aws-sdk-guardduty 1.60.0 → 1.62.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-guardduty/client.rb +29 -8
  5. data/lib/aws-sdk-guardduty/endpoint_parameters.rb +69 -0
  6. data/lib/aws-sdk-guardduty/endpoint_provider.rb +116 -0
  7. data/lib/aws-sdk-guardduty/endpoints.rb +925 -0
  8. data/lib/aws-sdk-guardduty/plugins/endpoints.rb +198 -0
  9. data/lib/aws-sdk-guardduty/types.rb +10 -1043
  10. data/lib/aws-sdk-guardduty.rb +5 -1
  11. metadata +8 -4
data/lib/aws-sdk-guardduty/types.rb CHANGED
@@ -10,15 +10,6 @@
10
10
  module Aws::GuardDuty
11
11
  module Types
12
12
 
13
- # @note When making an API call, you may pass AcceptAdministratorInvitationRequest
14
- # data as a hash:
15
- #
16
- # {
17
- # detector_id: "DetectorId", # required
18
- # administrator_id: "String", # required
19
- # invitation_id: "String", # required
20
- # }
21
- #
22
13
  # @!attribute [rw] detector_id
23
14
  # The unique ID of the detector of the GuardDuty member account.
24
15
  # @return [String]
@@ -47,15 +38,6 @@ module Aws::GuardDuty
47
38
  #
48
39
  class AcceptAdministratorInvitationResponse < Aws::EmptyStructure; end
49
40
 
50
- # @note When making an API call, you may pass AcceptInvitationRequest
51
- # data as a hash:
52
- #
53
- # {
54
- # detector_id: "DetectorId", # required
55
- # master_id: "String", # required
56
- # invitation_id: "String", # required
57
- # }
58
- #
59
41
  # @!attribute [rw] detector_id
60
42
  # The unique ID of the detector of the GuardDuty member account.
61
43
  # @return [String]
@@ -137,14 +119,6 @@ module Aws::GuardDuty
137
119
 
138
120
  # Contains information about the account.
139
121
  #
140
- # @note When making an API call, you may pass AccountDetail
141
- # data as a hash:
142
- #
143
- # {
144
- # account_id: "AccountId", # required
145
- # email: "Email", # required
146
- # }
147
- #
148
122
  # @!attribute [rw] account_id
149
123
  # The member account ID.
150
124
  # @return [String]
@@ -292,14 +266,6 @@ module Aws::GuardDuty
292
266
  include Aws::Structure
293
267
  end
294
268
 
295
- # @note When making an API call, you may pass ArchiveFindingsRequest
296
- # data as a hash:
297
- #
298
- # {
299
- # detector_id: "DetectorId", # required
300
- # finding_ids: ["FindingId"], # required
301
- # }
302
- #
303
269
  # @!attribute [rw] detector_id
304
270
  # The ID of the detector that specifies the GuardDuty service whose
305
271
  # findings you want to archive.
@@ -516,24 +482,6 @@ module Aws::GuardDuty
516
482
 
517
483
  # Contains information about the condition.
518
484
  #
519
- # @note When making an API call, you may pass Condition
520
- # data as a hash:
521
- #
522
- # {
523
- # eq: ["String"],
524
- # neq: ["String"],
525
- # gt: 1,
526
- # gte: 1,
527
- # lt: 1,
528
- # lte: 1,
529
- # equals: ["String"],
530
- # not_equals: ["String"],
531
- # greater_than: 1,
532
- # greater_than_or_equal: 1,
533
- # less_than: 1,
534
- # less_than_or_equal: 1,
535
- # }
536
- #
537
485
  # @!attribute [rw] eq
538
486
  # Represents the *equal* condition to be applied to a single field
539
487
  # when querying for findings.
@@ -681,33 +629,6 @@ module Aws::GuardDuty
681
629
  include Aws::Structure
682
630
  end
683
631
 
684
- # @note When making an API call, you may pass CreateDetectorRequest
685
- # data as a hash:
686
- #
687
- # {
688
- # enable: false, # required
689
- # client_token: "ClientToken",
690
- # finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
691
- # data_sources: {
692
- # s3_logs: {
693
- # enable: false, # required
694
- # },
695
- # kubernetes: {
696
- # audit_logs: { # required
697
- # enable: false, # required
698
- # },
699
- # },
700
- # malware_protection: {
701
- # scan_ec2_instance_with_findings: {
702
- # ebs_volumes: false,
703
- # },
704
- # },
705
- # },
706
- # tags: {
707
- # "TagKey" => "TagValue",
708
- # },
709
- # }
710
- #
711
632
  # @!attribute [rw] enable
712
633
  # A Boolean value that specifies whether the detector is to be
713
634
  # enabled.
@@ -762,52 +683,21 @@ module Aws::GuardDuty
762
683
  include Aws::Structure
763
684
  end
764
685
 
765
- # @note When making an API call, you may pass CreateFilterRequest
766
- # data as a hash:
767
- #
768
- # {
769
- # detector_id: "DetectorId", # required
770
- # name: "FilterName", # required
771
- # description: "FilterDescription",
772
- # action: "NOOP", # accepts NOOP, ARCHIVE
773
- # rank: 1,
774
- # finding_criteria: { # required
775
- # criterion: {
776
- # "String" => {
777
- # eq: ["String"],
778
- # neq: ["String"],
779
- # gt: 1,
780
- # gte: 1,
781
- # lt: 1,
782
- # lte: 1,
783
- # equals: ["String"],
784
- # not_equals: ["String"],
785
- # greater_than: 1,
786
- # greater_than_or_equal: 1,
787
- # less_than: 1,
788
- # less_than_or_equal: 1,
789
- # },
790
- # },
791
- # },
792
- # client_token: "ClientToken",
793
- # tags: {
794
- # "TagKey" => "TagValue",
795
- # },
796
- # }
797
- #
798
686
  # @!attribute [rw] detector_id
799
687
  # The ID of the detector belonging to the GuardDuty account that you
800
688
  # want to create a filter for.
801
689
  # @return [String]
802
690
  #
803
691
  # @!attribute [rw] name
804
- # The name of the filter. Minimum length of 3. Maximum length of 64.
805
- # Valid characters include alphanumeric characters, dot (.),
806
- # underscore (\_), and dash (-). Spaces are not allowed.
692
+ # The name of the filter. Valid characters include period (.),
693
+ # underscore (\_), dash (-), and alphanumeric characters. A whitespace
694
+ # is considered to be an invalid character.
807
695
  # @return [String]
808
696
  #
809
697
  # @!attribute [rw] description
810
- # The description of the filter.
698
+ # The description of the filter. Valid special characters include
699
+ # period (.), underscore (\_), dash (-), and whitespace. The new line
700
+ # character is considered to be an invalid input for description.
811
701
  # @return [String]
812
702
  #
813
703
  # @!attribute [rw] action
@@ -989,21 +879,6 @@ module Aws::GuardDuty
989
879
  include Aws::Structure
990
880
  end
991
881
 
992
- # @note When making an API call, you may pass CreateIPSetRequest
993
- # data as a hash:
994
- #
995
- # {
996
- # detector_id: "DetectorId", # required
997
- # name: "Name", # required
998
- # format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
999
- # location: "Location", # required
1000
- # activate: false, # required
1001
- # client_token: "ClientToken",
1002
- # tags: {
1003
- # "TagKey" => "TagValue",
1004
- # },
1005
- # }
1006
- #
1007
882
  # @!attribute [rw] detector_id
1008
883
  # The unique ID of the detector of the GuardDuty account that you want
1009
884
  # to create an IPSet for.
@@ -1066,19 +941,6 @@ module Aws::GuardDuty
1066
941
  include Aws::Structure
1067
942
  end
1068
943
 
1069
- # @note When making an API call, you may pass CreateMembersRequest
1070
- # data as a hash:
1071
- #
1072
- # {
1073
- # detector_id: "DetectorId", # required
1074
- # account_details: [ # required
1075
- # {
1076
- # account_id: "AccountId", # required
1077
- # email: "Email", # required
1078
- # },
1079
- # ],
1080
- # }
1081
- #
1082
944
  # @!attribute [rw] detector_id
1083
945
  # The unique ID of the detector of the GuardDuty account that you want
1084
946
  # to associate member accounts with.
@@ -1111,19 +973,6 @@ module Aws::GuardDuty
1111
973
  include Aws::Structure
1112
974
  end
1113
975
 
