aws-sdk-guardduty 1.64.0 → 1.66.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +161 -11
- data/lib/aws-sdk-guardduty/client_api.rb +144 -11
- data/lib/aws-sdk-guardduty/types.rb +449 -16
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c6356dfb2e391ad2d06a67b8a860b11e382be1184324673fe57bbe272df9b971
|
|
4
|
+
data.tar.gz: 6ad3443644cb9f9d91f3f87b6bab03d3c3128886cbc55274d9a9e64a2b16be6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 538e231cfdadb79e2c7206569bb478b7083b946142fe82665f80c2db42e1abc0ec42d1a16580f4a72e02aee5171b334946ae8c62cb376995cacf8d5be5ddc9f3
|
|
7
|
+
data.tar.gz: e0088873fa2a9511eb70ab6294d1c89ced063b4259312d586243398cab52b843f58a88938cec78b8e6bf3b4b46ffadc6e1a1e6f49281e47ebe1dcd3602ce04ff
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.66.0 (2023-03-23)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
|
|
8
|
+
|
|
9
|
+
1.65.0 (2023-03-16)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
|
|
13
|
+
|
|
4
14
|
1.64.0 (2023-02-23)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.66.0
|
|
@@ -509,6 +509,9 @@ module Aws::GuardDuty
|
|
|
509
509
|
# @option params [Hash<String,String>] :tags
|
|
510
510
|
# The tags to be added to a new detector resource.
|
|
511
511
|
#
|
|
512
|
+
# @option params [Array<Types::DetectorFeatureConfiguration>] :features
|
|
513
|
+
# A list of features that will be configured for the detector.
|
|
514
|
+
#
|
|
512
515
|
# @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
513
516
|
#
|
|
514
517
|
# * {Types::CreateDetectorResponse#detector_id #detector_id} => String
|
|
@@ -538,6 +541,12 @@ module Aws::GuardDuty
|
|
|
538
541
|
# tags: {
|
|
539
542
|
# "TagKey" => "TagValue",
|
|
540
543
|
# },
|
|
544
|
+
# features: [
|
|
545
|
+
# {
|
|
546
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
547
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
548
|
+
# },
|
|
549
|
+
# ],
|
|
541
550
|
# })
|
|
542
551
|
#
|
|
543
552
|
# @example Response structure
|
|
@@ -556,7 +565,13 @@ module Aws::GuardDuty
|
|
|
556
565
|
req.send_request(options)
