aws-sdk-guardduty 1.58.0 → 1.60.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +313 -6
- data/lib/aws-sdk-guardduty/client_api.rb +318 -0
- data/lib/aws-sdk-guardduty/types.rb +1283 -19
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c816009d91648e8c1ec630881cc3be9ce5728800b209a5a60e6805d3a406ebd9
|
|
4
|
+
data.tar.gz: 62f153a02a619f120aef19a2d220327afe96b32dad43d619b6be8ca96214ec00
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cdf81633dcd4ce86f6dfc92b614f509f93b397147faea8daf473e515b2290fbcab12415e6ddf9bd0de089a00204ff6841fa7be066dcc1edb7ddc1bcb696fc171
|
|
7
|
+
data.tar.gz: 5cc93b75797ddc0933e0a2b6eb6e0f72db8d205f9dca9148e4208499b2bc940a45fd0d71a9051b038462bb62d606bbfe74565e6dd008ff0ed33e195ff0178d30
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.60.0 (2022-10-13)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Add UnprocessedDataSources to CreateDetectorResponse which specifies the data sources that couldn't be enabled during the CreateDetector request. In addition, update documentations.
|
|
8
|
+
|
|
9
|
+
1.59.0 (2022-07-26)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Amazon GuardDuty introduces a new Malware Protection feature that triggers malware scan on selected EC2 instance resources, after the service detects a potentially malicious activity.
|
|
13
|
+
|
|
4
14
|
1.58.0 (2022-06-15)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.60.0
|
|
@@ -477,6 +477,7 @@ module Aws::GuardDuty
|
|
|
477
477
|
# @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
478
478
|
#
|
|
479
479
|
# * {Types::CreateDetectorResponse#detector_id #detector_id} => String
|
|
480
|
+
# * {Types::CreateDetectorResponse#unprocessed_data_sources #unprocessed_data_sources} => Types::UnprocessedDataSourcesResult
|
|
480
481
|
#
|
|
481
482
|
# @example Request syntax with placeholder values
|
|
482
483
|
#
|
|
@@ -493,6 +494,11 @@ module Aws::GuardDuty
|
|
|
493
494
|
# enable: false, # required
|
|
494
495
|
# },
|
|
495
496
|
# },
|
|
497
|
+
# malware_protection: {
|
|
498
|
+
# scan_ec2_instance_with_findings: {
|
|
499
|
+
# ebs_volumes: false,
|
|
500
|
+
# },
|
|
501
|
+
# },
|
|
496
502
|
# },
|
|
497
503
|
# tags: {
|
|
498
504
|
# "TagKey" => "TagValue",
|
|
@@ -502,6 +508,9 @@ module Aws::GuardDuty
|
|
|
502
508
|
# @example Response structure
|
|
503
509
|
#
|
|
504
510
|
# resp.detector_id #=> String
|
|
511
|
+
# resp.unprocessed_data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
512
|
+
# resp.unprocessed_data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
513
|
+
# resp.unprocessed_data_sources.malware_protection.service_role #=> String
|
|
505
514
|
#
|
|
506
515
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateDetector AWS API Documentation
|
|
507
516
|
#
|
|
@@ -1222,6 +1231,99 @@ module Aws::GuardDuty
|
|
|
1222
1231
|
req.send_request(options)