1114
- # @note When making an API call, you may pass CreatePublishingDestinationRequest
1115
- # data as a hash:
1116
- #
1117
- # {
1118
- # detector_id: "DetectorId", # required
1119
- # destination_type: "S3", # required, accepts S3
1120
- # destination_properties: { # required
1121
- # destination_arn: "String",
1122
- # kms_key_arn: "String",
1123
- # },
1124
- # client_token: "ClientToken",
1125
- # }
1126
- #
1127
976
  # @!attribute [rw] detector_id
1128
977
  # The ID of the GuardDuty detector associated with the publishing
1129
978
  # destination.
@@ -1169,14 +1018,6 @@ module Aws::GuardDuty
1169
1018
  include Aws::Structure
1170
1019
  end
1171
1020
 
1172
- # @note When making an API call, you may pass CreateSampleFindingsRequest
1173
- # data as a hash:
1174
- #
1175
- # {
1176
- # detector_id: "DetectorId", # required
1177
- # finding_types: ["FindingType"],
1178
- # }
1179
- #
1180
1021
  # @!attribute [rw] detector_id
1181
1022
  # The ID of the detector to create sample findings for.
1182
1023
  # @return [String]
@@ -1198,21 +1039,6 @@ module Aws::GuardDuty
1198
1039
  #
1199
1040
  class CreateSampleFindingsResponse < Aws::EmptyStructure; end
1200
1041
 
1201
- # @note When making an API call, you may pass CreateThreatIntelSetRequest
1202
- # data as a hash:
1203
- #
1204
- # {
1205
- # detector_id: "DetectorId", # required
1206
- # name: "Name", # required
1207
- # format: "TXT", # required, accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
1208
- # location: "Location", # required
1209
- # activate: false, # required
1210
- # client_token: "ClientToken",
1211
- # tags: {
1212
- # "TagKey" => "TagValue",
1213
- # },
1214
- # }
1215
- #
1216
1042
  # @!attribute [rw] detector_id
1217
1043
  # The unique ID of the detector of the GuardDuty account that you want
1218
1044
  # to create a threatIntelSet for.
@@ -1290,25 +1116,6 @@ module Aws::GuardDuty
1290
1116
 
1291
1117
  # Contains information about which data sources are enabled.
1292
1118
  #
1293
- # @note When making an API call, you may pass DataSourceConfigurations
1294
- # data as a hash:
1295
- #
1296
- # {
1297
- # s3_logs: {
1298
- # enable: false, # required
1299
- # },
1300
- # kubernetes: {
1301
- # audit_logs: { # required
1302
- # enable: false, # required
1303
- # },
1304
- # },
1305
- # malware_protection: {
1306
- # scan_ec2_instance_with_findings: {
1307
- # ebs_volumes: false,
1308
- # },
1309
- # },
1310
- # }
1311
- #
1312
1119
  # @!attribute [rw] s3_logs
1313
1120
  # Describes whether S3 data event logs are enabled as a data source.
1314
1121
  # @return [Types::S3LogsConfiguration]
@@ -1433,13 +1240,6 @@ module Aws::GuardDuty
1433
1240
  include Aws::Structure
1434
1241
  end
1435
1242
 
1436
- # @note When making an API call, you may pass DeclineInvitationsRequest
1437
- # data as a hash:
1438
- #
1439
- # {
1440
- # account_ids: ["AccountId"], # required
1441
- # }
1442
- #
1443
1243
  # @!attribute [rw] account_ids
1444
1244
  # A list of account IDs of the Amazon Web Services accounts that sent
1445
1245
  # invitations to the current member account that you want to decline
@@ -1492,13 +1292,6 @@ module Aws::GuardDuty
1492
1292
  include Aws::Structure
1493
1293
  end
1494
1294
 
1495
- # @note When making an API call, you may pass DeleteDetectorRequest
1496
- # data as a hash:
1497
- #
1498
- # {
1499
- # detector_id: "DetectorId", # required
1500
- # }
1501
- #
1502
1295
  # @!attribute [rw] detector_id
1503
1296
  # The unique ID of the detector that you want to delete.
1504
1297
  # @return [String]
@@ -1515,14 +1308,6 @@ module Aws::GuardDuty
1515
1308
  #
1516
1309
  class DeleteDetectorResponse < Aws::EmptyStructure; end
1517
1310
 
1518
- # @note When making an API call, you may pass DeleteFilterRequest
1519
- # data as a hash:
1520
- #
1521
- # {
1522
- # detector_id: "DetectorId", # required
1523
- # filter_name: "String", # required
1524
- # }
1525
- #
1526
1311
  # @!attribute [rw] detector_id
1527
1312
  # The unique ID of the detector that the filter is associated with.
1528
1313
  # @return [String]
@@ -1544,14 +1329,6 @@ module Aws::GuardDuty
1544
1329
  #
1545
1330
  class DeleteFilterResponse < Aws::EmptyStructure; end
1546
1331
 
1547
- # @note When making an API call, you may pass DeleteIPSetRequest
1548
- # data as a hash:
1549
- #
1550
- # {
1551
- # detector_id: "DetectorId", # required
1552
- # ip_set_id: "String", # required
1553
- # }
1554
- #
1555
1332
  # @!attribute [rw] detector_id
1556
1333
  # The unique ID of the detector associated with the IPSet.
1557
1334
  # @return [String]
@@ -1573,13 +1350,6 @@ module Aws::GuardDuty
1573
1350
  #
1574
1351
  class DeleteIPSetResponse < Aws::EmptyStructure; end
1575
1352
 
1576
- # @note When making an API call, you may pass DeleteInvitationsRequest
1577
- # data as a hash:
1578
- #
1579
- # {
1580
- # account_ids: ["AccountId"], # required
1581
- # }
1582
- #
1583
1353
  # @!attribute [rw] account_ids
1584
1354
  # A list of account IDs of the Amazon Web Services accounts that sent
1585
1355
  # invitations to the current member account that you want to delete
@@ -1607,14 +1377,6 @@ module Aws::GuardDuty
1607
1377
  include Aws::Structure
1608
1378
  end
1609
1379
 
1610
- # @note When making an API call, you may pass DeleteMembersRequest
1611
- # data as a hash:
1612
- #
1613
- # {
1614
- # detector_id: "DetectorId", # required
1615
- # account_ids: ["AccountId"], # required
1616
- # }
1617
- #
1618
1380
  # @!attribute [rw] detector_id
1619
1381
  # The unique ID of the detector of the GuardDuty account whose members
1620
1382
  # you want to delete.
@@ -1646,14 +1408,6 @@ module Aws::GuardDuty
1646
1408
  include Aws::Structure
1647
1409
  end
1648
1410
 
1649
- # @note When making an API call, you may pass DeletePublishingDestinationRequest
1650
- # data as a hash:
1651
- #
1652
- # {
1653
- # detector_id: "DetectorId", # required
1654
- # destination_id: "String", # required
1655
- # }
1656
- #
1657
1411
  # @!attribute [rw] detector_id
1658
1412
  # The unique ID of the detector associated with the publishing
1659
1413
  # destination to delete.
@@ -1676,14 +1430,6 @@ module Aws::GuardDuty
1676
1430
  #
1677
1431
  class DeletePublishingDestinationResponse < Aws::EmptyStructure; end
1678
1432
 
1679
- # @note When making an API call, you may pass DeleteThreatIntelSetRequest
1680
- # data as a hash:
1681
- #
1682
- # {
1683
- # detector_id: "DetectorId", # required
1684
- # threat_intel_set_id: "String", # required
1685
- # }
1686
- #
1687
1433
  # @!attribute [rw] detector_id
1688
1434
  # The unique ID of the detector that the threatIntelSet is associated
1689
1435
  # with.
@@ -1706,31 +1452,6 @@ module Aws::GuardDuty
1706
1452
  #
1707
1453
  class DeleteThreatIntelSetResponse < Aws::EmptyStructure; end
1708
1454
 
