aws-sdk-guardduty 1.63.0 → 1.65.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e63259ffa20175ae1ea1d5059ab2ff4f5596f7224ed6136b4682d2bc7b7d14ed
-  data.tar.gz: b78fc1777ef25696a18eece688161e67d66d382b1fd8b2464029e30323dc575d
+  metadata.gz: fa122ecb5a993e1f6cd51dfe75525340ace96b8aedb088e7653d73be01723290
+  data.tar.gz: 3bd1d115fea8ced61bbd94478af39f5764f77ea315052f2d8af1916934f9aa5c
 SHA512:
-  metadata.gz: 83cacd208e3f23e570ce94e7bff1e65a159d73889a081577cc8c3a4aee13c5bd5207f179e57d627f709d85ef6e84d278cb16145a48960d0afcdf816a5b3a705c
-  data.tar.gz: 666a6e40cb440763e6fb729902c139920ebdb6c17a86c559ddff0c4ccb5c2b9817b1eea331f57df8a9f68472103d4e0db8f92830ffe63092881c9dba5e0d6432
+  metadata.gz: 4c8bccf1baa869990f690b2fc3fdebceff68944155d3a822b1cf4f1cdf257af8ebeb848aa31c2b41192a8e2fa0d09cb64b3a2938123952b5328aa7064d5f7b5e
+  data.tar.gz: e58fe1ed3921cda282e63e783239432d5b95974de9f7446c33a2c9792f2574d2ced35c8279fcb4243df302a7ce808700963f6a310572ff089cd7ac3ccc8dc131

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.65.0 (2023-03-16)
+------------------
+
+* Feature - Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
+
+1.64.0 (2023-02-23)
+------------------
+
+* Feature - Updated API and data types descriptions for CreateFilter, UpdateFilter, and TriggerDetails.
+
 1.63.0 (2023-01-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.63.0
+1.65.0

