aws-sdk-guardduty 1.68.0 → 1.69.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ff5bf924b3cd09c298b323fca839e37e4742e6b91ad78277b1f9fed741b81d4
-  data.tar.gz: bdeffcea7e97f871baf2461bb95387bb351102146b3b93085f83ed865117413b
+  metadata.gz: d4cb3b0b40af8d3c0281d0ef709d2de4b79fdcbc40222392b77de735d0dc9be7
+  data.tar.gz: e150d644e72afeb5ddd569885094c01faf5013a9ada8c829709be759c87b6dd7
 SHA512:
-  metadata.gz: 588ea396bddcb12c84c76a5d74f1245e455e0857c8fa17dffba026b8333ab6775ce12718b3496c01d58b00d8725bf0a64a539b2bb48660319b58aa99eece9714
-  data.tar.gz: f381b33dd8c0e8564fc4cf2721dd90df57ef9c12ab25b7746612b29239a1fd6d06bbb23be5dbb235f56fc36559ae830778bd6066d40e925cfbf6703d9adb661c
+  metadata.gz: 01eaaeb32c936ecc847ce87d4e601d4f54b173d077c1599c5a658038f9e9e55a4583c09a622022569c897fd80c51544e14c0026816ff558119069b0c8be16d07
+  data.tar.gz: '018ee2c776fe65ed41a3eecf6e5e485e7709eb6d49e363883dc918d2bb48a8f24b56ebde0dbc91989812576507a08d21aef7c412a2ff7a800455668cc2741799'

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.69.0 (2023-04-27)
+------------------
+
+* Feature - Added API support to initiate on-demand malware scan on specific resources.
+
 1.68.0 (2023-04-20)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.68.0
+1.69.0

data/lib/aws-sdk-guardduty/client.rb

@@ -1342,7 +1342,7 @@ module Aws::GuardDuty
     #     filter_criteria: {
     #       filter_criterion: [
     #         {
-    #           criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS
+    #           criterion_key: "EC2_INSTANCE_ARN", # accepts EC2_INSTANCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, SCAN_START_TIME, SCAN_STATUS, SCAN_TYPE
     #           filter_condition: {
     #             equals_value: "NonEmptyString",
     #             greater_than: 1,
@@ -1363,7 +1363,7 @@ module Aws::GuardDuty
     #   resp.scans[0].detector_id #=> String
     #   resp.scans[0].admin_detector_id #=> String
     #   resp.scans[0].scan_id #=> String
-    #   resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "FAILED"
+    #   resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "FAILED", "SKIPPED"
     #   resp.scans[0].failure_reason #=> String
     #   resp.scans[0].scan_start_time #=> Time
     #   resp.scans[0].scan_end_time #=> Time
@@ -1382,6 +1382,7 @@ module Aws::GuardDuty
     #   resp.scans[0].attached_volumes[0].encryption_type #=> String
     #   resp.scans[0].attached_volumes[0].snapshot_arn #=> String
     #   resp.scans[0].attached_volumes[0].kms_key_arn #=> String
+    #   resp.scans[0].scan_type #=> String, one of "GUARDDUTY_INITIATED", "ON_DEMAND"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeMalwareScans AWS API Documentation
@@ -2204,6 +2205,7 @@ module Aws::GuardDuty
     #   resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].volume_arn #=> String
     #   resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].hash #=> String
     #   resp.findings[0].service.ebs_volume_scan_details.scan_detections.threat_detected_by_name.threat_names[0].file_paths[0].file_name #=> String
+    #   resp.findings[0].service.ebs_volume_scan_details.scan_type #=> String, one of "GUARDDUTY_INITIATED", "ON_DEMAND"
     #   resp.findings[0].service.runtime_details.process.name #=> String
     #   resp.findings[0].service.runtime_details.process.executable_path #=> String
     #   resp.findings[0].service.runtime_details.process.executable_sha_256 #=> String
@@ -3533,6 +3535,40 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
+    # Initiates the malware scan. Invoking this API will automatically
+    # create the [Service-linked role ][1] in the corresponding account.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html
+    #
+    # @option params [required, String] :resource_arn
+    #   Amazon Resource Name (ARN) of the resource for which you invoked the
+    #   API.
+    #
+    # @return [Types::StartMalwareScanResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::StartMalwareScanResponse#scan_id #scan_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.start_malware_scan({
+    #     resource_arn: "ResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.scan_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMalwareScan AWS API Documentation
+    #
+    # @overload start_malware_scan(params = {})
+    # @param [Hash] params ({})
+    def start_malware_scan(params = {}, options = {})
+      req = build_request(:start_malware_scan, params)
+      req.send_request(options)
+    end
+
     # Turns on GuardDuty monitoring of the specified member accounts. Use
     # this operation to restart monitoring of accounts that you stopped
     # monitoring with the [StopMonitoringMembers][1] operation.
@@ -4251,7 +4287,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.68.0'
+      context[:gem_version] = '1.69.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-guardduty/client_api.rb

