aws-sdk-guardduty 1.64.0 → 1.66.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +161 -11
- data/lib/aws-sdk-guardduty/client_api.rb +144 -11
- data/lib/aws-sdk-guardduty/types.rb +449 -16
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c6356dfb2e391ad2d06a67b8a860b11e382be1184324673fe57bbe272df9b971
|
|
4
|
+
data.tar.gz: 6ad3443644cb9f9d91f3f87b6bab03d3c3128886cbc55274d9a9e64a2b16be6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 538e231cfdadb79e2c7206569bb478b7083b946142fe82665f80c2db42e1abc0ec42d1a16580f4a72e02aee5171b334946ae8c62cb376995cacf8d5be5ddc9f3
|
|
7
|
+
data.tar.gz: e0088873fa2a9511eb70ab6294d1c89ced063b4259312d586243398cab52b843f58a88938cec78b8e6bf3b4b46ffadc6e1a1e6f49281e47ebe1dcd3602ce04ff
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.66.0 (2023-03-23)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
|
|
8
|
+
|
|
9
|
+
1.65.0 (2023-03-16)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
|
|
13
|
+
|
|
4
14
|
1.64.0 (2023-02-23)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.66.0
|
|
@@ -509,6 +509,9 @@ module Aws::GuardDuty
|
|
|
509
509
|
# @option params [Hash<String,String>] :tags
|
|
510
510
|
# The tags to be added to a new detector resource.
|
|
511
511
|
#
|
|
512
|
+
# @option params [Array<Types::DetectorFeatureConfiguration>] :features
|
|
513
|
+
# A list of features that will be configured for the detector.
|
|
514
|
+
#
|
|
512
515
|
# @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
513
516
|
#
|
|
514
517
|
# * {Types::CreateDetectorResponse#detector_id #detector_id} => String
|
|
@@ -538,6 +541,12 @@ module Aws::GuardDuty
|
|
|
538
541
|
# tags: {
|
|
539
542
|
# "TagKey" => "TagValue",
|
|
540
543
|
# },
|
|
544
|
+
# features: [
|
|
545
|
+
# {
|
|
546
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
547
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
548
|
+
# },
|
|
549
|
+
# ],
|
|
541
550
|
# })
|
|
542
551
|
#
|
|
543
552
|
# @example Response structure
|
|
@@ -556,7 +565,13 @@ module Aws::GuardDuty
|
|
|
556
565
|
req.send_request(options)
