details.guard_duty_finding_id #=> String
|
|
1296
|
+
# resp.scans[0].trigger_details.description #=> String
|
|
1297
|
+
# resp.scans[0].resource_details.instance_arn #=> String
|
|
1298
|
+
# resp.scans[0].scan_result_details.scan_result #=> String, one of "CLEAN", "INFECTED"
|
|
1299
|
+
# resp.scans[0].account_id #=> String
|
|
1300
|
+
# resp.scans[0].total_bytes #=> Integer
|
|
1301
|
+
# resp.scans[0].file_count #=> Integer
|
|
1302
|
+
# resp.scans[0].attached_volumes #=> Array
|
|
1303
|
+
# resp.scans[0].attached_volumes[0].volume_arn #=> String
|
|
1304
|
+
# resp.scans[0].attached_volumes[0].volume_type #=> String
|
|
1305
|
+
# resp.scans[0].attached_volumes[0].device_name #=> String
|
|
1306
|
+
# resp.scans[0].attached_volumes[0].volume_size_in_gb #=> Integer
|
|
1307
|
+
# resp.scans[0].attached_volumes[0].encryption_type #=> String
|
|
1308
|
+
# resp.scans[0].attached_volumes[0].snapshot_arn #=> String
|
|
1309
|
+
# resp.scans[0].attached_volumes[0].kms_key_arn #=> String
|
|
1310
|
+
# resp.next_token #=> String
|
|
1311
|
+
#
|
|
1312
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeMalwareScans AWS API Documentation
|
|
1313
|
+
#
|
|
1314
|
+
# @overload describe_malware_scans(params = {})
|
|
1315
|
+
# @param [Hash] params ({})
|
|
1316
|
+
def describe_malware_scans(params = {}, options = {})
|
|
1317
|
+
req = build_request(:describe_malware_scans, params)
|
|
1318
|
+
req.send_request(options)
|
|
1319
|
+
end
|
|
1320
|
+
|
|
1190
1321
|
# Returns information about the account selected as the delegated
|
|
1191
1322
|
# administrator for GuardDuty.
|
|
1192
1323
|
#
|
|
@@ -1212,6 +1343,7 @@ module Aws::GuardDuty
|
|
|
1212
1343
|
# resp.member_account_limit_reached #=> Boolean
|
|
1213
1344
|
# resp.data_sources.s3_logs.auto_enable #=> Boolean
|
|
1214
1345
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
|
1346
|
+
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
|
1215
1347
|
#
|
|
1216
1348
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1217
1349
|
#
|
|
@@ -1289,6 +1421,29 @@ module Aws::GuardDuty
|
|
|
1289
1421
|
req.send_request(options)
|
|
1290
1422
|
end
|
|
1291
1423
|
|
|
1424
|
+
# Disassociates the current GuardDuty member account from its
|
|
1425
|
+
# administrator account.
|
|
1426
|
+
#
|
|
1427
|
+
# @option params [required, String] :detector_id
|
|
1428
|
+
# The unique ID of the detector of the GuardDuty member account.
|
|
1429
|
+
#
|
|
1430
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1431
|
+
#
|
|
1432
|
+
# @example Request syntax with placeholder values
|
|
1433
|
+
#
|
|
1434
|
+
# resp = client.disassociate_from_administrator_account({
|
|
1435
|
+
# detector_id: "DetectorId", # required
|
|
1436
|
+
# })
|
|
1437
|
+
#
|
|
1438
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DisassociateFromAdministratorAccount AWS API Documentation
|
|
1439
|
+
#
|
|
1440
|
+
# @overload disassociate_from_administrator_account(params = {})
|
|
1441
|
+
# @param [Hash] params ({})
|
|
1442
|
+
def disassociate_from_administrator_account(params = {}, options = {})
|
|
1443
|
+
req = build_request(:disassociate_from_administrator_account, params)
|
|
1444
|
+
req.send_request(options)
