aws-sdk-guardduty 1.64.0 → 1.66.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 78e8f067f6feba2d1554a082f114522049a2909c60e2ad2a1350406f8faaadc2
4
- data.tar.gz: 6b1ce72b1ec4a0146929d0d03f56009852bed286c58468cc8c0fe7f923bd7c82
3
+ metadata.gz: c6356dfb2e391ad2d06a67b8a860b11e382be1184324673fe57bbe272df9b971
4
+ data.tar.gz: 6ad3443644cb9f9d91f3f87b6bab03d3c3128886cbc55274d9a9e64a2b16be6b
5
5
  SHA512:
6
- metadata.gz: 83f8254fcb76d99239163e9a5e94978d56fd1e14e32810d94aef3977fab88ff51c989689f74f7b8b95c872b403dfaf3b98e39035a26f5e303de782c9c8499a34
7
- data.tar.gz: 73b0d404b2eddd2fdb3d69a93fbae813c9d9c7c3b973cc95f672a6fa8c21fed19ac1c1b655c003b38e43ce663de629e7550bd49c6d7d5ac3c0b3bc0c841bd3f0
6
+ metadata.gz: 538e231cfdadb79e2c7206569bb478b7083b946142fe82665f80c2db42e1abc0ec42d1a16580f4a72e02aee5171b334946ae8c62cb376995cacf8d5be5ddc9f3
7
+ data.tar.gz: e0088873fa2a9511eb70ab6294d1c89ced063b4259312d586243398cab52b843f58a88938cec78b8e6bf3b4b46ffadc6e1a1e6f49281e47ebe1dcd3602ce04ff
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.66.0 (2023-03-23)
5
+ ------------------
6
+
7
+ * Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
8
+
9
+ 1.65.0 (2023-03-16)
10
+ ------------------
11
+
12
+ * Feature - Updated 9 APIs for feature enablement to reflect expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS Protection GA.
13
+
4
14
  1.64.0 (2023-02-23)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.64.0
1
+ 1.66.0
@@ -509,6 +509,9 @@ module Aws::GuardDuty
509
509
  # @option params [Hash<String,String>] :tags
510
510
  # The tags to be added to a new detector resource.
511
511
  #
512
+ # @option params [Array<Types::DetectorFeatureConfiguration>] :features
513
+ # A list of features that will be configured for the detector.
514
+ #
512
515
  # @return [Types::CreateDetectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
513
516
  #
514
517
  # * {Types::CreateDetectorResponse#detector_id #detector_id} => String
@@ -538,6 +541,12 @@ module Aws::GuardDuty
538
541
  # tags: {
539
542
  # "TagKey" => "TagValue",
540
543
  # },
544
+ # features: [
545
+ # {
546
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
547
+ # status: "ENABLED", # accepts ENABLED, DISABLED
548
+ # },
549
+ # ],
541
550
  # })
542
551
  #
543
552
  # @example Response structure
@@ -556,7 +565,13 @@ module Aws::GuardDuty
556
565
  req.send_request(options)
557
566
  end
558
567
 
559
- # Creates a filter using the specified finding criteria.
568
+ # Creates a filter using the specified finding criteria. The maximum
569
+ # number of saved filters per Amazon Web Services account per Region is
570
+ # 100. For more information, see [Quotas for GuardDuty][1].
571
+ #
572
+ #
573
+ #
574
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html
560
575
  #
561
576
  # @option params [required, String] :detector_id
562
577
  # The ID of the detector belonging to the GuardDuty account that you
@@ -569,8 +584,10 @@ module Aws::GuardDuty
569
584
  #
570
585
  # @option params [String] :description
571
586
  # The description of the filter. Valid characters include alphanumeric
572
- # characters, and special characters such as `-`, `.`, `:`, `\{ \}`, `[
573
- # ]`, `( )`, `/`, `\t`, `\n`, `\x0B`, `\f`, `\r`, `_`, and whitespace.
587
+ # characters, and special characters such as hyphen, period, colon,
588
+ # underscore, parentheses (`\{ \}`, `[ ]`, and `( )`), forward slash,
589
+ # horizontal tab, vertical tab, newline, form feed, return, and
590
+ # whitespace.
