aws-sdk-guardduty 1.65.0 → 1.67.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +317 -14
- data/lib/aws-sdk-guardduty/client_api.rb +251 -2
- data/lib/aws-sdk-guardduty/endpoints.rb +28 -0
- data/lib/aws-sdk-guardduty/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-guardduty/types.rb +807 -10
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7b41a9b2a921a007298a97ebab767ea77f33b1f8a64eba2e1a3ec7ef551b27a9
|
|
4
|
+
data.tar.gz: 30856538aa33c440691add29c523fe45528cedaeb7baba8443ce751ebeb738a3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c2d8016a45d7521d7e155b38a70982daebec8faf94bc61de8fe4f201000e875ca6b8355b6ece7e6ea9bbb9e307e9ac47e650cc29ef119067943859f53acf7a27
|
|
7
|
+
data.tar.gz: 820ab0c3bafd31270bf6fab637465942aa9740f79b12ea37437b1e52ca6463e5f7a6656e16b8224b6e152055f19bf3c0e623707a69c6ecdbbe88c7a54d4fe230
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.67.0 (2023-03-30)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs
|
|
8
|
+
|
|
9
|
+
1.66.0 (2023-03-23)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
|
|
13
|
+
|
|
4
14
|
1.65.0 (2023-03-16)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.67.0
|
|
@@ -543,8 +543,14 @@ module Aws::GuardDuty
|
|
|
543
543
|
# },
|
|
544
544
|
# features: [
|
|
545
545
|
# {
|
|
546
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
546
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
|
547
547
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
548
|
+
# additional_configuration: [
|
|
549
|
+
# {
|
|
550
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
|
551
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
552
|
+
# },
|
|
553
|
+
# ],
|
|
548
554
|
# },
|
|
549
555
|
# ],
|
|
550
556
|
# })
|
|
@@ -1188,6 +1194,10 @@ module Aws::GuardDuty
|
|
|
1188
1194
|
# Deletes GuardDuty member accounts (to the current GuardDuty
|
|
1189
1195
|
# administrator account) specified by the account IDs.
|
|
1190
1196
|
#
|
|
1197
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1198
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1199
|
+
# disable GuardDuty for a member account in your organization.
|
|
1200
|
+
#
|
|
1191
1201
|
# @option params [required, String] :detector_id
|
|
1192
1202
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1193
1203
|
# you want to delete.
|
|
@@ -1417,6 +1427,7 @@ module Aws::GuardDuty
|
|
|
1417
1427
|
# * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
|
|
1418
1428
|
# * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array<Types::OrganizationFeatureConfigurationResult>
|
|
1419
1429
|
# * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
|
|
1430
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
|
|
1420
1431
|
#
|
|
1421
1432
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1422
1433
|
#
|
|
@@ -1436,9 +1447,13 @@ module Aws::GuardDuty
|
|
|
1436
1447
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
|
1437
1448
|
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
|
1438
1449
|
# resp.features #=> Array
|
|
1439
|
-
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1450
|
+
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
|
1440
1451
|
# resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
|
|
1452
|
+
# resp.features[0].additional_configuration #=> Array
|
|
1453
|
+
# resp.features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
|
1454
|
+
# resp.features[0].additional_configuration[0].auto_enable #=> String, one of "NEW", "NONE"
|
|
1441
1455
|
# resp.next_token #=> String
|
|
1456
|
+
# resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
|
|
1442
1457
|
#
|
|
1443
1458
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
|
1444
1459
|
#
|
|
@@ -1519,6 +1534,10 @@ module Aws::GuardDuty
|
|
|
1519
1534
|
# Disassociates the current GuardDuty member account from its
|
|
1520
1535
|
# administrator account.
|