|
|
557
566
|
end
|
|
558
567
|
|
|
559
|
-
# Creates a filter using the specified finding criteria.
|
|
568
|
+
# Creates a filter using the specified finding criteria. The maximum
|
|
569
|
+
# number of saved filters per Amazon Web Services account per Region is
|
|
570
|
+
# 100. For more information, see [Quotas for GuardDuty][1].
|
|
571
|
+
#
|
|
572
|
+
#
|
|
573
|
+
#
|
|
574
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html
|
|
560
575
|
#
|
|
561
576
|
# @option params [required, String] :detector_id
|
|
562
577
|
# The ID of the detector belonging to the GuardDuty account that you
|
|
@@ -569,8 +584,10 @@ module Aws::GuardDuty
|
|
|
569
584
|
#
|
|
570
585
|
# @option params [String] :description
|
|
571
586
|
# The description of the filter. Valid characters include alphanumeric
|
|
572
|
-
# characters, and special characters such as
|
|
573
|
-
#
|
|
587
|
+
# characters, and special characters such as hyphen, period, colon,
|
|
588
|
+
# underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
|
|
589
|
+
# horizontal tab, vertical tab, newline, form feed, return, and
|
|
590
|
+
# whitespace.
|
|
574
591
|
#
|
|
575
592
|
# @option params [String] :action
|
|
576
593
|
# Specifies the action that is to be applied to the findings that match
|
|
@@ -1171,6 +1188,10 @@ module Aws::GuardDuty
|
|
|
1171
1188
|
# Deletes GuardDuty member accounts (to the current GuardDuty
|
|
1172
1189
|
# administrator account) specified by the account IDs.
|
|
1173
1190
|
#
|
|
1191
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1192
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1193
|
+
# disable GuardDuty for a member account in your organization.
|
|
1194
|
+
#
|
|
1174
1195
|
# @option params [required, String] :detector_id
|
|
1175
1196
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1176
1197
|
# you want to delete.
|
|
@@ -1382,16 +1403,34 @@ module Aws::GuardDuty
|
|
|
1382
1403
|
# The ID of the detector to retrieve information about the delegated
|
|
1383
1404
|
# administrator from.
|
|
1384
1405
|
#
|
|
1406
|
+
# @option params [Integer] :max_results
|
|
1407
|
+
# You can use this parameter to indicate the maximum number of items
|
|
1408
|
+
# that you want in the response.
|
|
1409
|
+
#
|
|
1410
|
+
# @option params [String] :next_token
|
|
1411
|
+
# You can use this parameter when paginating results. Set the value of
|
|
1412
|
+
# this parameter to null on your first call to the list action. For
|
|
1413
|
+
# subsequent calls to the action, fill `nextToken` in the request with
|
|
1414
|
+
# the value of `NextToken` from the previous response to continue
|
|
1415
|
+
# listing data.
|
|
1416
|
+
#
|
|
1385
1417
|
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1386
1418
|
#
|
|
1387
1419
|
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
1388
1420
|
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
1389
1421
|
# * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
|
|
1422
|
+
# * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array<Types::OrganizationFeatureConfigurationResult>
|
|
1423
|
+
# * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
|
|
1424
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
|
|
1425
|
+
#
|
|
1426
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1390
1427
|
#
|
|
1391
1428
|
# @example Request syntax with placeholder values
|
|
1392
1429
|
#
|
|
1393
1430
|
# resp = client.describe_organization_configuration({
|
|
1394
1431
|
# detector_id: "DetectorId", # required
|
|
1432
|
+
# max_results: 1,
|
|
1433
|
+
# next_token: "String",
|
|
1395
1434
|
# })
|
|
1396
1435
|
#
|
|
1397
1436
|
# @example Response structure
|
|
@@ -1401,6 +1440,11 @@ module Aws::GuardDuty
|
|
|
1401
1440
|
# resp.data_sources.s3_logs.auto_enable #=> Boolean
|
|
1402
1441
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
|
1403
1442
|
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
|
1443
|
+
# resp.features #=> Array
|
|
1444
|
+
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1445
|
+
# resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
|
|
1446
|
+
# resp.next_token #=> String
|
|
1447
|
+
# resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
|
|
1404
1448
|
#
|
|
1405
1449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1406
1450
|
#
|
|
@@ -1481,6 +1525,10 @@ module Aws::GuardDuty
|
|
|
1481
1525
|
# Disassociates the current GuardDuty member account from its
|
|
1482
1526
|
# administrator account.
|
|
1483
1527
|
#
|
|
1528
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1529
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1530
|
+
# disable GuardDuty in a member account.
|
|
1531
|
+
#
|
|
1484
1532
|
# @option params [required, String] :detector_id
|
|
1485
1533
|
# The unique ID of the detector of the GuardDuty member account.
|
|
1486
1534
|
#
|
|
@@ -1527,6 +1575,11 @@ module Aws::GuardDuty
|
|
|
1527
1575
|
# Disassociates GuardDuty member accounts (to the current administrator
|
|
1528
1576
|
# account) specified by the account IDs.
|
