aws-sdk-guardduty 1.65.0 → 1.67.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +317 -14
- data/lib/aws-sdk-guardduty/client_api.rb +251 -2
- data/lib/aws-sdk-guardduty/endpoints.rb +28 -0
- data/lib/aws-sdk-guardduty/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-guardduty/types.rb +807 -10
- data/lib/aws-sdk-guardduty.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b41a9b2a921a007298a97ebab767ea77f33b1f8a64eba2e1a3ec7ef551b27a9
|
4
|
+
data.tar.gz: 30856538aa33c440691add29c523fe45528cedaeb7baba8443ce751ebeb738a3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c2d8016a45d7521d7e155b38a70982daebec8faf94bc61de8fe4f201000e875ca6b8355b6ece7e6ea9bbb9e307e9ac47e650cc29ef119067943859f53acf7a27
|
7
|
+
data.tar.gz: 820ab0c3bafd31270bf6fab637465942aa9740f79b12ea37437b1e52ca6463e5f7a6656e16b8224b6e152055f19bf3c0e623707a69c6ecdbbe88c7a54d4fe230
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.67.0 (2023-03-30)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Added EKS Runtime Monitoring feature support to existing detector, finding APIs and introducing new Coverage APIs
|
8
|
+
|
9
|
+
1.66.0 (2023-03-23)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
|
13
|
+
|
4
14
|
1.65.0 (2023-03-16)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.67.0
|
@@ -543,8 +543,14 @@ module Aws::GuardDuty
|
|
543
543
|
# },
|
544
544
|
# features: [
|
545
545
|
# {
|
546
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
546
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
547
547
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
548
|
+
# additional_configuration: [
|
549
|
+
# {
|
550
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
551
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
552
|
+
# },
|
553
|
+
# ],
|
548
554
|
# },
|
549
555
|
# ],
|
550
556
|
# })
|
@@ -1188,6 +1194,10 @@ module Aws::GuardDuty
|
|
1188
1194
|
# Deletes GuardDuty member accounts (to the current GuardDuty
|
1189
1195
|
# administrator account) specified by the account IDs.
|
1190
1196
|
#
|
1197
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
1198
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
1199
|
+
# disable GuardDuty for a member account in your organization.
|
1200
|
+
#
|
1191
1201
|
# @option params [required, String] :detector_id
|
1192
1202
|
# The unique ID of the detector of the GuardDuty account whose members
|
1193
1203
|
# you want to delete.
|
@@ -1417,6 +1427,7 @@ module Aws::GuardDuty
|
|
1417
1427
|
# * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
|
1418
1428
|
# * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array<Types::OrganizationFeatureConfigurationResult>
|
1419
1429
|
# * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
|
1430
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
|
1420
1431
|
#
|
1421
1432
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1422
1433
|
#
|
@@ -1436,9 +1447,13 @@ module Aws::GuardDuty
|
|
1436
1447
|
# resp.data_sources.kubernetes.audit_logs.auto_enable #=> Boolean
|
1437
1448
|
# resp.data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.auto_enable #=> Boolean
|
1438
1449
|
# resp.features #=> Array
|
1439
|
-
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
1450
|
+
# resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
1440
1451
|
# resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
|
1452
|
+
# resp.features[0].additional_configuration #=> Array
|
1453
|
+
# resp.features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
1454
|
+
# resp.features[0].additional_configuration[0].auto_enable #=> String, one of "NEW", "NONE"
|
1441
1455
|
# resp.next_token #=> String
|
1456
|
+
# resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
|
1442
1457
|
#
|
1443
1458
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
|
1444
1459
|
#
|
@@ -1519,6 +1534,10 @@ module Aws::GuardDuty