|
1521
1536
|
#
|
|
1537
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1538
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1539
|
+
# disable GuardDuty in a member account.
|
|
1540
|
+
#
|
|
1522
1541
|
# @option params [required, String] :detector_id
|
|
1523
1542
|
# The unique ID of the detector of the GuardDuty member account.
|
|
1524
1543
|
#
|
|
@@ -1565,6 +1584,11 @@ module Aws::GuardDuty
|
|
|
1565
1584
|
# Disassociates GuardDuty member accounts (to the current administrator
|
|
1566
1585
|
# account) specified by the account IDs.
|
|
1567
1586
|
#
|
|
1587
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
1588
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
1589
|
+
# disassociate a member account before removing them from your Amazon
|
|
1590
|
+
# Web Services organization.
|
|
1591
|
+
#
|
|
1568
1592
|
# @option params [required, String] :detector_id
|
|
1569
1593
|
# The unique ID of the detector of the GuardDuty account whose members
|
|
1570
1594
|
# you want to disassociate from the administrator account.
|
|
@@ -1655,6 +1679,60 @@ module Aws::GuardDuty
|
|
|
1655
1679
|
req.send_request(options)
|
|
1656
1680
|
end
|
|
1657
1681
|
|
|
1682
|
+
# Retrieves aggregated statistics for your account. If you are a
|
|
1683
|
+
# GuardDuty administrator, you can retrieve the statistics for all the
|
|
1684
|
+
# resources associated with the active member accounts in your
|
|
1685
|
+
# organization who have enabled EKS Runtime Monitoring and have the
|
|
1686
|
+
# GuardDuty agent running on their EKS nodes.
|
|
1687
|
+
#
|
|
1688
|
+
# @option params [required, String] :detector_id
|
|
1689
|
+
# The unique ID of the GuardDuty detector associated to the coverage
|
|
1690
|
+
# statistics.
|
|
1691
|
+
#
|
|
1692
|
+
# @option params [Types::CoverageFilterCriteria] :filter_criteria
|
|
1693
|
+
# Represents the criteria used to filter the coverage statistics
|
|
1694
|
+
#
|
|
1695
|
+
# @option params [required, Array<String>] :statistics_type
|
|
1696
|
+
# Represents the statistics type used to aggregate the coverage details.
|
|
1697
|
+
#
|
|
1698
|
+
# @return [Types::GetCoverageStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1699
|
+
#
|
|
1700
|
+
# * {Types::GetCoverageStatisticsResponse#coverage_statistics #coverage_statistics} => Types::CoverageStatistics
|
|
1701
|
+
#
|
|
1702
|
+
# @example Request syntax with placeholder values
|
|
1703
|
+
#
|
|
1704
|
+
# resp = client.get_coverage_statistics({
|
|
1705
|
+
# detector_id: "DetectorId", # required
|
|
1706
|
+
# filter_criteria: {
|
|
1707
|
+
# filter_criterion: [
|
|
1708
|
+
# {
|
|
1709
|
+
# criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
|
|
1710
|
+
# filter_condition: {
|
|
1711
|
+
# equals: ["String"],
|
|
1712
|
+
# not_equals: ["String"],
|
|
1713
|
+
# },
|
|
1714
|
+
# },
|
|
1715
|
+
# ],
|
|
1716
|
+
# },
|
|
1717
|
+
# statistics_type: ["COUNT_BY_RESOURCE_TYPE"], # required, accepts COUNT_BY_RESOURCE_TYPE, COUNT_BY_COVERAGE_STATUS
|
|
1718
|
+
# })
|
|
1719
|
+
#
|
|
1720
|
+
# @example Response structure
|
|
1721
|
+
#
|
|
1722
|
+
# resp.coverage_statistics.count_by_resource_type #=> Hash
|
|
1723
|
+
# resp.coverage_statistics.count_by_resource_type["ResourceType"] #=> Integer
|
|
1724
|
+
# resp.coverage_statistics.count_by_coverage_status #=> Hash
|
|
1725
|
+
# resp.coverage_statistics.count_by_coverage_status["CoverageStatus"] #=> Integer
|
|
1726
|
+
#
|
|
1727
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetCoverageStatistics AWS API Documentation
|
|
1728
|
+
#
|
|
1729
|
+
# @overload get_coverage_statistics(params = {})
|
|
1730
|
+
# @param [Hash] params ({})
|
|
1731
|
+
def get_coverage_statistics(params = {}, options = {})
|
|
1732
|
+
req = build_request(:get_coverage_statistics, params)
|
|
1733
|
+
req.send_request(options)
