aws-sdk-guardduty 1.63.0 → 1.65.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e63259ffa20175ae1ea1d5059ab2ff4f5596f7224ed6136b4682d2bc7b7d14ed
4
- data.tar.gz: b78fc1777ef25696a18eece688161e67d66d382b1fd8b2464029e30323dc575d
3
+ metadata.gz: fa122ecb5a993e1f6cd51dfe75525340ace96b8aedb088e7653d73be01723290
4
+ data.tar.gz: 3bd1d115fea8ced61bbd94478af39f5764f77ea315052f2d8af1916934f9aa5c
5
5
  SHA512:
6
- metadata.gz: 83cacd208e3f23e570ce94e7bff1e65a159d73889a081577cc8c3a4aee13c5bd5207f179e57d627f709d85ef6e84d278cb16145a48960d0afcdf816a5b3a705c
7
- data.tar.gz: 666a6e40cb440763e6fb729902c139920ebdb6c17a86c559ddff0c4ccb5c2b9817b1eea331f57df8a9f68472103d4e0db8f92830ffe63092881c9dba5e0d6432
6
+ metadata.gz: 4c8bccf1baa869990f690b2fc3fdebceff68944155d3a822b1cf4f1cdf257af8ebeb848aa31c2b41192a8e2fa0d09cb64b3a2938123952b5328aa7064d5f7b5e
7
+ data.tar.gz: e58fe1ed3921cda282e63e783239432d5b95974de9f7446c33a2c9792f2574d2ced35c8279fcb4243df302a7ce808700963f6a310572ff089cd7ac3ccc8dc131
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.65.0 (2023-03-16)
5
+ ------------------
6
+
7
+ * Feature - Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
8
+
9
+ 1.64.0 (2023-02-23)
10
+ ------------------
11
+
12
+ * Feature - Updated API and data types descriptions for CreateFilter, UpdateFilter, and TriggerDetails.
13
+
4
14
  1.63.0 (2023-01-18)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.63.0
1
+ 1.65.0
@@ -473,6 +473,15 @@ module Aws::GuardDuty
473
473
  # You can have only one detector per account per Region. All data
474
474
  # sources are enabled in a new detector by default.
475
475
  #
476
+ # There might be regional differences because some data sources might
477
+ # not be available in all the Amazon Web Services Regions where
478
+ # GuardDuty is presently supported. For more information, see [Regions
479
+ # and endpoints][1].
480
+ #
481
+ #
482
+ #
483
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
484
+ #
476
485
  # @option params [required, Boolean] :enable
477
486
  # A Boolean value that specifies whether the detector is to be enabled.
478
487
  #
@@ -488,9 +497,21 @@ module Aws::GuardDuty
488
497
  # @option params [Types::DataSourceConfigurations] :data_sources
489
498
  # Describes which data sources will be enabled for the detector.
490
499
  #
500
+ # There might be regional differences because some data sources might
501
+ # not be available in all the Amazon Web Services Regions where
502
+ # GuardDuty is presently supported. For more information, see [Regions
503
+ # and endpoints][1].
504
+ #
505
+ #
506
+ #
507
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
508
+ #
491
509
  # @option params [Hash<String,String>] :tags
492
510
  # The tags to be added to a new detector resource.
493
511
  #
512
+ # @option params [Array<Types::DetectorFeatureConfiguration>] :features
513
+ # A list of features that will be configured for the detector.
514
+ #
494
515
  # @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
495
516
  #
496
517
  # * {Types::CreateDetectorResponse#detector_id #detector_id} => String
@@ -520,6 +541,12 @@ module Aws::GuardDuty
520
541
  # tags: {
521
542
  # "TagKey" => "TagValue",
522
543
  # },
544
+ # features: [
545
+ # {
546
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
547
+ # status: "ENABLED", # accepts ENABLED, DISABLED
548
+ # },
549
+ # ],
523
550
  # })
524
551
  #
525
552
  # @example Response structure
@@ -538,7 +565,13 @@ module Aws::GuardDuty
538
565
  req.send_request(options)
539
566
  end
540
567
 
541
- # Creates a filter using the specified finding criteria.
568
+ # Creates a filter using the specified finding criteria. The maximum
569
+ # number of saved filters per Amazon Web Services account per Region is
570
+ # 100. For more information, see [Quotas for GuardDuty][1].