|
|
557
566
|
end
|
|
558
567
|
|
|
559
|
-
# Creates a filter using the specified finding criteria.
|
|
568
|
+
# Creates a filter using the specified finding criteria. The maximum
|
|
569
|
+
# number of saved filters per Amazon Web Services account per Region is
|
|
570
|
+
# 100. For more information, see [Quotas for GuardDuty][1].
|
|
571
|
+
#
|
|
572
|
+
#
|
|
573
|
+
#
|
|
574
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html
|
|
560
575
|
#
|
|
561
576
|
# @option params [required, String] :detector_id
|
|
562
577
|
# The ID of the detector belonging to the GuardDuty account that you
|
|
@@ -569,8 +584,10 @@ module Aws::GuardDuty
|
|
|
569
584
|
#
|
|
570
585
|
# @option params [String] :description
|
|
571
586
|
# The description of the filter. Valid characters include alphanumeric
|
|
572
|
-
# characters, and special characters such as
|
|
573
|
-
#
|
|
587
|
+
# characters, and special characters such as hyphen, period, colon,
|
|
588
|
+
# underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
|
|
589
|
+
# horizontal tab, vertical tab, newline, form feed, return, and
|
|
590
|
+
# whitespace.
|
|
574
591
|
#
|
|
575
592
|
# @option params [String] :action
|
|
576
593
|
# Specifies the action that is to be applied to the findings that match
|
|
@@ -1171,6 +1188,10 @@ module Aws::GuardDuty
|
|
|
1171
1188
|
# Deletes GuardDuty member accounts (to the current GuardDuty
|
|
1172
1189
|
# administrator account) specified by the account IDs.
|
|
1173
1190
|
#
|
|
1191
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1192
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1193
|
+
# disable GuardDuty for a member account in your organization.
|
|
1194
|
+
#
|
|
1174
1195
|
# @option params [required, String] :detector_id
|
|
1175
1196
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1176
1197
|
# you want to delete.
|
|
@@ -1382,16 +1403,34 @@ module Aws::GuardDuty
|
|
|
1382
1403
|
# The ID of the detector to retrieve information about the delegated
|
|
1383
1404
|
# administrator from.
|
|
1384
1405
|
#
|
|
1406
|
+
# @option params [Integer] :max_results
|
|
1407
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1408
|
+
# that you want in the response.
|
|
1409
|
+
#
|
|
1410
|
+
# @option params [String] :next_token
|
|
1411
|
+
# You can use this parameter when paginating results. Set the value of
|
|
1412
|
+
# this parameter to null on your first call to the list action. For
|
|
1413
|
+
# subsequent calls to the action, fill `nextToken` in the request with
|
|
1414
|
+
# the value of `NextToken` from the previous response to continue
|
|
1415
|
+
# listing data.
|
|
1416
|
+
#
|
|
1385
1417
|
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1386
1418
|
#
|
|
1387
1419
|
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
1388
1420
|
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
1389
1421
|
# * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
|
|
1422
|
+
# * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array<Types::OrganizationFeatureConfigurationResult>
|
|
1423
|
+
# * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
|
|
1424
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
|
|
1425
|
+
#
|
|
1426
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1390
1427
|
#
|
|
1391
1428
|
# @example Request syntax with placeholder values
|
|
1392
1429
|
#
|
|
1393
1430
|
# resp = client.describe_organization_configuration({
|
|
1394
1431
|
# detector_id: "DetectorId", # required
|
|
1432
|
+
# max_results: 1,
|
|
1433
|
+
# next_token: "String",
|
|
1395
1434
|
# })
|
|
1396
1435
|
#
|
|
1397
1436
|
# @example Response structure
|
|
@@ -1401,6 +1440,11 @@ module Aws::GuardDuty
|
|
|
1401
1440
|
# resp.data_sources.s3_logs.auto_enable #=> Boolean
|
|
1402
1441
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
|
1403
1442
|
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
|
1443
|
+
# resp.features #=> Array
|
|
1444
|
+
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1445
|
+
# resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
|
|
1446
|
+
# resp.next_token #=> String
|
|
1447
|
+
# resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
|
|
1404
1448
|
#
|
|
1405
1449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1406
1450
|
#
|
|
@@ -1481,6 +1525,10 @@ module Aws::GuardDuty
|
|
|
1481
1525
|
# Disassociates the current GuardDuty member account from its
|
|
1482
1526
|
# administrator account.
|
|
1483
1527
|
#
|
|
1528
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1529
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1530
|
+
# disable GuardDuty in a member account.
|
|
1531
|
+
#
|
|
1484
1532
|
# @option params [required, String] :detector_id
|
|
1485
1533
|
# The unique ID of the detector of the GuardDuty member account.
|
|
1486
1534
|
#
|
|
@@ -1527,6 +1575,11 @@ module Aws::GuardDuty
|
|
|
1527
1575
|
# Disassociates GuardDuty member accounts (to the current administrator
|
|
1528
1576
|
# account) specified by the account IDs.
|