|
|
1734
|
+
end
|
|
1735
|
+
|
|
1658
1736
|
# Retrieves an Amazon GuardDuty detector specified by the detectorId.
|
|
1659
1737
|
#
|
|
1660
1738
|
# There might be regional differences because some data sources might
|
|
@@ -1704,9 +1782,13 @@ module Aws::GuardDuty
|
|
|
1704
1782
|
# resp.tags #=> Hash
|
|
1705
1783
|
# resp.tags["TagKey"] #=> String
|
|
1706
1784
|
# resp.features #=> Array
|
|
1707
|
-
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
1785
|
+
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
|
1708
1786
|
# resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
1709
1787
|
# resp.features[0].updated_at #=> Time
|
|
1788
|
+
# resp.features[0].additional_configuration #=> Array
|
|
1789
|
+
# resp.features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
|
1790
|
+
# resp.features[0].additional_configuration[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
1791
|
+
# resp.features[0].additional_configuration[0].updated_at #=> Time
|
|
1710
1792
|
#
|
|
1711
1793
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
|
|
1712
1794
|
#
|
|
@@ -2106,6 +2188,92 @@ module Aws::GuardDuty
|
|
|
2106
2188
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].volume_arn #=> String
|
|
2107
2189
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].hash #=> String
|
|
2108
2190
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_name #=> String
|
|
2191
|
+
# resp.findings[0].service.runtime_details.process.name #=> String
|
|
2192
|
+
# resp.findings[0].service.runtime_details.process.executable_path #=> String
|
|
2193
|
+
# resp.findings[0].service.runtime_details.process.executable_sha_256 #=> String
|
|
2194
|
+
# resp.findings[0].service.runtime_details.process.namespace_pid #=> Integer
|
|
2195
|
+
# resp.findings[0].service.runtime_details.process.pwd #=> String
|
|
2196
|
+
# resp.findings[0].service.runtime_details.process.pid #=> Integer
|
|
2197
|
+
# resp.findings[0].service.runtime_details.process.start_time #=> Time
|
|
2198
|
+
# resp.findings[0].service.runtime_details.process.uuid #=> String
|
|
2199
|
+
# resp.findings[0].service.runtime_details.process.parent_uuid #=> String
|
|
2200
|
+
# resp.findings[0].service.runtime_details.process.user #=> String
|
|
2201
|
+
# resp.findings[0].service.runtime_details.process.user_id #=> Integer
|
|
2202
|
+
# resp.findings[0].service.runtime_details.process.euid #=> Integer
|
|
2203
|
+
# resp.findings[0].service.runtime_details.process.lineage #=> Array
|
|
2204
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].start_time #=> Time
|
|
2205
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].namespace_pid #=> Integer
|
|
2206
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].user_id #=> Integer
|
|
2207
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].name #=> String
|
|
2208
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].pid #=> Integer
|
|
2209
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].uuid #=> String
|
|
2210
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].executable_path #=> String
|
|
2211
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].euid #=> Integer
|
|
2212
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].parent_uuid #=> String
|
|
2213
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.name #=> String
|
|
2214
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.executable_path #=> String
|
|
2215
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.executable_sha_256 #=> String
|
|
2216
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.namespace_pid #=> Integer
|
|
2217
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.pwd #=> String
|
|
2218
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.pid #=> Integer
|
|
2219
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.start_time #=> Time
|
|
2220
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.uuid #=> String
|
|
2221
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.parent_uuid #=> String
|
|
2222
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.user #=> String
|
|
2223
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.user_id #=> Integer
|
|
2224
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.euid #=> Integer
|
|
2225
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage #=> Array
|
|
2226
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].start_time #=> Time
|
|
2227
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].namespace_pid #=> Integer
|
|
2228
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].user_id #=> Integer
|
|
2229
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].name #=> String
|
|
2230
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].pid #=> Integer
|
|
2231
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].uuid #=> String
|
|
2232
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].executable_path #=> String
|
|
2233
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].euid #=> Integer
|
|
2234
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].parent_uuid #=> String
|
|
2235
|
+
# resp.findings[0].service.runtime_details.context.modified_at #=> Time
|
|
2236
|
+
# resp.findings[0].service.runtime_details.context.script_path #=> String
|
|
2237
|
+
# resp.findings[0].service.runtime_details.context.library_path #=> String
|
|
2238
|
+