1709
- # @note When making an API call, you may pass DescribeMalwareScansRequest
1710
- # data as a hash:
1711
- #
1712
- # {
1713
- # detector_id: "DetectorId", # required
1714
- # next_token: "String",
1715
- # max_results: 1,
1716
- # filter_criteria: {
1717
- # filter_criterion: [
1718
- # {
1719
- # criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
1720
- # filter_condition: {
1721
- # equals_value: "NonEmptyString",
1722
- # greater_than: 1,
1723
- # less_than: 1,
1724
- # },
1725
- # },
1726
- # ],
1727
- # },
1728
- # sort_criteria: {
1729
- # attribute_name: "String",
1730
- # order_by: "ASC", # accepts ASC, DESC
1731
- # },
1732
- # }
1733
- #
1734
1455
  # @!attribute [rw] detector_id
1735
1456
  # The unique ID of the detector that the request is associated with.
1736
1457
  # @return [String]
@@ -1788,13 +1509,6 @@ module Aws::GuardDuty
1788
1509
  include Aws::Structure
1789
1510
  end
1790
1511
 
1791
- # @note When making an API call, you may pass DescribeOrganizationConfigurationRequest
1792
- # data as a hash:
1793
- #
1794
- # {
1795
- # detector_id: "DetectorId", # required
1796
- # }
1797
- #
1798
1512
  # @!attribute [rw] detector_id
1799
1513
  # The ID of the detector to retrieve information about the delegated
1800
1514
  # administrator from.
@@ -1834,14 +1548,6 @@ module Aws::GuardDuty
1834
1548
  include Aws::Structure
1835
1549
  end
1836
1550
 
1837
- # @note When making an API call, you may pass DescribePublishingDestinationRequest
1838
- # data as a hash:
1839
- #
1840
- # {
1841
- # detector_id: "DetectorId", # required
1842
- # destination_id: "String", # required
1843
- # }
1844
- #
1845
1551
  # @!attribute [rw] detector_id
1846
1552
  # The unique ID of the detector associated with the publishing
1847
1553
  # destination to retrieve.
@@ -1925,14 +1631,6 @@ module Aws::GuardDuty
1925
1631
  # such as an S3 bucket, and the ARN of the KMS key to use to encrypt
1926
1632
  # published findings.
1927
1633
  #
1928
- # @note When making an API call, you may pass DestinationProperties
1929
- # data as a hash:
1930
- #
1931
- # {
1932
- # destination_arn: "String",
1933
- # kms_key_arn: "String",
1934
- # }
1935
- #
1936
1634
  # @!attribute [rw] destination_arn
1937
1635
  # The ARN of the resource to publish to.
1938
1636
  #
@@ -1953,13 +1651,6 @@ module Aws::GuardDuty
1953
1651
  include Aws::Structure
1954
1652
  end
1955
1653
 
1956
- # @note When making an API call, you may pass DisableOrganizationAdminAccountRequest
1957
- # data as a hash:
1958
- #
1959
- # {
1960
- # admin_account_id: "String", # required
1961
- # }
1962
- #
1963
1654
  # @!attribute [rw] admin_account_id
1964
1655
  # The Amazon Web Services Account ID for the organizations account to
1965
1656
  # be disabled as a GuardDuty delegated administrator.
@@ -1977,13 +1668,6 @@ module Aws::GuardDuty
1977
1668
  #
1978
1669
  class DisableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
1979
1670
 
1980
- # @note When making an API call, you may pass DisassociateFromAdministratorAccountRequest
1981
- # data as a hash:
1982
- #
1983
- # {
1984
- # detector_id: "DetectorId", # required
1985
- # }
1986
- #
1987
1671
  # @!attribute [rw] detector_id
1988
1672
  # The unique ID of the detector of the GuardDuty member account.
1989
1673
  # @return [String]
@@ -2000,13 +1684,6 @@ module Aws::GuardDuty
2000
1684
  #
2001
1685
  class DisassociateFromAdministratorAccountResponse < Aws::EmptyStructure; end
2002
1686
 
2003
- # @note When making an API call, you may pass DisassociateFromMasterAccountRequest
2004
- # data as a hash:
2005
- #
2006
- # {
2007
- # detector_id: "DetectorId", # required
2008
- # }
2009
- #
2010
1687
  # @!attribute [rw] detector_id
2011
1688
  # The unique ID of the detector of the GuardDuty member account.
2012
1689
  # @return [String]
@@ -2023,14 +1700,6 @@ module Aws::GuardDuty
2023
1700
  #
2024
1701
  class DisassociateFromMasterAccountResponse < Aws::EmptyStructure; end
2025
1702
 
2026
- # @note When making an API call, you may pass DisassociateMembersRequest
2027
- # data as a hash:
2028
- #
2029
- # {
2030
- # detector_id: "DetectorId", # required
2031
- # account_ids: ["AccountId"], # required
2032
- # }
2033
- #
2034
1703
  # @!attribute [rw] detector_id
2035
1704
  # The unique ID of the detector of the GuardDuty account whose members
2036
1705
  # you want to disassociate from the administrator account.
@@ -2329,13 +1998,6 @@ module Aws::GuardDuty
2329
1998
  include Aws::Structure
2330
1999
  end
2331
2000
 
2332
- # @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
2333
- # data as a hash:
2334
- #
2335
- # {
2336
- # admin_account_id: "String", # required
2337
- # }
2338
- #
2339
2001
  # @!attribute [rw] admin_account_id
2340
2002
  # The Amazon Web Services Account ID for the organization account to
2341
2003
  # be enabled as a GuardDuty delegated administrator.
@@ -2369,15 +2031,6 @@ module Aws::GuardDuty
2369
2031
 
2370
2032
  # Contains information about the condition.
2371
2033
  #
2372
- # @note When making an API call, you may pass FilterCondition
2373
- # data as a hash:
2374
- #
2375
- # {
2376
- # equals_value: "NonEmptyString",
2377
- # greater_than: 1,
2378
- # less_than: 1,
2379
- # }
2380
- #
2381
2034
  # @!attribute [rw] equals_value
2382
2035
  # Represents an *equal* **** condition to be applied to a single field
2383
2036
  # when querying for scan entries.
@@ -2406,22 +2059,6 @@ module Aws::GuardDuty
2406
2059
  # Represents the criteria to be used in the filter for describing scan
2407
2060
  # entries.
2408
2061
  #
2409
- # @note When making an API call, you may pass FilterCriteria
2410
- # data as a hash:
2411
- #
2412
- # {
2413
- # filter_criterion: [
2414
- # {
2415
- # criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
2416
- # filter_condition: {
2417
- # equals_value: "NonEmptyString",
2418
- # greater_than: 1,
2419
- # less_than: 1,
2420
- # },
2421
- # },
2422
- # ],
2423
- # }
2424
- #
2425
2062
  # @!attribute [rw] filter_criterion
2426
2063
  # Represents a condition that when matched will be added to the
2427
2064
  # response of the operation.
@@ -2441,18 +2078,6 @@ module Aws::GuardDuty
2441
2078
  # accounts. However, each member account can view the scan entries only
2442
2079
  # for their own account.
2443
2080
  #
2444
- # @note When making an API call, you may pass FilterCriterion
2445
- # data as a hash:
2446
- #
2447
- # {
2448
- # criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
2449
- # filter_condition: {
2450
- # equals_value: "NonEmptyString",
2451
- # greater_than: 1,
2452
- # less_than: 1,
2453
- # },
2454
- # }
2455
- #
2456
2081
  # @!attribute [rw] criterion_key
2457
2082
  # An enum value representing possible scan properties to match with
2458
2083
  # given scan entries.
@@ -2560,28 +2185,6 @@ module Aws::GuardDuty
2560
2185
 
