RubyGems - aws-sdk-guardduty - Versions diffs - 1.133.0 → 1.134.0 - Mend

aws-sdk-guardduty 1.133.0 → 1.134.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-guardduty/client.rb +232 -4
data/lib/aws-sdk-guardduty/client_api.rb +213 -0
data/lib/aws-sdk-guardduty/types.rb +734 -5
data/lib/aws-sdk-guardduty.rb +1 -1
data/sig/client.rbs +65 -1
data/sig/types.rbs +184 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41daf82129584712a773fc6943032cba32b4d4e3c9e9b9c67d3462a442e5b01b
-  data.tar.gz: efd660bf5a66d97ecaf5ffde04aa3ebf302987a97c1c00fb07606a586fc878c9
+  metadata.gz: 0b2658d4978877533ab0c8a7ee6dc19659d224b7c5b3c5d31d2fd42b501c6d44
+  data.tar.gz: 117429fb1e99e1d34c05eca2bd802dbef11cb3663137a3216916fd4469cecc72
 SHA512:
-  metadata.gz: 6084704b0a8b3962752af1d607ac94fae4689bf68c5d4f5997c809ce2acf7d51363cd8a1819c93b992a10baa727d26fab50cddb546cb213b2875798324e37a54
-  data.tar.gz: 11fb445e4bfabd649a01d572aefdeee476ff3bd0605e50c6407eea840f78778837caa0f137cc1166927a612b0c642ee759f39905c3715600d827111630090da4
+  metadata.gz: 40646ec1ac5380d7ddf9301661bb21ebe814eeea8480f3532cd2d4af3893c07176c80d96f885b97d472382991ac37ff55567914fcc180e5067789ab19e6f91d3
+  data.tar.gz: f48f9c7dff958c546bb709b44d007fb890b5247da5b0fd92098de03a1298c54106b4fd07ed52d4cc3bbf55a06d48c387bb890926392ab8be5935f9c8a7f08988

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.134.0 (2025-11-19)
+------------------
+* Feature - Add support for scanning and viewing scan results for backup resource types
 1.133.0 (2025-11-17)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.~~133~~.0
1	+ 1.134.0

data/lib/aws-sdk-guardduty/client.rb CHANGED Viewed

@@ -2079,6 +2079,7 @@ module Aws::GuardDuty
     #   resp.scans[0].scan_end_time #=> Time
     #   resp.scans[0].trigger_details.guard_duty_finding_id #=> String
     #   resp.scans[0].trigger_details.description #=> String
+    #   resp.scans[0].trigger_details.trigger_type #=> String, one of "BACKUP", "GUARDDUTY"
     #   resp.scans[0].resource_details.instance_arn #=> String
     #   resp.scans[0].scan_result_details.scan_result #=> String, one of "CLEAN", "INFECTED"
     #   resp.scans[0].account_id #=> String
@@ -2929,6 +2930,10 @@ module Aws::GuardDuty
     #   resp.findings[0].resource.lambda_details.tags #=> Array
     #   resp.findings[0].resource.lambda_details.tags[0].key #=> String
     #   resp.findings[0].resource.lambda_details.tags[0].value #=> String
+    #   resp.findings[0].resource.ebs_snapshot_details.snapshot_arn #=> String
+    #   resp.findings[0].resource.ec2_image_details.image_arn #=> String
+    #   resp.findings[0].resource.recovery_point_details.recovery_point_arn #=> String
+    #   resp.findings[0].resource.recovery_point_details.backup_vault_name #=> String
     #   resp.findings[0].schema_version #=> String
     #   resp.findings[0].service.action.action_type #=> String
     #   resp.findings[0].service.action.aws_api_call_action.api #=> String
@@ -3325,6 +3330,20 @@ module Aws::GuardDuty
     #   resp.findings[0].service.malware_scan_details.threats[0].item_paths #=> Array
     #   resp.findings[0].service.malware_scan_details.threats[0].item_paths[0].nested_item_path #=> String
     #   resp.findings[0].service.malware_scan_details.threats[0].item_paths[0].hash #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].count #=> Integer
+    #   resp.findings[0].service.malware_scan_details.threats[0].hash #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details #=> Array
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details[0].resource_arn #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details[0].item_path #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details[0].hash #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details[0].additional_info.version_id #=> String
+    #   resp.findings[0].service.malware_scan_details.threats[0].item_details[0].additional_info.device_name #=> String
+    #   resp.findings[0].service.malware_scan_details.scan_id #=> String
+    #   resp.findings[0].service.malware_scan_details.scan_type #=> String, one of "BACKUP_INITIATED", "ON_DEMAND", "GUARDDUTY_INITIATED"
+    #   resp.findings[0].service.malware_scan_details.scan_category #=> String, one of "FULL_SCAN", "INCREMENTAL_SCAN"
+    #   resp.findings[0].service.malware_scan_details.scan_configuration.trigger_type #=> String, one of "BACKUP", "GUARDDUTY"
+    #   resp.findings[0].service.malware_scan_details.scan_configuration.incremental_scan_details.baseline_resource_arn #=> String
+    #   resp.findings[0].service.malware_scan_details.unique_threat_count #=> Integer
     #   resp.findings[0].severity #=> Float
     #   resp.findings[0].title #=> String
     #   resp.findings[0].type #=> String
@@ -3576,6 +3595,114 @@ module Aws::GuardDuty
       req.send_request(options)
     end
+    # Retrieves the detailed information for a specific malware scan. Each
+    # member account can view the malware scan details for their own
+    # account. An administrator can view malware scan details for all
+    # accounts in the organization.