# resp.findings[0].service.runtime_details.context.ld_preload_value #=> String
|
|
2239
|
+
# resp.findings[0].service.runtime_details.context.socket_path #=> String
|
|
2240
|
+
# resp.findings[0].service.runtime_details.context.runc_binary_path #=> String
|
|
2241
|
+
# resp.findings[0].service.runtime_details.context.release_agent_path #=> String
|
|
2242
|
+
# resp.findings[0].service.runtime_details.context.mount_source #=> String
|
|
2243
|
+
# resp.findings[0].service.runtime_details.context.mount_target #=> String
|
|
2244
|
+
# resp.findings[0].service.runtime_details.context.file_system_type #=> String
|
|
2245
|
+
# resp.findings[0].service.runtime_details.context.flags #=> Array
|
|
2246
|
+
# resp.findings[0].service.runtime_details.context.flags[0] #=> String
|
|
2247
|
+
# resp.findings[0].service.runtime_details.context.module_name #=> String
|
|
2248
|
+
# resp.findings[0].service.runtime_details.context.module_file_path #=> String
|
|
2249
|
+
# resp.findings[0].service.runtime_details.context.module_sha_256 #=> String
|
|
2250
|
+
# resp.findings[0].service.runtime_details.context.shell_history_file_path #=> String
|
|
2251
|
+
# resp.findings[0].service.runtime_details.context.target_process.name #=> String
|
|
2252
|
+
# resp.findings[0].service.runtime_details.context.target_process.executable_path #=> String
|
|
2253
|
+
# resp.findings[0].service.runtime_details.context.target_process.executable_sha_256 #=> String
|
|
2254
|
+
# resp.findings[0].service.runtime_details.context.target_process.namespace_pid #=> Integer
|
|
2255
|
+
# resp.findings[0].service.runtime_details.context.target_process.pwd #=> String
|
|
2256
|
+
# resp.findings[0].service.runtime_details.context.target_process.pid #=> Integer
|
|
2257
|
+
# resp.findings[0].service.runtime_details.context.target_process.start_time #=> Time
|
|
2258
|
+
# resp.findings[0].service.runtime_details.context.target_process.uuid #=> String
|
|
2259
|
+
# resp.findings[0].service.runtime_details.context.target_process.parent_uuid #=> String
|
|
2260
|
+
# resp.findings[0].service.runtime_details.context.target_process.user #=> String
|
|
2261
|
+
# resp.findings[0].service.runtime_details.context.target_process.user_id #=> Integer
|
|
2262
|
+
# resp.findings[0].service.runtime_details.context.target_process.euid #=> Integer
|
|
2263
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage #=> Array
|
|
2264
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].start_time #=> Time
|
|
2265
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].namespace_pid #=> Integer
|
|
2266
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].user_id #=> Integer
|
|
2267
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].name #=> String
|
|
2268
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].pid #=> Integer
|
|
2269
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].uuid #=> String
|
|
2270
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].executable_path #=> String
|
|
2271
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].euid #=> Integer
|
|
2272
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].parent_uuid #=> String
|
|
2273
|
+
# resp.findings[0].service.runtime_details.context.address_family #=> String
|
|
2274
|
+
# resp.findings[0].service.runtime_details.context.iana_protocol_number #=> Integer
|
|
2275
|
+
# resp.findings[0].service.runtime_details.context.memory_regions #=> Array
|
|
2276
|
+
# resp.findings[0].service.runtime_details.context.memory_regions[0] #=> String
|
|
2109
2277
|
# resp.findings[0].severity #=> Float
|
|
2110
2278
|
# resp.findings[0].title #=> String
|
|
2111
2279
|
# resp.findings[0].type #=> String
|
|
@@ -2360,9 +2528,13 @@ module Aws::GuardDuty
|
|
|
2360
2528
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
|
2361
2529
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
|
2362
2530
|
# resp.member_data_source_configurations[0].features #=> Array
|
|
2363
|
-
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2531
|
+
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
|
2364
2532
|
# resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
2365
2533
|
# resp.member_data_source_configurations[0].features[0].updated_at #=> Time
|
|
2534
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration #=> Array
|
|
2535
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
|
2536
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].status #=> String, one of "ENABLED", "DISABLED"
|
|
2537
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].updated_at #=> Time
|
|
2366
2538
|
# resp.unprocessed_accounts #=> Array
|
|
2367
2539
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
2368
2540
|
# resp.unprocessed_accounts[0].result #=> String
|
|
@@ -2455,7 +2627,7 @@ module Aws::GuardDuty
|
|
|
2455
2627
|
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
|
2456
2628
|
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
|
2457
2629
|
# resp.accounts[0].features #=> Array
|
|
2458
|
-
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
|
2630
|
+
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
|
2459
2631
|
# resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
|
|
2460
2632
|
# resp.unprocessed_accounts #=> Array
|
|
2461
2633
|
# resp.unprocessed_accounts[0].account_id #=> String
|
|
@@ -2655,6 +2827,89 @@ module Aws::GuardDuty
|
|
|
2655
2827
|
req.send_request(options)
