RubyGems - aws-sdk-guardduty - Versions diffs - 1.71.0 → 1.73.0 - Mend

aws-sdk-guardduty 1.71.0 → 1.73.0

Files changed (9) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/VERSION +1 -1
data/lib/aws-sdk-guardduty/client.rb +101 -19
data/lib/aws-sdk-guardduty/client_api.rb +4 -0
data/lib/aws-sdk-guardduty/endpoints.rb +1 -0
data/lib/aws-sdk-guardduty/types.rb +8 -2
data/lib/aws-sdk-guardduty.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '08a6a4aa874a336fdb167cb821e6d6ba63127e0ebad237e8b80498de9b24bad3'
-  data.tar.gz: 50712870e26a797e82303d59f068bfc5eefc895c19f18f4284ccc3dc7e7374db
+  metadata.gz: a4602e10689b2f94e03e34f6902f3a736b7ce25d86ccc73fca184ee16e1a66db
+  data.tar.gz: 921dd95c2dad9954e2224120f922057279cd9686acb93212acd346ca8d066aa1
 SHA512:
-  metadata.gz: 5e4087bbf42171cde6708fe1eaea3054a6d0f4f2f0619bd90d103806f5ce37352f09421f41fa5b388ed92c70772cca8e0f38ad67203254d25e8da808aad98dee
-  data.tar.gz: a0bae5f036a4af858427c6e57279449211027cb53846b7f13f4b5a69f20c3fa8f0283853392a569cd8534af99c997edee95c9145dfd9e6850b9dcee86448df41
+  metadata.gz: aff5e97e96450a736b483afe2335c472d4043d85644579c93d328026beadc650dd30876c3e6f784b563b74c8bc31a4b48be40bf2790e8b2ee99973898ccf4b39
+  data.tar.gz: 848c5df221bc129219757ccceee34105d3127b4bf3ab8b02563598436e6ee0234ea47e4111685b514574c4d241c62852d2d3a15903250640001228f9fd5841a0

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
+1.73.0 (2023-06-26)
+------------------
+* Feature - Add support for user.extra.sessionName in Kubernetes Audit Logs Findings.
+1.72.0 (2023-06-15)
+------------------
+* Feature - Updated descriptions for some APIs.
 1.71.0 (2023-05-31)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.71.0
1	+ 1.73.0

data/lib/aws-sdk-guardduty/client.rb CHANGED Viewed

@@ -859,19 +859,27 @@ module Aws::GuardDuty
     # prerequisite for managing the associated member accounts either by
     # invitation or through an organization.
     #
-    # When using `Create Members` as an organizations delegated
-    # administrator this action will enable GuardDuty in the added member
-    # accounts, with the exception of the organization delegated
-    # administrator account, which must enable GuardDuty prior to being
-    # added as a member.
+    # As a delegated administrator, using `CreateMembers` will enable
+    # GuardDuty in the added member accounts, with the exception of the
+    # organization delegated administrator account. A delegated
+    # administrator must enable GuardDuty prior to being added as a member.
     #
-    # If you are adding accounts by invitation, use this action after
-    # GuardDuty has bee enabled in potential member accounts and before
-    # using [InviteMembers][1].
+    # If you are adding accounts by invitation, before using
+    # [InviteMembers][1], use `CreateMembers` after GuardDuty has been
+    # enabled in potential member accounts.
+    #
+    # If you disassociate a member from a GuardDuty delegated administrator,
+    # the member account details obtained from this API, including the
+    # associated email addresses, will be retained. This is done so that the
+    # delegated administrator can invoke the [InviteMembers][1] API without
+    # the need to invoke the CreateMembers API again. To remove the details
+    # associated with a member account, the delegated administrator must
+    # invoke the [DeleteMembers][2] API.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
@@ -1540,10 +1548,25 @@ module Aws::GuardDuty
     # Disassociates the current GuardDuty member account from its
     # administrator account.
     #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
+    #
     # With `autoEnableOrganizationMembers` configuration for your
     # organization set to `ALL`, you'll receive an error if you attempt to
     # disable GuardDuty in a member account.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty member account.
     #
@@ -1567,6 +1590,21 @@ module Aws::GuardDuty
     # Disassociates the current GuardDuty member account from its
     # administrator account.
     #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty member account.
     #
@@ -1587,14 +1625,29 @@ module Aws::GuardDuty
       req.send_request(options)
     end
-    # Disassociates GuardDuty member accounts (to the current administrator
-    # account) specified by the account IDs.
+    # Disassociates GuardDuty member accounts (from the current
+    # administrator account) specified by the account IDs.
+    #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
     #
     # With `autoEnableOrganizationMembers` configuration for your
     # organization set to `ALL`, you'll receive an error if you attempt to
     # disassociate a member account before removing them from your Amazon
     # Web Services organization.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account whose members
     #   you want to disassociate from the administrator account.
@@ -1975,6 +2028,8 @@ module Aws::GuardDuty
     #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.uid #=> String
     #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups #=> Array
     #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.groups[0] #=> String
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.session_name #=> Array
+    #   resp.findings[0].resource.kubernetes_details.kubernetes_user_details.session_name[0] #=> String
     #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.name #=> String
     #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.type #=> String
     #   resp.findings[0].resource.kubernetes_details.kubernetes_workload_details.uid #=> String
@@ -2799,11 +2854,38 @@ module Aws::GuardDuty
       req.send_request(options)
     end
-    # Invites other Amazon Web Services accounts (created as members of the
-    # current Amazon Web Services account by CreateMembers) to enable
-    # GuardDuty, and allow the current Amazon Web Services account to view
-    # and manage these accounts' findings on their behalf as the GuardDuty
-    # administrator account.
+    # Invites Amazon Web Services accounts to become members of an
+    # organization administered by the Amazon Web Services account that
+    # invokes this API. If you are using Amazon Web Services Organizations
+    # to manager your GuardDuty environment, this step is not needed. For
+    # more information, see [Managing accounts with Amazon Web Services
+    # Organizations][1].
+    #
+    # To invite Amazon Web Services accounts, the first step is to ensure
+    # that GuardDuty has been enabled in the potential member accounts. You
+    # can now invoke this API to add accounts by invitation. The invited
+    # accounts can either accept or decline the invitation from their
+    # GuardDuty accounts. Each invited Amazon Web Services account can
+    # choose to accept the invitation from only one Amazon Web Services
+    # account. For more information, see [Managing GuardDuty accounts by
+    # invitation][2].
+    #
+    # After the invite has been accepted and you choose to disassociate a
+    # member account (by using [DisassociateMembers][3]) from your account,
+    # the details of the member account obtained by invoking
+    # [CreateMembers][4], including the associated email addresses, will be
+    # retained. This is done so that you can invoke InviteMembers without
+    # the need to invoke [CreateMembers][4] again. To remove the details
+    # associated with a member account, you must also invoke
+    # [DeleteMembers][5].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_invitations.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html
+    # [4]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [5]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
@@ -3458,9 +3540,9 @@ module Aws::GuardDuty
     end
     # Lists tags for a resource. Tagging is currently supported for
-    # detectors, finding filters, IP sets, and threat intel sets, with a
-    # limit of 50 tags per resource. When invoked, this operation returns
-    # all assigned tags for a given resource.
+    # detectors, finding filters, IP sets, threat intel sets, publishing
+    # destination, with a limit of 50 tags per resource. When invoked, this
+    # operation returns all assigned tags for a given resource.
     #
     # @option params [required, String] :resource_arn
     #   The Amazon Resource Name (ARN) for the given GuardDuty resource.
@@ -4292,7 +4374,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.71.0'
+      context[:gem_version] = '1.73.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-guardduty/client_api.rb CHANGED Viewed