571
+ #
572
+ #
573
+ #
574
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html
542
575
  #
543
576
  # @option params [required, String] :detector_id
544
577
  # The ID of the detector belonging to the GuardDuty account that you
@@ -550,9 +583,11 @@ module Aws::GuardDuty
550
583
  # is considered to be an invalid character.
551
584
  #
552
585
  # @option params [String] :description
553
- # The description of the filter. Valid special characters include period
554
- # (.), underscore (\_), dash (-), and whitespace. The new line character
555
- # is considered to be an invalid input for description.
586
+ # The description of the filter. Valid characters include alphanumeric
587
+ # characters, and special characters such as hyphen, period, colon,
588
+ # underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
589
+ # horizontal tab, vertical tab, newline, form feed, return, and
590
+ # whitespace.
556
591
  #
557
592
  # @option params [String] :action
558
593
  # Specifies the action that is to be applied to the findings that match
@@ -573,8 +608,6 @@ module Aws::GuardDuty
573
608
  #
574
609
  # * region
575
610
  #
576
- # * confidence
577
- #
578
611
  # * id
579
612
  #
580
613
  # * resource.accessKeyDetails.accessKeyId
@@ -673,13 +706,6 @@ module Aws::GuardDuty
673
706
  #
674
707
  # * resource.s3BucketDetails.type
675
708
  #
676
- # * service.archived
677
- #
678
- # When this attribute is set to TRUE, only archived findings are
679
- # listed. When it's set to FALSE, only unarchived findings are
680
- # listed. When this attribute is not set, all existing findings are
681
- # listed.
682
- #
683
709
  # * service.resourceRole
684
710
  #
685
711
  # * severity
@@ -764,7 +790,7 @@ module Aws::GuardDuty
764
790
  # @option params [required, String] :name
765
791
  # The user-friendly name to identify the IPSet.
766
792
  #
767
- # Allowed characters are alphanumerics, spaces, hyphens (-), and
793
+ # Allowed characters are alphanumeric, whitespace, dash (-), and
768
794
  # underscores (\_).
769
795
  #
770
796
  # @option params [required, String] :format
@@ -828,9 +854,9 @@ module Aws::GuardDuty
828
854
  # administrator account, which must enable GuardDuty prior to being
829
855
  # added as a member.
830
856
  #
831
- # If you are adding accounts by invitation use this action after
832
- # GuardDuty has been enabled in potential member accounts and before
833
- # using [ `Invite Members` ][1].
857
+ # If you are adding accounts by invitation, use this action after
858
+ # GuardDuty has bee enabled in potential member accounts and before
859
+ # using [InviteMembers][1].
834
860
  #
835
861
  #
836
862
  #
@@ -925,9 +951,9 @@ module Aws::GuardDuty
925
951
  req.send_request(options)
926
952
  end
927
953
 
928
- # Generates example findings of types specified by the list of finding
954
+ # Generates sample findings of types specified by the list of finding
929
955
  # types. If 'NULL' is specified for `findingTypes`, the API generates
930
- # example findings of all supported finding types.
956
+ # sample findings of all supported finding types.
931
957
  #
932
958
  # @option params [required, String] :detector_id
933
959
  # The ID of the detector to create sample findings for.
@@ -1254,6 +1280,15 @@ module Aws::GuardDuty
1254
1280
  # malware scans for their own accounts. An administrator can view the
1255
1281
  # malware scans for all the member accounts.
1256
1282
  #
1283
+ # There might be regional differences because some data sources might
1284
+ # not be available in all the Amazon Web Services Regions where
1285
+ # GuardDuty is presently supported. For more information, see [Regions
1286
+ # and endpoints][1].
1287
+ #
1288
+ #
1289
+ #
1290
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
1291
+ #
1257
1292
  # @option params [required, String] :detector_id
1258
1293
  # The unique ID of the detector that the request is associated with.
1259
1294
  #
@@ -1274,7 +1309,12 @@ module Aws::GuardDuty
1274
1309
  # entries.
1275
1310
  #
1276
1311
  # @option params [Types::SortCriteria] :sort_criteria
1277
- # Represents the criteria used for sorting scan entries.
1312
+ # Represents the criteria used for sorting scan entries. The [
1313
+ # `attributeName` ][1] is required and it must be `scanStartTime`.