2561
2186
  # Contains information about the criteria used for querying findings.
2562
2187
  #
2563
- # @note When making an API call, you may pass FindingCriteria
2564
- # data as a hash:
2565
- #
2566
- # {
2567
- # criterion: {
2568
- # "String" => {
2569
- # eq: ["String"],
2570
- # neq: ["String"],
2571
- # gt: 1,
2572
- # gte: 1,
2573
- # lt: 1,
2574
- # lte: 1,
2575
- # equals: ["String"],
2576
- # not_equals: ["String"],
2577
- # greater_than: 1,
2578
- # greater_than_or_equal: 1,
2579
- # less_than: 1,
2580
- # less_than_or_equal: 1,
2581
- # },
2582
- # },
2583
- # }
2584
- #
2585
2188
  # @!attribute [rw] criterion
2586
2189
  # Represents a map of finding properties that match specified
2587
2190
  # conditions and values when querying findings.
@@ -2643,13 +2246,6 @@ module Aws::GuardDuty
2643
2246
  include Aws::Structure
2644
2247
  end
2645
2248
 
2646
- # @note When making an API call, you may pass GetAdministratorAccountRequest
2647
- # data as a hash:
2648
- #
2649
- # {
2650
- # detector_id: "DetectorId", # required
2651
- # }
2652
- #
2653
2249
  # @!attribute [rw] detector_id
2654
2250
  # The unique ID of the detector of the GuardDuty member account.
2655
2251
  # @return [String]
@@ -2674,13 +2270,6 @@ module Aws::GuardDuty
2674
2270
  include Aws::Structure
2675
2271
  end
2676
2272
 
2677
- # @note When making an API call, you may pass GetDetectorRequest
2678
- # data as a hash:
2679
- #
2680
- # {
2681
- # detector_id: "DetectorId", # required
2682
- # }
2683
- #
2684
2273
  # @!attribute [rw] detector_id
2685
2274
  # The unique ID of the detector that you want to get.
2686
2275
  # @return [String]
@@ -2735,14 +2324,6 @@ module Aws::GuardDuty
2735
2324
  include Aws::Structure
2736
2325
  end
2737
2326
 
2738
- # @note When making an API call, you may pass GetFilterRequest
2739
- # data as a hash:
2740
- #
2741
- # {
2742
- # detector_id: "DetectorId", # required
2743
- # filter_name: "String", # required
2744
- # }
2745
- #
2746
2327
  # @!attribute [rw] detector_id
2747
2328
  # The unique ID of the detector that the filter is associated with.
2748
2329
  # @return [String]
@@ -2801,18 +2382,6 @@ module Aws::GuardDuty
2801
2382
  include Aws::Structure
2802
2383
  end
2803
2384
 
2804
- # @note When making an API call, you may pass GetFindingsRequest
2805
- # data as a hash:
2806
- #
2807
- # {
2808
- # detector_id: "DetectorId", # required
2809
- # finding_ids: ["FindingId"], # required
2810
- # sort_criteria: {
2811
- # attribute_name: "String",
2812
- # order_by: "ASC", # accepts ASC, DESC
2813
- # },
2814
- # }
2815
- #
2816
2385
  # @!attribute [rw] detector_id
2817
2386
  # The ID of the detector that specifies the GuardDuty service whose
2818
2387
  # findings you want to retrieve.
@@ -2848,32 +2417,6 @@ module Aws::GuardDuty
2848
2417
  include Aws::Structure
2849
2418
  end
2850
2419
 
2851
- # @note When making an API call, you may pass GetFindingsStatisticsRequest
2852
- # data as a hash:
2853
- #
2854
- # {
2855
- # detector_id: "DetectorId", # required
2856
- # finding_statistic_types: ["COUNT_BY_SEVERITY"], # required, accepts COUNT_BY_SEVERITY
2857
- # finding_criteria: {
2858
- # criterion: {
2859
- # "String" => {
2860
- # eq: ["String"],
2861
- # neq: ["String"],
2862
- # gt: 1,
2863
- # gte: 1,
2864
- # lt: 1,
2865
- # lte: 1,
2866
- # equals: ["String"],
2867
- # not_equals: ["String"],
2868
- # greater_than: 1,
2869
- # greater_than_or_equal: 1,
2870
- # less_than: 1,
2871
- # less_than_or_equal: 1,
2872
- # },
2873
- # },
2874
- # },
2875
- # }
2876
- #
2877
2420
  # @!attribute [rw] detector_id
2878
2421
  # The ID of the detector that specifies the GuardDuty service whose
2879
2422
  # findings' statistics you want to retrieve.
@@ -2909,14 +2452,6 @@ module Aws::GuardDuty
2909
2452
  include Aws::Structure
2910
2453
  end
2911
2454
 
2912
- # @note When making an API call, you may pass GetIPSetRequest
2913
- # data as a hash:
2914
- #
2915
- # {
2916
- # detector_id: "DetectorId", # required
2917
- # ip_set_id: "String", # required
2918
- # }
2919
- #
2920
2455
  # @!attribute [rw] detector_id
2921
2456
  # The unique ID of the detector that the IPSet is associated with.
2922
2457
  # @return [String]
@@ -2984,13 +2519,6 @@ module Aws::GuardDuty
2984
2519
  include Aws::Structure
2985
2520
  end
2986
2521
 
2987
- # @note When making an API call, you may pass GetMalwareScanSettingsRequest
2988
- # data as a hash:
2989
- #
2990
- # {
2991
- # detector_id: "DetectorId", # required
2992
- # }
2993
- #
2994
2522
  # @!attribute [rw] detector_id
2995
2523
  # The unique ID of the detector that the scan setting is associated
2996
2524
  # with.
@@ -3022,13 +2550,6 @@ module Aws::GuardDuty
3022
2550
  include Aws::Structure
3023
2551
  end
3024
2552
 
3025
- # @note When making an API call, you may pass GetMasterAccountRequest
3026
- # data as a hash:
3027
- #
3028
- # {
3029
- # detector_id: "DetectorId", # required
3030
- # }
3031
- #
3032
2553
  # @!attribute [rw] detector_id
3033
2554
  # The unique ID of the detector of the GuardDuty member account.
3034
2555
  # @return [String]
@@ -3053,14 +2574,6 @@ module Aws::GuardDuty
3053
2574
  include Aws::Structure
3054
2575
  end
3055
2576
 
3056
- # @note When making an API call, you may pass GetMemberDetectorsRequest
3057
- # data as a hash:
3058
- #
3059
- # {
3060
- # detector_id: "DetectorId", # required
3061
- # account_ids: ["AccountId"], # required
3062
- # }
3063
- #
3064
2577
  # @!attribute [rw] detector_id
3065
2578
  # The detector ID for the administrator account.
3066
2579
  # @return [String]
@@ -3097,14 +2610,6 @@ module Aws::GuardDuty
3097
2610
  include Aws::Structure
3098
2611
  end
3099
2612
 
3100
- # @note When making an API call, you may pass GetMembersRequest
3101
- # data as a hash:
3102
- #
3103
- # {
3104
- # detector_id: "DetectorId", # required
3105
- # account_ids: ["AccountId"], # required
3106
- # }
3107
- #
3108
2613
  # @!attribute [rw] detector_id
3109
2614
  # The unique ID of the detector of the GuardDuty account whose members
3110
2615
  # you want to retrieve.
@@ -3142,14 +2647,6 @@ module Aws::GuardDuty
3142
2647
  include Aws::Structure
3143
2648
  end
3144
2649
 
3145
- # @note When making an API call, you may pass GetRemainingFreeTrialDaysRequest
3146
- # data as a hash:
3147
- #
3148
- # {
3149
- # detector_id: "DetectorId", # required
3150
- # account_ids: ["AccountId"],
3151
- # }
3152
- #
3153
2650
  # @!attribute [rw] detector_id
3154
2651
  # The unique ID of the detector of the GuardDuty member account.
3155
2652
  # @return [String]
@@ -3186,14 +2683,6 @@ module Aws::GuardDuty
3186
2683
  include Aws::Structure
3187
2684
  end
3188
2685
 