|
|
1519
1534
|
# Disassociates the current GuardDuty member account from its
|
1520
1535
|
# administrator account.
|
1521
1536
|
#
|
1537
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
1538
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
1539
|
+
# disable GuardDuty in a member account.
|
1540
|
+
#
|
1522
1541
|
# @option params [required, String] :detector_id
|
1523
1542
|
# The unique ID of the detector of the GuardDuty member account.
|
1524
1543
|
#
|
@@ -1565,6 +1584,11 @@ module Aws::GuardDuty
|
|
1565
1584
|
# Disassociates GuardDuty member accounts (to the current administrator
|
1566
1585
|
# account) specified by the account IDs.
|
1567
1586
|
#
|
1587
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
1588
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
1589
|
+
# disassociate a member account before removing them from your Amazon
|
1590
|
+
# Web Services organization.
|
1591
|
+
#
|
1568
1592
|
# @option params [required, String] :detector_id
|
1569
1593
|
# The unique ID of the detector of the GuardDuty account whose members
|
1570
1594
|
# you want to disassociate from the administrator account.
|
@@ -1655,6 +1679,60 @@ module Aws::GuardDuty
|
|
1655
1679
|
req.send_request(options)
|
1656
1680
|
end
|
1657
1681
|
|
1682
|
+
# Retrieves aggregated statistics for your account. If you are a
|
1683
|
+
# GuardDuty administrator, you can retrieve the statistics for all the
|
1684
|
+
# resources associated with the active member accounts in your
|
1685
|
+
# organization who have enabled EKS Runtime Monitoring and have the
|
1686
|
+
# GuardDuty agent running on their EKS nodes.
|
1687
|
+
#
|
1688
|
+
# @option params [required, String] :detector_id
|
1689
|
+
# The unique ID of the GuardDuty detector associated to the coverage
|
1690
|
+
# statistics.
|
1691
|
+
#
|
1692
|
+
# @option params [Types::CoverageFilterCriteria] :filter_criteria
|
1693
|
+
# Represents the criteria used to filter the coverage statistics
|
1694
|
+
#
|
1695
|
+
# @option params [required, Array<String>] :statistics_type
|
1696
|
+
# Represents the statistics type used to aggregate the coverage details.
|
1697
|
+
#
|
1698
|
+
# @return [Types::GetCoverageStatisticsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1699
|
+
#
|
1700
|
+
# * {Types::GetCoverageStatisticsResponse#coverage_statistics #coverage_statistics} => Types::CoverageStatistics
|
1701
|
+
#
|
1702
|
+
# @example Request syntax with placeholder values
|
1703
|
+
#
|
1704
|
+
# resp = client.get_coverage_statistics({
|
1705
|
+
# detector_id: "DetectorId", # required
|
1706
|
+
# filter_criteria: {
|
1707
|
+
# filter_criterion: [
|
1708
|
+
# {
|
1709
|
+
# criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
|
1710
|
+
# filter_condition: {
|
1711
|
+
# equals: ["String"],
|
1712
|
+
# not_equals: ["String"],
|
1713
|
+
# },
|
1714
|
+
# },
|
1715
|
+
# ],
|
1716
|
+
# },
|
1717
|
+
# statistics_type: ["COUNT_BY_RESOURCE_TYPE"], # required, accepts COUNT_BY_RESOURCE_TYPE, COUNT_BY_COVERAGE_STATUS
|
1718
|
+
# })
|
1719
|
+
#
|
1720
|
+
# @example Response structure
|
1721
|
+
#
|
1722
|
+
# resp.coverage_statistics.count_by_resource_type #=> Hash
|
1723
|
+
# resp.coverage_statistics.count_by_resource_type["ResourceType"] #=> Integer
|
1724
|
+
# resp.coverage_statistics.count_by_coverage_status #=> Hash
|
1725
|
+
# resp.coverage_statistics.count_by_coverage_status["CoverageStatus"] #=> Integer
|
1726
|
+
#
|
1727
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetCoverageStatistics AWS API Documentation
|
1728
|
+
#
|
1729
|
+
# @overload get_coverage_statistics(params = {})
|
1730
|
+
# @param [Hash] params ({})
|
1731
|
+
def get_coverage_statistics(params = {}, options = {})
|
1732
|
+
req = build_request(:get_coverage_statistics, params)
|
1733
|
+
req.send_request(options)