|
|
2656
2828
|
end
|
|
2657
2829
|
|
|
2830
|
+
# Lists coverage details for your GuardDuty account. If you're a
|
|
2831
|
+
# GuardDuty administrator, you can retrieve all resources associated
|
|
2832
|
+
# with the active member accounts in your organization.
|
|
2833
|
+
#
|
|
2834
|
+
# Make sure the accounts have EKS Runtime Monitoring enabled and
|
|
2835
|
+
# GuardDuty agent running on their EKS nodes.
|
|
2836
|
+
#
|
|
2837
|
+
# @option params [required, String] :detector_id
|
|
2838
|
+
# The unique ID of the detector whose coverage details you want to
|
|
2839
|
+
# retrieve.
|
|
2840
|
+
#
|
|
2841
|
+
# @option params [String] :next_token
|
|
2842
|
+
# A token to use for paginating results that are returned in the
|
|
2843
|
+
# response. Set the value of this parameter to null for the first
|
|
2844
|
+
# request to a list action. For subsequent calls, use the NextToken
|
|
2845
|
+
# value returned from the previous request to continue listing results
|
|
2846
|
+
# after the first page.
|
|
2847
|
+
#
|
|
2848
|
+
# @option params [Integer] :max_results
|
|
2849
|
+
# The maximum number of results to return in the response.
|
|
2850
|
+
#
|
|
2851
|
+
# @option params [Types::CoverageFilterCriteria] :filter_criteria
|
|
2852
|
+
# Represents the criteria used to filter the coverage details.
|
|
2853
|
+
#
|
|
2854
|
+
# @option params [Types::CoverageSortCriteria] :sort_criteria
|
|
2855
|
+
# Represents the criteria used to sort the coverage details.
|
|
2856
|
+
#
|
|
2857
|
+
# @return [Types::ListCoverageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2858
|
+
#
|
|
2859
|
+
# * {Types::ListCoverageResponse#resources #resources} => Array<Types::CoverageResource>
|
|
2860
|
+
# * {Types::ListCoverageResponse#next_token #next_token} => String
|
|
2861
|
+
#
|
|
2862
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
2863
|
+
#
|
|
2864
|
+
# @example Request syntax with placeholder values
|
|
2865
|
+
#
|
|
2866
|
+
# resp = client.list_coverage({
|
|
2867
|
+
# detector_id: "DetectorId", # required
|
|
2868
|
+
# next_token: "String",
|
|
2869
|
+
# max_results: 1,
|
|
2870
|
+
# filter_criteria: {
|
|
2871
|
+
# filter_criterion: [
|
|
2872
|
+
# {
|
|
2873
|
+
# criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
|
|
2874
|
+
# filter_condition: {
|
|
2875
|
+
# equals: ["String"],
|
|
2876
|
+
# not_equals: ["String"],
|
|
2877
|
+
# },
|
|
2878
|
+
# },
|
|
2879
|
+
# ],
|
|
2880
|
+
# },
|
|
2881
|
+
# sort_criteria: {
|
|
2882
|
+
# attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, COVERAGE_STATUS, ISSUE, ADDON_VERSION, UPDATED_AT
|
|
2883
|
+
# order_by: "ASC", # accepts ASC, DESC
|
|
2884
|
+
# },
|
|
2885
|
+
# })
|
|
2886
|
+
#
|
|
2887
|
+
# @example Response structure
|
|
2888
|
+
#
|
|
2889
|
+
# resp.resources #=> Array
|
|
2890
|
+
# resp.resources[0].resource_id #=> String
|
|
2891
|
+
# resp.resources[0].detector_id #=> String
|
|
2892
|
+
# resp.resources[0].account_id #=> String
|
|
2893
|
+
# resp.resources[0].resource_details.eks_cluster_details.cluster_name #=> String
|
|
2894
|
+
# resp.resources[0].resource_details.eks_cluster_details.covered_nodes #=> Integer
|
|
2895
|
+
# resp.resources[0].resource_details.eks_cluster_details.compatible_nodes #=> Integer
|
|
2896
|
+
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_version #=> String
|
|
2897
|
+
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_status #=> String
|
|
2898
|
+
# resp.resources[0].resource_details.resource_type #=> String, one of "EKS"
|
|
2899
|
+
# resp.resources[0].coverage_status #=> String, one of "HEALTHY", "UNHEALTHY"
|
|
2900
|
+
# resp.resources[0].issue #=> String
|
|
2901
|
+
# resp.resources[0].updated_at #=> Time
|
|
2902
|
+
# resp.next_token #=> String
|
|
2903
|
+
#
|
|
2904
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListCoverage AWS API Documentation
|
|
2905
|
+
#
|
|
2906
|
+
# @overload list_coverage(params = {})
|
|
2907
|
+
# @param [Hash] params ({})
|
|
2908
|
+
def list_coverage(params = {}, options = {})
|
|
2909
|
+
req = build_request(:list_coverage, params)
|
|
2910
|
+
req.send_request(options)