@@ -46,6 +46,7 @@ module Aws::GuardDuty
     ClientToken = Shapes::StringShape.new(name: 'ClientToken')
     CloudTrailConfigurationResult = Shapes::StructureShape.new(name: 'CloudTrailConfigurationResult')
     Condition = Shapes::StructureShape.new(name: 'Condition')
+    ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
     Container = Shapes::StructureShape.new(name: 'Container')
     Containers = Shapes::ListShape.new(name: 'Containers')
     CountByCoverageStatus = Shapes::MapShape.new(name: 'CountByCoverageStatus')
@@ -347,6 +348,7 @@ module Aws::GuardDuty
     RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
     RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
     Resource = Shapes::StructureShape.new(name: 'Resource')
+    ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
     ResourceDetails = Shapes::StructureShape.new(name: 'ResourceDetails')
     ResourceList = Shapes::ListShape.new(name: 'ResourceList')
     ResourceType = Shapes::StringShape.new(name: 'ResourceType')
@@ -371,6 +373,7 @@ module Aws::GuardDuty
     ScanStatus = Shapes::StringShape.new(name: 'ScanStatus')
     ScanThreatName = Shapes::StructureShape.new(name: 'ScanThreatName')
     ScanThreatNames = Shapes::ListShape.new(name: 'ScanThreatNames')
+    ScanType = Shapes::StringShape.new(name: 'ScanType')
     ScannedItemCount = Shapes::StructureShape.new(name: 'ScannedItemCount')
     Scans = Shapes::ListShape.new(name: 'Scans')
     SecurityContext = Shapes::StructureShape.new(name: 'SecurityContext')
@@ -381,6 +384,8 @@ module Aws::GuardDuty
     SortCriteria = Shapes::StructureShape.new(name: 'SortCriteria')
     SourceIps = Shapes::ListShape.new(name: 'SourceIps')
     Sources = Shapes::ListShape.new(name: 'Sources')
+    StartMalwareScanRequest = Shapes::StructureShape.new(name: 'StartMalwareScanRequest')
+    StartMalwareScanResponse = Shapes::StructureShape.new(name: 'StartMalwareScanResponse')
     StartMonitoringMembersRequest = Shapes::StructureShape.new(name: 'StartMonitoringMembersRequest')
     StartMonitoringMembersResponse = Shapes::StructureShape.new(name: 'StartMonitoringMembersResponse')
     StopMonitoringMembersRequest = Shapes::StructureShape.new(name: 'StopMonitoringMembersRequest')
@@ -578,6 +583,10 @@ module Aws::GuardDuty
     Condition.add_member(:less_than_or_equal, Shapes::ShapeRef.new(shape: Long, location_name: "lessThanOrEqual"))
     Condition.struct_class = Types::Condition
 
+    ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    ConflictException.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "__type"))
+    ConflictException.struct_class = Types::ConflictException
+
     Container.add_member(:container_runtime, Shapes::ShapeRef.new(shape: String, location_name: "containerRuntime"))
     Container.add_member(:id, Shapes::ShapeRef.new(shape: String, location_name: "id"))
     Container.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
@@ -917,6 +926,7 @@ module Aws::GuardDuty
     EbsVolumeScanDetails.add_member(:trigger_finding_id, Shapes::ShapeRef.new(shape: String, location_name: "triggerFindingId"))
     EbsVolumeScanDetails.add_member(:sources, Shapes::ShapeRef.new(shape: Sources, location_name: "sources"))
     EbsVolumeScanDetails.add_member(:scan_detections, Shapes::ShapeRef.new(shape: ScanDetections, location_name: "scanDetections"))
+    EbsVolumeScanDetails.add_member(:scan_type, Shapes::ShapeRef.new(shape: ScanType, location_name: "scanType"))
     EbsVolumeScanDetails.struct_class = Types::EbsVolumeScanDetails
 
     EbsVolumesResult.add_member(:status, Shapes::ShapeRef.new(shape: DataSourceStatus, location_name: "status"))
@@ -1725,6 +1735,7 @@ module Aws::GuardDuty
     Scan.add_member(:total_bytes, Shapes::ShapeRef.new(shape: PositiveLong, location_name: "totalBytes"))
     Scan.add_member(:file_count, Shapes::ShapeRef.new(shape: PositiveLong, location_name: "fileCount"))
     Scan.add_member(:attached_volumes, Shapes::ShapeRef.new(shape: VolumeDetails, location_name: "attachedVolumes"))
+    Scan.add_member(:scan_type, Shapes::ShapeRef.new(shape: ScanType, location_name: "scanType"))
     Scan.struct_class = Types::Scan
 
     ScanCondition.add_member(:map_equals, Shapes::ShapeRef.new(shape: MapEquals, required: true, location_name: "mapEquals"))
@@ -1814,6 +1825,12 @@ module Aws::GuardDuty
 
     Sources.member = Shapes::ShapeRef.new(shape: String)
 