1314
+ #
1315
+ #
1316
+ #
1317
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SortCriteria.html#guardduty-Type-SortCriteria-attributeName
1278
1318
  #
1279
1319
  # @return [Types::DescribeMalwareScansResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1280
1320
  #
@@ -1346,20 +1386,46 @@ module Aws::GuardDuty
1346
1386
  # Returns information about the account selected as the delegated
1347
1387
  # administrator for GuardDuty.
1348
1388
  #
1389
+ # There might be regional differences because some data sources might
1390
+ # not be available in all the Amazon Web Services Regions where
1391
+ # GuardDuty is presently supported. For more information, see [Regions
1392
+ # and endpoints][1].
1393
+ #
1394
+ #
1395
+ #
1396
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
1397
+ #
1349
1398
  # @option params [required, String] :detector_id
1350
1399
  # The ID of the detector to retrieve information about the delegated
1351
1400
  # administrator from.
1352
1401
  #
1402
+ # @option params [Integer] :max_results
1403
+ # You can use this parameter to indicate the maximum number of items
1404
+ # that you want in the response.
1405
+ #
1406
+ # @option params [String] :next_token
1407
+ # You can use this parameter when paginating results. Set the value of
1408
+ # this parameter to null on your first call to the list action. For
1409
+ # subsequent calls to the action, fill `nextToken` in the request with
1410
+ # the value of `NextToken` from the previous response to continue
1411
+ # listing data.
1412
+ #
1353
1413
  # @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1354
1414
  #
1355
1415
  # * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
1356
1416
  # * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
1357
1417
  # * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
1418
+ # * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array&lt;Types::OrganizationFeatureConfigurationResult&gt;
1419
+ # * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
1420
+ #
1421
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1358
1422
  #
1359
1423
  # @example Request syntax with placeholder values
1360
1424
  #
1361
1425
  # resp = client.describe_organization_configuration({
1362
1426
  # detector_id: "DetectorId", # required
1427
+ # max_results: 1,
1428
+ # next_token: "String",
1363
1429
  # })
1364
1430
  #
1365
1431
  # @example Response structure
@@ -1369,6 +1435,10 @@ module Aws::GuardDuty
1369
1435
  # resp.data_sources.s3_logs.auto_enable #=> Boolean
1370
1436
  # resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
1371
1437
  # resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
1438
+ # resp.features #=> Array
1439
+ # resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
1440
+ # resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
1441
+ # resp.next_token #=> String
1372
1442
  #
1373
1443
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
1374
1444
  #
@@ -1587,6 +1657,15 @@ module Aws::GuardDuty
1587
1657
 
1588
1658
  # Retrieves an Amazon GuardDuty detector specified by the detectorId.
1589
1659
  #
1660
+ # There might be regional differences because some data sources might
1661
+ # not be available in all the Amazon Web Services Regions where
1662
+ # GuardDuty is presently supported. For more information, see [Regions
1663
+ # and endpoints][1].