+    #
+    # There might be regional differences because some data sources might
+    # not be available in all the Amazon Web Services Regions where
+    # GuardDuty is presently supported. For more information, see [Regions
+    # and endpoints][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
+    #
+    # @option params [required, String] :scan_id
+    #   A unique identifier that gets generated when you invoke the API
+    #   without any error. Each malware scan has a corresponding scan ID.
+    #   Using this scan ID, you can monitor the status of your malware scan.
+    #
+    # @return [Types::GetMalwareScanResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetMalwareScanResponse#scan_id #scan_id} => String
+    #   * {Types::GetMalwareScanResponse#detector_id #detector_id} => String
+    #   * {Types::GetMalwareScanResponse#admin_detector_id #admin_detector_id} => String
+    #   * {Types::GetMalwareScanResponse#resource_arn #resource_arn} => String
+    #   * {Types::GetMalwareScanResponse#resource_type #resource_type} => String
+    #   * {Types::GetMalwareScanResponse#scanned_resources_count #scanned_resources_count} => Integer
+    #   * {Types::GetMalwareScanResponse#skipped_resources_count #skipped_resources_count} => Integer
+    #   * {Types::GetMalwareScanResponse#failed_resources_count #failed_resources_count} => Integer
+    #   * {Types::GetMalwareScanResponse#scanned_resources #scanned_resources} => Array&lt;Types::ScannedResource&gt;
+    #   * {Types::GetMalwareScanResponse#scan_configuration #scan_configuration} => Types::ScanConfiguration
+    #   * {Types::GetMalwareScanResponse#scan_category #scan_category} => String
+    #   * {Types::GetMalwareScanResponse#scan_status #scan_status} => String
+    #   * {Types::GetMalwareScanResponse#scan_status_reason #scan_status_reason} => String
+    #   * {Types::GetMalwareScanResponse#scan_type #scan_type} => String
+    #   * {Types::GetMalwareScanResponse#scan_started_at #scan_started_at} => Time
+    #   * {Types::GetMalwareScanResponse#scan_completed_at #scan_completed_at} => Time
+    #   * {Types::GetMalwareScanResponse#scan_result_details #scan_result_details} => Types::GetMalwareScanResultDetails
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_malware_scan({
+    #     scan_id: "String", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.scan_id #=> String
+    #   resp.detector_id #=> String
+    #   resp.admin_detector_id #=> String
+    #   resp.resource_arn #=> String
+    #   resp.resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.scanned_resources_count #=> Integer
+    #   resp.skipped_resources_count #=> Integer
+    #   resp.failed_resources_count #=> Integer
+    #   resp.scanned_resources #=> Array
+    #   resp.scanned_resources[0].scanned_resource_arn #=> String
+    #   resp.scanned_resources[0].scanned_resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.scanned_resources[0].scanned_resource_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
+    #   resp.scanned_resources[0].scan_status_reason #=> String, one of "ACCESS_DENIED", "RESOURCE_NOT_FOUND", "SNAPSHOT_SIZE_LIMIT_EXCEEDED", "RESOURCE_UNAVAILABLE", "INCONSISTENT_SOURCE", "INCREMENTAL_NO_DIFFERENCE", "NO_EBS_VOLUMES_FOUND", "UNSUPPORTED_PRODUCT_CODE_TYPE", "AMI_SNAPSHOT_LIMIT_EXCEEDED", "UNRELATED_RESOURCES", "BASE_RESOURCE_NOT_SCANNED", "BASE_CREATED_AFTER_TARGET", "UNSUPPORTED_FOR_INCREMENTAL", "UNSUPPORTED_AMI", "UNSUPPORTED_SNAPSHOT", "UNSUPPORTED_COMPOSITE_RECOVERY_POINT"
+    #   resp.scanned_resources[0].resource_details.ebs_volume.volume_arn #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_volume.volume_type #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_volume.device_name #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_volume.volume_size_in_gb #=> Integer
+    #   resp.scanned_resources[0].resource_details.ebs_volume.encryption_type #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_volume.snapshot_arn #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_volume.kms_key_arn #=> String
+    #   resp.scanned_resources[0].resource_details.ebs_snapshot.device_name #=> String