data/lib/aws-sdk-guardduty/client.rb

@@ -473,6 +473,15 @@ module Aws::GuardDuty
     # You can have only one detector per account per Region. All data
     # sources are enabled in a new detector by default.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, Boolean] :enable
     #   A Boolean value that specifies whether the detector is to be enabled.
     #
@@ -488,9 +497,21 @@ module Aws::GuardDuty
     # @option params [Types::DataSourceConfigurations] :data_sources
     #   Describes which data sources will be enabled for the detector.
     #
+    #   There might be regional differences because some data sources might
+    #   not be available in all the Amazon Web Services Regions where
+    #   GuardDuty is presently supported. For more information, see [Regions
+    #   and endpoints][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [Hash<String,String>] :tags
     #   The tags to be added to a new detector resource.
     #
+    # @option params [Array<Types::DetectorFeatureConfiguration>] :features
+    #   A list of features that will be configured for the detector.
+    #
     # @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDetectorResponse#detector_id #detector_id} => String
@@ -520,6 +541,12 @@ module Aws::GuardDuty
     #     tags: {
     #       "TagKey" => "TagValue",
     #     },
+    #     features: [
+    #       {
+    #         name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
+    #         status: "ENABLED", # accepts ENABLED, DISABLED
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -538,7 +565,13 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Creates a filter using the specified finding criteria.
+    # Creates a filter using the specified finding criteria. The maximum
+    # number of saved filters per Amazon Web Services account per Region is
+    # 100. For more information, see [Quotas for GuardDuty][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html
     #
     # @option params [required, String] :detector_id
     #   The ID of the detector belonging to the GuardDuty account that you
@@ -550,9 +583,11 @@ module Aws::GuardDuty
     #   is considered to be an invalid character.
     #
     # @option params [String] :description
-    #   The description of the filter. Valid special characters include period
-    #   (.), underscore (\_), dash (-), and whitespace. The new line character
-    #   is considered to be an invalid input for description.
+    #   The description of the filter. Valid characters include alphanumeric
+    #   characters, and special characters such as hyphen, period, colon,
+    #   underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
+    #   horizontal tab, vertical tab, newline, form feed, return, and
+    #   whitespace.
     #
     # @option params [String] :action
     #   Specifies the action that is to be applied to the findings that match
@@ -573,8 +608,6 @@ module Aws::GuardDuty
     #
     #   * region
     #
-    #   * confidence
-    #
     #   * id
     #
     #   * resource.accessKeyDetails.accessKeyId
@@ -673,13 +706,6 @@ module Aws::GuardDuty
     #
     #   * resource.s3BucketDetails.type
     #
-    #   * service.archived
-    #
-    #     When this attribute is set to TRUE, only archived findings are
-    #     listed. When it's set to FALSE, only unarchived findings are
-    #     listed. When this attribute is not set, all existing findings are
-    #     listed.
-    #
     #   * service.resourceRole
     #
     #   * severity
@@ -764,7 +790,7 @@ module Aws::GuardDuty
     # @option params [required, String] :name
     #   The user-friendly name to identify the IPSet.
     #
-    #   Allowed characters are alphanumerics, spaces, hyphens (-), and
+    #   Allowed characters are alphanumeric, whitespace, dash (-), and
     #   underscores (\_).
     #
     # @option params [required, String] :format
@@ -828,9 +854,9 @@ module Aws::GuardDuty
     # administrator account, which must enable GuardDuty prior to being
     # added as a member.
     #
-    # If you are adding accounts by invitation use this action after
-    # GuardDuty has been enabled in potential member accounts and before
-    # using [ `Invite Members` ][1].
+    # If you are adding accounts by invitation, use this action after
+    # GuardDuty has bee enabled in potential member accounts and before
+    # using [InviteMembers][1].
     #
     #
     #
@@ -925,9 +951,9 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Generates example findings of types specified by the list of finding
+    # Generates sample findings of types specified by the list of finding
     # types. If 'NULL' is specified for `findingTypes`, the API generates
-    # example findings of all supported finding types.
+    # sample findings of all supported finding types.
     #
     # @option params [required, String] :detector_id
     #   The ID of the detector to create sample findings for.
@@ -1254,6 +1280,15 @@ module Aws::GuardDuty
     # malware scans for their own accounts. An administrator can view the
     # malware scans for all the member accounts.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector that the request is associated with.
     #
@@ -1274,7 +1309,12 @@ module Aws::GuardDuty
     #   entries.
     #
     # @option params [Types::SortCriteria] :sort_criteria
-    #   Represents the criteria used for sorting scan entries.
+    #   Represents the criteria used for sorting scan entries. The [
+    #   `attributeName` ][1] is required and it must be `scanStartTime`.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SortCriteria.html#guardduty-Type-SortCriteria-attributeName
     #
     # @return [Types::DescribeMalwareScansResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1346,20 +1386,46 @@ module Aws::GuardDuty
     # Returns information about the account selected as the delegated
     # administrator for GuardDuty.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The ID of the detector to retrieve information about the delegated
     #   administrator from.
     #
+    # @option params [Integer] :max_results
+    #   You can use this parameter to indicate the maximum number of items
+    #   that you want in the response.
+    #
+    # @option params [String] :next_token
+    #   You can use this parameter when paginating results. Set the value of
+    #   this parameter to null on your first call to the list action. For
+    #   subsequent calls to the action, fill `nextToken` in the request with
+    #   the value of `NextToken` from the previous response to continue
+    #   listing data.
+    #
     # @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
     #   * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
     #   * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
+    #   * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array&lt;Types::OrganizationFeatureConfigurationResult&gt;
+    #   * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.describe_organization_configuration({
     #     detector_id: "DetectorId", # required
+    #     max_results: 1,
+    #     next_token: "String",
     #   })
     #
     # @example Response structure
@@ -1369,6 +1435,10 @@ module Aws::GuardDuty
     #   resp.data_sources.s3_logs.auto_enable #=> Boolean
     #   resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
     #   resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
+    #   resp.features #=> Array
+    #   resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
+    #   resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
+    #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
     #
@@ -1587,6 +1657,15 @@ module Aws::GuardDuty
 