574
591
  #
575
592
  # @option params [String] :action
576
593
  # Specifies the action that is to be applied to the findings that match
@@ -1171,6 +1188,10 @@ module Aws::GuardDuty
1171
1188
  # Deletes GuardDuty member accounts (to the current GuardDuty
1172
1189
  # administrator account) specified by the account IDs.
1173
1190
  #
1191
+ # With `autoEnableOrganizationMembers` configuration for your
1192
+ # organization set to `ALL`, you'll receive an error if you attempt to
1193
+ # disable GuardDuty for a member account in your organization.
1194
+ #
1174
1195
  # @option params [required, String] :detector_id
1175
1196
  # The unique ID of the detector of the GuardDuty account whose members
1176
1197
  # you want to delete.
@@ -1382,16 +1403,34 @@ module Aws::GuardDuty
1382
1403
  # The ID of the detector to retrieve information about the delegated
1383
1404
  # administrator from.
1384
1405
  #
1406
+ # @option params [Integer] :max_results
1407
+ # You can use this parameter to indicate the maximum number of items
1408
+ # that you want in the response.
1409
+ #
1410
+ # @option params [String] :next_token
1411
+ # You can use this parameter when paginating results. Set the value of
1412
+ # this parameter to null on your first call to the list action. For
1413
+ # subsequent calls to the action, fill `nextToken` in the request with
1414
+ # the value of `NextToken` from the previous response to continue
1415
+ # listing data.
1416
+ #
1385
1417
  # @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1386
1418
  #
1387
1419
  # * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
1388
1420
  # * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
1389
1421
  # * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
1422
+ # * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array&lt;Types::OrganizationFeatureConfigurationResult&gt;
1423
+ # * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
1424
+ # * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
1425
+ #
1426
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1390
1427
  #
1391
1428
  # @example Request syntax with placeholder values
1392
1429
  #
1393
1430
  # resp = client.describe_organization_configuration({
1394
1431
  # detector_id: "DetectorId", # required
1432
+ # max_results: 1,
1433
+ # next_token: "String",
1395
1434
  # })
1396
1435
  #
1397
1436
  # @example Response structure
@@ -1401,6 +1440,11 @@ module Aws::GuardDuty
1401
1440
  # resp.data_sources.s3_logs.auto_enable #=> Boolean
1402
1441
  # resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
1403
1442
  # resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
1443
+ # resp.features #=> Array
1444
+ # resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
1445
+ # resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
1446
+ # resp.next_token #=> String
1447
+ # resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
1404
1448
  #
1405
1449
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
1406
1450
  #
@@ -1481,6 +1525,10 @@ module Aws::GuardDuty
1481
1525
  # Disassociates the current GuardDuty member account from its
1482
1526
  # administrator account.
1483
1527
  #
1528
+ # With `autoEnableOrganizationMembers` configuration for your
1529
+ # organization set to `ALL`, you'll receive an error if you attempt to
1530
+ # disable GuardDuty in a member account.
1531
+ #
1484
1532
  # @option params [required, String] :detector_id
1485
1533
  # The unique ID of the detector of the GuardDuty member account.
1486
1534
  #
@@ -1527,6 +1575,11 @@ module Aws::GuardDuty
1527
1575
  # Disassociates GuardDuty member accounts (to the current administrator
1528
1576
  # account) specified by the account IDs.
1529
1577
  #
1578
+ # With `autoEnableOrganizationMembers` configuration for your
1579
+ # organization set to `ALL`, you'll receive an error if you attempt to
1580
+ # disassociate a member account before removing them from your Amazon
1581
+ # Web Services organization.