|
|
2911
|
+
end
|
|
2912
|
+
|
|
2658
2913
|
# Lists detectorIds of all the existing Amazon GuardDuty detector
|
|
2659
2914
|
# resources.
|
|
2660
2915
|
#
|
|
@@ -3264,7 +3519,11 @@ module Aws::GuardDuty
|
|
|
3264
3519
|
|
|
3265
3520
|
# Turns on GuardDuty monitoring of the specified member accounts. Use
|
|
3266
3521
|
# this operation to restart monitoring of accounts that you stopped
|
|
3267
|
-
# monitoring with the
|
|
3522
|
+
# monitoring with the [StopMonitoringMembers][1] operation.
|
|
3523
|
+
#
|
|
3524
|
+
#
|
|
3525
|
+
#
|
|
3526
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
|
|
3268
3527
|
#
|
|
3269
3528
|
# @option params [required, String] :detector_id
|
|
3270
3529
|
# The unique ID of the detector of the GuardDuty administrator account
|
|
@@ -3304,6 +3563,10 @@ module Aws::GuardDuty
|
|
|
3304
3563
|
# `StartMonitoringMembers` operation to restart monitoring for those
|
|
3305
3564
|
# accounts.
|
|
3306
3565
|
#
|
|
3566
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
|
3567
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
|
3568
|
+
# stop monitoring the member accounts in your organization.
|
|
3569
|
+
#
|
|
3307
3570
|
# @option params [required, String] :detector_id
|
|
3308
3571
|
# The unique ID of the detector associated with the GuardDuty
|
|
3309
3572
|
# administrator account that is monitoring member accounts.
|
|
@@ -3479,8 +3742,14 @@ module Aws::GuardDuty
|
|
|
3479
3742
|
# },
|
|
3480
3743
|
# features: [
|
|
3481
3744
|
# {
|
|
3482
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
3745
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
|
3483
3746
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3747
|
+
# additional_configuration: [
|
|
3748
|
+
# {
|
|
3749
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
|
3750
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
3751
|
+
# },
|
|
3752
|
+
# ],
|
|
3484
3753
|
# },
|
|
3485
3754
|
# ],
|
|
3486
3755
|
# })
|
|
@@ -3755,8 +4024,14 @@ module Aws::GuardDuty
|
|
|
3755
4024
|
# },
|
|
3756
4025
|
# features: [
|
|
3757
4026
|
# {
|
|
3758
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
4027
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
|
3759
4028
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
4029
|
+
# additional_configuration: [
|
|
4030
|
+
# {
|
|
4031
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
|
4032
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
|
4033
|
+
# },
|
|
4034
|
+
# ],
|
|
3760
4035
|
# },
|
|
3761
4036
|
# ],
|
|
3762
4037
|
# })
|
|
@@ -3776,7 +4051,9 @@ module Aws::GuardDuty
|
|
|
3776
4051
|
req.send_request(options)