|
|
1445
|
+
end
|
|
1446
|
+
|
|
1292
1447
|
# Disassociates the current GuardDuty member account from its
|
|
1293
1448
|
# administrator account.
|
|
1294
1449
|
#
|
|
@@ -1373,6 +1528,38 @@ module Aws::GuardDuty
|
|
|
1373
1528
|
req.send_request(options)
|
|
1374
1529
|
end
|
|
1375
1530
|
|
|
1531
|
+
# Provides the details for the GuardDuty administrator account
|
|
1532
|
+
# associated with the current GuardDuty member account.
|
|
1533
|
+
#
|
|
1534
|
+
# @option params [required, String] :detector_id
|
|
1535
|
+
# The unique ID of the detector of the GuardDuty member account.
|
|
1536
|
+
#
|
|
1537
|
+
# @return [Types::GetAdministratorAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1538
|
+
#
|
|
1539
|
+
# * {Types::GetAdministratorAccountResponse#administrator #administrator} => Types::Administrator
|
|
1540
|
+
#
|
|
1541
|
+
# @example Request syntax with placeholder values
|
|
1542
|
+
#
|
|
1543
|
+
# resp = client.get_administrator_account({
|
|
1544
|
+
# detector_id: "DetectorId", # required
|
|
1545
|
+
# })
|
|
1546
|
+
#
|
|
1547
|
+
# @example Response structure
|
|
1548
|
+
#
|
|
1549
|
+
# resp.administrator.account_id #=> String
|
|
1550
|
+
# resp.administrator.invitation_id #=> String
|
|
1551
|
+
# resp.administrator.relationship_status #=> String
|
|
1552
|
+
# resp.administrator.invited_at #=> String
|
|
1553
|
+
#
|
|
1554
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetAdministratorAccount AWS API Documentation
|
|
1555
|
+
#
|
|
1556
|
+
# @overload get_administrator_account(params = {})
|
|
1557
|
+
# @param [Hash] params ({})
|
|
1558
|
+
def get_administrator_account(params = {}, options = {})
|
|
1559
|
+
req = build_request(:get_administrator_account, params)
|
|
1560
|
+
req.send_request(options)
|
|
1561
|
+
end
|
|
1562
|
+
|
|
1376
1563
|
# Retrieves an Amazon GuardDuty detector specified by the detectorId.
|
|
1377
1564
|
#
|
|
1378
1565
|
# @option params [required, String] :detector_id
|
|
@@ -1406,6 +1593,8 @@ module Aws::GuardDuty
|
|
|
1406
1593
|
# resp.data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1407
1594
|
# resp.data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1408
1595
|
# resp.data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1596
|
+
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
1597
|
+
# resp.data_sources.malware_protection.service_role #=> String
|
|
1409
1598
|
# resp.tags #=> Hash
|
|
1410
1599
|
# resp.tags["TagKey"] #=> String
|
|
1411
1600
|
#
|
|
@@ -1607,6 +1796,63 @@ module Aws::GuardDuty
|
|
|
1607
1796
|
# resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].name #=> String
|
|
1608
1797
|
# resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].host_path.path #=> String
|
|
1609
1798
|
# resp.findings[0].resource.resource_type #=> String
|
|
1799
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details #=> Array
|
|
1800
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_arn #=> String
|
|
1801
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_type #=> String
|
|
1802
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].device_name #=> String
|
|
1803
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_size_in_gb #=> Integer
|
|
1804
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].encryption_type #=> String
|
|
1805
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].snapshot_arn #=> String
|
|
1806
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].kms_key_arn #=> String
|
|
1807
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details #=> Array
|
|
1808
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_arn #=> String
|
|
1809
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_type #=> String
|
|
1810
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].device_name #=> String
|
|
1811
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_size_in_gb #=> Integer
|
|
1812
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].encryption_type #=> String
|
|
1813
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].snapshot_arn #=> String
|
|
1814
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].kms_key_arn #=> String
|
|
1815
|
+
# resp.findings[0].resource.ecs_cluster_details.name #=> String
|
|
1816
|
+
# resp.findings[0].resource.ecs_cluster_details.arn #=> String
|
|
1817
|
+
# resp.findings[0].resource.ecs_cluster_details.status #=> String
|
|
1818
|
+
# resp.findings[0].resource.ecs_cluster_details.active_services_count #=> Integer
|
|
1819
|
+
# resp.findings[0].resource.ecs_cluster_details.registered_container_instances_count #=> Integer
|
|
1820
|
+