|
|
1223
1232
|
end
|
|
1224
1233
|
|
|
1234
|
+
# Returns a list of malware scans. Each member account can view the
|
|
1235
|
+
# malware scans for their own accounts. An administrator can view the
|
|
1236
|
+
# malware scans for all the member accounts.
|
|
1237
|
+
#
|
|
1238
|
+
# @option params [required, String] :detector_id
|
|
1239
|
+
# The unique ID of the detector that the request is associated with.
|
|
1240
|
+
#
|
|
1241
|
+
# @option params [String] :next_token
|
|
1242
|
+
# You can use this parameter when paginating results. Set the value of
|
|
1243
|
+
# this parameter to null on your first call to the list action. For
|
|
1244
|
+
# subsequent calls to the action, fill nextToken in the request with the
|
|
1245
|
+
# value of NextToken from the previous response to continue listing
|
|
1246
|
+
# data.
|
|
1247
|
+
#
|
|
1248
|
+
# @option params [Integer] :max_results
|
|
1249
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1250
|
+
# that you want in the response. The default value is 50. The maximum
|
|
1251
|
+
# value is 50.
|
|
1252
|
+
#
|
|
1253
|
+
# @option params [Types::FilterCriteria] :filter_criteria
|
|
1254
|
+
# Represents the criteria to be used in the filter for describing scan
|
|
1255
|
+
# entries.
|
|
1256
|
+
#
|
|
1257
|
+
# @option params [Types::SortCriteria] :sort_criteria
|
|
1258
|
+
# Represents the criteria used for sorting scan entries.
|
|
1259
|
+
#
|
|
1260
|
+
# @return [Types::DescribeMalwareScansResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1261
|
+
#
|
|
1262
|
+
# * {Types::DescribeMalwareScansResponse#scans #scans} => Array<Types::Scan>
|
|
1263
|
+
# * {Types::DescribeMalwareScansResponse#next_token #next_token} => String
|
|
1264
|
+
#
|
|
1265
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1266
|
+
#
|
|
1267
|
+
# @example Request syntax with placeholder values
|
|
1268
|
+
#
|
|
1269
|
+
# resp = client.describe_malware_scans({
|
|
1270
|
+
# detector_id: "DetectorId", # required
|
|
1271
|
+
# next_token: "String",
|
|
1272
|
+
# max_results: 1,
|
|
1273
|
+
# filter_criteria: {
|
|
1274
|
+
# filter_criterion: [
|
|
1275
|
+
# {
|
|
1276
|
+
# criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
|
|
1277
|
+
# filter_condition: {
|
|
1278
|
+
# equals_value: "NonEmptyString",
|
|
1279
|
+
# greater_than: 1,
|
|
1280
|
+
# less_than: 1,
|
|
1281
|
+
# },
|
|
1282
|
+
# },
|
|
1283
|
+
# ],
|
|
1284
|
+
# },
|
|
1285
|
+
# sort_criteria: {
|
|
1286
|
+
# attribute_name: "String",
|
|
1287
|
+
# order_by: "ASC", # accepts ASC, DESC
|
|
1288
|
+
# },
|
|
1289
|
+
# })
|
|
1290
|
+
#
|
|
1291
|
+
# @example Response structure
|
|
1292
|
+
#
|
|
1293
|
+
# resp.scans #=> Array
|
|
1294
|
+
# resp.scans[0].detector_id #=> String
|
|
1295
|
+
# resp.scans[0].admin_detector_id #=> String
|
|
1296
|
+
# resp.scans[0].scan_id #=> String
|
|
1297
|
+
# resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "FAILED"
|
|
1298
|
+
# resp.scans[0].failure_reason #=> String
|
|
1299
|
+
# resp.scans[0].scan_start_time #=> Time
|
|
1300
|
+
# resp.scans[0].scan_end_time #=> Time
|
|
1301
|
+
# resp.scans[0].trigger_details.guard_duty_finding_id #=> String
|
|
1302
|
+
# resp.scans[0].trigger_details.description #=> String
|
|
1303
|
+
# resp.scans[0].resource_details.instance_arn #=> String
|
|
1304
|
+
# resp.scans[0].scan_result_details.scan_result #=> String, one of "CLEAN", "INFECTED"
|
|
1305
|
+
# resp.scans[0].account_id #=> String
|
|
1306
|
+
# resp.scans[0].total_bytes #=> Integer
|
|
1307
|
+
# resp.scans[0].file_count #=> Integer
|
|
1308
|
+
# resp.scans[0].attached_volumes #=> Array
|
|
1309
|
+
# resp.scans[0].attached_volumes[0].volume_arn #=> String
|
|
1310
|
+
# resp.scans[0].attached_volumes[0].volume_type #=> String
|
|
1311
|
+
# resp.scans[0].attached_volumes[0].device_name #=> String
|
|
1312
|
+
# resp.scans[0].attached_volumes[0].volume_size_in_gb #=> Integer
|
|
1313
|
+
# resp.scans[0].attached_volumes[0].encryption_type #=> String
|
|
1314
|
+
# resp.scans[0].attached_volumes[0].snapshot_arn #=> String
|
|
1315
|
+
# resp.scans[0].attached_volumes[0].kms_key_arn #=> String
|
|
1316
|
+
# resp.next_token #=> String
|
|
1317
|
+
#
|
|
1318
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeMalwareScans AWS API Documentation
|
|
1319
|
+
#
|
|
1320
|
+
# @overload describe_malware_scans(params = {})
|
|
1321
|
+
# @param [Hash] params ({})
|
|
1322
|
+
def describe_malware_scans(params = {}, options = {})
|
|
1323
|
+
req = build_request(:describe_malware_scans, params)
|
|
1324
|
+
req.send_request(options)