|
1529
1577
|
#
|
|
1578
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1579
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1580
|
+
# disassociate a member account before removing them from your Amazon
|
|
1581
|
+
# Web Services organization.
|
|
1582
|
+
#
|
|
1530
1583
|
# @option params [required, String] :detector_id
|
|
1531
1584
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1532
1585
|
# you want to disassociate from the administrator account.
|
|
@@ -1640,6 +1693,7 @@ module Aws::GuardDuty
|
|
|
1640
1693
|
# * {Types::GetDetectorResponse#updated_at #updated_at} => String
|
|
1641
1694
|
# * {Types::GetDetectorResponse#data_sources #data_sources} => Types::DataSourceConfigurationsResult
|
|
1642
1695
|
# * {Types::GetDetectorResponse#tags #tags} => Hash<String,String>
|
|
1696
|
+
# * {Types::GetDetectorResponse#features #features} => Array<Types::DetectorFeatureConfigurationResult>
|
|
1643
1697
|
#
|
|
1644
1698
|
# @example Request syntax with placeholder values
|
|
1645
1699
|
#
|
|
@@ -1664,6 +1718,10 @@ module Aws::GuardDuty
|
|
|
1664
1718
|
# resp.data_sources.malware_protection.service_role #=> String
|
|
1665
1719
|
# resp.tags #=> Hash
|
|
1666
1720
|
# resp.tags["TagKey"] #=> String
|
|
1721
|
+
# resp.features #=> Array
|
|
1722
|
+
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1723
|
+
# resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
1724
|
+
# resp.features[0].updated_at #=> Time
|
|
1667
1725
|
#
|
|
1668
1726
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
|
|
1669
1727
|
#
|
|
@@ -1920,6 +1978,19 @@ module Aws::GuardDuty
|
|
|
1920
1978
|
# resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
|
|
1921
1979
|
# resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
|
|
1922
1980
|
# resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
|
|
1981
|
+
# resp.findings[0].resource.rds_db_instance_details.db_instance_identifier #=> String
|
|
1982
|
+
# resp.findings[0].resource.rds_db_instance_details.engine #=> String
|
|
1983
|
+
# resp.findings[0].resource.rds_db_instance_details.engine_version #=> String
|
|
1984
|
+
# resp.findings[0].resource.rds_db_instance_details.db_cluster_identifier #=> String
|
|
1985
|
+
# resp.findings[0].resource.rds_db_instance_details.db_instance_arn #=> String
|
|
1986
|
+
# resp.findings[0].resource.rds_db_instance_details.tags #=> Array
|
|
1987
|
+
# resp.findings[0].resource.rds_db_instance_details.tags[0].key #=> String
|
|
1988
|
+
# resp.findings[0].resource.rds_db_instance_details.tags[0].value #=> String
|
|
1989
|
+
# resp.findings[0].resource.rds_db_user_details.user #=> String
|
|
1990
|
+
# resp.findings[0].resource.rds_db_user_details.application #=> String
|
|
1991
|
+
# resp.findings[0].resource.rds_db_user_details.database #=> String
|
|
1992
|
+
# resp.findings[0].resource.rds_db_user_details.ssl #=> String
|
|
1993
|
+
# resp.findings[0].resource.rds_db_user_details.auth_method #=> String
|
|
1923
1994
|
# resp.findings[0].schema_version #=> String
|
|
1924
1995
|
# resp.findings[0].service.action.action_type #=> String
|
|
1925
1996
|
# resp.findings[0].service.action.aws_api_call_action.api #=> String
|
|
@@ -1995,6 +2066,21 @@ module Aws::GuardDuty
|
|
|
1995
2066
|
# resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
|
|
1996
2067
|
# resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
|
|
1997
2068
|
# resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
|
|
2069
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.city.city_name #=> String
|
|
2070
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_code #=> String
|
|
2071
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_name #=> String
|
|
2072
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lat #=> Float
|
|
2073
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lon #=> Float
|
|
2074
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.ip_address_v4 #=> String
|
|
2075
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn #=> String
|
|
2076
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn_org #=> String
|
|
2077
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.isp #=> String
|
|
2078
|
+
# resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.org #=> String
|
|
2079
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes #=> Array
|
|
2080
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].user #=> String
|
|
2081
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].application #=> String
|
|
2082
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].failed_login_attempts #=> Integer
|
|
2083
|
+
# resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].successful_login_attempts #=> Integer
|
|
1998
2084
|
# resp.findings[0].service.evidence.threat_intelligence_details #=> Array
|
|
1999
2085
|
# resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
|
|
2000
2086
|
# resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
|
|
@@ -2288,6 +2374,10 @@ module Aws::GuardDuty
|
|
|
2288
2374