# resp.findings[0].resource.ecs_cluster_details.running_tasks_count #=> Integer
|
|
1821
|
+
# resp.findings[0].resource.ecs_cluster_details.tags #=> Array
|
|
1822
|
+
# resp.findings[0].resource.ecs_cluster_details.tags[0].key #=> String
|
|
1823
|
+
# resp.findings[0].resource.ecs_cluster_details.tags[0].value #=> String
|
|
1824
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.arn #=> String
|
|
1825
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.definition_arn #=> String
|
|
1826
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.version #=> String
|
|
1827
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.task_created_at #=> Time
|
|
1828
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.started_at #=> Time
|
|
1829
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.started_by #=> String
|
|
1830
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags #=> Array
|
|
1831
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags[0].key #=> String
|
|
1832
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags[0].value #=> String
|
|
1833
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes #=> Array
|
|
1834
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes[0].name #=> String
|
|
1835
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes[0].host_path.path #=> String
|
|
1836
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers #=> Array
|
|
1837
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].container_runtime #=> String
|
|
1838
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].id #=> String
|
|
1839
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].name #=> String
|
|
1840
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].image #=> String
|
|
1841
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].image_prefix #=> String
|
|
1842
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts #=> Array
|
|
1843
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts[0].name #=> String
|
|
1844
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts[0].mount_path #=> String
|
|
1845
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].security_context.privileged #=> Boolean
|
|
1846
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.group #=> String
|
|
1847
|
+
# resp.findings[0].resource.container_details.container_runtime #=> String
|
|
1848
|
+
# resp.findings[0].resource.container_details.id #=> String
|
|
1849
|
+
# resp.findings[0].resource.container_details.name #=> String
|
|
1850
|
+
# resp.findings[0].resource.container_details.image #=> String
|
|
1851
|
+
# resp.findings[0].resource.container_details.image_prefix #=> String
|
|
1852
|
+
# resp.findings[0].resource.container_details.volume_mounts #=> Array
|
|
1853
|
+
# resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
|
|
1854
|
+
# resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
|
|
1855
|
+
# resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
|
|
1610
1856
|
# resp.findings[0].schema_version #=> String
|
|
1611
1857
|
# resp.findings[0].service.action.action_type #=> String
|
|
1612
1858
|
# resp.findings[0].service.action.aws_api_call_action.api #=> String
|
|
@@ -1627,7 +1873,11 @@ module Aws::GuardDuty
|
|
|
1627
1873
|
# resp.findings[0].service.action.aws_api_call_action.service_name #=> String
|
|
1628
1874
|
# resp.findings[0].service.action.aws_api_call_action.remote_account_details.account_id #=> String
|
|
1629
1875
|
# resp.findings[0].service.action.aws_api_call_action.remote_account_details.affiliated #=> Boolean
|
|
1876
|
+
# resp.findings[0].service.action.aws_api_call_action.affected_resources #=> Hash
|
|
1877
|
+
# resp.findings[0].service.action.aws_api_call_action.affected_resources["String"] #=> String
|
|
1630
1878
|
# resp.findings[0].service.action.dns_request_action.domain #=> String
|
|
1879
|
+
# resp.findings[0].service.action.dns_request_action.protocol #=> String
|
|
1880
|
+
# resp.findings[0].service.action.dns_request_action.blocked #=> Boolean
|
|
1631
1881
|
# resp.findings[0].service.action.network_connection_action.blocked #=> Boolean
|
|
1632
1882
|
# resp.findings[0].service.action.network_connection_action.connection_direction #=> String
|
|
1633
1883
|
# resp.findings[0].service.action.network_connection_action.local_port_details.port #=> Integer
|
|
@@ -1690,6 +1940,34 @@ module Aws::GuardDuty
|
|
|
1690
1940
|
# resp.findings[0].service.resource_role #=> String
|
|
1691
1941
|
# resp.findings[0].service.service_name #=> String
|
|
1692
1942
|
# resp.findings[0].service.user_feedback #=> String
|
|
1943
|
+