1664
+ #
1665
+ #
1666
+ #
1667
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
1668
+ #
1590
1669
  # @option params [required, String] :detector_id
1591
1670
  # The unique ID of the detector that you want to get.
1592
1671
  #
@@ -1599,6 +1678,7 @@ module Aws::GuardDuty
1599
1678
  # * {Types::GetDetectorResponse#updated_at #updated_at} => String
1600
1679
  # * {Types::GetDetectorResponse#data_sources #data_sources} => Types::DataSourceConfigurationsResult
1601
1680
  # * {Types::GetDetectorResponse#tags #tags} => Hash&lt;String,String&gt;
1681
+ # * {Types::GetDetectorResponse#features #features} => Array&lt;Types::DetectorFeatureConfigurationResult&gt;
1602
1682
  #
1603
1683
  # @example Request syntax with placeholder values
1604
1684
  #
@@ -1623,6 +1703,10 @@ module Aws::GuardDuty
1623
1703
  # resp.data_sources.malware_protection.service_role #=> String
1624
1704
  # resp.tags #=> Hash
1625
1705
  # resp.tags["TagKey"] #=> String
1706
+ # resp.features #=> Array
1707
+ # resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
1708
+ # resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
1709
+ # resp.features[0].updated_at #=> Time
1626
1710
  #
1627
1711
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
1628
1712
  #
@@ -1879,6 +1963,19 @@ module Aws::GuardDuty
1879
1963
  # resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
1880
1964
  # resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
1881
1965
  # resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
1966
+ # resp.findings[0].resource.rds_db_instance_details.db_instance_identifier #=> String
1967
+ # resp.findings[0].resource.rds_db_instance_details.engine #=> String
1968
+ # resp.findings[0].resource.rds_db_instance_details.engine_version #=> String
1969
+ # resp.findings[0].resource.rds_db_instance_details.db_cluster_identifier #=> String
1970
+ # resp.findings[0].resource.rds_db_instance_details.db_instance_arn #=> String
1971
+ # resp.findings[0].resource.rds_db_instance_details.tags #=> Array
1972
+ # resp.findings[0].resource.rds_db_instance_details.tags[0].key #=> String
1973
+ # resp.findings[0].resource.rds_db_instance_details.tags[0].value #=> String
1974
+ # resp.findings[0].resource.rds_db_user_details.user #=> String
1975
+ # resp.findings[0].resource.rds_db_user_details.application #=> String
1976
+ # resp.findings[0].resource.rds_db_user_details.database #=> String
1977
+ # resp.findings[0].resource.rds_db_user_details.ssl #=> String
1978
+ # resp.findings[0].resource.rds_db_user_details.auth_method #=> String
1882
1979
  # resp.findings[0].schema_version #=> String
1883
1980
  # resp.findings[0].service.action.action_type #=> String
1884
1981
  # resp.findings[0].service.action.aws_api_call_action.api #=> String
@@ -1954,6 +2051,21 @@ module Aws::GuardDuty
1954
2051
  # resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
1955
2052
  # resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
1956
2053
  # resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
2054
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.city.city_name #=> String
2055
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_code #=> String
2056
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_name #=> String
2057
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lat #=> Float
2058
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lon #=> Float
2059
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.ip_address_v4 #=> String
2060
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn #=> String
2061
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn_org #=> String
2062
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.isp #=> String
2063
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.org #=> String
2064
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes #=> Array
2065
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].user #=> String
2066
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].application #=> String
2067
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].failed_login_attempts #=> Integer
2068
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].successful_login_attempts #=> Integer
1957
2069
  # resp.findings[0].service.evidence.threat_intelligence_details #=> Array
1958
2070
  # resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
1959
2071
  # resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
@@ -2128,6 +2240,15 @@ module Aws::GuardDuty
2128
2240
 
2129
2241
  # Returns the details of the malware scan settings.
2130
2242
  #
2243
+ # There might be regional differences because some data sources might
2244
+ # not be available in all the Amazon Web Services Regions where
2245
+ # GuardDuty is presently supported. For more information, see [Regions
2246
+ # and endpoints][1].
2247
+ #
2248
+ #
2249
+ #
2250
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
2251
+ #
2131
2252
  # @option params [required, String] :detector_id
2132
2253
  # The unique ID of the detector that the scan setting is associated
2133
2254
  # with.
@@ -2199,6 +2320,15 @@ module Aws::GuardDuty
2199
2320
  # Describes which data sources are enabled for the member account's
2200
2321
  # detector.
2201
2322
  #
2323
+ # There might be regional differences because some data sources might
2324
+ # not be available in all the Amazon Web Services Regions where
2325
+ # GuardDuty is presently supported. For more information, see [Regions
2326
+ # and endpoints][1].