|
1734
|
+
end
|
1735
|
+
|
1658
1736
|
# Retrieves an Amazon GuardDuty detector specified by the detectorId.
|
1659
1737
|
#
|
1660
1738
|
# There might be regional differences because some data sources might
|
@@ -1704,9 +1782,13 @@ module Aws::GuardDuty
|
|
1704
1782
|
# resp.tags #=> Hash
|
1705
1783
|
# resp.tags["TagKey"] #=> String
|
1706
1784
|
# resp.features #=> Array
|
1707
|
-
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
1785
|
+
# resp.features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
1708
1786
|
# resp.features[0].status #=> String, one of "ENABLED", "DISABLED"
|
1709
1787
|
# resp.features[0].updated_at #=> Time
|
1788
|
+
# resp.features[0].additional_configuration #=> Array
|
1789
|
+
# resp.features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
1790
|
+
# resp.features[0].additional_configuration[0].status #=> String, one of "ENABLED", "DISABLED"
|
1791
|
+
# resp.features[0].additional_configuration[0].updated_at #=> Time
|
1710
1792
|
#
|
1711
1793
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetDetector AWS API Documentation
|
1712
1794
|
#
|
@@ -2106,6 +2188,92 @@ module Aws::GuardDuty
|
|
2106
2188
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].volume_arn #=> String
|
2107
2189
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].hash #=> String
|
2108
2190
|
# resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_name #=> String
|
2191
|
+
# resp.findings[0].service.runtime_details.process.name #=> String
|
2192
|
+
# resp.findings[0].service.runtime_details.process.executable_path #=> String
|
2193
|
+
# resp.findings[0].service.runtime_details.process.executable_sha_256 #=> String
|
2194
|
+
# resp.findings[0].service.runtime_details.process.namespace_pid #=> Integer
|
2195
|
+
# resp.findings[0].service.runtime_details.process.pwd #=> String
|
2196
|
+
# resp.findings[0].service.runtime_details.process.pid #=> Integer
|
2197
|
+
# resp.findings[0].service.runtime_details.process.start_time #=> Time
|
2198
|
+
# resp.findings[0].service.runtime_details.process.uuid #=> String
|
2199
|
+
# resp.findings[0].service.runtime_details.process.parent_uuid #=> String
|
2200
|
+
# resp.findings[0].service.runtime_details.process.user #=> String
|
2201
|
+
# resp.findings[0].service.runtime_details.process.user_id #=> Integer
|
2202
|
+
# resp.findings[0].service.runtime_details.process.euid #=> Integer
|
2203
|
+
# resp.findings[0].service.runtime_details.process.lineage #=> Array
|
2204
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].start_time #=> Time
|
2205
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].namespace_pid #=> Integer
|
2206
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].user_id #=> Integer
|
2207
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].name #=> String
|
2208
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].pid #=> Integer
|
2209
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].uuid #=> String
|
2210
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].executable_path #=> String
|
2211
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].euid #=> Integer
|
2212
|
+
# resp.findings[0].service.runtime_details.process.lineage[0].parent_uuid #=> String
|
2213
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.name #=> String
|
2214
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.executable_path #=> String
|
2215
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.executable_sha_256 #=> String
|
2216
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.namespace_pid #=> Integer
|
2217
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.pwd #=> String
|
2218
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.pid #=> Integer
|
2219
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.start_time #=> Time
|
2220
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.uuid #=> String
|
2221
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.parent_uuid #=> String
|
2222
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.user #=> String
|
2223
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.user_id #=> Integer
|
2224
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.euid #=> Integer
|
2225
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage #=> Array
|
2226
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].start_time #=> Time
|
2227
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].namespace_pid #=> Integer
|
2228
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].user_id #=> Integer
|
2229
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].name #=> String
|
2230
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].pid #=> Integer
|
2231
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].uuid #=> String
|
2232
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].executable_path #=> String
|
2233
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].euid #=> Integer
|
2234
|
+
# resp.findings[0].service.runtime_details.context.modifying_process.lineage[0].parent_uuid #=> String
|
2235
|
+
# resp.findings[0].service.runtime_details.context.modified_at #=> Time
|
2236
|
+
# resp.findings[0].service.runtime_details.context.script_path #=> String
|
2237
|
+
# resp.findings[0].service.runtime_details.context.library_path #=> String
|
2238
|
+
# resp.findings[0].service.runtime_details.context.ld_preload_value #=> String
|
2239
|
+
# resp.findings[0].service.runtime_details.context.socket_path #=> String
|
2240
|
+
# resp.findings[0].service.runtime_details.context.runc_binary_path #=> String
|
2241
|
+