+    #   resp.scan_configuration.role #=> String
+    #   resp.scan_configuration.trigger_details.guard_duty_finding_id #=> String
+    #   resp.scan_configuration.trigger_details.description #=> String
+    #   resp.scan_configuration.trigger_details.trigger_type #=> String, one of "BACKUP", "GUARDDUTY"
+    #   resp.scan_configuration.incremental_scan_details.baseline_resource_arn #=> String
+    #   resp.scan_configuration.recovery_point.backup_vault_name #=> String
+    #   resp.scan_category #=> String, one of "FULL_SCAN", "INCREMENTAL_SCAN"
+    #   resp.scan_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
+    #   resp.scan_status_reason #=> String, one of "ACCESS_DENIED", "RESOURCE_NOT_FOUND", "SNAPSHOT_SIZE_LIMIT_EXCEEDED", "RESOURCE_UNAVAILABLE", "INCONSISTENT_SOURCE", "INCREMENTAL_NO_DIFFERENCE", "NO_EBS_VOLUMES_FOUND", "UNSUPPORTED_PRODUCT_CODE_TYPE", "AMI_SNAPSHOT_LIMIT_EXCEEDED", "UNRELATED_RESOURCES", "BASE_RESOURCE_NOT_SCANNED", "BASE_CREATED_AFTER_TARGET", "UNSUPPORTED_FOR_INCREMENTAL", "UNSUPPORTED_AMI", "UNSUPPORTED_SNAPSHOT", "UNSUPPORTED_COMPOSITE_RECOVERY_POINT"
+    #   resp.scan_type #=> String, one of "BACKUP_INITIATED", "ON_DEMAND", "GUARDDUTY_INITIATED"
+    #   resp.scan_started_at #=> Time
+    #   resp.scan_completed_at #=> Time
+    #   resp.scan_result_details.scan_result_status #=> String, one of "NO_THREATS_FOUND", "THREATS_FOUND"
+    #   resp.scan_result_details.skipped_file_count #=> Integer
+    #   resp.scan_result_details.failed_file_count #=> Integer
+    #   resp.scan_result_details.threat_found_file_count #=> Integer
+    #   resp.scan_result_details.total_file_count #=> Integer
+    #   resp.scan_result_details.total_bytes #=> Integer
+    #   resp.scan_result_details.unique_threat_count #=> Integer
+    #   resp.scan_result_details.threats #=> Array
+    #   resp.scan_result_details.threats[0].name #=> String
+    #   resp.scan_result_details.threats[0].source #=> String, one of "AMAZON", "BITDEFENDER"
+    #   resp.scan_result_details.threats[0].count #=> Integer
+    #   resp.scan_result_details.threats[0].hash #=> String
+    #   resp.scan_result_details.threats[0].item_details #=> Array
+    #   resp.scan_result_details.threats[0].item_details[0].resource_arn #=> String
+    #   resp.scan_result_details.threats[0].item_details[0].item_path #=> String
+    #   resp.scan_result_details.threats[0].item_details[0].hash #=> String
+    #   resp.scan_result_details.threats[0].item_details[0].additional_info.version_id #=> String
+    #   resp.scan_result_details.threats[0].item_details[0].additional_info.device_name #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetMalwareScan AWS API Documentation
+    #
+    # @overload get_malware_scan(params = {})
+    # @param [Hash] params ({})
+    def get_malware_scan(params = {}, options = {})
+      req = build_request(:get_malware_scan, params)
+      req.send_request(options)
+    end
     # Returns the details of the malware scan settings.
     #
     # There might be regional differences because some data sources might
@@ -4781,6 +4908,80 @@ module Aws::GuardDuty
       req.send_request(options)
     end
+    # Returns a list of malware scans. Each member account can view the
+    # malware scans for their own accounts. An administrator can view the
+    # malware scans for all of its members' accounts.
+    #
+    # @option params [Integer] :max_results
+    #   You can use this parameter to indicate the maximum number of items
+    #   that you want in the response. The default value is 50. The maximum
+    #   value is 50.
+    #
+    # @option params [String] :next_token
+    #   You can use this parameter when paginating results. Set the value of
+    #   this parameter to null on your first call to the list action. For
+    #   subsequent calls to the action, fill nextToken in the request with the
+    #   value of NextToken from the previous response to continue listing
+    #   results.
+    #
+    # @option params [Types::ListMalwareScansFilterCriteria] :filter_criteria
+    #   Represents the criteria used to filter the malware scan entries.