1582
+ #
1530
1583
  # @option params [required, String] :detector_id
1531
1584
  # The unique ID of the detector of the GuardDuty account whose members
1532
1585
  # you want to disassociate from the administrator account.
@@ -1640,6 +1693,7 @@ module Aws::GuardDuty
1640
1693
  # * {Types::GetDetectorResponse#updated_at #updated_at} => String
1641
1694
  # * {Types::GetDetectorResponse#data_sources #data_sources} => Types::DataSourceConfigurationsResult
1642
1695
  # * {Types::GetDetectorResponse#tags #tags} => Hash&lt;String,String&gt;
1696
+ # * {Types::GetDetectorResponse#features #features} => Array&lt;Types::DetectorFeatureConfigurationResult&gt;
1643
1697
  #
1644
1698
  # @example Request syntax with placeholder values
1645
1699
  #
@@ -1664,6 +1718,10 @@ module Aws::GuardDuty
1664
1718
  # resp.data_sources.malware_protection.service_role #=> String
1665
1719
  # resp.tags #=> Hash
1666
1720
  # resp.tags["TagKey"] #=> String
1721
+ # resp.features #=> Array
1722
+ # resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
1723
+ # resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
1724
+ # resp.features[0].updated_at #=> Time
1667
1725
  #
1668
1726
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
1669
1727
  #
@@ -1920,6 +1978,19 @@ module Aws::GuardDuty
1920
1978
  # resp.findings[0].resource.container_details.volume_mounts[0].name #=> String
1921
1979
  # resp.findings[0].resource.container_details.volume_mounts[0].mount_path #=> String
1922
1980
  # resp.findings[0].resource.container_details.security_context.privileged #=> Boolean
1981
+ # resp.findings[0].resource.rds_db_instance_details.db_instance_identifier #=> String
1982
+ # resp.findings[0].resource.rds_db_instance_details.engine #=> String
1983
+ # resp.findings[0].resource.rds_db_instance_details.engine_version #=> String
1984
+ # resp.findings[0].resource.rds_db_instance_details.db_cluster_identifier #=> String
1985
+ # resp.findings[0].resource.rds_db_instance_details.db_instance_arn #=> String
1986
+ # resp.findings[0].resource.rds_db_instance_details.tags #=> Array
1987
+ # resp.findings[0].resource.rds_db_instance_details.tags[0].key #=> String
1988
+ # resp.findings[0].resource.rds_db_instance_details.tags[0].value #=> String
1989
+ # resp.findings[0].resource.rds_db_user_details.user #=> String
1990
+ # resp.findings[0].resource.rds_db_user_details.application #=> String
1991
+ # resp.findings[0].resource.rds_db_user_details.database #=> String
1992
+ # resp.findings[0].resource.rds_db_user_details.ssl #=> String
1993
+ # resp.findings[0].resource.rds_db_user_details.auth_method #=> String
1923
1994
  # resp.findings[0].schema_version #=> String
1924
1995
  # resp.findings[0].service.action.action_type #=> String
1925
1996
  # resp.findings[0].service.action.aws_api_call_action.api #=> String
@@ -1995,6 +2066,21 @@ module Aws::GuardDuty
1995
2066
  # resp.findings[0].service.action.kubernetes_api_call_action.remote_ip_details.organization.org #=> String
1996
2067
  # resp.findings[0].service.action.kubernetes_api_call_action.status_code #=> Integer
1997
2068
  # resp.findings[0].service.action.kubernetes_api_call_action.parameters #=> String
2069
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.city.city_name #=> String
2070
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_code #=> String
2071
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.country.country_name #=> String
2072
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lat #=> Float
2073
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.geo_location.lon #=> Float
2074
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.ip_address_v4 #=> String
2075
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn #=> String
2076
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.asn_org #=> String
2077
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.isp #=> String
2078
+ # resp.findings[0].service.action.rds_login_attempt_action.remote_ip_details.organization.org #=> String
2079
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes #=> Array
2080
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].user #=> String
2081
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].application #=> String
2082
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].failed_login_attempts #=> Integer
2083
+ # resp.findings[0].service.action.rds_login_attempt_action.login_attributes[0].successful_login_attempts #=> Integer
1998
2084
  # resp.findings[0].service.evidence.threat_intelligence_details #=> Array
1999
2085
  # resp.findings[0].service.evidence.threat_intelligence_details[0].threat_list_name #=> String
2000
2086
  # resp.findings[0].service.evidence.threat_intelligence_details[0].threat_names #=> Array
@@ -2288,6 +2374,10 @@ module Aws::GuardDuty
2288
2374
  # resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.status #=> String, one of "ENABLED", "DISABLED"
2289
2375
  # resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
2290
2376
  # resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
2377
+ # resp.member_data_source_configurations[0].features #=> Array
2378
+ # resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
2379
+ # resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
2380
+ # resp.member_data_source_configurations[0].features[0].updated_at #=> Time
2291
2381
  # resp.unprocessed_accounts #=> Array
2292
2382
  # resp.unprocessed_accounts[0].account_id #=> String
2293
2383
  # resp.unprocessed_accounts[0].result #=> String
@@ -2379,6 +2469,9 @@ module Aws::GuardDuty
2379
2469
  # resp.accounts[0].data_sources.s3_logs.free_trial_days_remaining #=> Integer
2380
2470
  # resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
2381
2471
  # resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
2472
+ # resp.accounts[0].features #=> Array
2473
+ # resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
2474
+ # resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
2382
2475
  # resp.unprocessed_accounts #=> Array
2383
2476
  # resp.unprocessed_accounts[0].account_id #=> String
2384
2477
  # resp.unprocessed_accounts[0].result #=> String
@@ -2481,11 +2574,12 @@ module Aws::GuardDuty
2481
2574
  #
2482
2575
  # resp = client.get_usage_statistics({
2483
2576
  # detector_id: "DetectorId", # required
2484
- # usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES
2577
+ # usage_statistic_type: "SUM_BY_ACCOUNT", # required, accepts SUM_BY_ACCOUNT, SUM_BY_DATA_SOURCE, SUM_BY_RESOURCE, TOP_RESOURCES, SUM_BY_FEATURES
2485
2578
  # usage_criteria: { # required
2486
2579
  # account_ids: ["AccountId"],
2487
- # data_sources: ["FLOW_LOGS"], # required, accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
2580
+ # data_sources: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_LOGS, KUBERNETES_AUDIT_LOGS, EC2_MALWARE_SCAN
2488
2581
  # resources: ["String"],
2582
+ # features: ["FLOW_LOGS"], # accepts FLOW_LOGS, CLOUD_TRAIL, DNS_LOGS, S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, LAMBDA_NETWORK_LOGS, EKS_RUNTIME_MONITORING
2489
2583
  # },
2490
2584
  # unit: "String",
2491
2585
  # max_results: 1,
@@ -2510,6 +2604,10 @@ module Aws::GuardDuty
2510
2604
  # resp.usage_statistics.top_resources[0].resource #=> String
2511
2605
  # resp.usage_statistics.top_resources[0].total.amount #=> String
2512
2606
  # resp.usage_statistics.top_resources[0].total.unit #=> String
2607
+ # resp.usage_statistics.sum_by_feature #=> Array
2608
+ # resp.usage_statistics.sum_by_feature[0].feature #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "LAMBDA_NETWORK_LOGS", "EKS_RUNTIME_MONITORING"
2609
+ # resp.usage_statistics.sum_by_feature[0].total.amount #=> String
2610
+ # resp.usage_statistics.sum_by_feature[0].total.unit #=> String
2513
2611
  # resp.next_token #=> String
2514
2612
  #
2515
2613
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetUsageStatistics AWS API Documentation
@@ -3181,7 +3279,11 @@ module Aws::GuardDuty
3181
3279
 
3182
3280
  # Turns on GuardDuty monitoring of the specified member accounts. Use
3183
3281
  # this operation to restart monitoring of accounts that you stopped
3184
- # monitoring with the `StopMonitoringMembers` operation.
3282
+ # monitoring with the [StopMonitoringMembers][1] operation.
3283
+ #
3284
+ #
3285
+ #
3286
+ # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
3185
3287
  #
3186
3288
  # @option params [required, String] :detector_id
3187
3289
  # The unique ID of the detector of the GuardDuty administrator account
@@ -3221,6 +3323,10 @@ module Aws::GuardDuty
3221
3323
  # `StartMonitoringMembers` operation to restart monitoring for those
3222
3324
  # accounts.
3223
3325
  #
3326
+ # With `autoEnableOrganizationMembers` configuration for your
3327
+ # organization set to `ALL`, you'll receive an error if you attempt to
3328
+ # stop monitoring the member accounts in your organization.
3329
+ #
3224
3330
  # @option params [required, String] :detector_id
3225
3331
  # The unique ID of the detector associated with the GuardDuty
3226
3332
  # administrator account that is monitoring member accounts.
@@ -3368,6 +3474,9 @@ module Aws::GuardDuty
3368
3474
  #
3369
3475
  # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3370
3476
  #
3477
+ # @option params [Array<Types::DetectorFeatureConfiguration>] :features
3478
+ # Provides the features that will be updated for the detector.
3479
+ #
3371
3480
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3372
3481
  #
3373
3482
  # @example Request syntax with placeholder values
@@ -3391,6 +3500,12 @@ module Aws::GuardDuty
3391
3500
  # },
3392
3501
  # },
3393
3502
  # },
3503
+ # features: [
3504
+ # {
3505
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3506
+ # status: "ENABLED", # accepts ENABLED, DISABLED
3507
+ # },
3508
+ # ],
3394
3509
  # })
3395
3510
  #
3396
3511
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateDetector AWS API Documentation
@@ -3633,6 +3748,10 @@ module Aws::GuardDuty
3633
3748
  # @option params [Types::DataSourceConfigurations] :data_sources
3634
3749
  # Describes which data sources will be updated.
3635
3750
  #
3751
+ # @option params [Array<Types::MemberFeaturesConfiguration>] :features
3752
+ # A list of features that will be updated for the specified member
3753
+ # accounts.