2327
+ #
2328
+ #
2329
+ #
2330
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
2331
+ #
2202
2332
  # @option params [required, String] :detector_id
2203
2333
  # The detector ID for the administrator account.
2204
2334
  #
@@ -2229,6 +2359,10 @@ module Aws::GuardDuty
2229
2359
  # resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
2230
2360
  # resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
2231
2361
  # resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
2362
+ # resp.member_data_source_configurations[0].features #=> Array
2363
+ # resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
2364
+ # resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
2365
+ # resp.member_data_source_configurations[0].features[0].updated_at #=> Time
2232
2366
  # resp.unprocessed_accounts #=> Array
2233
2367
  # resp.unprocessed_accounts[0].account_id #=> String
2234
2368
  # resp.unprocessed_accounts[0].result #=> String
@@ -2320,6 +2454,9 @@ module Aws::GuardDuty
2320
2454
  # resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
2321
2455
  # resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
2322
2456
  # resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
2457
+ # resp.accounts[0].features #=> Array
2458
+ # resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
2459
+ # resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
2323
2460
  # resp.unprocessed_accounts #=> Array
2324
2461
  # resp.unprocessed_accounts[0].account_id #=> String
2325
2462
  # resp.unprocessed_accounts[0].result #=> String
@@ -2422,11 +2559,12 @@ module Aws::GuardDuty
2422
2559
  #
2423
2560
  # resp = client.get_usage_statistics({
2424
2561
  # detector_id: "DetectorId", # required
2425
- # usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
2562
+ # usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES, SUM_BY_FEATURES
2426
2563
  # usage_criteria: { # required
2427
2564
  # account_ids: ["AccountId"],
2428
- # data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
2565
+ # data_sources: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
2429
2566
  # resources: ["String"],
2567
+ # features: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, LAMBDA_NETWORK_LOGS, EKS_RUNTIME_MONITORING
2430
2568
  # },
2431
2569
  # unit: "String",
2432
2570
  # max_results: 1,
@@ -2451,6 +2589,10 @@ module Aws::GuardDuty
2451
2589
  # resp.usage_statistics.top_resources[0].resource #=> String
2452
2590
  # resp.usage_statistics.top_resources[0].total.amount #=> String
2453
2591
  # resp.usage_statistics.top_resources[0].total.unit #=> String
2592
+ # resp.usage_statistics.sum_by_feature #=> Array
2593
+ # resp.usage_statistics.sum_by_feature[0].feature #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "LAMBDA_NETWORK_LOGS", "EKS_RUNTIME_MONITORING"
2594
+ # resp.usage_statistics.sum_by_feature[0].total.amount #=> String
2595
+ # resp.usage_statistics.sum_by_feature[0].total.unit #=> String
2454
2596
  # resp.next_token #=> String
2455
2597
  #
2456
2598
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatistics AWS API Documentation
@@ -3278,6 +3420,15 @@ module Aws::GuardDuty
3278
3420
 
3279
3421
  # Updates the Amazon GuardDuty detector specified by the detectorId.
3280
3422
  #
3423
+ # There might be regional differences because some data sources might
3424
+ # not be available in all the Amazon Web Services Regions where
3425
+ # GuardDuty is presently supported. For more information, see [Regions
3426
+ # and endpoints][1].
3427
+ #
3428
+ #
3429
+ #
3430
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3431
+ #
3281
3432
  # @option params [required, String] :detector_id
3282
3433
  # The unique ID of the detector to update.
3283
3434
  #
@@ -3291,6 +3442,18 @@ module Aws::GuardDuty
3291
3442
  # @option params [Types::DataSourceConfigurations] :data_sources
3292
3443
  # Describes which data sources will be updated.
3293
3444
  #
3445
+ # There might be regional differences because some data sources might
3446
+ # not be available in all the Amazon Web Services Regions where
3447
+ # GuardDuty is presently supported. For more information, see [Regions
3448
+ # and endpoints][1].
3449
+ #
3450
+ #
3451
+ #
3452
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3453
+ #
3454
+ # @option params [Array<Types::DetectorFeatureConfiguration>] :features
3455
+ # Provides the features that will be updated for the detector.
3456
+ #
3294
3457
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3295
3458
  #
3296
3459
  # @example Request syntax with placeholder values
@@ -3314,6 +3477,12 @@ module Aws::GuardDuty
3314
3477
  # },
3315
3478
  # },
3316
3479
  # },
3480
+ # features: [
3481
+ # {
3482
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3483
+ # status: "ENABLED", # accepts ENABLED, DISABLED
3484
+ # },
3485
+ # ],
3317
3486
  # })
3318
3487
  #
3319
3488
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetector AWS API Documentation
@@ -3335,9 +3504,11 @@ module Aws::GuardDuty
3335
3504
  # The name of the filter.
3336
3505
  #
3337
3506
  # @option params [String] :description
3338
- # The description of the filter. Valid special characters include period
3339
- # (.), underscore (\_), dash (-), and whitespace. The new line character
3340
- # is considered to be an invalid input for description.
3507
+ # The description of the filter. Valid characters include alphanumeric
3508
+ # characters, and special characters such as hyphen, period, colon,
3509
+ # underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
3510
+ # horizontal tab, vertical tab, newline, form feed, return, and
3511
+ # whitespace.