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
|
|
2289
2375
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
2290
2376
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
|
2377
|
+
# resp.member_data_source_configurations[0].features #=> Array
|
|
2378
|
+
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2379
|
+
# resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
2380
|
+
# resp.member_data_source_configurations[0].features[0].updated_at #=> Time
|
|
2291
2381
|
# resp.unprocessed_accounts #=> Array
|
|
2292
2382
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2293
2383
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2379,6 +2469,9 @@ module Aws::GuardDuty
|
|
|
2379
2469
|
# resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
|
|
2380
2470
|
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
|
2381
2471
|
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
|
2472
|
+
# resp.accounts[0].features #=> Array
|
|
2473
|
+
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2474
|
+
# resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
|
|
2382
2475
|
# resp.unprocessed_accounts #=> Array
|
|
2383
2476
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2384
2477
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2481,11 +2574,12 @@ module Aws::GuardDuty
|
|
|
2481
2574
|
#
|
|
2482
2575
|
# resp = client.get_usage_statistics({
|
|
2483
2576
|
# detector_id: "DetectorId", # required
|
|
2484
|
-
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
|
|
2577
|
+
# usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES, SUM_BY_FEATURES
|
|
2485
2578
|
# usage_criteria: { # required
|
|
2486
2579
|
# account_ids: ["AccountId"],
|
|
2487
|
-
# data_sources: ["FLOW_LOGS"], #
|
|
2580
|
+
# data_sources: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
|
|
2488
2581
|
# resources: ["String"],
|
|
2582
|
+
# features: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, LAMBDA_NETWORK_LOGS, EKS_RUNTIME_MONITORING
|
|
2489
2583
|
# },
|
|
2490
2584
|
# unit: "String",
|
|
2491
2585
|
# max_results: 1,
|
|
@@ -2510,6 +2604,10 @@ module Aws::GuardDuty
|
|
|
2510
2604
|
# resp.usage_statistics.top_resources[0].resource #=> String
|
|
2511
2605
|
# resp.usage_statistics.top_resources[0].total.amount #=> String
|
|
2512
2606
|
# resp.usage_statistics.top_resources[0].total.unit #=> String
|
|
2607
|
+
# resp.usage_statistics.sum_by_feature #=> Array
|
|
2608
|
+
# resp.usage_statistics.sum_by_feature[0].feature #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "LAMBDA_NETWORK_LOGS", "EKS_RUNTIME_MONITORING"
|
|
2609
|
+
# resp.usage_statistics.sum_by_feature[0].total.amount #=> String
|
|
2610
|
+
# resp.usage_statistics.sum_by_feature[0].total.unit #=> String
|
|
2513
2611
|
# resp.next_token #=> String
|
|
2514
2612
|
#
|
|
2515
2613
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatistics AWS API Documentation
|
|
@@ -3181,7 +3279,11 @@ module Aws::GuardDuty
|
|
|
3181
3279
|
|
|
3182
3280
|
# Turns on GuardDuty monitoring of the specified member accounts. Use
|
|
3183
3281
|
# this operation to restart monitoring of accounts that you stopped
|
|
3184
|
-
# monitoring with the
|
|
3282
|
+
# monitoring with the [StopMonitoringMembers][1] operation.
|
|
3283
|
+
#
|
|
3284
|
+
#
|
|
3285
|
+
#
|
|
3286
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
|
|
3185
3287
|
#
|
|
3186
3288
|
# @option params [required, String] :detector_id
|
|
3187
3289
|
# The unique ID of the detector of the GuardDuty administrator account
|
|
@@ -3221,6 +3323,10 @@ module Aws::GuardDuty
|
|
|
3221
3323
|
# `StartMonitoringMembers` operation to restart monitoring for those
|
|
3222
3324
|
# accounts.
|
|
3223
3325
|
#
|
|
3326
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
3327
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
3328
|
+
# stop monitoring the member accounts in your organization.
|
|
3329
|
+
#
|
|
3224
3330
|
# @option params [required, String] :detector_id
|
|
3225
3331
|
# The unique ID of the detector associated with the GuardDuty
|
|
3226
3332
|
# administrator account that is monitoring member accounts.
|
|
@@ -3368,6 +3474,9 @@ module Aws::GuardDuty
|
|
|
3368
3474
|
#
|
|
3369
3475
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
|
3370
3476
|
#
|
|
3477
|
+
# @option params [Array<Types::DetectorFeatureConfiguration>] :features
|
|
3478
|
+
# Provides the features that will be updated for the detector.
|
|
3479
|
+
#
|
|
3371
3480
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3372
3481
|
#
|
|
3373
3482
|
# @example Request syntax with placeholder values
|
|
@@ -3391,6 +3500,12 @@ module Aws::GuardDuty
|
|
|
3391
3500
|
# },
|
|
3392
3501
|
# },
|
|
3393
3502
|
# },
|
|
3503
|
+
# features: [
|
|
3504
|
+
# {
|
|
3505
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3506
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3507
|
+
# },
|
|
3508
|
+
# ],
|
|
3394
3509
|
# })
|
|
3395
3510
|
#
|
|
3396
3511
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetector AWS API Documentation
