aws-sdk-guardduty 1.152.0 → 1.153.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-guardduty/client.rb +5 -1
- data/lib/aws-sdk-guardduty/client_api.rb +6 -0
- data/lib/aws-sdk-guardduty/types.rb +20 -1
- data/lib/aws-sdk-guardduty.rb +1 -1
- data/sig/types.rbs +3 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f6adcc24edb8288ec2a463559ce6322630686396de0fc99c1cdbdda4054d63bb
|
|
4
|
+
data.tar.gz: d23a697f2f89452fb21ed7e0723895483a55ef02e1cb8545507b6bde634e312b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c523d3a7e9ef6a92c06ad91e2aba0b46ccf4c7cd80d3e1b5704914b4a74d77d3325ec31404f7e68b493ab29ba9a5d3c05b20bb71c5216170614111fae62a411f
|
|
7
|
+
data.tar.gz: 1cc71c945575b1e223b8f2b3f9b07debfd348729bd75a13e93d64d897bc1cd53e538a06d1b810b7747c9b0efa353571aa8bbd5340bd5a36aa91338e299a2a403
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.153.0 (2026-06-02)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Amazon GuardDuty Runtime Monitoring now supports 3 new SensitiveFileModified finding types (Persistence, PrivilegeEscalation, DefenseEvasion) that detect when security-sensitive system files are modified on EC2 instances or containers, indicating potential compromise through file tampering.
|
|
8
|
+
|
|
4
9
|
1.152.0 (2026-05-26)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.153.0
|
|
@@ -4303,6 +4303,10 @@ module Aws::GuardDuty
|
|
|
4303
4303
|
# resp.findings[0].service.runtime_details.context.service_name #=> String
|
|
4304
4304
|
# resp.findings[0].service.runtime_details.context.command_line_example #=> String
|
|
4305
4305
|
# resp.findings[0].service.runtime_details.context.threat_file_path #=> String
|
|
4306
|
+
# resp.findings[0].service.runtime_details.context.file_operation #=> String
|
|
4307
|
+
# resp.findings[0].service.runtime_details.context.file_path #=> String
|
|
4308
|
+
# resp.findings[0].service.runtime_details.context.related_file_paths #=> Array
|
|
4309
|
+
# resp.findings[0].service.runtime_details.context.related_file_paths[0] #=> String
|
|
4306
4310
|
# resp.findings[0].service.detection.anomaly.profiles #=> Hash
|
|
4307
4311
|
# resp.findings[0].service.detection.anomaly.profiles["String"] #=> Hash
|
|
4308
4312
|
# resp.findings[0].service.detection.anomaly.profiles["String"]["String"] #=> Array
|
|
@@ -8968,7 +8972,7 @@ module Aws::GuardDuty
|
|
|
8968
8972
|
tracer: tracer
|
|
8969
8973
|
)
|
|
8970
8974
|
context[:gem_name] = 'aws-sdk-guardduty'
|
|
8971
|
-
context[:gem_version] = '1.
|
|
8975
|
+
context[:gem_version] = '1.153.0'
|
|
8972
8976
|
Seahorse::Client::Request.new(handlers, context)
|
|
8973
8977
|
end
|
|
8974
8978
|
|
|
@@ -510,6 +510,7 @@ module Aws::GuardDuty
|
|
|
510
510
|
RdsLoginAttemptAction = Shapes::StructureShape.new(name: 'RdsLoginAttemptAction')
|
|
511
511
|
RecoveryPoint = Shapes::StructureShape.new(name: 'RecoveryPoint')
|
|
512
512
|
RecoveryPointDetails = Shapes::StructureShape.new(name: 'RecoveryPointDetails')
|
|
513
|
+
RelatedFilePathsList = Shapes::ListShape.new(name: 'RelatedFilePathsList')
|
|
513
514
|
RemoteAccountDetails = Shapes::StructureShape.new(name: 'RemoteAccountDetails')
|
|
514
515
|
RemoteIpDetails = Shapes::StructureShape.new(name: 'RemoteIpDetails')
|
|
515
516
|
RemotePortDetails = Shapes::StructureShape.new(name: 'RemotePortDetails')
|
|
@@ -2456,6 +2457,8 @@ module Aws::GuardDuty
|
|
|
2456
2457
|
RecoveryPointDetails.add_member(:backup_vault_name, Shapes::ShapeRef.new(shape: String, location_name: "backupVaultName"))
|
|
2457
2458
|