+    StartMalwareScanRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location_name: "resourceArn"))
+    StartMalwareScanRequest.struct_class = Types::StartMalwareScanRequest
+
+    StartMalwareScanResponse.add_member(:scan_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "scanId"))
+    StartMalwareScanResponse.struct_class = Types::StartMalwareScanResponse
+
     StartMonitoringMembersRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
     StartMonitoringMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIds, required: true, location_name: "accountIds"))
     StartMonitoringMembersRequest.struct_class = Types::StartMonitoringMembersRequest
@@ -2669,6 +2686,17 @@ module Aws::GuardDuty
         )
       end)
 
+      api.add_operation(:start_malware_scan, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "StartMalwareScan"
+        o.http_method = "POST"
+        o.http_request_uri = "/malware-scan/start"
+        o.input = Shapes::ShapeRef.new(shape: StartMalwareScanRequest)
+        o.output = Shapes::ShapeRef.new(shape: StartMalwareScanResponse)
+        o.errors << Shapes::ShapeRef.new(shape: BadRequestException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerErrorException)
+      end)
+
       api.add_operation(:start_monitoring_members, Seahorse::Model::Operation.new.tap do |o|
         o.name = "StartMonitoringMembers"
         o.http_method = "POST"

data/lib/aws-sdk-guardduty/endpoints.rb

@@ -753,6 +753,20 @@ module Aws::GuardDuty
       end
     end
 
+    class StartMalwareScan
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::GuardDuty::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class StartMonitoringMembers
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-guardduty/errors.rb

@@ -28,6 +28,7 @@ module Aws::GuardDuty
   #
   # ## Error Classes
   # * {BadRequestException}
+  # * {ConflictException}
   # * {InternalServerErrorException}
   #
   # Additionally, error classes are dynamically generated for service errors based on the error code
@@ -56,6 +57,26 @@ module Aws::GuardDuty
       end
     end
 
+    class ConflictException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::GuardDuty::Types::ConflictException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+
+      # @return [String]
+      def type
+        @data[:type]
+      end
+    end
+
     class InternalServerErrorException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-guardduty/plugins/endpoints.rb

@@ -162,6 +162,8 @@ module Aws::GuardDuty
             Aws::GuardDuty::Endpoints::ListTagsForResource.build(context)
           when :list_threat_intel_sets
             Aws::GuardDuty::Endpoints::ListThreatIntelSets.build(context)
+          when :start_malware_scan
+            Aws::GuardDuty::Endpoints::StartMalwareScan.build(context)
           when :start_monitoring_members
             Aws::GuardDuty::Endpoints::StartMonitoringMembers.build(context)
           when :stop_monitoring_members

data/lib/aws-sdk-guardduty/types.rb

@@ -591,6 +591,25 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # A request conflict exception object.
+    #
+    # @!attribute [rw] message
+    #   The error message.
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The error type.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ConflictException AWS API Documentation
+    #
+    class ConflictException < Struct.new(
+      :message,
+      :type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Details of a container.
     #
     # @!attribute [rw] container_runtime
@@ -2201,6 +2220,10 @@ module Aws::GuardDuty
     #   Contains a complete view providing malware scan result details.
     #   @return [Types::ScanDetections]
     #
+    # @!attribute [rw] scan_type
+    #   Specifies the scan type that invoked the malware scan.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/EbsVolumeScanDetails AWS API Documentation
     #
     class EbsVolumeScanDetails < Struct.new(
@@ -2209,7 +2232,8 @@ module Aws::GuardDuty
       :scan_completed_at,
       :trigger_finding_id,
       :sources,
-      :scan_detections)
+      :scan_detections,
+      :scan_type)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5984,6 +6008,10 @@ module Aws::GuardDuty
     #   scanned.
     #   @return [Array<Types::VolumeDetail>]
     #
+    # @!attribute [rw] scan_type
+    #   Specifies the scan type that invoked the malware scan.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/Scan AWS API Documentation
     #
     class Scan < Struct.new(
@@ -6000,7 +6028,8 @@ module Aws::GuardDuty
       :account_id,
       :total_bytes,
       :file_count,
-      :attached_volumes)
+      :attached_volumes,
+      :scan_type)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6378,6 +6407,33 @@ module Aws::GuardDuty
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   Amazon Resource Name (ARN) of the resource for which you invoked the
+    #   API.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMalwareScanRequest AWS API Documentation
+    #
+    class StartMalwareScanRequest < Struct.new(
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] scan_id
+    #   A unique identifier that gets generated when you invoke the API
+    #   without any error. Each malware scan has a corresponding scan ID.
+    #   Using this scan ID, you can monitor the status of your malware scan.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMalwareScanResponse AWS API Documentation
+    #
+    class StartMalwareScanResponse < Struct.new(
+      :scan_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] detector_id
     #   The unique ID of the detector of the GuardDuty administrator account
     #   associated with the member accounts to monitor.

data/lib/aws-sdk-guardduty.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-guardduty/customizations'
 # @!group service
 module Aws::GuardDuty
 
-  GEM_VERSION = '1.68.0'
+  GEM_VERSION = '1.69.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-guardduty
 version: !ruby/object:Gem::Version
-  version: 1.68.0
+  version: 1.69.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-20 00:00:00.000000000 Z
+date: 2023-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core