# resp.findings[0].service.runtime_details.context.release_agent_path #=> String
|
2242
|
+
# resp.findings[0].service.runtime_details.context.mount_source #=> String
|
2243
|
+
# resp.findings[0].service.runtime_details.context.mount_target #=> String
|
2244
|
+
# resp.findings[0].service.runtime_details.context.file_system_type #=> String
|
2245
|
+
# resp.findings[0].service.runtime_details.context.flags #=> Array
|
2246
|
+
# resp.findings[0].service.runtime_details.context.flags[0] #=> String
|
2247
|
+
# resp.findings[0].service.runtime_details.context.module_name #=> String
|
2248
|
+
# resp.findings[0].service.runtime_details.context.module_file_path #=> String
|
2249
|
+
# resp.findings[0].service.runtime_details.context.module_sha_256 #=> String
|
2250
|
+
# resp.findings[0].service.runtime_details.context.shell_history_file_path #=> String
|
2251
|
+
# resp.findings[0].service.runtime_details.context.target_process.name #=> String
|
2252
|
+
# resp.findings[0].service.runtime_details.context.target_process.executable_path #=> String
|
2253
|
+
# resp.findings[0].service.runtime_details.context.target_process.executable_sha_256 #=> String
|
2254
|
+
# resp.findings[0].service.runtime_details.context.target_process.namespace_pid #=> Integer
|
2255
|
+
# resp.findings[0].service.runtime_details.context.target_process.pwd #=> String
|
2256
|
+
# resp.findings[0].service.runtime_details.context.target_process.pid #=> Integer
|
2257
|
+
# resp.findings[0].service.runtime_details.context.target_process.start_time #=> Time
|
2258
|
+
# resp.findings[0].service.runtime_details.context.target_process.uuid #=> String
|
2259
|
+
# resp.findings[0].service.runtime_details.context.target_process.parent_uuid #=> String
|
2260
|
+
# resp.findings[0].service.runtime_details.context.target_process.user #=> String
|
2261
|
+
# resp.findings[0].service.runtime_details.context.target_process.user_id #=> Integer
|
2262
|
+
# resp.findings[0].service.runtime_details.context.target_process.euid #=> Integer
|
2263
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage #=> Array
|
2264
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].start_time #=> Time
|
2265
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].namespace_pid #=> Integer
|
2266
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].user_id #=> Integer
|
2267
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].name #=> String
|
2268
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].pid #=> Integer
|
2269
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].uuid #=> String
|
2270
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].executable_path #=> String
|
2271
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].euid #=> Integer
|
2272
|
+
# resp.findings[0].service.runtime_details.context.target_process.lineage[0].parent_uuid #=> String
|
2273
|
+
# resp.findings[0].service.runtime_details.context.address_family #=> String
|
2274
|
+
# resp.findings[0].service.runtime_details.context.iana_protocol_number #=> Integer
|
2275
|
+
# resp.findings[0].service.runtime_details.context.memory_regions #=> Array
|
2276
|
+
# resp.findings[0].service.runtime_details.context.memory_regions[0] #=> String
|
2109
2277
|
# resp.findings[0].severity #=> Float
|
2110
2278
|
# resp.findings[0].title #=> String
|
2111
2279
|
# resp.findings[0].type #=> String
|
@@ -2360,9 +2528,13 @@ module Aws::GuardDuty
|
|
2360
2528
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.scan_ec2_instance_with_findings.ebs_volumes.reason #=> String
|
2361
2529
|
# resp.member_data_source_configurations[0].data_sources.malware_protection.service_role #=> String
|
2362
2530
|
# resp.member_data_source_configurations[0].features #=> Array
|
2363
|
-
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
2531
|
+
# resp.member_data_source_configurations[0].features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
2364
2532
|
# resp.member_data_source_configurations[0].features[0].status #=> String, one of "ENABLED", "DISABLED"
|
2365
2533
|
# resp.member_data_source_configurations[0].features[0].updated_at #=> Time
|
2534
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration #=> Array
|
2535
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].name #=> String, one of "EKS_ADDON_MANAGEMENT"
|
2536
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].status #=> String, one of "ENABLED", "DISABLED"
|
2537
|
+
# resp.member_data_source_configurations[0].features[0].additional_configuration[0].updated_at #=> Time
|
2366
2538
|
# resp.unprocessed_accounts #=> Array
|
2367
2539
|
# resp.unprocessed_accounts[0].account_id #=> String
|
2368
2540
|
# resp.unprocessed_accounts[0].result #=> String
|
@@ -2455,7 +2627,7 @@ module Aws::GuardDuty
|
|
2455
2627
|
# resp.accounts[0].data_sources.kubernetes.audit_logs.free_trial_days_remaining #=> Integer
|
2456
2628
|
# resp.accounts[0].data_sources.malware_protection.scan_ec2_instance_with_findings.free_trial_days_remaining #=> Integer
|
2457
2629
|
# resp.accounts[0].features #=> Array
|
2458
|
-
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
|
2630
|
+
# resp.accounts[0].features[0].name #=> String, one of "FLOW_LOGS", "CLOUD_TRAIL", "DNS_LOGS", "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS", "EKS_RUNTIME_MONITORING"
|
2459
2631
|
# resp.accounts[0].features[0].free_trial_days_remaining #=> Integer
|
2460
2632
|
# resp.unprocessed_accounts #=> Array
|
2461
2633
|
# resp.unprocessed_accounts[0].account_id #=> String
|
@@ -2655,6 +2827,89 @@ module Aws::GuardDuty
|
|
2655
2827
|
req.send_request(options)