3189
- # @note When making an API call, you may pass GetThreatIntelSetRequest
3190
- # data as a hash:
3191
- #
3192
- # {
3193
- # detector_id: "DetectorId", # required
3194
- # threat_intel_set_id: "String", # required
3195
- # }
3196
- #
3197
2686
  # @!attribute [rw] detector_id
3198
2687
  # The unique ID of the detector that the threatIntelSet is associated
3199
2688
  # with.
@@ -3246,22 +2735,6 @@ module Aws::GuardDuty
3246
2735
  include Aws::Structure
3247
2736
  end
3248
2737
 
3249
- # @note When making an API call, you may pass GetUsageStatisticsRequest
3250
- # data as a hash:
3251
- #
3252
- # {
3253
- # detector_id: "DetectorId", # required
3254
- # usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
3255
- # usage_criteria: { # required
3256
- # account_ids: ["AccountId"],
3257
- # data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
3258
- # resources: ["String"],
3259
- # },
3260
- # unit: "String",
3261
- # max_results: 1,
3262
- # next_token: "String",
3263
- # }
3264
- #
3265
2738
  # @!attribute [rw] detector_id
3266
2739
  # The ID of the detector that specifies the GuardDuty service whose
3267
2740
  # usage statistics you want to retrieve.
@@ -3510,16 +2983,6 @@ module Aws::GuardDuty
3510
2983
  include Aws::Structure
3511
2984
  end
3512
2985
 
3513
- # @note When making an API call, you may pass InviteMembersRequest
3514
- # data as a hash:
3515
- #
3516
- # {
3517
- # detector_id: "DetectorId", # required
3518
- # account_ids: ["AccountId"], # required
3519
- # disable_email_notification: false,
3520
- # message: "String",
3521
- # }
3522
- #
3523
2986
  # @!attribute [rw] detector_id
3524
2987
  # The unique ID of the detector of the GuardDuty account that you want
3525
2988
  # to invite members with.
@@ -3613,13 +3076,6 @@ module Aws::GuardDuty
3613
3076
 
3614
3077
  # Describes whether Kubernetes audit logs are enabled as a data source.
3615
3078
  #
3616
- # @note When making an API call, you may pass KubernetesAuditLogsConfiguration
3617
- # data as a hash:
3618
- #
3619
- # {
3620
- # enable: false, # required
3621
- # }
3622
- #
3623
3079
  # @!attribute [rw] enable
3624
3080
  # The status of Kubernetes audit logs as a data source.
3625
3081
  # @return [Boolean]
@@ -3649,15 +3105,6 @@ module Aws::GuardDuty
3649
3105
 
3650
3106
  # Describes whether any Kubernetes data sources are enabled.
3651
3107
  #
3652
- # @note When making an API call, you may pass KubernetesConfiguration
3653
- # data as a hash:
3654
- #
3655
- # {
3656
- # audit_logs: { # required
3657
- # enable: false, # required
3658
- # },
3659
- # }
3660
- #
3661
3108
  # @!attribute [rw] audit_logs
3662
3109
  # The status of Kubernetes audit logs as a data source.
3663
3110
  # @return [Types::KubernetesAuditLogsConfiguration]
@@ -3793,14 +3240,6 @@ module Aws::GuardDuty
3793
3240
  include Aws::Structure
3794
3241
  end
3795
3242
 
3796
- # @note When making an API call, you may pass ListDetectorsRequest
3797
- # data as a hash:
3798
- #
3799
- # {
3800
- # max_results: 1,
3801
- # next_token: "String",
3802
- # }
3803
- #
3804
3243
  # @!attribute [rw] max_results
3805
3244
  # You can use this parameter to indicate the maximum number of items
3806
3245
  # that you want in the response. The default value is 50. The maximum
@@ -3842,15 +3281,6 @@ module Aws::GuardDuty
3842
3281
  include Aws::Structure
3843
3282
  end
3844
3283
 
3845
- # @note When making an API call, you may pass ListFiltersRequest
3846
- # data as a hash:
3847
- #
3848
- # {
3849
- # detector_id: "DetectorId", # required
3850
- # max_results: 1,
3851
- # next_token: "String",
3852
- # }
3853
- #
3854
3284
  # @!attribute [rw] detector_id
3855
3285
  # The unique ID of the detector that the filter is associated with.
3856
3286
  # @return [String]
@@ -3897,37 +3327,6 @@ module Aws::GuardDuty
3897
3327
  include Aws::Structure
3898
3328
  end
3899
3329
 
3900
- # @note When making an API call, you may pass ListFindingsRequest
3901
- # data as a hash:
3902
- #
3903
- # {
3904
- # detector_id: "DetectorId", # required
3905
- # finding_criteria: {
3906
- # criterion: {
3907
- # "String" => {
3908
- # eq: ["String"],
3909
- # neq: ["String"],
3910
- # gt: 1,
3911
- # gte: 1,
3912
- # lt: 1,
3913
- # lte: 1,
3914
- # equals: ["String"],
3915
- # not_equals: ["String"],
3916
- # greater_than: 1,
3917
- # greater_than_or_equal: 1,
3918
- # less_than: 1,
3919
- # less_than_or_equal: 1,
3920
- # },
3921
- # },
3922
- # },
3923
- # sort_criteria: {
3924
- # attribute_name: "String",
3925
- # order_by: "ASC", # accepts ASC, DESC
3926
- # },
3927
- # max_results: 1,
3928
- # next_token: "String",
3929
- # }
3930
- #
3931
3330
  # @!attribute [rw] detector_id
3932
3331
  # The ID of the detector that specifies the GuardDuty service whose
3933
3332
  # findings you want to list.
@@ -4089,15 +3488,6 @@ module Aws::GuardDuty
4089
3488
  include Aws::Structure
4090
3489
  end
4091
3490
 
4092
- # @note When making an API call, you may pass ListIPSetsRequest
4093
- # data as a hash:
4094
- #
4095
- # {
4096
- # detector_id: "DetectorId", # required
4097
- # max_results: 1,
4098
- # next_token: "String",
4099
- # }
4100
- #
4101
3491
  # @!attribute [rw] detector_id
4102
3492
  # The unique ID of the detector that the IPSet is associated with.
4103
3493
  # @return [String]
@@ -4144,14 +3534,6 @@ module Aws::GuardDuty
4144
3534
  include Aws::Structure
4145
3535
  end
4146
3536
 
4147
- # @note When making an API call, you may pass ListInvitationsRequest
4148
- # data as a hash:
4149
- #
4150
- # {
4151
- # max_results: 1,
4152
- # next_token: "String",
4153
- # }
4154
- #
4155
3537
  # @!attribute [rw] max_results
4156
3538
  # You can use this parameter to indicate the maximum number of items
4157
3539
  # that you want in the response. The default value is 50. The maximum
@@ -4193,16 +3575,6 @@ module Aws::GuardDuty
4193
3575
  include Aws::Structure
4194
3576
  end
4195
3577
 
4196
- # @note When making an API call, you may pass ListMembersRequest
4197
- # data as a hash:
4198
- #
4199
- # {
4200
- # detector_id: "DetectorId", # required
4201
- # max_results: 1,
4202
- # next_token: "String",
4203
- # only_associated: "String",
4204
- # }
4205
- #
4206
3578
  # @!attribute [rw] detector_id
4207
3579
  # The unique ID of the detector the member is associated with.
4208
3580
  # @return [String]
@@ -4262,14 +3634,6 @@ module Aws::GuardDuty
4262
3634
  include Aws::Structure
4263
3635
  end
4264
3636
 
4265
- # @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
4266
- # data as a hash:
4267
- #
4268
- # {
4269
- # max_results: 1,
4270
- # next_token: "String",
4271
- # }
4272
- #
4273
3637
  # @!attribute [rw] max_results
4274
3638
  # The maximum number of results to return in the response.
4275
3639
  # @return [Integer]
@@ -4309,15 +3673,6 @@ module Aws::GuardDuty
4309
3673
  include Aws::Structure
4310
3674
  end
4311
3675
 