|
1529
1577
|
#
|
|
1578
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1579
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1580
|
+
# disassociate a member account before removing them from your Amazon
|
|
1581
|
+
# Web Services organization.
|
|
1582
|
+
#
|
|
1530
1583
|
# @option params [required, String] :detector_id
|
|
1531
1584
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1532
1585
|
# you want to disassociate from the administrator account.
|
|
@@ -1640,6 +1693,7 @@ module Aws::GuardDuty
|
|
|
1640
1693
|
# * {Types::GetDetectorResponse#updated_at #updated_at} => String
|
|
1641
1694
|
# * {Types::GetDetectorResponse#data_sources #data_sources} => Types::DataSourceConfigurationsResult
|
|
1642
1695
|
# * {Types::GetDetectorResponse#tags #tags} => Hash<String,String>
|
|
1696
|
+
# * {Types::GetDetectorResponse#features #features} => Array<Types::DetectorFeatureConfigurationResult>
|
|
1643
1697
|
#
|
|
1644
1698
|
# @example Request syntax with placeholder values
|
|
1645
1699
|
#
|
|
@@ -1664,6 +1718,10 @@ module Aws::GuardDuty
|
|
|
1664
1718
|
# resp.data_sources.malware_protection.service_role #=> String
|
|
1665
1719
|
# resp.tags #=> Hash
|
|
1666
1720
|
# resp.tags["TagKey"] #=> String
|
|
1721
|
+
# resp.features #=> Array
|
|
1722
|
+
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1723
|
+
# resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
1724
|
+
# resp.features[0].updated_at #=> Time
|
|
1667
1725
|
#
|
|
1668
1726
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
|
|
1669
1727
|
#
|
|
@@ -1920,6 +1978,19 @@ module Aws::GuardDuty
|
|
|
1920
1978
|
# resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
|
|
1921
1979
|
# resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
|
|
1922
1980
|
# resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
|
|
1981
|
+
# resp.findings[0].resource.rds_db_instance_details.db_instance_identifier #=> String
|
|
1982
|
+
# resp.findings[0].resource.rds_db_instance_details.engine #=> String
|
|
1983
|
+
# resp.findings[0].resource.rds_db_instance_details.engine_version #=> String
|
|
1984
|
+
# resp.findings[0].resource.rds_db_instance_details.db_cluster_identifier #=> String
|
|
1985
|
+
# resp.findings[0].resource.rds_db_instance_details.db_instance_arn #=> String
|
|
1986
|
+
# resp.findings[0].resource.rds_db_instance_details.tags #=> Array
|
|
1987
|
+
# resp.findings[0].resource.rds_db_instance_details.tags[0].key #=> String
|
|
1988
|
+
# resp.findings[0].resource.rds_db_instance_details.tags[0].value #=> String
|
|
1989
|
+
# resp.findings[0].resource.rds_db_user_details.user #=> String
|
|
1990
|
+
# resp.findings[0].resource.rds_db_user_details.application #=> String
|
|
1991
|
+
# resp.findings[0].resource.rds_db_user_details.database #=> String
|
|
1992
|
+
# resp.findings[0].resource.rds_db_user_details.ssl #=> String
|
|
1993
|
+
# resp.findings[0].resource.rds_db_user_details.auth_method #=> String
|
|
1923
1994
|
# resp.findings[0].schema_version #=> String
|
|
1924
1995
|
# resp.findings[0].service.action.action_type #=> String
|
|
1925
1996
|
# resp.findings[0].service.action.aws_api_call_action.api #=> String
|
|
@@ -1995,6 +2066,21 @@ module Aws::GuardDuty
|
|
|
1995
2066
|
# resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
|
|
1996
2067
|
# resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
|
|
1997
2068
|
# resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
|
|
2069
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.city.city_name #=> String
|
|
2070
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_code #=> String
|
|
2071
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_name #=> String
|
|
2072
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lat #=> Float
|
|
2073
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lon #=> Float
|
|
2074
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.ip_address_v4 #=> String
|
|
2075
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn #=> String
|
|
2076
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn_org #=> String
|
|
2077
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.isp #=> String
|
|
2078
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.org #=> String
|
|
2079
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes #=> Array
|
|
2080
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].user #=> String
|
|
2081
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].application #=> String
|
|
2082
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].failed_login_attempts #=> Integer
|
|
2083
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].successful_login_attempts #=> Integer
|
|
1998
2084
|
# resp.findings[0].service.evidence.threat_intelligence_details #=> Array
|
|
1999
2085
|
# resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
|
|
2000
2086
|
# resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
|
|
@@ -2288,6 +2374,10 @@ module Aws::GuardDuty
|
|
|
2288
2374
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