# resp.findings[0].service.additional_info.value #=> String
|
|
1944
|
+
# resp.findings[0].service.additional_info.type #=> String
|
|
1945
|
+
# resp.findings[0].service.feature_name #=> String
|
|
1946
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_id #=> String
|
|
1947
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_started_at #=> Time
|
|
1948
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_completed_at #=> Time
|
|
1949
|
+
# resp.findings[0].service.ebs_volume_scan_details.trigger_finding_id #=> String
|
|
1950
|
+
# resp.findings[0].service.ebs_volume_scan_details.sources #=> Array
|
|
1951
|
+
# resp.findings[0].service.ebs_volume_scan_details.sources[0] #=> String
|
|
1952
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.total_gb #=> Integer
|
|
1953
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.files #=> Integer
|
|
1954
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.volumes #=> Integer
|
|
1955
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threats_detected_item_count.files #=> Integer
|
|
1956
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.severity #=> String
|
|
1957
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.threat_name #=> String
|
|
1958
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.count #=> Integer
|
|
1959
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.item_count #=> Integer
|
|
1960
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.unique_threat_name_count #=> Integer
|
|
1961
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.shortened #=> Boolean
|
|
1962
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names #=> Array
|
|
1963
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].name #=> String
|
|
1964
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].severity #=> String
|
|
1965
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].item_count #=> Integer
|
|
1966
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths #=> Array
|
|
1967
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_path #=> String
|
|
1968
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].volume_arn #=> String
|
|
1969
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].hash #=> String
|
|
1970
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_name #=> String
|
|
1693
1971
|
# resp.findings[0].severity #=> Float
|
|
1694
1972
|
# resp.findings[0].title #=> String
|
|
1695
1973
|
# resp.findings[0].type #=> String
|
|
@@ -1822,6 +2100,44 @@ module Aws::GuardDuty
|
|
|
1822
2100
|
req.send_request(options)
|
|
1823
2101
|
end
|
|
1824
2102
|
|
|
2103
|
+
# Returns the details of the malware scan settings.
|
|
2104
|
+
#
|
|
2105
|
+
# @option params [required, String] :detector_id
|
|
2106
|
+
# The unique ID of the detector that the scan setting is associated
|
|
2107
|
+
# with.
|
|
2108
|
+
#
|
|
2109
|
+
# @return [Types::GetMalwareScanSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2110
|
+
#
|
|
2111
|
+
# * {Types::GetMalwareScanSettingsResponse#scan_resource_criteria #scan_resource_criteria} => Types::ScanResourceCriteria
|
|
2112
|
+
# * {Types::GetMalwareScanSettingsResponse#ebs_snapshot_preservation #ebs_snapshot_preservation} => String
|
|
2113
|
+
#
|
|
2114
|
+
# @example Request syntax with placeholder values
|
|
2115
|
+
#
|
|
2116
|
+
# resp = client.get_malware_scan_settings({
|
|
2117
|
+
# detector_id: "DetectorId", # required
|
|
2118
|
+
# })
|
|
2119
|
+
#
|
|
2120
|
+
# @example Response structure
|
|
2121
|
+
#
|
|
2122
|
+
# resp.scan_resource_criteria.include #=> Hash
|
|
2123
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals #=> Array
|
|
2124
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals[0].key #=> String
|
|
2125
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals[0].value #=> String
|
|
2126
|
+
# resp.scan_resource_criteria.exclude #=> Hash
|
|
2127
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals #=> Array
|
|
2128
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals[0].key #=> String
|
|
2129
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals[0].value #=> String
|
|
2130
|
+
# resp.ebs_snapshot_preservation #=> String, one of "NO_RETENTION", "RETENTION_WITH_FINDING"
|
|
2131
|
+
#
|
|
2132
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMalwareScanSettings AWS API Documentation
|
|
2133
|
+
#
|
|
2134
|
+
# @overload get_malware_scan_settings(params = {})
|
|
2135
|
+
# @param [Hash] params ({})
|
|
2136
|
+
def get_malware_scan_settings(params = {}, options = {})
|
|
2137
|
+
req = build_request(:get_malware_scan_settings, params)
|
|
2138
|
+
req.send_request(options)