RecoveryPointDetails.struct_class = Types::RecoveryPointDetails
|
|
2458
2459
|
|
|
2460
|
+
RelatedFilePathsList.member = Shapes::ShapeRef.new(shape: String)
|
|
2461
|
+
|
|
2459
2462
|
RemoteAccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: String, location_name: "accountId"))
|
|
2460
2463
|
RemoteAccountDetails.add_member(:affiliated, Shapes::ShapeRef.new(shape: Boolean, location_name: "affiliated"))
|
|
2461
2464
|
RemoteAccountDetails.struct_class = Types::RemoteAccountDetails
|
|
@@ -2564,6 +2567,9 @@ module Aws::GuardDuty
|
|
|
2564
2567
|
RuntimeContext.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
|
|
2565
2568
|
RuntimeContext.add_member(:command_line_example, Shapes::ShapeRef.new(shape: String, location_name: "commandLineExample"))
|
|
2566
2569
|
RuntimeContext.add_member(:threat_file_path, Shapes::ShapeRef.new(shape: String, location_name: "threatFilePath"))
|
|
2570
|
+
RuntimeContext.add_member(:file_operation, Shapes::ShapeRef.new(shape: String, location_name: "fileOperation"))
|
|
2571
|
+
RuntimeContext.add_member(:file_path, Shapes::ShapeRef.new(shape: String, location_name: "filePath"))
|
|
2572
|
+
RuntimeContext.add_member(:related_file_paths, Shapes::ShapeRef.new(shape: RelatedFilePathsList, location_name: "relatedFilePaths"))
|
|
2567
2573
|
RuntimeContext.struct_class = Types::RuntimeContext
|
|
2568
2574
|
|
|
2569
2575
|
RuntimeDetails.add_member(:process, Shapes::ShapeRef.new(shape: ProcessDetails, location_name: "process"))
|
|
@@ -10654,6 +10654,22 @@ module Aws::GuardDuty
|
|
|
10654
10654
|
# were found.
|
|
10655
10655
|
# @return [String]
|
|
10656
10656
|
#
|
|
10657
|
+
# @!attribute [rw] file_operation
|
|
10658
|
+
# Represents the type of file operation that triggered the finding,
|
|
10659
|
+
# such as Write, Delete, Rename, Link, or Symlink.
|
|
10660
|
+
# @return [String]
|
|
10661
|
+
#
|
|
10662
|
+
# @!attribute [rw] file_path
|
|
10663
|
+
# The path of the sensitive file that was modified. Modification
|
|
10664
|
+
# includes write, delete, rename, link, or symlink operations. This
|
|
10665
|
+
# field is indexed for filtering.
|
|
10666
|
+
# @return [String]
|
|
10667
|
+
#
|
|
10668
|
+
# @!attribute [rw] related_file_paths
|
|
10669
|
+
# All file paths modified by the same process that triggered the
|
|
10670
|
+
# finding, up to a maximum of 25 paths.
|
|
10671
|
+
# @return [Array<String>]
|
|
10672
|
+
#
|
|
10657
10673
|
# @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/RuntimeContext AWS API Documentation
|
|
10658
10674
|
#
|
|
10659
10675
|
class RuntimeContext < Struct.new(
|
|
@@ -10681,7 +10697,10 @@ module Aws::GuardDuty
|
|
|
10681
10697
|
:tool_category,
|
|
10682
10698
|
:service_name,
|
|
10683
10699
|
:command_line_example,
|
|
10684
|
-
:threat_file_path
|
|
10700
|
+
:threat_file_path,
|
|
10701
|
+
:file_operation,
|
|
10702
|
+
:file_path,
|
|
10703
|
+
:related_file_paths)
|
|
10685
10704
|
SENSITIVE = []
|
|
10686
10705
|
include Aws::Structure
|
|
10687
10706
|
end
|
data/lib/aws-sdk-guardduty.rb
CHANGED
data/sig/types.rbs
CHANGED
|
@@ -2348,6 +2348,9 @@ module Aws::GuardDuty
|
|
|
2348
2348
|
attr_accessor service_name: ::String
|
|
2349
2349
|
attr_accessor command_line_example: ::String
|
|
2350
2350
|
attr_accessor threat_file_path: ::String
|
|
2351
|
+
attr_accessor file_operation: ::String
|
|
2352
|
+
attr_accessor file_path: ::String
|
|
2353
|
+
attr_accessor related_file_paths: ::Array[::String]
|
|
2351
2354
|
SENSITIVE: []
|
|
2352
2355
|
end
|
|
2353
2356
|
|