|
|
1325
|
+
end
|
|
1326
|
+
|
|
1225
1327
|
# Returns information about the account selected as the delegated
|
|
1226
1328
|
# administrator for GuardDuty.
|
|
1227
1329
|
#
|
|
@@ -1247,6 +1349,7 @@ module Aws::GuardDuty
|
|
|
1247
1349
|
# resp.member_account_limit_reached #=> Boolean
|
|
1248
1350
|
# resp.data_sources.s3_logs.auto_enable #=> Boolean
|
|
1249
1351
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
|
1352
|
+
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
|
1250
1353
|
#
|
|
1251
1354
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1252
1355
|
#
|
|
@@ -1370,8 +1473,8 @@ module Aws::GuardDuty
|
|
|
1370
1473
|
req.send_request(options)
|
|
1371
1474
|
end
|
|
1372
1475
|
|
|
1373
|
-
# Disassociates GuardDuty member accounts (to the current
|
|
1374
|
-
#
|
|
1476
|
+
# Disassociates GuardDuty member accounts (to the current administrator
|
|
1477
|
+
# account) specified by the account IDs.
|
|
1375
1478
|
#
|
|
1376
1479
|
# @option params [required, String] :detector_id
|
|
1377
1480
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
@@ -1496,6 +1599,9 @@ module Aws::GuardDuty
|
|
|
1496
1599
|
# resp.data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1497
1600
|
# resp.data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1498
1601
|
# resp.data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1602
|
+
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
1603
|
+
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
1604
|
+
# resp.data_sources.malware_protection.service_role #=> String
|
|
1499
1605
|
# resp.tags #=> Hash
|
|
1500
1606
|
# resp.tags["TagKey"] #=> String
|
|
1501
1607
|
#
|
|
@@ -1697,6 +1803,63 @@ module Aws::GuardDuty
|
|
|
1697
1803
|
# resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].name #=> String
|
|
1698
1804
|
# resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.volumes[0].host_path.path #=> String
|
|
1699
1805
|
# resp.findings[0].resource.resource_type #=> String
|
|
1806
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details #=> Array
|
|
1807
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_arn #=> String
|
|
1808
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_type #=> String
|
|
1809
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].device_name #=> String
|
|
1810
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].volume_size_in_gb #=> Integer
|
|
1811
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].encryption_type #=> String
|
|
1812
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].snapshot_arn #=> String
|
|
1813
|
+
# resp.findings[0].resource.ebs_volume_details.scanned_volume_details[0].kms_key_arn #=> String
|
|
1814
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details #=> Array
|
|
1815
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_arn #=> String
|
|
1816
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_type #=> String
|
|
1817
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].device_name #=> String
|
|
1818
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].volume_size_in_gb #=> Integer
|
|
1819
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].encryption_type #=> String
|
|
1820
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].snapshot_arn #=> String
|
|
1821
|
+
# resp.findings[0].resource.ebs_volume_details.skipped_volume_details[0].kms_key_arn #=> String
|
|
1822
|
+
# resp.findings[0].resource.ecs_cluster_details.name #=> String
|
|
1823
|
+
# resp.findings[0].resource.ecs_cluster_details.arn #=> String
|
|
1824
|
+
# resp.findings[0].resource.ecs_cluster_details.status #=> String
|
|
1825
|
+
# resp.findings[0].resource.ecs_cluster_details.active_services_count #=> Integer
|
|
1826
|
+
# resp.findings[0].resource.ecs_cluster_details.registered_container_instances_count #=> Integer
|
|
1827
|
+
# resp.findings[0].resource.ecs_cluster_details.running_tasks_count #=> Integer
|
|
1828
|
+
# resp.findings[0].resource.ecs_cluster_details.tags #=> Array
|
|
1829
|
+
# resp.findings[0].resource.ecs_cluster_details.tags[0].key #=> String
|
|
1830
|
+
# resp.findings[0].resource.ecs_cluster_details.tags[0].value #=> String
|
|
1831
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.arn #=> String
|
|
1832
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.definition_arn #=> String
|
|
1833
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.version #=> String
|
|
1834
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.task_created_at #=> Time
|
|
1835
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.started_at #=> Time
|
|
1836
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.started_by #=> String
|
|
1837
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags #=> Array
|
|
1838
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags[0].key #=> String
|
|
1839
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.tags[0].value #=> String