|
|
2139
|
+
end
|
|
2140
|
+
|
|
1825
2141
|
# Provides the details for the GuardDuty administrator account
|
|
1826
2142
|
# associated with the current GuardDuty member account.
|
|
1827
2143
|
#
|
|
@@ -1884,6 +2200,8 @@ module Aws::GuardDuty
|
|
|
1884
2200
|
# resp.member_data_source_configurations[0].data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1885
2201
|
# resp.member_data_source_configurations[0].data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1886
2202
|
# resp.member_data_source_configurations[0].data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
2203
|
+
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
2204
|
+
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
|
1887
2205
|
# resp.unprocessed_accounts #=> Array
|
|
1888
2206
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
1889
2207
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -1930,6 +2248,7 @@ module Aws::GuardDuty
|
|
|
1930
2248
|
# resp.members[0].relationship_status #=> String
|
|
1931
2249
|
# resp.members[0].invited_at #=> String
|
|
1932
2250
|
# resp.members[0].updated_at #=> String
|
|
2251
|
+
# resp.members[0].administrator_id #=> String
|
|
1933
2252
|
# resp.unprocessed_accounts #=> Array
|
|
1934
2253
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
1935
2254
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -1943,6 +2262,50 @@ module Aws::GuardDuty
|
|
|
1943
2262
|
req.send_request(options)
|
|
1944
2263
|
end
|
|
1945
2264
|
|
|
2265
|
+
# Provides the number of days left for each data source used in the free
|
|
2266
|
+
# trial period.
|
|
2267
|
+
#
|
|
2268
|
+
# @option params [required, String] :detector_id
|
|
2269
|
+
# The unique ID of the detector of the GuardDuty member account.
|
|
2270
|
+
#
|
|
2271
|
+
# @option params [Array<String>] :account_ids
|
|
2272
|
+
# A list of account identifiers of the GuardDuty member account.
|
|
2273
|
+
#
|
|
2274
|
+
# @return [Types::GetRemainingFreeTrialDaysResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2275
|
+
#
|
|
2276
|
+
# * {Types::GetRemainingFreeTrialDaysResponse#accounts #accounts} => Array<Types::AccountFreeTrialInfo>
|
|
2277
|
+
# * {Types::GetRemainingFreeTrialDaysResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::UnprocessedAccount>
|
|
2278
|
+
#
|
|
2279
|
+
# @example Request syntax with placeholder values
|
|
2280
|
+
#
|
|
2281
|
+
# resp = client.get_remaining_free_trial_days({
|
|
2282
|
+
# detector_id: "DetectorId", # required
|
|
2283
|
+
# account_ids: ["AccountId"],
|
|
2284
|
+
# })
|
|
2285
|
+
#
|
|
2286
|
+
# @example Response structure
|
|
2287
|
+
#
|
|
2288
|
+
# resp.accounts #=> Array
|
|
2289
|
+
# resp.accounts[0].account_id #=> String
|
|
2290
|
+
# resp.accounts[0].data_sources.cloud_trail.free_trial_days_remaining #=> Integer
|
|
2291
|
+
# resp.accounts[0].data_sources.dns_logs.free_trial_days_remaining #=> Integer
|
|
2292
|
+
# resp.accounts[0].data_sources.flow_logs.free_trial_days_remaining #=> Integer
|
|
2293
|
+
# resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
|
|
2294
|
+
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
|
2295
|
+
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
|
2296
|
+
# resp.unprocessed_accounts #=> Array
|
|
2297
|
+
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2298
|
+
# resp.unprocessed_accounts[0].result #=> String
|
|
2299
|
+
#
|
|
2300
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetRemainingFreeTrialDays AWS API Documentation
|
|
2301
|
+
#
|
|
2302
|
+
# @overload get_remaining_free_trial_days(params = {})
|
|
2303
|
+
# @param [Hash] params ({})
|
|
2304
|
+
def get_remaining_free_trial_days(params = {}, options = {})
|
|
2305
|
+
req = build_request(:get_remaining_free_trial_days, params)
|
|
2306
|
+
req.send_request(options)