3754
+ #
3636
3755
  # @return [Types::UpdateMemberDetectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3637
3756
  #
3638
3757
  # * {Types::UpdateMemberDetectorsResponse#unprocessed_accounts #unprocessed_accounts} => Array&lt;Types::UnprocessedAccount&gt;
@@ -3657,6 +3776,12 @@ module Aws::GuardDuty
3657
3776
  # },
3658
3777
  # },
3659
3778
  # },
3779
+ # features: [
3780
+ # {
3781
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3782
+ # status: "ENABLED", # accepts ENABLED, DISABLED
3783
+ # },
3784
+ # ],
3660
3785
  # })
3661
3786
  #
3662
3787
  # @example Response structure
@@ -3674,7 +3799,9 @@ module Aws::GuardDuty
3674
3799
  req.send_request(options)
3675
3800
  end
3676
3801
 
3677
- # Updates the delegated administrator account with the values provided.
3802
+ # Configures the delegated administrator account with the provided
3803
+ # values. You must provide the value for either
3804
+ # `autoEnableOrganizationMembers` or `autoEnable`.
3678
3805
  #
3679
3806
  # There might be regional differences because some data sources might
3680
3807
  # not be available in all the Amazon Web Services Regions where
@@ -3686,22 +3813,38 @@ module Aws::GuardDuty
3686
3813
  # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
3687
3814
  #
3688
3815
  # @option params [required, String] :detector_id
3689
- # The ID of the detector to update the delegated administrator for.
3816
+ # The ID of the detector that configures the delegated administrator.
3690
3817
  #
3691
- # @option params [required, Boolean] :auto_enable
3818
+ # @option params [Boolean] :auto_enable
3692
3819
  # Indicates whether to automatically enable member accounts in the
3693
3820
  # organization.
3694
3821
  #
3695
3822
  # @option params [Types::OrganizationDataSourceConfigurations] :data_sources
3696
3823
  # Describes which data sources will be updated.
3697
3824
  #
3825
+ # @option params [Array<Types::OrganizationFeatureConfiguration>] :features
3826
+ # A list of features that will be configured for the organization.
3827
+ #
3828
+ # @option params [String] :auto_enable_organization_members
3829
+ # Indicates the auto-enablement configuration of GuardDuty for the
3830
+ # member accounts in the organization.
3831
+ #
3832
+ # * `NEW`: Indicates that new accounts joining the organization are
3833
+ # configured to have GuardDuty enabled automatically.
3834
+ #
3835
+ # * `ALL`: Indicates that all accounts (new and existing members) in the
3836
+ # organization are configured to have GuardDuty enabled automatically.
3837
+ #
3838
+ # * `NONE`: Indicates that no account in the organization will be
3839
+ # configured to have GuardDuty enabled automatically.
3840
+ #
3698
3841
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3699
3842
  #
3700
3843
  # @example Request syntax with placeholder values
3701
3844
  #
3702
3845
  # resp = client.update_organization_configuration({
3703
3846
  # detector_id: "DetectorId", # required
3704
- # auto_enable: false, # required
3847
+ # auto_enable: false,
3705
3848
  # data_sources: {
3706
3849
  # s3_logs: {
3707
3850
  # auto_enable: false, # required
@@ -3719,6 +3862,13 @@ module Aws::GuardDuty
3719
3862
  # },
3720
3863
  # },
3721
3864
  # },
3865
+ # features: [
3866
+ # {
3867
+ # name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
3868
+ # auto_enable: "NEW", # accepts NEW, NONE
3869
+ # },
3870
+ # ],
3871
+ # auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
3722
3872
  # })
3723
3873
  #
3724
3874
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
@@ -3821,7 +3971,7 @@ module Aws::GuardDuty
3821
3971
  params: params,
3822
3972
  config: config)
3823
3973
  context[:gem_name] = 'aws-sdk-guardduty'
3824
- context[:gem_version] = '1.64.0'
3974
+ context[:gem_version] = '1.66.0'
3825
3975
  Seahorse::Client::Request.new(handlers, context)
3826
3976
  end
3827
3977