|
|
1840
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes #=> Array
|
|
1841
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes[0].name #=> String
|
|
1842
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.volumes[0].host_path.path #=> String
|
|
1843
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers #=> Array
|
|
1844
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].container_runtime #=> String
|
|
1845
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].id #=> String
|
|
1846
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].name #=> String
|
|
1847
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].image #=> String
|
|
1848
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].image_prefix #=> String
|
|
1849
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts #=> Array
|
|
1850
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts[0].name #=> String
|
|
1851
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].volume_mounts[0].mount_path #=> String
|
|
1852
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.containers[0].security_context.privileged #=> Boolean
|
|
1853
|
+
# resp.findings[0].resource.ecs_cluster_details.task_details.group #=> String
|
|
1854
|
+
# resp.findings[0].resource.container_details.container_runtime #=> String
|
|
1855
|
+
# resp.findings[0].resource.container_details.id #=> String
|
|
1856
|
+
# resp.findings[0].resource.container_details.name #=> String
|
|
1857
|
+
# resp.findings[0].resource.container_details.image #=> String
|
|
1858
|
+
# resp.findings[0].resource.container_details.image_prefix #=> String
|
|
1859
|
+
# resp.findings[0].resource.container_details.volume_mounts #=> Array
|
|
1860
|
+
# resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
|
|
1861
|
+
# resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
|
|
1862
|
+
# resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
|
|
1700
1863
|
# resp.findings[0].schema_version #=> String
|
|
1701
1864
|
# resp.findings[0].service.action.action_type #=> String
|
|
1702
1865
|
# resp.findings[0].service.action.aws_api_call_action.api #=> String
|
|
@@ -1786,6 +1949,32 @@ module Aws::GuardDuty
|
|
|
1786
1949
|
# resp.findings[0].service.user_feedback #=> String
|
|
1787
1950
|
# resp.findings[0].service.additional_info.value #=> String
|
|
1788
1951
|
# resp.findings[0].service.additional_info.type #=> String
|
|
1952
|
+
# resp.findings[0].service.feature_name #=> String
|
|
1953
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_id #=> String
|
|
1954
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_started_at #=> Time
|
|
1955
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_completed_at #=> Time
|
|
1956
|
+
# resp.findings[0].service.ebs_volume_scan_details.trigger_finding_id #=> String
|
|
1957
|
+
# resp.findings[0].service.ebs_volume_scan_details.sources #=> Array
|
|
1958
|
+
# resp.findings[0].service.ebs_volume_scan_details.sources[0] #=> String
|
|
1959
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.total_gb #=> Integer
|
|
1960
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.files #=> Integer
|
|
1961
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.scanned_item_count.volumes #=> Integer
|
|
1962
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threats_detected_item_count.files #=> Integer
|
|
1963
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.severity #=> String
|
|
1964
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.threat_name #=> String
|
|
1965
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.highest_severity_threat_details.count #=> Integer
|
|
1966
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.item_count #=> Integer
|
|
1967
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.unique_threat_name_count #=> Integer
|
|
1968
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.shortened #=> Boolean
|
|
1969
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names #=> Array
|
|
1970
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].name #=> String
|
|
1971
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].severity #=> String
|
|
1972
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].item_count #=> Integer
|
|
1973
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths #=> Array
|
|
1974
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_path #=> String
|
|
1975
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].volume_arn #=> String
|
|
1976
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].hash #=> String
|
|
1977
|
+
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_name #=> String
|
|
1789
1978
|
# resp.findings[0].severity #=> Float
|
|
1790
1979
|
# resp.findings[0].title #=> String
|
|
1791
1980
|
# resp.findings[0].type #=> String
|
|
@@ -1918,6 +2107,44 @@ module Aws::GuardDuty
|
|
|
1918
2107
|
req.send_request(options)