4312
- # @note When making an API call, you may pass ListPublishingDestinationsRequest
4313
- # data as a hash:
4314
- #
4315
- # {
4316
- # detector_id: "DetectorId", # required
4317
- # max_results: 1,
4318
- # next_token: "String",
4319
- # }
4320
- #
4321
3676
  # @!attribute [rw] detector_id
4322
3677
  # The ID of the detector to retrieve publishing destinations for.
4323
3678
  # @return [String]
@@ -4366,13 +3721,6 @@ module Aws::GuardDuty
4366
3721
  include Aws::Structure
4367
3722
  end
4368
3723
 
4369
- # @note When making an API call, you may pass ListTagsForResourceRequest
4370
- # data as a hash:
4371
- #
4372
- # {
4373
- # resource_arn: "GuardDutyArn", # required
4374
- # }
4375
- #
4376
3724
  # @!attribute [rw] resource_arn
4377
3725
  # The Amazon Resource Name (ARN) for the given GuardDuty resource.
4378
3726
  # @return [String]
@@ -4397,15 +3745,6 @@ module Aws::GuardDuty
4397
3745
  include Aws::Structure
4398
3746
  end
4399
3747
 
4400
- # @note When making an API call, you may pass ListThreatIntelSetsRequest
4401
- # data as a hash:
4402
- #
4403
- # {
4404
- # detector_id: "DetectorId", # required
4405
- # max_results: 1,
4406
- # next_token: "String",
4407
- # }
4408
- #
4409
3748
  # @!attribute [rw] detector_id
4410
3749
  # The unique ID of the detector that the threatIntelSet is associated
4411
3750
  # with.
@@ -4488,15 +3827,6 @@ module Aws::GuardDuty
4488
3827
 
4489
3828
  # Describes whether Malware Protection will be enabled as a data source.
4490
3829
  #
4491
- # @note When making an API call, you may pass MalwareProtectionConfiguration
4492
- # data as a hash:
4493
- #
4494
- # {
4495
- # scan_ec2_instance_with_findings: {
4496
- # ebs_volumes: false,
4497
- # },
4498
- # }
4499
- #
4500
3830
  # @!attribute [rw] scan_ec2_instance_with_findings
4501
3831
  # Describes the configuration of Malware Protection for EC2 instances
4502
3832
  # with findings.
@@ -4789,27 +4119,6 @@ module Aws::GuardDuty
4789
4119
  # configured to be automatically enabled for new members within the
4790
4120
  # organization.
4791
4121
  #
4792
- # @note When making an API call, you may pass OrganizationDataSourceConfigurations
4793
- # data as a hash:
4794
- #
4795
- # {
4796
- # s3_logs: {
4797
- # auto_enable: false, # required
4798
- # },
4799
- # kubernetes: {
4800
- # audit_logs: { # required
4801
- # auto_enable: false, # required
4802
- # },
4803
- # },
4804
- # malware_protection: {
4805
- # scan_ec2_instance_with_findings: {
4806
- # ebs_volumes: {
4807
- # auto_enable: false,
4808
- # },
4809
- # },
4810
- # },
4811
- # }
4812
- #
4813
4122
  # @!attribute [rw] s3_logs
4814
4123
  # Describes whether S3 data event logs are enabled for new members of
4815
4124
  # the organization.
@@ -4863,13 +4172,6 @@ module Aws::GuardDuty
4863
4172
 
4864
4173
  # Organization-wide EBS volumes scan configuration.
4865
4174
  #
4866
- # @note When making an API call, you may pass OrganizationEbsVolumes
4867
- # data as a hash:
4868
- #
4869
- # {
4870
- # auto_enable: false,
4871
- # }
4872
- #
4873
4175
  # @!attribute [rw] auto_enable
4874
4176
  # Whether scanning EBS volumes should be auto-enabled for new members
4875
4177
  # joining the organization.
@@ -4901,13 +4203,6 @@ module Aws::GuardDuty
4901
4203
 
4902
4204
  # Organization-wide Kubernetes audit logs configuration.
4903
4205
  #
4904
- # @note When making an API call, you may pass OrganizationKubernetesAuditLogsConfiguration
4905
- # data as a hash:
4906
- #
4907
- # {
4908
- # auto_enable: false, # required
4909
- # }
4910
- #
4911
4206
  # @!attribute [rw] auto_enable
4912
4207
  # A value that contains information on whether Kubernetes audit logs
4913
4208
  # should be enabled automatically as a data source for the
@@ -4940,15 +4235,6 @@ module Aws::GuardDuty
4940
4235
 
4941
4236
  # Organization-wide Kubernetes data sources configurations.
4942
4237
  #
4943
- # @note When making an API call, you may pass OrganizationKubernetesConfiguration
4944
- # data as a hash:
4945
- #
4946
- # {
4947
- # audit_logs: { # required
4948
- # auto_enable: false, # required
4949
- # },
4950
- # }
4951
- #
4952
4238
  # @!attribute [rw] audit_logs
4953
4239
  # Whether Kubernetes audit logs data source should be auto-enabled for
4954
4240
  # new members joining the organization.
@@ -4980,17 +4266,6 @@ module Aws::GuardDuty
4980
4266
 
4981
4267
  # Organization-wide Malware Protection configurations.
4982
4268
  #
4983
- # @note When making an API call, you may pass OrganizationMalwareProtectionConfiguration
4984
- # data as a hash:
4985
- #
4986
- # {
4987
- # scan_ec2_instance_with_findings: {
4988
- # ebs_volumes: {
4989
- # auto_enable: false,
4990
- # },
4991
- # },
4992
- # }
4993
- #
4994
4269
  # @!attribute [rw] scan_ec2_instance_with_findings
4995
4270
  # Whether Malware Protection for EC2 instances with findings should be
4996
4271
  # auto-enabled for new members joining the organization.
@@ -5023,13 +4298,6 @@ module Aws::GuardDuty
5023
4298
  # Describes whether S3 data event logs will be automatically enabled for
5024
4299
  # new members of the organization.
5025
4300
  #
5026
- # @note When making an API call, you may pass OrganizationS3LogsConfiguration
5027
- # data as a hash:
5028
- #
5029
- # {
5030
- # auto_enable: false, # required
5031
- # }
5032
- #
5033
4301
  # @!attribute [rw] auto_enable
5034
4302
  # A value that contains information on whether S3 data event logs will
5035
4303
  # be enabled automatically as a data source for the organization.
@@ -5061,15 +4329,6 @@ module Aws::GuardDuty
5061
4329
 
5062
4330
  # Organization-wide EC2 instances with findings scan configuration.
5063
4331
  #
5064
- # @note When making an API call, you may pass OrganizationScanEc2InstanceWithFindings
5065
- # data as a hash:
5066
- #
5067
- # {
5068
- # ebs_volumes: {
5069
- # auto_enable: false,
5070
- # },
5071
- # }
5072
- #
5073
4332
  # @!attribute [rw] ebs_volumes
5074
4333
  # Whether scanning EBS volumes should be auto-enabled for new members
5075
4334
  # joining the organization.
@@ -5445,13 +4704,6 @@ module Aws::GuardDuty
5445
4704
 
5446
4705
  # Describes whether S3 data event logs will be enabled as a data source.
5447
4706
  #
5448
- # @note When making an API call, you may pass S3LogsConfiguration
5449
- # data as a hash:
5450
- #
5451
- # {
5452
- # enable: false, # required
5453
- # }
5454
- #
5455
4707
  # @!attribute [rw] enable
5456
4708
  # The status of S3 data event logs as a data source.
5457
4709
  # @return [Boolean]
@@ -5512,7 +4764,7 @@ module Aws::GuardDuty
5512
4764
  # @return [Time]
5513
4765
  #
5514
4766
  # @!attribute [rw] trigger_details
5515
- # Represents the reason the scan was triggered.
4767
+ # Specifies the reason why the scan was initiated.
5516
4768
  # @return [Types::TriggerDetails]
5517
4769
  #
5518
4770
  # @!attribute [rw] resource_details
@@ -5563,18 +4815,6 @@ module Aws::GuardDuty
5563
4815
 