|
2656
2828
|
end
|
2657
2829
|
|
2830
|
+
# Lists coverage details for your GuardDuty account. If you're a
|
2831
|
+
# GuardDuty administrator, you can retrieve all resources associated
|
2832
|
+
# with the active member accounts in your organization.
|
2833
|
+
#
|
2834
|
+
# Make sure the accounts have EKS Runtime Monitoring enabled and
|
2835
|
+
# GuardDuty agent running on their EKS nodes.
|
2836
|
+
#
|
2837
|
+
# @option params [required, String] :detector_id
|
2838
|
+
# The unique ID of the detector whose coverage details you want to
|
2839
|
+
# retrieve.
|
2840
|
+
#
|
2841
|
+
# @option params [String] :next_token
|
2842
|
+
# A token to use for paginating results that are returned in the
|
2843
|
+
# response. Set the value of this parameter to null for the first
|
2844
|
+
# request to a list action. For subsequent calls, use the NextToken
|
2845
|
+
# value returned from the previous request to continue listing results
|
2846
|
+
# after the first page.
|
2847
|
+
#
|
2848
|
+
# @option params [Integer] :max_results
|
2849
|
+
# The maximum number of results to return in the response.
|
2850
|
+
#
|
2851
|
+
# @option params [Types::CoverageFilterCriteria] :filter_criteria
|
2852
|
+
# Represents the criteria used to filter the coverage details.
|
2853
|
+
#
|
2854
|
+
# @option params [Types::CoverageSortCriteria] :sort_criteria
|
2855
|
+
# Represents the criteria used to sort the coverage details.
|
2856
|
+
#
|
2857
|
+
# @return [Types::ListCoverageResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2858
|
+
#
|
2859
|
+
# * {Types::ListCoverageResponse#resources #resources} => Array<Types::CoverageResource>
|
2860
|
+
# * {Types::ListCoverageResponse#next_token #next_token} => String
|
2861
|
+
#
|
2862
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2863
|
+
#
|
2864
|
+
# @example Request syntax with placeholder values
|
2865
|
+
#
|
2866
|
+
# resp = client.list_coverage({
|
2867
|
+
# detector_id: "DetectorId", # required
|
2868
|
+
# next_token: "String",
|
2869
|
+
# max_results: 1,
|
2870
|
+
# filter_criteria: {
|
2871
|
+
# filter_criterion: [
|
2872
|
+
# {
|
2873
|
+
# criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
|
2874
|
+
# filter_condition: {
|
2875
|
+
# equals: ["String"],
|
2876
|
+
# not_equals: ["String"],
|
2877
|
+
# },
|
2878
|
+
# },
|
2879
|
+
# ],
|
2880
|
+
# },
|
2881
|
+
# sort_criteria: {
|
2882
|
+
# attribute_name: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, COVERAGE_STATUS, ISSUE, ADDON_VERSION, UPDATED_AT
|
2883
|
+
# order_by: "ASC", # accepts ASC, DESC
|
2884
|
+
# },
|
2885
|
+
# })
|
2886
|
+
#
|
2887
|
+
# @example Response structure
|
2888
|
+
#
|
2889
|
+
# resp.resources #=> Array
|
2890
|
+
# resp.resources[0].resource_id #=> String
|
2891
|
+
# resp.resources[0].detector_id #=> String
|
2892
|
+
# resp.resources[0].account_id #=> String
|
2893
|
+
# resp.resources[0].resource_details.eks_cluster_details.cluster_name #=> String
|
2894
|
+
# resp.resources[0].resource_details.eks_cluster_details.covered_nodes #=> Integer
|
2895
|
+
# resp.resources[0].resource_details.eks_cluster_details.compatible_nodes #=> Integer
|
2896
|
+
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_version #=> String
|
2897
|
+