|
|
1919
2108
|
end
|
|
1920
2109
|
|
|
2110
|
+
# Returns the details of the malware scan settings.
|
|
2111
|
+
#
|
|
2112
|
+
# @option params [required, String] :detector_id
|
|
2113
|
+
# The unique ID of the detector that the scan setting is associated
|
|
2114
|
+
# with.
|
|
2115
|
+
#
|
|
2116
|
+
# @return [Types::GetMalwareScanSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2117
|
+
#
|
|
2118
|
+
# * {Types::GetMalwareScanSettingsResponse#scan_resource_criteria #scan_resource_criteria} => Types::ScanResourceCriteria
|
|
2119
|
+
# * {Types::GetMalwareScanSettingsResponse#ebs_snapshot_preservation #ebs_snapshot_preservation} => String
|
|
2120
|
+
#
|
|
2121
|
+
# @example Request syntax with placeholder values
|
|
2122
|
+
#
|
|
2123
|
+
# resp = client.get_malware_scan_settings({
|
|
2124
|
+
# detector_id: "DetectorId", # required
|
|
2125
|
+
# })
|
|
2126
|
+
#
|
|
2127
|
+
# @example Response structure
|
|
2128
|
+
#
|
|
2129
|
+
# resp.scan_resource_criteria.include #=> Hash
|
|
2130
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals #=> Array
|
|
2131
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals[0].key #=> String
|
|
2132
|
+
# resp.scan_resource_criteria.include["ScanCriterionKey"].map_equals[0].value #=> String
|
|
2133
|
+
# resp.scan_resource_criteria.exclude #=> Hash
|
|
2134
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals #=> Array
|
|
2135
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals[0].key #=> String
|
|
2136
|
+
# resp.scan_resource_criteria.exclude["ScanCriterionKey"].map_equals[0].value #=> String
|
|
2137
|
+
# resp.ebs_snapshot_preservation #=> String, one of "NO_RETENTION", "RETENTION_WITH_FINDING"
|
|
2138
|
+
#
|
|
2139
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMalwareScanSettings AWS API Documentation
|
|
2140
|
+
#
|
|
2141
|
+
# @overload get_malware_scan_settings(params = {})
|
|
2142
|
+
# @param [Hash] params ({})
|
|
2143
|
+
def get_malware_scan_settings(params = {}, options = {})
|
|
2144
|
+
req = build_request(:get_malware_scan_settings, params)
|
|
2145
|
+
req.send_request(options)