|
|
@@ -3633,6 +3748,10 @@ module Aws::GuardDuty
|
|
|
3633
3748
|
# @option params [Types::DataSourceConfigurations] :data_sources
|
|
3634
3749
|
# Describes which data sources will be updated.
|
|
3635
3750
|
#
|
|
3751
|
+
# @option params [Array<Types::MemberFeaturesConfiguration>] :features
|
|
3752
|
+
# A list of features that will be updated for the specified member
|
|
3753
|
+
# accounts.
|
|
3754
|
+
#
|
|
3636
3755
|
# @return [Types::UpdateMemberDetectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3637
3756
|
#
|
|
3638
3757
|
# * {Types::UpdateMemberDetectorsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::UnprocessedAccount>
|
|
@@ -3657,6 +3776,12 @@ module Aws::GuardDuty
|
|
|
3657
3776
|
# },
|
|
3658
3777
|
# },
|
|
3659
3778
|
# },
|
|
3779
|
+
# features: [
|
|
3780
|
+
# {
|
|
3781
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3782
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3783
|
+
# },
|
|
3784
|
+
# ],
|
|
3660
3785
|
# })
|
|
3661
3786
|
#
|
|
3662
3787
|
# @example Response structure
|
|
@@ -3674,7 +3799,9 @@ module Aws::GuardDuty
|
|
|
3674
3799
|
req.send_request(options)
|
|
3675
3800
|
end
|
|
3676
3801
|
|
|
3677
|
-
#
|
|
3802
|
+
# Configures the delegated administrator account with the provided
|
|
3803
|
+
# values. You must provide the value for either
|
|
3804
|
+
# `autoEnableOrganizationMembers` or `autoEnable`.
|
|
3678
3805
|
#
|
|
3679
3806
|
# There might be regional differences because some data sources might
|
|
3680
3807
|
# not be available in all the Amazon Web Services Regions where
|
|
@@ -3686,22 +3813,38 @@ module Aws::GuardDuty
|
|
|
3686
3813
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
|
3687
3814
|
#
|
|
3688
3815
|
# @option params [required, String] :detector_id
|
|
3689
|
-
# The ID of the detector
|
|
3816
|
+
# The ID of the detector that configures the delegated administrator.
|
|
3690
3817
|
#
|
|
3691
|
-
# @option params [
|
|
3818
|
+
# @option params [Boolean] :auto_enable
|
|
3692
3819
|
# Indicates whether to automatically enable member accounts in the
|
|
3693
3820
|
# organization.
|
|
3694
3821
|
#
|
|
3695
3822
|
# @option params [Types::OrganizationDataSourceConfigurations] :data_sources
|
|
3696
3823
|
# Describes which data sources will be updated.
|
|
3697
3824
|
#
|
|
3825
|
+
# @option params [Array<Types::OrganizationFeatureConfiguration>] :features
|
|
3826
|
+
# A list of features that will be configured for the organization.
|
|
3827
|
+
#
|
|
3828
|
+
# @option params [String] :auto_enable_organization_members
|
|
3829
|
+
# Indicates the auto-enablement configuration of GuardDuty for the
|
|
3830
|
+
# member accounts in the organization.
|
|
3831
|
+
#
|
|
3832
|
+
# * `NEW`: Indicates that new accounts joining the organization are
|
|
3833
|
+
# configured to have GuardDuty enabled automatically.
|
|
3834
|
+
#
|
|
3835
|
+
# * `ALL`: Indicates that all accounts (new and existing members) in the
|
|
3836
|
+
# organization are configured to have GuardDuty enabled automatically.
|
|
3837
|
+
#
|
|
3838
|
+
# * `NONE`: Indicates that no account in the organization will be
|
|
3839
|
+
# configured to have GuardDuty enabled automatically.
|
|
3840
|
+
#
|
|
3698
3841
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3699
3842
|
#
|
|
3700
3843
|
# @example Request syntax with placeholder values
|
|
3701
3844
|
#
|
|
3702
3845
|
# resp = client.update_organization_configuration({
|
|
3703
3846
|
# detector_id: "DetectorId", # required
|
|
3704
|
-
# auto_enable: false,
|
|
3847
|
+
# auto_enable: false,
|
|
3705
3848
|
# data_sources: {
|
|
3706
3849
|
# s3_logs: {
|
|
3707
3850
|
# auto_enable: false, # required
|
|
@@ -3719,6 +3862,13 @@ module Aws::GuardDuty
|
|
|
3719
3862
|
# },
|
|
3720
3863
|
# },
|
|
3721
3864
|
# },
|
|
3865
|
+
# features: [
|
|
3866
|
+
# {
|
|
3867
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3868
|
+
# auto_enable: "NEW", # accepts NEW, NONE
|
|
3869
|
+
# },
|
|
3870
|
+
# ],
|
|
3871
|
+
# auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
|
|
3722
3872
|
# })
|
|
3723
3873
|
#
|
|
3724
3874
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
|
@@ -3821,7 +3971,7 @@ module Aws::GuardDuty
|
|
|
3821
3971
|
params: params,
|
|
3822
3972
|
config: config)
|
|
3823
3973
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
3824
|
-
context[:gem_version] = '1.
|
|
3974
|
+
context[:gem_version] = '1.66.0'
|
|
3825
3975
|
Seahorse::Client::Request.new(handlers, context)
|
|
3826
3976
|
end
|
|
3827
3977
|
|