     # Retrieves an Amazon GuardDuty detector specified by the detectorId.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector that you want to get.
     #
@@ -1599,6 +1678,7 @@ module Aws::GuardDuty
     #   * {Types::GetDetectorResponse#updated_at #updated_at} => String
     #   * {Types::GetDetectorResponse#data_sources #data_sources} => Types::DataSourceConfigurationsResult
     #   * {Types::GetDetectorResponse#tags #tags} => Hash&lt;String,String&gt;
+    #   * {Types::GetDetectorResponse#features #features} => Array&lt;Types::DetectorFeatureConfigurationResult&gt;
     #
     # @example Request syntax with placeholder values
     #
@@ -1623,6 +1703,10 @@ module Aws::GuardDuty
     #   resp.data_sources.malware_protection.service_role #=> String
     #   resp.tags #=> Hash
     #   resp.tags["TagKey"] #=> String
+    #   resp.features #=> Array
+    #   resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
+    #   resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.features[0].updated_at #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
     #
@@ -1879,6 +1963,19 @@ module Aws::GuardDuty
     #   resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
     #   resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
     #   resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
+    #   resp.findings[0].resource.rds_db_instance_details.db_instance_identifier #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.engine #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.engine_version #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.db_cluster_identifier #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.db_instance_arn #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.tags #=> Array
+    #   resp.findings[0].resource.rds_db_instance_details.tags[0].key #=> String
+    #   resp.findings[0].resource.rds_db_instance_details.tags[0].value #=> String
+    #   resp.findings[0].resource.rds_db_user_details.user #=> String
+    #   resp.findings[0].resource.rds_db_user_details.application #=> String
+    #   resp.findings[0].resource.rds_db_user_details.database #=> String
+    #   resp.findings[0].resource.rds_db_user_details.ssl #=> String
+    #   resp.findings[0].resource.rds_db_user_details.auth_method #=> String
     #   resp.findings[0].schema_version #=> String
     #   resp.findings[0].service.action.action_type #=> String
     #   resp.findings[0].service.action.aws_api_call_action.api #=> String
@@ -1954,6 +2051,21 @@ module Aws::GuardDuty
     #   resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
     #   resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
     #   resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.city.city_name #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_code #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_name #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lat #=> Float
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lon #=> Float
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.ip_address_v4 #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn_org #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.isp #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.org #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.login_attributes #=> Array
+    #   resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].user #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].application #=> String
+    #   resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].failed_login_attempts #=> Integer
+    #   resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].successful_login_attempts #=> Integer
     #   resp.findings[0].service.evidence.threat_intelligence_details #=> Array
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
     #   resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
@@ -2128,6 +2240,15 @@ module Aws::GuardDuty
 
     # Returns the details of the malware scan settings.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector that the scan setting is associated
     #   with.
@@ -2199,6 +2320,15 @@ module Aws::GuardDuty
     # Describes which data sources are enabled for the member account's
     # detector.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The detector ID for the administrator account.
     #
@@ -2229,6 +2359,10 @@ module Aws::GuardDuty
     #   resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
     #   resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
     #   resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
+    #   resp.member_data_source_configurations[0].features #=> Array
+    #   resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
+    #   resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.member_data_source_configurations[0].features[0].updated_at #=> Time
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].result #=> String
@@ -2320,6 +2454,9 @@ module Aws::GuardDuty
     #   resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
     #   resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
     #   resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
+    #   resp.accounts[0].features #=> Array
+    #   resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
+    #   resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
     #   resp.unprocessed_accounts #=> Array
     #   resp.unprocessed_accounts[0].account_id #=> String
     #   resp.unprocessed_accounts[0].result #=> String
@@ -2422,11 +2559,12 @@ module Aws::GuardDuty
     #
     #   resp = client.get_usage_statistics({
     #     detector_id: "DetectorId", # required
-    #     usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
+    #     usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES, SUM_BY_FEATURES
     #     usage_criteria: { # required
     #       account_ids: ["AccountId"],
-    #       data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
+    #       data_sources: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
     #       resources: ["String"],
+    #       features: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, LAMBDA_NETWORK_LOGS, EKS_RUNTIME_MONITORING
     #     },
     #     unit: "String",
     #     max_results: 1,
@@ -2451,6 +2589,10 @@ module Aws::GuardDuty
     #   resp.usage_statistics.top_resources[0].resource #=> String
     #   resp.usage_statistics.top_resources[0].total.amount #=> String
     #   resp.usage_statistics.top_resources[0].total.unit #=> String
+    #   resp.usage_statistics.sum_by_feature #=> Array
+    #   resp.usage_statistics.sum_by_feature[0].feature #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "LAMBDA_NETWORK_LOGS", "EKS_RUNTIME_MONITORING"
+    #   resp.usage_statistics.sum_by_feature[0].total.amount #=> String
+    #   resp.usage_statistics.sum_by_feature[0].total.unit #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatistics AWS API Documentation
@@ -3278,6 +3420,15 @@ module Aws::GuardDuty
 