|
|
2146
|
+
end
|
|
2147
|
+
|
|
1921
2148
|
# Provides the details for the GuardDuty administrator account
|
|
1922
2149
|
# associated with the current GuardDuty member account.
|
|
1923
2150
|
#
|
|
@@ -1980,6 +2207,9 @@ module Aws::GuardDuty
|
|
|
1980
2207
|
# resp.member_data_source_configurations[0].data_sources.flow_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1981
2208
|
# resp.member_data_source_configurations[0].data_sources.s3_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
1982
2209
|
# resp.member_data_source_configurations[0].data_sources.kubernetes.audit_logs.status #=> String, one of "ENABLED", "DISABLED"
|
|
2210
|
+
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
2211
|
+
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
2212
|
+
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
|
1983
2213
|
# resp.unprocessed_accounts #=> Array
|
|
1984
2214
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
1985
2215
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2070,6 +2300,7 @@ module Aws::GuardDuty
|
|
|
2070
2300
|
# resp.accounts[0].data_sources.flow_logs.free_trial_days_remaining #=> Integer
|
|
2071
2301
|
# resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
|
|
2072
2302
|
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
|
2303
|
+
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
|
2073
2304
|
# resp.unprocessed_accounts #=> Array
|
|
2074
2305
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2075
2306
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2175,7 +2406,7 @@ module Aws::GuardDuty
|
|
|
2175
2406
|
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
|
2176
2407
|
# usage_criteria: { # required
|
|
2177
2408
|
# account_ids: ["AccountId"],
|
|
2178
|
-
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS
|
|
2409
|
+
# data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
|
|
2179
2410
|
# resources: ["String"],
|
|
2180
2411
|
# },
|
|
2181
2412
|
# unit: "String",
|
|
@@ -2190,7 +2421,7 @@ module Aws::GuardDuty
|
|
|
2190
2421
|
# resp.usage_statistics.sum_by_account[0].total.amount #=> String
|
|
2191
2422
|
# resp.usage_statistics.sum_by_account[0].total.unit #=> String
|
|
2192
2423
|
# resp.usage_statistics.sum_by_data_source #=> Array
|
|
2193
|
-
# resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS"
|
|
2424
|
+
# resp.usage_statistics.sum_by_data_source[0].data_source #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_LOGS", "KUBERNETES_AUDIT_LOGS", "EC2_MALWARE_SCAN"
|
|
2194
2425
|
# resp.usage_statistics.sum_by_data_source[0].total.amount #=> String
|
|
2195
2426
|
# resp.usage_statistics.sum_by_data_source[0].total.unit #=> String
|
|
2196
2427
|
# resp.usage_statistics.sum_by_resource #=> Array
|
|
@@ -2651,7 +2882,13 @@ module Aws::GuardDuty
|
|
|
2651
2882
|
# @option params [String] :only_associated
|
|
2652
2883
|
# Specifies whether to only return associated members or to return all
|
|
2653
2884
|
# members (including members who haven't been invited yet or have been
|
|
2654
|
-
# disassociated).
|
|
2885
|
+
# disassociated). Member accounts must have been previously associated
|
|
2886
|
+
# with the GuardDuty administrator account using [ `Create Members`
|
|
2887
|
+
# ][1].
|
|
2888
|
+
#
|
|
2889
|
+
#
|
|
2890
|
+
#
|
|
2891
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
|
|
2655
2892
|
#
|
|
2656
2893
|
# @return [Types::ListMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2657
2894
|
#
|
|
@@ -3052,6 +3289,11 @@ module Aws::GuardDuty
|
|
|
3052
3289
|
# enable: false, # required
|
|
3053
3290
|
# },
|
|
3054
3291
|
# },
|
|
3292
|
+
# malware_protection: {
|
|
3293
|
+
# scan_ec2_instance_with_findings: {
|
|
3294
|
+
# ebs_volumes: false,
|
|
3295
|
+
# },
|
|
3296
|
+
# },
|
|
3055
3297
|
# },
|
|
3056
3298
|
# })
|
|
3057
3299
|
#
|
|
@@ -3209,6 +3451,59 @@ module Aws::GuardDuty
|
|
|
3209
3451
|
req.send_request(options)