2289
2375
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
2290
2376
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
|
2377
|
+
# resp.member_data_source_configurations[0].features #=> Array
|
|
2378
|
+
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2379
|
+
# resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
2380
|
+
# resp.member_data_source_configurations[0].features[0].updated_at #=> Time
|
|
2291
2381
|
# resp.unprocessed_accounts #=> Array
|
|
2292
2382
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2293
2383
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2379,6 +2469,9 @@ module Aws::GuardDuty
|
|
|
2379
2469
|
# resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
|
|
2380
2470
|
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
|
2381
2471
|
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
|
2472
|
+
# resp.accounts[0].features #=> Array
|
|
2473
|
+
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2474
|
+
# resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
|
|
2382
2475
|
# resp.unprocessed_accounts #=> Array
|
|
2383
2476
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2384
2477
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2481,11 +2574,12 @@ module Aws::GuardDuty
|
|
|
2481
2574
|
#
|
|
2482
2575
|
# resp = client.get_usage_statistics({
|
|
2483
2576
|
# detector_id: "DetectorId", # required
|
|
2484
|
-
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
|
2577
|
+
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES, SUM_BY_FEATURES
|
|
2485
2578
|
# usage_criteria: { # required
|
|
2486
2579
|
# account_ids: ["AccountId"],
|
|
2487
|
-
# data_sources: ["FLOW_LOGS"], #
|
|
2580
|
+
# data_sources: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
|
|
2488
2581
|
# resources: ["String"],
|
|
2582
|
+
# features: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, LAMBDA_NETWORK_LOGS, EKS_RUNTIME_MONITORING
|
|
2489
2583
|
# },
|
|
2490
2584
|
# unit: "String",
|
|
2491
2585
|
# max_results: 1,
|
|
@@ -2510,6 +2604,10 @@ module Aws::GuardDuty
|
|
|
2510
2604
|
# resp.usage_statistics.top_resources[0].resource #=> String
|
|
2511
2605
|
# resp.usage_statistics.top_resources[0].total.amount #=> String
|
|
2512
2606
|
# resp.usage_statistics.top_resources[0].total.unit #=> String
|
|
2607
|
+
# resp.usage_statistics.sum_by_feature #=> Array
|
|
2608
|
+
# resp.usage_statistics.sum_by_feature[0].feature #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "LAMBDA_NETWORK_LOGS", "EKS_RUNTIME_MONITORING"
|
|
2609
|
+
# resp.usage_statistics.sum_by_feature[0].total.amount #=> String
|
|
2610
|
+
# resp.usage_statistics.sum_by_feature[0].total.unit #=> String
|
|
2513
2611
|
# resp.next_token #=> String
|
|
2514
2612
|
#
|
|
2515
2613
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatistics AWS API Documentation
|
|
@@ -3181,7 +3279,11 @@ module Aws::GuardDuty
|
|
|
3181
3279
|
|
|
3182
3280
|
# Turns on GuardDuty monitoring of the specified member accounts. Use
|
|
3183
3281
|
# this operation to restart monitoring of accounts that you stopped
|
|
3184
|
-
# monitoring with the
|
|
3282
|
+
# monitoring with the [StopMonitoringMembers][1] operation.
|
|
3283
|
+
#
|
|
3284
|
+
#
|
|
3285
|
+
#
|
|
3286
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
|
|
3185
3287
|
#
|
|
3186
3288
|
# @option params [required, String] :detector_id
|
|
3187
3289
|
# The unique ID of the detector of the GuardDuty administrator account
|
|
@@ -3221,6 +3323,10 @@ module Aws::GuardDuty
|
|
|
3221
3323
|
# `StartMonitoringMembers` operation to restart monitoring for those
|
|
3222
3324
|
# accounts.
|
|
3223
3325
|
#
|
|
3326
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
3327
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
3328
|
+
# stop monitoring the member accounts in your organization.
|
|
3329
|
+
#
|
|
3224
3330
|
# @option params [required, String] :detector_id
|
|
3225
3331
|
# The unique ID of the detector associated with the GuardDuty
|
|
3226
3332
|
# administrator account that is monitoring member accounts.
|
|
@@ -3368,6 +3474,9 @@ module Aws::GuardDuty
|
|
|
3368
3474
|
#
|
|
3369
3475
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
|
3370
3476
|
#
|
|
3477
|
+
# @option params [Array<Types::DetectorFeatureConfiguration>] :features
|
|
3478
|
+
# Provides the features that will be updated for the detector.
|
|
3479
|
+
#
|
|
3371
3480
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3372
3481
|
#
|
|
3373
3482
|
# @example Request syntax with placeholder values
|
|
@@ -3391,6 +3500,12 @@ module Aws::GuardDuty
|
|
|
3391
3500
|
# },
|
|
3392
3501
|
# },
|
|
3393
3502
|
# },
|
|
3503
|
+
# features: [
|
|
3504
|
+
# {
|
|
3505
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3506
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3507
|
+
# },
|
|
3508
|
+
# ],
|
|
3394
3509
|
# })
|
|
3395
3510
|
#
|
|
3396
3511
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetector AWS API Documentation