     # Updates the Amazon GuardDuty detector specified by the detectorId.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector to update.
     #
@@ -3291,6 +3442,18 @@ module Aws::GuardDuty
     # @option params [Types::DataSourceConfigurations] :data_sources
     #   Describes which data sources will be updated.
     #
+    #   There might be regional differences because some data sources might
+    #   not be available in all the Amazon Web Services Regions where
+    #   GuardDuty is presently supported. For more information, see [Regions
+    #   and endpoints][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
+    # @option params [Array<Types::DetectorFeatureConfiguration>] :features
+    #   Provides the features that will be updated for the detector.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -3314,6 +3477,12 @@ module Aws::GuardDuty
     #         },
     #       },
     #     },
+    #     features: [
+    #       {
+    #         name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
+    #         status: "ENABLED", # accepts ENABLED, DISABLED
+    #       },
+    #     ],
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetector AWS API Documentation
@@ -3335,9 +3504,11 @@ module Aws::GuardDuty
     #   The name of the filter.
     #
     # @option params [String] :description
-    #   The description of the filter. Valid special characters include period
-    #   (.), underscore (\_), dash (-), and whitespace. The new line character
-    #   is considered to be an invalid input for description.
+    #   The description of the filter. Valid characters include alphanumeric
+    #   characters, and special characters such as hyphen, period, colon,
+    #   underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
+    #   horizontal tab, vertical tab, newline, form feed, return, and
+    #   whitespace.
     #
     # @option params [String] :action
     #   Specifies the action that is to be applied to the findings that match
@@ -3474,6 +3645,15 @@ module Aws::GuardDuty
 
     # Updates the malware scan settings.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector that specifies the GuardDuty service
     #   where you want to update scan settings.
@@ -3527,6 +3707,15 @@ module Aws::GuardDuty
 
     # Contains information on member accounts to be updated.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The detector ID of the administrator account.
     #
@@ -3536,6 +3725,10 @@ module Aws::GuardDuty
     # @option params [Types::DataSourceConfigurations] :data_sources
     #   Describes which data sources will be updated.
     #
+    # @option params [Array<Types::MemberFeaturesConfiguration>] :features
+    #   A list of features that will be updated for the specified member
+    #   accounts.
+    #
     # @return [Types::UpdateMemberDetectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateMemberDetectorsResponse#unprocessed_accounts #unprocessed_accounts} => Array&lt;Types::UnprocessedAccount&gt;
@@ -3560,6 +3753,12 @@ module Aws::GuardDuty
     #         },
     #       },
     #     },
+    #     features: [
+    #       {
+    #         name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
+    #         status: "ENABLED", # accepts ENABLED, DISABLED
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -3579,6 +3778,15 @@ module Aws::GuardDuty
 
     # Updates the delegated administrator account with the values provided.
     #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
     # @option params [required, String] :detector_id
     #   The ID of the detector to update the delegated administrator for.
     #
@@ -3589,6 +3797,9 @@ module Aws::GuardDuty
     # @option params [Types::OrganizationDataSourceConfigurations] :data_sources
     #   Describes which data sources will be updated.
     #
+    # @option params [Array<Types::OrganizationFeatureConfiguration>] :features
+    #   A list of features that will be configured for the organization.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -3613,6 +3824,12 @@ module Aws::GuardDuty
     #         },
     #       },
     #     },
+    #     features: [
+    #       {
+    #         name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
+    #         auto_enable: "NEW", # accepts NEW, NONE
+    #       },
+    #     ],
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
@@ -3715,7 +3932,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.63.0'
+      context[:gem_version] = '1.65.0'
       Seahorse::Client::Request.new(handlers, context)
     end