+    #
+    # @option params [Types::SortCriteria] :sort_criteria
+    #   Represents the criteria used for sorting malware scan entries.
+    #
+    # @return [Types::ListMalwareScansResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListMalwareScansResponse#scans #scans} => Array&lt;Types::MalwareScan&gt;
+    #   * {Types::ListMalwareScansResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_malware_scans({
+    #     max_results: 1,
+    #     next_token: "String",
+    #     filter_criteria: {
+    #       list_malware_scans_filter_criterion: [
+    #         {
+    #           list_malware_scans_criterion_key: "RESOURCE_ARN", # accepts RESOURCE_ARN, SCAN_ID, ACCOUNT_ID, GUARDDUTY_FINDING_ID, RESOURCE_TYPE, SCAN_START_TIME, SCAN_STATUS, SCAN_TYPE
+    #           filter_condition: {
+    #             equals_value: "NonEmptyString",
+    #             greater_than: 1,
+    #             less_than: 1,
+    #           },
+    #         },
+    #       ],
+    #     },
+    #     sort_criteria: {
+    #       attribute_name: "String",
+    #       order_by: "ASC", # accepts ASC, DESC
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.scans #=> Array
+    #   resp.scans[0].resource_arn #=> String
+    #   resp.scans[0].resource_type #=> String, one of "EBS_RECOVERY_POINT", "EBS_SNAPSHOT", "EBS_VOLUME", "EC2_AMI", "EC2_INSTANCE", "EC2_RECOVERY_POINT", "S3_RECOVERY_POINT", "S3_BUCKET"
+    #   resp.scans[0].scan_id #=> String
+    #   resp.scans[0].scan_status #=> String, one of "RUNNING", "COMPLETED", "COMPLETED_WITH_ISSUES", "FAILED", "SKIPPED"
+    #   resp.scans[0].scan_result_status #=> String, one of "NO_THREATS_FOUND", "THREATS_FOUND"
+    #   resp.scans[0].scan_type #=> String, one of "BACKUP_INITIATED", "ON_DEMAND", "GUARDDUTY_INITIATED"
+    #   resp.scans[0].scan_started_at #=> Time
+    #   resp.scans[0].scan_completed_at #=> Time
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListMalwareScans AWS API Documentation
+    #
+    # @overload list_malware_scans(params = {})
+    # @param [Hash] params ({})
+    def list_malware_scans(params = {}, options = {})
+      req = build_request(:list_malware_scans, params)
+      req.send_request(options)
+    end
     # Lists details about all member accounts for the current GuardDuty
     # administrator account.
     #
@@ -5197,21 +5398,38 @@ module Aws::GuardDuty
     end
     # Initiates the malware scan. Invoking this API will automatically
-    # create the [Service-linked role][1] in the corresponding account.
+    # create the [Service-linked role][1] in the corresponding account if
+    # the resourceArn belongs to an EC2 instance.
     #
     # When the malware scan starts, you can use the associated scan ID to
     # track the status of the scan. For more information, see
-    # [DescribeMalwareScans][2].
+    # [ListMalwareScans][2] and [GetMalwareScan][3].
+    #
+    # When you use this API, the Amazon Web Services service terms for
+    # GuardDuty Malware Protection apply. For more information, see [Amazon
+    # Web Services service terms for GuardDuty Malware Protection][4].
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html
-    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareScans.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScan.html
+    # [4]: http://aws.amazon.com/service-terms/#87._Amazon_GuardDuty
     #
     # @option params [required, String] :resource_arn
     #   Amazon Resource Name (ARN) of the resource for which you invoked the
     #   API.
     #
+    # @option params [String] :client_token
+    #   The idempotency token for the create request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @option params [Types::StartMalwareScanConfiguration] :scan_configuration
+    #   Contains information about the configuration to be used for the
+    #   malware scan.
+    #
     # @return [Types::StartMalwareScanResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::StartMalwareScanResponse#scan_id #scan_id} => String
@@ -5220,6 +5438,16 @@ module Aws::GuardDuty
     #
     #   resp = client.start_malware_scan({
     #     resource_arn: "ResourceArn", # required
+    #     client_token: "ClientToken",
+    #     scan_configuration: {
+    #       role: "NonEmptyString", # required
+    #       incremental_scan_details: {
+    #         baseline_resource_arn: "NonEmptyString", # required
+    #       },
+    #       recovery_point: {
+    #         backup_vault_name: "String", # required
+    #       },
+    #     },
     #   })
     #
     # @example Response structure
@@ -6255,7 +6483,7 @@ module Aws::GuardDuty
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.133.0'
+      context[:gem_version] = '1.134.0'
       Seahorse::Client::Request.new(handlers, context)
     end