|
|
@@ -3633,6 +3748,10 @@ module Aws::GuardDuty
|
|
|
3633
3748
|
# @option params [Types::DataSourceConfigurations] :data_sources
|
|
3634
3749
|
# Describes which data sources will be updated.
|
|
3635
3750
|
#
|
|
3751
|
+
# @option params [Array<Types::MemberFeaturesConfiguration>] :features
|
|
3752
|
+
# A list of features that will be updated for the specified member
|
|
3753
|
+
# accounts.
|
|
3754
|
+
#
|
|
3636
3755
|
# @return [Types::UpdateMemberDetectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3637
3756
|
#
|
|
3638
3757
|
# * {Types::UpdateMemberDetectorsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::UnprocessedAccount>
|
|
@@ -3657,6 +3776,12 @@ module Aws::GuardDuty
|
|
|
3657
3776
|
# },
|
|
3658
3777
|
# },
|
|
3659
3778
|
# },
|
|
3779
|
+
# features: [
|
|
3780
|
+
# {
|
|
3781
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3782
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3783
|
+
# },
|
|
3784
|
+
# ],
|
|
3660
3785
|
# })
|
|
3661
3786
|
#
|
|
3662
3787
|
# @example Response structure
|
|
@@ -3674,7 +3799,9 @@ module Aws::GuardDuty
|
|
|
3674
3799
|
req.send_request(options)
|
|
3675
3800
|
end
|
|
3676
3801
|
|
|
3677
|
-
#
|
|
3802
|
+
# Configures the delegated administrator account with the provided
|
|
3803
|
+
# values. You must provide the value for either
|
|
3804
|
+
# `autoEnableOrganizationMembers` or `autoEnable`.
|
|
3678
3805
|
#
|
|
3679
3806
|
# There might be regional differences because some data sources might
|
|
3680
3807
|
# not be available in all the Amazon Web Services Regions where
|
|
@@ -3686,22 +3813,38 @@ module Aws::GuardDuty
|
|
|
3686
3813
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
|
3687
3814
|
#
|
|
3688
3815
|
# @option params [required, String] :detector_id
|
|
3689
|
-
# The ID of the detector
|
|
3816
|
+
# The ID of the detector that configures the delegated administrator.
|
|
3690
3817
|
#
|
|
3691
|
-
# @option params [
|
|
3818
|
+
# @option params [Boolean] :auto_enable
|
|
3692
3819
|
# Indicates whether to automatically enable member accounts in the
|
|
3693
3820
|
# organization.
|
|
3694
3821
|
#
|
|
3695
3822
|
# @option params [Types::OrganizationDataSourceConfigurations] :data_sources
|
|
3696
3823
|
# Describes which data sources will be updated.
|
|
3697
3824
|
#
|
|
3825
|
+
# @option params [Array<Types::OrganizationFeatureConfiguration>] :features
|
|
3826
|
+
# A list of features that will be configured for the organization.
|
|
3827
|
+
#
|
|
3828
|
+
# @option params [String] :auto_enable_organization_members
|
|
3829
|
+
# Indicates the auto-enablement configuration of GuardDuty for the
|
|
3830
|
+
# member accounts in the organization.
|
|
3831
|
+
#
|
|
3832
|
+
# * `NEW`: Indicates that new accounts joining the organization are
|
|
3833
|
+
# configured to have GuardDuty enabled automatically.
|
|
3834
|
+
#
|
|
3835
|
+
# * `ALL`: Indicates that all accounts (new and existing members) in the
|
|
3836
|
+
# organization are configured to have GuardDuty enabled automatically.
|
|
3837
|
+
#
|
|
3838
|
+
# * `NONE`: Indicates that no account in the organization will be
|
|
3839
|
+
# configured to have GuardDuty enabled automatically.
|
|
3840
|
+
#
|
|
3698
3841
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3699
3842
|
#
|
|
3700
3843
|
# @example Request syntax with placeholder values
|
|
3701
3844
|
#
|
|
3702
3845
|
# resp = client.update_organization_configuration({
|
|
3703
3846
|
# detector_id: "DetectorId", # required
|
|
3704
|
-
# auto_enable: false,
|
|
3847
|
+
# auto_enable: false,
|
|
3705
3848
|
# data_sources: {
|
|
3706
3849
|
# s3_logs: {
|
|
3707
3850
|
# auto_enable: false, # required
|
|
@@ -3719,6 +3862,13 @@ module Aws::GuardDuty
|
|
|
3719
3862
|
# },
|
|
3720
3863
|
# },
|
|
3721
3864
|
# },
|
|
3865
|
+
# features: [
|
|
3866
|
+
# {
|
|
3867
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3868
|
+
# auto_enable: "NEW", # accepts NEW, NONE
|
|
3869
|
+
# },
|
|
3870
|
+
# ],
|
|
3871
|
+
# auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
|
|
3722
3872
|
# })
|
|
3723
3873
|
#
|
|
3724
3874
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
|
@@ -3821,7 +3971,7 @@ module Aws::GuardDuty
|
|
|
3821
3971
|
params: params,
|
|
3822
3972
|
config: config)
|
|
3823
3973
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
3824
|
-
context[:gem_version] = '1.
|
|
3974
|
+
context[:gem_version] = '1.66.0'
|
|
3825
3975
|
Seahorse::Client::Request.new(handlers, context)
|
|
3826
3976
|
end
|
|
3827
3977
|
|