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_status #=> String
|
2898
|
+
# resp.resources[0].resource_details.resource_type #=> String, one of "EKS"
|
2899
|
+
# resp.resources[0].coverage_status #=> String, one of "HEALTHY", "UNHEALTHY"
|
2900
|
+
# resp.resources[0].issue #=> String
|
2901
|
+
# resp.resources[0].updated_at #=> Time
|
2902
|
+
# resp.next_token #=> String
|
2903
|
+
#
|
2904
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListCoverage AWS API Documentation
|
2905
|
+
#
|
2906
|
+
# @overload list_coverage(params = {})
|
2907
|
+
# @param [Hash] params ({})
|
2908
|
+
def list_coverage(params = {}, options = {})
|
2909
|
+
req = build_request(:list_coverage, params)
|
2910
|
+
req.send_request(options)
|
2911
|
+
end
|
2912
|
+
|
2658
2913
|
# Lists detectorIds of all the existing Amazon GuardDuty detector
|
2659
2914
|
# resources.
|
2660
2915
|
#
|
@@ -3264,7 +3519,11 @@ module Aws::GuardDuty
|
|
3264
3519
|
|
3265
3520
|
# Turns on GuardDuty monitoring of the specified member accounts. Use
|
3266
3521
|
# this operation to restart monitoring of accounts that you stopped
|
3267
|
-
# monitoring with the
|
3522
|
+
# monitoring with the [StopMonitoringMembers][1] operation.
|
3523
|
+
#
|
3524
|
+
#
|
3525
|
+
#
|
3526
|
+
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
|
3268
3527
|
#
|
3269
3528
|
# @option params [required, String] :detector_id
|
3270
3529
|
# The unique ID of the detector of the GuardDuty administrator account
|
@@ -3304,6 +3563,10 @@ module Aws::GuardDuty
|
|
3304
3563
|
# `StartMonitoringMembers` operation to restart monitoring for those
|
3305
3564
|
# accounts.
|
3306
3565
|
#
|
3566
|
+
# With `autoEnableOrganizationMembers` configuration for your
|
3567
|
+
# organization set to `ALL`, you'll receive an error if you attempt to
|
3568
|
+
# stop monitoring the member accounts in your organization.
|
3569
|
+
#
|
3307
3570
|
# @option params [required, String] :detector_id
|
3308
3571
|
# The unique ID of the detector associated with the GuardDuty
|
3309
3572
|
# administrator account that is monitoring member accounts.
|
@@ -3479,8 +3742,14 @@ module Aws::GuardDuty
|
|
3479
3742
|
# },
|
3480
3743
|
# features: [
|
3481
3744
|
# {
|
3482
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
3745
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
3483
3746
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
3747
|
+
# additional_configuration: [
|
3748
|
+
# {
|
3749
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
3750
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
3751
|
+
# },
|
3752
|
+
# ],
|
3484
3753
|
# },
|
3485
3754
|
# ],
|
3486
3755
|
# })
|
@@ -3755,8 +4024,14 @@ module Aws::GuardDuty
|
|
3755
4024
|
# },
|
3756
4025
|
# features: [
|
3757
4026
|
# {
|
3758
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
4027
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
3759
4028
|
# status: "ENABLED", # accepts ENABLED, DISABLED
|
4029
|
+
# additional_configuration: [
|
4030
|
+
# {
|
4031
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
4032
|
+
# status: "ENABLED", # accepts ENABLED, DISABLED
|
4033
|
+
# },
|
4034
|
+
# ],
|
3760
4035
|
# },
|
3761
4036
|
# ],
|
3762
4037
|
# })
|
@@ -3776,7 +4051,9 @@ module Aws::GuardDuty
|
|
3776
4051
|
req.send_request(options)