|
|
2307
|
+
end
|
|
2308
|
+
|
|
1946
2309
|
# Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet
|
|
1947
2310
|
# ID.
|
|
1948
2311
|
#
|
|
@@ -1987,11 +2350,11 @@ module Aws::GuardDuty
|
|
|
1987
2350
|
end
|
|
1988
2351
|
|
|
1989
2352
|
# Lists Amazon GuardDuty usage statistics over the last 30 days for the
|
|
1990
|
-
# specified detector ID. For newly enabled detectors or data sources
|
|
1991
|
-
# cost returned will include only the usage so far under 30 days
|
|
1992
|
-
# may differ from the cost metrics in the console, which
|
|
1993
|
-
# over 30 days to provide a monthly cost estimate. For more
|
|
1994
|
-
# see [Understanding How Usage Costs are Calculated][1].
|
|
2353
|
+
# specified detector ID. For newly enabled detectors or data sources,
|
|
2354
|
+
# the cost returned will include only the usage so far under 30 days.
|
|
2355
|
+
# This may differ from the cost metrics in the console, which project
|
|
2356
|
+
# usage over 30 days to provide a monthly cost estimate. For more
|
|
2357
|
+
# information, see [Understanding How Usage Costs are Calculated][1].
|
|
1995
2358
|
#
|
|
1996
2359
|
#
|
|
1997
2360
|
#
|
|
@@ -2035,7 +2398,7 @@ module Aws::GuardDuty
|
|
|
2035
2398
|
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
|
2036
2399
|
# usage_criteria: { # required
|
|
2037
2400
|
# account_ids: ["AccountId"],
|
|
2038
|
-
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
|
|
2401
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
|
|
2039
2402
|
# resources: ["String"],
|
|
2040
2403
|
# },
|
|
2041
2404
|
# unit: "String",
|
|
@@ -2050,7 +2413,7 @@ module Aws::GuardDuty
|
|
|
2050
2413
|
# resp.usage_statistics.sum_by_account[0].total.amount #=> String
|
|
2051
2414
|
# resp.usage_statistics.sum_by_account[0].total.unit #=> String
|
|
2052
2415
|
# resp.usage_statistics.sum_by_data_source #=> Array
|
|
2053
|
-
# resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS"
|
|
2416
|
+
# resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS", "EC2_MALWARE_SCAN"
|
|
2054
2417
|
# resp.usage_statistics.sum_by_data_source[0].total.amount #=> String
|
|
2055
2418
|
# resp.usage_statistics.sum_by_data_source[0].total.unit #=> String
|
|
2056
2419
|
# resp.usage_statistics.sum_by_resource #=> Array
|
|
@@ -2539,6 +2902,7 @@ module Aws::GuardDuty
|
|
|
2539
2902
|
# resp.members[0].relationship_status #=> String
|
|
2540
2903
|
# resp.members[0].invited_at #=> String
|
|
2541
2904
|
# resp.members[0].updated_at #=> String
|
|
2905
|
+
# resp.members[0].administrator_id #=> String
|
|
2542
2906
|
# resp.next_token #=> String
|
|
2543
2907
|
#
|
|
2544
2908
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMembers AWS API Documentation
|
|
@@ -2911,6 +3275,11 @@ module Aws::GuardDuty
|
|
|
2911
3275
|
# enable: false, # required
|
|
2912
3276
|
# },
|
|
2913
3277
|
# },
|
|
3278
|
+
# malware_protection: {
|
|
3279
|
+
# scan_ec2_instance_with_findings: {
|
|
3280
|
+
# ebs_volumes: false,
|
|
3281
|
+
# },
|
|
3282
|
+
# },
|
|
2914
3283
|
# },
|
|
2915
3284
|
# })
|
|
2916
3285
|
#
|
|
@@ -3068,6 +3437,59 @@ module Aws::GuardDuty
|
|
|
3068
3437
|
req.send_request(options)