@@ -382,6 +382,7 @@ module Aws::GuardDuty
     SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
     Service = Shapes::StructureShape.new(name: 'Service')
     ServiceAdditionalInfo = Shapes::StructureShape.new(name: 'ServiceAdditionalInfo')
+    SessionNameList = Shapes::ListShape.new(name: 'SessionNameList')
     SortCriteria = Shapes::StructureShape.new(name: 'SortCriteria')
     SourceIps = Shapes::ListShape.new(name: 'SourceIps')
     Sources = Shapes::ListShape.new(name: 'Sources')
@@ -1260,6 +1261,7 @@ module Aws::GuardDuty
     KubernetesUserDetails.add_member(:username, Shapes::ShapeRef.new(shape: String, location_name: "username"))
     KubernetesUserDetails.add_member(:uid, Shapes::ShapeRef.new(shape: String, location_name: "uid"))
     KubernetesUserDetails.add_member(:groups, Shapes::ShapeRef.new(shape: Groups, location_name: "groups"))
+    KubernetesUserDetails.add_member(:session_name, Shapes::ShapeRef.new(shape: SessionNameList, location_name: "sessionName"))
     KubernetesUserDetails.struct_class = Types::KubernetesUserDetails
     KubernetesWorkloadDetails.add_member(:name, Shapes::ShapeRef.new(shape: String, location_name: "name"))
@@ -1822,6 +1824,8 @@ module Aws::GuardDuty
     ServiceAdditionalInfo.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "type"))
     ServiceAdditionalInfo.struct_class = Types::ServiceAdditionalInfo
+    SessionNameList.member = Shapes::ShapeRef.new(shape: String)
     SortCriteria.add_member(:attribute_name, Shapes::ShapeRef.new(shape: String, location_name: "attributeName"))
     SortCriteria.add_member(:order_by, Shapes::ShapeRef.new(shape: OrderBy, location_name: "orderBy"))
     SortCriteria.struct_class = Types::SortCriteria

data/lib/aws-sdk-guardduty/endpoints.rb CHANGED Viewed

@@ -9,6 +9,7 @@
 module Aws::GuardDuty
+  # @api private
   module Endpoints
     class AcceptAdministratorInvitation

data/lib/aws-sdk-guardduty/types.rb CHANGED Viewed

@@ -2158,7 +2158,7 @@ module Aws::GuardDuty
     # finding.
     #
     # @!attribute [rw] domain
-    #   The domain information for the API request.
+    #   The domain information for the DNS query.
     #   @return [String]
     #
     # @!attribute [rw] protocol
@@ -3672,12 +3672,18 @@ module Aws::GuardDuty
     #   The groups that include the user who called the Kubernetes API.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] session_name
+    #   Entity that assumes the IAM role when Kubernetes RBAC permissions
+    #   are assigned to that role.
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/KubernetesUserDetails AWS API Documentation
     #
     class KubernetesUserDetails < Struct.new(
       :username,
       :uid,
-      :groups)
+      :groups,
+      :session_name)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-guardduty.rb CHANGED Viewed

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-guardduty/customizations'
 # @!group service
 module Aws::GuardDuty
-  GEM_VERSION = '1.71.0'
+  GEM_VERSION = '1.73.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-guardduty
 version: !ruby/object:Gem::Version
-  version: 1.71.0
+  version: 1.73.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-31 00:00:00.000000000 Z
+date: 2023-06-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core