5564
4816
  # Contains information about the condition.
5565
4817
  #
5566
- # @note When making an API call, you may pass ScanCondition
5567
- # data as a hash:
5568
- #
5569
- # {
5570
- # map_equals: [ # required
5571
- # {
5572
- # key: "TagKey", # required
5573
- # value: "TagValue",
5574
- # },
5575
- # ],
5576
- # }
5577
- #
5578
4818
  # @!attribute [rw] map_equals
5579
4819
  # Represents an *mapEqual* **** condition to be applied to a single
5580
4820
  # field when triggering for malware scan.
@@ -5591,14 +4831,6 @@ module Aws::GuardDuty
5591
4831
  # Represents key, value pair to be matched against given resource
5592
4832
  # property.
5593
4833
  #
5594
- # @note When making an API call, you may pass ScanConditionPair
5595
- # data as a hash:
5596
- #
5597
- # {
5598
- # key: "TagKey", # required
5599
- # value: "TagValue",
5600
- # }
5601
- #
5602
4834
  # @!attribute [rw] key
5603
4835
  # Represents *key* **** in the map condition.
5604
4836
  # @return [String]
@@ -5650,13 +4882,6 @@ module Aws::GuardDuty
5650
4882
  # Describes whether Malware Protection for EC2 instances with findings
5651
4883
  # will be enabled as a data source.
5652
4884
  #
5653
- # @note When making an API call, you may pass ScanEc2InstanceWithFindings
5654
- # data as a hash:
5655
- #
5656
- # {
5657
- # ebs_volumes: false,
5658
- # }
5659
- #
5660
4885
  # @!attribute [rw] ebs_volumes
5661
4886
  # Describes the configuration for scanning EBS volumes as data source.
5662
4887
  # @return [Boolean]
@@ -5718,32 +4943,6 @@ module Aws::GuardDuty
5718
4943
  # Contains information about criteria used to filter resources before
5719
4944
  # triggering malware scan.
5720
4945
  #
5721
- # @note When making an API call, you may pass ScanResourceCriteria
5722
- # data as a hash:
5723
- #
5724
- # {
5725
- # include: {
5726
- # "EC2_INSTANCE_TAG" => {
5727
- # map_equals: [ # required
5728
- # {
5729
- # key: "TagKey", # required
5730
- # value: "TagValue",
5731
- # },
5732
- # ],
5733
- # },
5734
- # },
5735
- # exclude: {
5736
- # "EC2_INSTANCE_TAG" => {
5737
- # map_equals: [ # required
5738
- # {
5739
- # key: "TagKey", # required
5740
- # value: "TagValue",
5741
- # },
5742
- # ],
5743
- # },
5744
- # },
5745
- # }
5746
- #
5747
4946
  # @!attribute [rw] include
5748
4947
  # Represents condition that when matched will allow a malware scan for
5749
4948
  # a certain resource.
@@ -5963,14 +5162,6 @@ module Aws::GuardDuty
5963
5162
 
5964
5163
  # Contains information about the criteria used for sorting findings.
5965
5164
  #
5966
- # @note When making an API call, you may pass SortCriteria
5967
- # data as a hash:
5968
- #
5969
- # {
5970
- # attribute_name: "String",
5971
- # order_by: "ASC", # accepts ASC, DESC
5972
- # }
5973
- #
5974
5165
  # @!attribute [rw] attribute_name
5975
5166
  # Represents the finding attribute (for example, accountId) to sort
5976
5167
  # findings by.
@@ -5989,14 +5180,6 @@ module Aws::GuardDuty
5989
5180
  include Aws::Structure
5990
5181
  end
5991
5182
 
5992
- # @note When making an API call, you may pass StartMonitoringMembersRequest
5993
- # data as a hash:
5994
- #
5995
- # {
5996
- # detector_id: "DetectorId", # required
5997
- # account_ids: ["AccountId"], # required
5998
- # }
5999
- #
6000
5183
  # @!attribute [rw] detector_id
6001
5184
  # The unique ID of the detector of the GuardDuty administrator account
6002
5185
  # associated with the member accounts to monitor.
@@ -6029,14 +5212,6 @@ module Aws::GuardDuty
6029
5212
  include Aws::Structure
6030
5213
  end
6031
5214
 
6032
- # @note When making an API call, you may pass StopMonitoringMembersRequest
6033
- # data as a hash:
6034
- #
6035
- # {
6036
- # detector_id: "DetectorId", # required
6037
- # account_ids: ["AccountId"], # required
6038
- # }
6039
- #
6040
5215
  # @!attribute [rw] detector_id
6041
5216
  # The unique ID of the detector associated with the GuardDuty
6042
5217
  # administrator account that is monitoring member accounts.
@@ -6088,16 +5263,6 @@ module Aws::GuardDuty
6088
5263
  include Aws::Structure
6089
5264
  end
6090
5265
 
6091
- # @note When making an API call, you may pass TagResourceRequest
6092
- # data as a hash:
6093
- #
6094
- # {
6095
- # resource_arn: "GuardDutyArn", # required
6096
- # tags: { # required
6097
- # "TagKey" => "TagValue",
6098
- # },
6099
- # }
6100
- #
6101
5266
  # @!attribute [rw] resource_arn
6102
5267
  # The Amazon Resource Name (ARN) for the GuardDuty resource to apply a
6103
5268
  # tag to.
@@ -6225,14 +5390,6 @@ module Aws::GuardDuty
6225
5390
  include Aws::Structure
6226
5391
  end
6227
5392
 
6228
- # @note When making an API call, you may pass UnarchiveFindingsRequest
6229
- # data as a hash:
6230
- #
6231
- # {
6232
- # detector_id: "DetectorId", # required
6233
- # finding_ids: ["FindingId"], # required
6234
- # }
6235
- #
6236
5393
  # @!attribute [rw] detector_id
6237
5394
  # The ID of the detector associated with the findings to unarchive.
6238
5395
  # @return [String]
@@ -6288,14 +5445,6 @@ module Aws::GuardDuty
6288
5445
  include Aws::Structure
6289
5446
  end
6290
5447
 
6291
- # @note When making an API call, you may pass UntagResourceRequest
6292
- # data as a hash:
6293
- #
6294
- # {
6295
- # resource_arn: "GuardDutyArn", # required
6296
- # tag_keys: ["TagKey"], # required
6297
- # }
6298
- #
6299
5448
  # @!attribute [rw] resource_arn
6300
5449
  # The Amazon Resource Name (ARN) for the resource to remove tags from.
6301
5450
  # @return [String]
@@ -6317,30 +5466,6 @@ module Aws::GuardDuty
6317
5466
  #
6318
5467
  class UntagResourceResponse < Aws::EmptyStructure; end
6319
5468
 
6320
- # @note When making an API call, you may pass UpdateDetectorRequest
6321
- # data as a hash:
6322
- #
6323
- # {
6324
- # detector_id: "DetectorId", # required
6325
- # enable: false,
6326
- # finding_publishing_frequency: "FIFTEEN_MINUTES", # accepts FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS
6327
- # data_sources: {
6328
- # s3_logs: {
6329
- # enable: false, # required
6330
- # },
6331
- # kubernetes: {
6332
- # audit_logs: { # required
6333
- # enable: false, # required
6334
- # },
6335
- # },
6336
- # malware_protection: {
6337
- # scan_ec2_instance_with_findings: {
6338
- # ebs_volumes: false,
6339
- # },
6340
- # },
6341
- # },
6342
- # }
6343
- #
6344
5469
  # @!attribute [rw] detector_id
6345
5470
  # The unique ID of the detector to update.
6346
5471
  # @return [String]
@@ -6373,35 +5498,6 @@ module Aws::GuardDuty
6373
5498
  #
6374
5499
  class UpdateDetectorResponse < Aws::EmptyStructure; end
6375
5500
 