3341
3512
  #
3342
3513
  # @option params [String] :action
3343
3514
  # Specifies the action that is to be applied to the findings that match
@@ -3474,6 +3645,15 @@ module Aws::GuardDuty
3474
3645
 
3475
3646
  # Updates the malware scan settings.
3476
3647
  #
3648
+ # There might be regional differences because some data sources might
3649
+ # not be available in all the Amazon Web Services Regions where
3650
+ # GuardDuty is presently supported. For more information, see [Regions
3651
+ # and endpoints][1].
3652
+ #
3653
+ #
3654
+ #
3655
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3656
+ #
3477
3657
  # @option params [required, String] :detector_id
3478
3658
  # The unique ID of the detector that specifies the GuardDuty service
3479
3659
  # where you want to update scan settings.
@@ -3527,6 +3707,15 @@ module Aws::GuardDuty
3527
3707
 
3528
3708
  # Contains information on member accounts to be updated.
3529
3709
  #
3710
+ # There might be regional differences because some data sources might
3711
+ # not be available in all the Amazon Web Services Regions where
3712
+ # GuardDuty is presently supported. For more information, see [Regions
3713
+ # and endpoints][1].
3714
+ #
3715
+ #
3716
+ #
3717
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3718
+ #
3530
3719
  # @option params [required, String] :detector_id
3531
3720
  # The detector ID of the administrator account.
3532
3721
  #
@@ -3536,6 +3725,10 @@ module Aws::GuardDuty
3536
3725
  # @option params [Types::DataSourceConfigurations] :data_sources
3537
3726
  # Describes which data sources will be updated.
3538
3727
  #
3728
+ # @option params [Array<Types::MemberFeaturesConfiguration>] :features
3729
+ # A list of features that will be updated for the specified member
3730
+ # accounts.
3731
+ #
3539
3732
  # @return [Types::UpdateMemberDetectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3540
3733
  #
3541
3734
  # * {Types::UpdateMemberDetectorsResponse#unprocessed_accounts #unprocessed_accounts} => Array&lt;Types::UnprocessedAccount&gt;
@@ -3560,6 +3753,12 @@ module Aws::GuardDuty
3560
3753
  # },
3561
3754
  # },
3562
3755
  # },
3756
+ # features: [
3757
+ # {
3758
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3759
+ # status: "ENABLED", # accepts ENABLED, DISABLED
3760
+ # },
3761
+ # ],
3563
3762
  # })
3564
3763
  #
3565
3764
  # @example Response structure
@@ -3579,6 +3778,15 @@ module Aws::GuardDuty
3579
3778
 
3580
3779
  # Updates the delegated administrator account with the values provided.
3581
3780
  #
3781
+ # There might be regional differences because some data sources might
3782
+ # not be available in all the Amazon Web Services Regions where
3783
+ # GuardDuty is presently supported. For more information, see [Regions
3784
+ # and endpoints][1].
3785
+ #
3786
+ #
3787
+ #
3788
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3789
+ #
3582
3790
  # @option params [required, String] :detector_id
3583
3791
  # The ID of the detector to update the delegated administrator for.
3584
3792
  #
@@ -3589,6 +3797,9 @@ module Aws::GuardDuty
3589
3797
  # @option params [Types::OrganizationDataSourceConfigurations] :data_sources
3590
3798
  # Describes which data sources will be updated.
3591
3799
  #
3800
+ # @option params [Array<Types::OrganizationFeatureConfiguration>] :features
3801
+ # A list of features that will be configured for the organization.
3802
+ #
3592
3803
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3593
3804
  #
3594
3805
  # @example Request syntax with placeholder values
@@ -3613,6 +3824,12 @@ module Aws::GuardDuty
3613
3824
  # },
3614
3825
  # },
3615
3826
  # },
3827
+ # features: [
3828
+ # {
3829
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3830
+ # auto_enable: "NEW", # accepts NEW, NONE
3831
+ # },
3832
+ # ],
3616
3833
  # })
3617
3834
  #
3618
3835
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
@@ -3715,7 +3932,7 @@ module Aws::GuardDuty
3715
3932
  params: params,
3716
3933
  config: config)
3717
3934
  context[:gem_name] = 'aws-sdk-guardduty'
3718
- context[:gem_version] = '1.63.0'
3935
+ context[:gem_version] = '1.65.0'
3719
3936
  Seahorse::Client::Request.new(handlers, context)
3720
3937
  end
3721
3938