|
|
3777
4052
|
end
|
|
3778
4053
|
|
|
3779
|
-
#
|
|
4054
|
+
# Configures the delegated administrator account with the provided
|
|
4055
|
+
# values. You must provide the value for either
|
|
4056
|
+
# `autoEnableOrganizationMembers` or `autoEnable`.
|
|
3780
4057
|
#
|
|
3781
4058
|
# There might be regional differences because some data sources might
|
|
3782
4059
|
# not be available in all the Amazon Web Services Regions where
|
|
@@ -3788,25 +4065,44 @@ module Aws::GuardDuty
|
|
|
3788
4065
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
|
3789
4066
|
#
|
|
3790
4067
|
# @option params [required, String] :detector_id
|
|
3791
|
-
# The ID of the detector
|
|
4068
|
+
# The ID of the detector that configures the delegated administrator.
|
|
3792
4069
|
#
|
|
3793
|
-
# @option params [
|
|
4070
|
+
# @option params [Boolean] :auto_enable
|
|
3794
4071
|
# Indicates whether to automatically enable member accounts in the
|
|
3795
4072
|
# organization.
|
|
3796
4073
|
#
|
|
4074
|
+
# Even though this is still supported, we recommend using
|
|
4075
|
+
# `AutoEnableOrganizationMembers` to achieve the similar results.
|
|
4076
|
+
#
|
|
3797
4077
|
# @option params [Types::OrganizationDataSourceConfigurations] :data_sources
|
|
3798
4078
|
# Describes which data sources will be updated.
|
|
3799
4079
|
#
|
|
3800
4080
|
# @option params [Array<Types::OrganizationFeatureConfiguration>] :features
|
|
3801
4081
|
# A list of features that will be configured for the organization.
|
|
3802
4082
|
#
|
|
4083
|
+
# @option params [String] :auto_enable_organization_members
|
|
4084
|
+
# Indicates the auto-enablement configuration of GuardDuty for the
|
|
4085
|
+
# member accounts in the organization.
|
|
4086
|
+
#
|
|
4087
|
+
# * `NEW`: Indicates that when a new account joins the organization,
|
|
4088
|
+
# they will have GuardDuty enabled automatically.
|
|
4089
|
+
#
|
|
4090
|
+
# * `ALL`: Indicates that all accounts in the Amazon Web Services
|
|
4091
|
+
# Organization have GuardDuty enabled automatically. This includes
|
|
4092
|
+
# `NEW` accounts that join the organization and accounts that may have
|
|
4093
|
+
# been suspended or removed from the organization in GuardDuty.
|
|
4094
|
+
#
|
|
4095
|
+
# * `NONE`: Indicates that GuardDuty will not be automatically enabled
|
|
4096
|
+
# for any accounts in the organization. GuardDuty must be managed for
|
|
4097
|
+
# each account individually by the administrator.
|
|
4098
|
+
#
|
|
3803
4099
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3804
4100
|
#
|
|
3805
4101
|
# @example Request syntax with placeholder values
|
|
3806
4102
|
#
|
|
3807
4103
|
# resp = client.update_organization_configuration({
|
|
3808
4104
|
# detector_id: "DetectorId", # required
|
|
3809
|
-
# auto_enable: false,
|
|
4105
|
+
# auto_enable: false,
|
|
3810
4106
|
# data_sources: {
|
|
3811
4107
|
# s3_logs: {
|
|
3812
4108
|
# auto_enable: false, # required
|
|
@@ -3826,10 +4122,17 @@ module Aws::GuardDuty
|
|
|
3826
4122
|
# },
|
|
3827
4123
|
# features: [
|
|
3828
4124
|
# {
|
|
3829
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
|
4125
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
|
3830
4126
|
# auto_enable: "NEW", # accepts NEW, NONE
|
|
4127
|
+
# additional_configuration: [
|
|
4128
|
+
# {
|
|
4129
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
|
4130
|
+
# auto_enable: "NEW", # accepts NEW, NONE
|
|
4131
|
+
# },
|
|
4132
|
+
# ],
|
|
3831
4133
|
# },
|
|
3832
4134
|
# ],
|
|
4135
|
+
# auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
|
|
3833
4136
|
# })
|
|
3834
4137
|
#
|
|
3835
4138
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
|
@@ -3932,7 +4235,7 @@ module Aws::GuardDuty
|
|
|
3932
4235
|
params: params,
|
|
3933
4236
|
config: config)
|
|
3934
4237
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
3935
|
-
context[:gem_version] = '1.
|
|
4238
|
+
context[:gem_version] = '1.67.0'
|
|
3936
4239
|
Seahorse::Client::Request.new(handlers, context)
|
|
3937
4240
|
end
|
|
3938
4241
|
|