6376
- # @note When making an API call, you may pass UpdateFilterRequest
6377
- # data as a hash:
6378
- #
6379
- # {
6380
- # detector_id: "DetectorId", # required
6381
- # filter_name: "String", # required
6382
- # description: "FilterDescription",
6383
- # action: "NOOP", # accepts NOOP, ARCHIVE
6384
- # rank: 1,
6385
- # finding_criteria: {
6386
- # criterion: {
6387
- # "String" => {
6388
- # eq: ["String"],
6389
- # neq: ["String"],
6390
- # gt: 1,
6391
- # gte: 1,
6392
- # lt: 1,
6393
- # lte: 1,
6394
- # equals: ["String"],
6395
- # not_equals: ["String"],
6396
- # greater_than: 1,
6397
- # greater_than_or_equal: 1,
6398
- # less_than: 1,
6399
- # less_than_or_equal: 1,
6400
- # },
6401
- # },
6402
- # },
6403
- # }
6404
- #
6405
5501
  # @!attribute [rw] detector_id
6406
5502
  # The unique ID of the detector that specifies the GuardDuty service
6407
5503
  # where you want to update a filter.
@@ -6412,7 +5508,9 @@ module Aws::GuardDuty
6412
5508
  # @return [String]
6413
5509
  #
6414
5510
  # @!attribute [rw] description
6415
- # The description of the filter.
5511
+ # The description of the filter. Valid special characters include
5512
+ # period (.), underscore (\_), dash (-), and whitespace. The new line
5513
+ # character is considered to be an invalid input for description.
6416
5514
  # @return [String]
6417
5515
  #
6418
5516
  # @!attribute [rw] action
@@ -6456,16 +5554,6 @@ module Aws::GuardDuty
6456
5554
  include Aws::Structure
6457
5555
  end
6458
5556
 
6459
- # @note When making an API call, you may pass UpdateFindingsFeedbackRequest
6460
- # data as a hash:
6461
- #
6462
- # {
6463
- # detector_id: "DetectorId", # required
6464
- # finding_ids: ["FindingId"], # required
6465
- # feedback: "USEFUL", # required, accepts USEFUL, NOT_USEFUL
6466
- # comments: "String",
6467
- # }
6468
- #
6469
5557
  # @!attribute [rw] detector_id
6470
5558
  # The ID of the detector associated with the findings to update
6471
5559
  # feedback for.
@@ -6499,17 +5587,6 @@ module Aws::GuardDuty
6499
5587
  #
6500
5588
  class UpdateFindingsFeedbackResponse < Aws::EmptyStructure; end
6501
5589
 
6502
- # @note When making an API call, you may pass UpdateIPSetRequest
6503
- # data as a hash:
6504
- #
6505
- # {
6506
- # detector_id: "DetectorId", # required
6507
- # ip_set_id: "String", # required
6508
- # name: "Name",
6509
- # location: "Location",
6510
- # activate: false,
6511
- # }
6512
- #
6513
5590
  # @!attribute [rw] detector_id
6514
5591
  # The detectorID that specifies the GuardDuty service whose IPSet you
6515
5592
  # want to update.
@@ -6548,36 +5625,6 @@ module Aws::GuardDuty
6548
5625
  #
6549
5626
  class UpdateIPSetResponse < Aws::EmptyStructure; end
6550
5627
 
6551
- # @note When making an API call, you may pass UpdateMalwareScanSettingsRequest
6552
- # data as a hash:
6553
- #
6554
- # {
6555
- # detector_id: "DetectorId", # required
6556
- # scan_resource_criteria: {
6557
- # include: {
6558
- # "EC2_INSTANCE_TAG" => {
6559
- # map_equals: [ # required
6560
- # {
6561
- # key: "TagKey", # required
6562
- # value: "TagValue",
6563
- # },
6564
- # ],
6565
- # },
6566
- # },
6567
- # exclude: {
6568
- # "EC2_INSTANCE_TAG" => {
6569
- # map_equals: [ # required
6570
- # {
6571
- # key: "TagKey", # required
6572
- # value: "TagValue",
6573
- # },
6574
- # ],
6575
- # },
6576
- # },
6577
- # },
6578
- # ebs_snapshot_preservation: "NO_RETENTION", # accepts NO_RETENTION, RETENTION_WITH_FINDING
6579
- # }
6580
- #
6581
5628
  # @!attribute [rw] detector_id
6582
5629
  # The unique ID of the detector that specifies the GuardDuty service
6583
5630
  # where you want to update scan settings.
@@ -6606,29 +5653,6 @@ module Aws::GuardDuty
6606
5653
  #
6607
5654
  class UpdateMalwareScanSettingsResponse < Aws::EmptyStructure; end
6608
5655
 
6609
- # @note When making an API call, you may pass UpdateMemberDetectorsRequest
6610
- # data as a hash:
6611
- #
6612
- # {
6613
- # detector_id: "DetectorId", # required
6614
- # account_ids: ["AccountId"], # required
6615
- # data_sources: {
6616
- # s3_logs: {
6617
- # enable: false, # required
6618
- # },
6619
- # kubernetes: {
6620
- # audit_logs: { # required
6621
- # enable: false, # required
6622
- # },
6623
- # },
6624
- # malware_protection: {
6625
- # scan_ec2_instance_with_findings: {
6626
- # ebs_volumes: false,
6627
- # },
6628
- # },
6629
- # },
6630
- # }
6631
- #
6632
5656
  # @!attribute [rw] detector_id
6633
5657
  # The detector ID of the administrator account.
6634
5658
  # @return [String]
@@ -6664,31 +5688,6 @@ module Aws::GuardDuty
6664
5688
  include Aws::Structure
6665
5689
  end
6666
5690
 
6667
- # @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
6668
- # data as a hash:
6669
- #
6670
- # {
6671
- # detector_id: "DetectorId", # required
6672
- # auto_enable: false, # required
6673
- # data_sources: {
6674
- # s3_logs: {
6675
- # auto_enable: false, # required
6676
- # },
6677
- # kubernetes: {
6678
- # audit_logs: { # required
6679
- # auto_enable: false, # required
6680
- # },
6681
- # },
6682
- # malware_protection: {
6683
- # scan_ec2_instance_with_findings: {
6684
- # ebs_volumes: {
6685
- # auto_enable: false,
6686
- # },
6687
- # },
6688
- # },
6689
- # },
6690
- # }
6691
- #
6692
5691
  # @!attribute [rw] detector_id
6693
5692
  # The ID of the detector to update the delegated administrator for.
6694
5693
  # @return [String]
@@ -6716,18 +5715,6 @@ module Aws::GuardDuty
6716
5715
  #
6717
5716
  class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
6718
5717
 
6719
- # @note When making an API call, you may pass UpdatePublishingDestinationRequest
6720
- # data as a hash:
6721
- #
6722
- # {
6723
- # detector_id: "DetectorId", # required
6724
- # destination_id: "String", # required
6725
- # destination_properties: {
6726
- # destination_arn: "String",
6727
- # kms_key_arn: "String",
6728
- # },
6729
- # }
6730
- #
6731
5718
  # @!attribute [rw] detector_id
6732
5719
  # The ID of the detector associated with the publishing destinations
6733
5720
  # to update.
@@ -6756,17 +5743,6 @@ module Aws::GuardDuty
6756
5743
  #
6757
5744
  class UpdatePublishingDestinationResponse < Aws::EmptyStructure; end
6758
5745
 
6759
- # @note When making an API call, you may pass UpdateThreatIntelSetRequest
6760
- # data as a hash:
6761
- #
6762
- # {
6763
- # detector_id: "DetectorId", # required
6764
- # threat_intel_set_id: "String", # required
6765
- # name: "Name",
6766
- # location: "Location",
6767
- # activate: false,
6768
- # }
6769
- #
6770
5746
  # @!attribute [rw] detector_id
6771
5747
  # The detectorID that specifies the GuardDuty service whose
6772
5748
  # ThreatIntelSet you want to update.
@@ -6829,15 +5805,6 @@ module Aws::GuardDuty
6829
5805
  # Contains information about the criteria used to query usage
6830
5806
  # statistics.
6831
5807
  #
6832
- # @note When making an API call, you may pass UsageCriteria
6833
- # data as a hash:
6834
- #
6835
- # {
6836
- # account_ids: ["AccountId"],
6837
- # data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
6838
- # resources: ["String"],
6839
- # }
6840
- #
6841
5808
  # @!attribute [rw] account_ids
6842
5809
  # The account IDs to aggregate usage statistics from.
6843
5810
  # @return [Array<String>]