|
|
3069
3438
|
end
|
|
3070
3439
|
|
|
3440
|
+
# Updates the malware scan settings.
|
|
3441
|
+
#
|
|
3442
|
+
# @option params [required, String] :detector_id
|
|
3443
|
+
# The unique ID of the detector that specifies the GuardDuty service
|
|
3444
|
+
# where you want to update scan settings.
|
|
3445
|
+
#
|
|
3446
|
+
# @option params [Types::ScanResourceCriteria] :scan_resource_criteria
|
|
3447
|
+
# Represents the criteria to be used in the filter for selecting
|
|
3448
|
+
# resources to scan.
|
|
3449
|
+
#
|
|
3450
|
+
# @option params [String] :ebs_snapshot_preservation
|
|
3451
|
+
# An enum value representing possible snapshot preservations.
|
|
3452
|
+
#
|
|
3453
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3454
|
+
#
|
|
3455
|
+
# @example Request syntax with placeholder values
|
|
3456
|
+
#
|
|
3457
|
+
# resp = client.update_malware_scan_settings({
|
|
3458
|
+
# detector_id: "DetectorId", # required
|
|
3459
|
+
# scan_resource_criteria: {
|
|
3460
|
+
# include: {
|
|
3461
|
+
# "EC2_INSTANCE_TAG" => {
|
|
3462
|
+
# map_equals: [ # required
|
|
3463
|
+
# {
|
|
3464
|
+
# key: "TagKey", # required
|
|
3465
|
+
# value: "TagValue",
|
|
3466
|
+
# },
|
|
3467
|
+
# ],
|
|
3468
|
+
# },
|
|
3469
|
+
# },
|
|
3470
|
+
# exclude: {
|
|
3471
|
+
# "EC2_INSTANCE_TAG" => {
|
|
3472
|
+
# map_equals: [ # required
|
|
3473
|
+
# {
|
|
3474
|
+
# key: "TagKey", # required
|
|
3475
|
+
# value: "TagValue",
|
|
3476
|
+
# },
|
|
3477
|
+
# ],
|
|
3478
|
+
# },
|
|
3479
|
+
# },
|
|
3480
|
+
# },
|
|
3481
|
+
# ebs_snapshot_preservation: "NO_RETENTION", # accepts NO_RETENTION, RETENTION_WITH_FINDING
|
|
3482
|
+
# })
|
|
3483
|
+
#
|
|
3484
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMalwareScanSettings AWS API Documentation
|
|
3485
|
+
#
|
|
3486
|
+
# @overload update_malware_scan_settings(params = {})
|
|
3487
|
+
# @param [Hash] params ({})
|
|
3488
|
+
def update_malware_scan_settings(params = {}, options = {})
|
|
3489
|
+
req = build_request(:update_malware_scan_settings, params)
|
|
3490
|
+
req.send_request(options)
|
|
3491
|
+
end
|
|
3492
|
+
|
|
3071
3493
|
# Contains information on member accounts to be updated.
|
|
3072
3494
|
#
|
|
3073
3495
|
# @option params [required, String] :detector_id
|
|
@@ -3097,6 +3519,11 @@ module Aws::GuardDuty
|
|
|
3097
3519
|
# enable: false, # required
|
|
3098
3520
|
# },
|
|
3099
3521
|
# },
|
|
3522
|
+
# malware_protection: {
|
|
3523
|
+
# scan_ec2_instance_with_findings: {
|
|
3524
|
+
# ebs_volumes: false,
|
|
3525
|
+
# },
|
|
3526
|
+
# },
|
|
3100
3527
|
# },
|
|
3101
3528
|
# })
|
|
3102
3529
|
#
|
|
@@ -3143,6 +3570,13 @@ module Aws::GuardDuty
|
|
|
3143
3570
|
# auto_enable: false, # required
|
|
3144
3571
|
# },
|
|
3145
3572
|
# },
|
|
3573
|
+
# malware_protection: {
|
|
3574
|
+
# scan_ec2_instance_with_findings: {
|
|
3575
|
+
# ebs_volumes: {
|
|
3576
|
+
# auto_enable: false,
|
|
3577
|
+
# },
|
|
3578
|
+
# },
|
|
3579
|
+
# },
|
|
3146
3580
|
# },
|
|
3147
3581
|
# })
|
|
3148
3582
|
#
|
|
@@ -3246,7 +3680,7 @@ module Aws::GuardDuty
|
|
|
3246
3680
|
params: params,
|
|
3247
3681
|
config: config)
|
|
3248
3682
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
3249
|
-
context[:gem_version] = '1.
|
|
3683
|
+
context[:gem_version] = '1.59.0'
|
|
3250
3684
|
Seahorse::Client::Request.new(handlers, context)
|
|
3251
3685
|
end
|
|
3252
3686
|
|