|
|
3210
3452
|
end
|
|
3211
3453
|
|
|
3454
|
+
# Updates the malware scan settings.
|
|
3455
|
+
#
|
|
3456
|
+
# @option params [required, String] :detector_id
|
|
3457
|
+
# The unique ID of the detector that specifies the GuardDuty service
|
|
3458
|
+
# where you want to update scan settings.
|
|
3459
|
+
#
|
|
3460
|
+
# @option params [Types::ScanResourceCriteria] :scan_resource_criteria
|
|
3461
|
+
# Represents the criteria to be used in the filter for selecting
|
|
3462
|
+
# resources to scan.
|
|
3463
|
+
#
|
|
3464
|
+
# @option params [String] :ebs_snapshot_preservation
|
|
3465
|
+
# An enum value representing possible snapshot preservation settings.
|
|
3466
|
+
#
|
|
3467
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3468
|
+
#
|
|
3469
|
+
# @example Request syntax with placeholder values
|
|
3470
|
+
#
|
|
3471
|
+
# resp = client.update_malware_scan_settings({
|
|
3472
|
+
# detector_id: "DetectorId", # required
|
|
3473
|
+
# scan_resource_criteria: {
|
|
3474
|
+
# include: {
|
|
3475
|
+
# "EC2_INSTANCE_TAG" => {
|
|
3476
|
+
# map_equals: [ # required
|
|
3477
|
+
# {
|
|
3478
|
+
# key: "TagKey", # required
|
|
3479
|
+
# value: "TagValue",
|
|
3480
|
+
# },
|
|
3481
|
+
# ],
|
|
3482
|
+
# },
|
|
3483
|
+
# },
|
|
3484
|
+
# exclude: {
|
|
3485
|
+
# "EC2_INSTANCE_TAG" => {
|
|
3486
|
+
# map_equals: [ # required
|
|
3487
|
+
# {
|
|
3488
|
+
# key: "TagKey", # required
|
|
3489
|
+
# value: "TagValue",
|
|
3490
|
+
# },
|
|
3491
|
+
# ],
|
|
3492
|
+
# },
|
|
3493
|
+
# },
|
|
3494
|
+
# },
|
|
3495
|
+
# ebs_snapshot_preservation: "NO_RETENTION", # accepts NO_RETENTION, RETENTION_WITH_FINDING
|
|
3496
|
+
# })
|
|
3497
|
+
#
|
|
3498
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateMalwareScanSettings AWS API Documentation
|
|
3499
|
+
#
|
|
3500
|
+
# @overload update_malware_scan_settings(params = {})
|
|
3501
|
+
# @param [Hash] params ({})
|
|
3502
|
+
def update_malware_scan_settings(params = {}, options = {})
|
|
3503
|
+
req = build_request(:update_malware_scan_settings, params)
|
|
3504
|
+
req.send_request(options)
|
|
3505
|
+
end
|
|
3506
|
+
|
|
3212
3507
|
# Contains information on member accounts to be updated.
|
|
3213
3508
|
#
|
|
3214
3509
|
# @option params [required, String] :detector_id
|
|
@@ -3238,6 +3533,11 @@ module Aws::GuardDuty
|
|
|
3238
3533
|
# enable: false, # required
|
|
3239
3534
|
# },
|
|
3240
3535
|
# },
|
|
3536
|
+
# malware_protection: {
|
|
3537
|
+
# scan_ec2_instance_with_findings: {
|
|
3538
|
+
# ebs_volumes: false,
|
|
3539
|
+
# },
|
|
3540
|
+
# },
|
|
3241
3541
|
# },
|
|
3242
3542
|
# })
|
|
3243
3543
|
#
|
|
@@ -3284,6 +3584,13 @@ module Aws::GuardDuty
|
|
|
3284
3584
|
# auto_enable: false, # required
|
|
3285
3585
|
# },
|
|
3286
3586
|
# },
|
|
3587
|
+
# malware_protection: {
|
|
3588
|
+
# scan_ec2_instance_with_findings: {
|
|
3589
|
+
# ebs_volumes: {
|
|
3590
|
+
# auto_enable: false,
|
|
3591
|
+
# },
|
|
3592
|
+
# },
|
|
3593
|
+
# },
|
|
3287
3594
|
# },
|
|
3288
3595
|
# })
|
|
3289
3596
|
#
|
|
@@ -3387,7 +3694,7 @@ module Aws::GuardDuty
|
|
|
3387
3694
|
params: params,
|
|
3388
3695
|
config: config)
|
|
3389
3696
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
3390
|
-
context[:gem_version] = '1.
|
|
3697
|
+
context[:gem_version] = '1.60.0'
|
|
3391
3698
|
Seahorse::Client::Request.new(handlers, context)
|
|
3392
3699
|
end
|
|
3393
3700
|
|