|
3777
4052
|
end
|
3778
4053
|
|
3779
|
-
#
|
4054
|
+
# Configures the delegated administrator account with the provided
|
4055
|
+
# values. You must provide the value for either
|
4056
|
+
# `autoEnableOrganizationMembers` or `autoEnable`.
|
3780
4057
|
#
|
3781
4058
|
# There might be regional differences because some data sources might
|
3782
4059
|
# not be available in all the Amazon Web Services Regions where
|
@@ -3788,25 +4065,44 @@ module Aws::GuardDuty
|
|
3788
4065
|
# [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
|
3789
4066
|
#
|
3790
4067
|
# @option params [required, String] :detector_id
|
3791
|
-
# The ID of the detector
|
4068
|
+
# The ID of the detector that configures the delegated administrator.
|
3792
4069
|
#
|
3793
|
-
# @option params [
|
4070
|
+
# @option params [Boolean] :auto_enable
|
3794
4071
|
# Indicates whether to automatically enable member accounts in the
|
3795
4072
|
# organization.
|
3796
4073
|
#
|
4074
|
+
# Even though this is still supported, we recommend using
|
4075
|
+
# `AutoEnableOrganizationMembers` to achieve the similar results.
|
4076
|
+
#
|
3797
4077
|
# @option params [Types::OrganizationDataSourceConfigurations] :data_sources
|
3798
4078
|
# Describes which data sources will be updated.
|
3799
4079
|
#
|
3800
4080
|
# @option params [Array<Types::OrganizationFeatureConfiguration>] :features
|
3801
4081
|
# A list of features that will be configured for the organization.
|
3802
4082
|
#
|
4083
|
+
# @option params [String] :auto_enable_organization_members
|
4084
|
+
# Indicates the auto-enablement configuration of GuardDuty for the
|
4085
|
+
# member accounts in the organization.
|
4086
|
+
#
|
4087
|
+
# * `NEW`: Indicates that when a new account joins the organization,
|
4088
|
+
# they will have GuardDuty enabled automatically.
|
4089
|
+
#
|
4090
|
+
# * `ALL`: Indicates that all accounts in the Amazon Web Services
|
4091
|
+
# Organization have GuardDuty enabled automatically. This includes
|
4092
|
+
# `NEW` accounts that join the organization and accounts that may have
|
4093
|
+
# been suspended or removed from the organization in GuardDuty.
|
4094
|
+
#
|
4095
|
+
# * `NONE`: Indicates that GuardDuty will not be automatically enabled
|
4096
|
+
# for any accounts in the organization. GuardDuty must be managed for
|
4097
|
+
# each account individually by the administrator.
|
4098
|
+
#
|
3803
4099
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3804
4100
|
#
|
3805
4101
|
# @example Request syntax with placeholder values
|
3806
4102
|
#
|
3807
4103
|
# resp = client.update_organization_configuration({
|
3808
4104
|
# detector_id: "DetectorId", # required
|
3809
|
-
# auto_enable: false,
|
4105
|
+
# auto_enable: false,
|
3810
4106
|
# data_sources: {
|
3811
4107
|
# s3_logs: {
|
3812
4108
|
# auto_enable: false, # required
|
@@ -3826,10 +4122,17 @@ module Aws::GuardDuty
|
|
3826
4122
|
# },
|
3827
4123
|
# features: [
|
3828
4124
|
# {
|
3829
|
-
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS
|
4125
|
+
# name: "S3_DATA_EVENTS", # accepts S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING
|
3830
4126
|
# auto_enable: "NEW", # accepts NEW, NONE
|
4127
|
+
# additional_configuration: [
|
4128
|
+
# {
|
4129
|
+
# name: "EKS_ADDON_MANAGEMENT", # accepts EKS_ADDON_MANAGEMENT
|
4130
|
+
# auto_enable: "NEW", # accepts NEW, NONE
|
4131
|
+
# },
|
4132
|
+
# ],
|
3831
4133
|
# },
|
3832
4134
|
# ],
|
4135
|
+
# auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
|
3833
4136
|
# })
|
3834
4137
|
#
|
3835
4138
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
|
@@ -3932,7 +4235,7 @@ module Aws::GuardDuty
|
|
3932
4235
|
params: params,
|
3933
4236
|
config: config)
|
3934
4237
|
context[:gem_name] = 'aws-sdk-guardduty'
|
3935
|
-
context[:gem_version] = '1.
|
4238
|
+
context[:gem_version] = '1.67.0'
|
3936
4239
|
Seahorse::Client::Request.new(handlers, context)
|
3937
4240
|
end
|
3938
4241
|
|