aws-sdk-guardduty 1.65.0 → 1.66.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa122ecb5a993e1f6cd51dfe75525340ace96b8aedb088e7653d73be01723290
-  data.tar.gz: 3bd1d115fea8ced61bbd94478af39f5764f77ea315052f2d8af1916934f9aa5c
+  metadata.gz: c6356dfb2e391ad2d06a67b8a860b11e382be1184324673fe57bbe272df9b971
+  data.tar.gz: 6ad3443644cb9f9d91f3f87b6bab03d3c3128886cbc55274d9a9e64a2b16be6b
 SHA512:
-  metadata.gz: 4c8bccf1baa869990f690b2fc3fdebceff68944155d3a822b1cf4f1cdf257af8ebeb848aa31c2b41192a8e2fa0d09cb64b3a2938123952b5328aa7064d5f7b5e
-  data.tar.gz: e58fe1ed3921cda282e63e783239432d5b95974de9f7446c33a2c9792f2574d2ced35c8279fcb4243df302a7ce808700963f6a310572ff089cd7ac3ccc8dc131
+  metadata.gz: 538e231cfdadb79e2c7206569bb478b7083b946142fe82665f80c2db42e1abc0ec42d1a16580f4a72e02aee5171b334946ae8c62cb376995cacf8d5be5ddc9f3
+  data.tar.gz: e0088873fa2a9511eb70ab6294d1c89ced063b4259312d586243398cab52b843f58a88938cec78b8e6bf3b4b46ffadc6e1a1e6f49281e47ebe1dcd3602ce04ff

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.66.0 (2023-03-23)
+------------------
+
+* Feature - Adds AutoEnableOrganizationMembers attribute to DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
+
 1.65.0 (2023-03-16)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.65.0
+1.66.0

data/lib/aws-sdk-guardduty/client.rb

@@ -1188,6 +1188,10 @@ module Aws::GuardDuty
     # Deletes GuardDuty member accounts (to the current GuardDuty
     # administrator account) specified by the account IDs.
     #
+    # With `autoEnableOrganizationMembers` configuration for your
+    # organization set to `ALL`, you'll receive an error if you attempt to
+    # disable GuardDuty for a member account in your organization.
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account whose members
     #   you want to delete.
@@ -1417,6 +1421,7 @@ module Aws::GuardDuty
     #   * {Types::DescribeOrganizationConfigurationResponse#data_sources #data_sources} => Types::OrganizationDataSourceConfigurationsResult
     #   * {Types::DescribeOrganizationConfigurationResponse#features #features} => Array<Types::OrganizationFeatureConfigurationResult>
     #   * {Types::DescribeOrganizationConfigurationResponse#next_token #next_token} => String
+    #   * {Types::DescribeOrganizationConfigurationResponse#auto_enable_organization_members #auto_enable_organization_members} => String
     #
     # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
     #
@@ -1439,6 +1444,7 @@ module Aws::GuardDuty
     #   resp.features[0].name #=> String, one of "S3_DATA_EVENTS", "EKS_AUDIT_LOGS", "EBS_MALWARE_PROTECTION", "RDS_LOGIN_EVENTS"
     #   resp.features[0].auto_enable #=> String, one of "NEW", "NONE"
     #   resp.next_token #=> String
+    #   resp.auto_enable_organization_members #=> String, one of "NEW", "ALL", "NONE"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfiguration AWS API Documentation
     #
@@ -1519,6 +1525,10 @@ module Aws::GuardDuty
     # Disassociates the current GuardDuty member account from its
     # administrator account.
     #
+    # With `autoEnableOrganizationMembers` configuration for your
+    # organization set to `ALL`, you'll receive an error if you attempt to
+    # disable GuardDuty in a member account.
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty member account.
     #
@@ -1565,6 +1575,11 @@ module Aws::GuardDuty
     # Disassociates GuardDuty member accounts (to the current administrator
     # account) specified by the account IDs.
     #
+    # With `autoEnableOrganizationMembers` configuration for your
+    # organization set to `ALL`, you'll receive an error if you attempt to
+    # disassociate a member account before removing them from your Amazon
+    # Web Services organization.
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account whose members
     #   you want to disassociate from the administrator account.
@@ -3264,7 +3279,11 @@ module Aws::GuardDuty
 
     # Turns on GuardDuty monitoring of the specified member accounts. Use
     # this operation to restart monitoring of accounts that you stopped
-    # monitoring with the `StopMonitoringMembers` operation.
+    # monitoring with the [StopMonitoringMembers][1] operation.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty administrator account
@@ -3304,6 +3323,10 @@ module Aws::GuardDuty
     # `StartMonitoringMembers` operation to restart monitoring for those
     # accounts.
     #
+    # With `autoEnableOrganizationMembers` configuration for your
+    # organization set to `ALL`, you'll receive an error if you attempt to
+    # stop monitoring the member accounts in your organization.
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector associated with the GuardDuty
     #   administrator account that is monitoring member accounts.
@@ -3776,7 +3799,9 @@ module Aws::GuardDuty
       req.send_request(options)
     end
 
-    # Updates the delegated administrator account with the values provided.
+    # Configures the delegated administrator account with the provided
+    # values. You must provide the value for either
+    # `autoEnableOrganizationMembers` or `autoEnable`.
     #
     # There might be regional differences because some data sources might
     # not be available in all the Amazon Web Services Regions where
@@ -3788,9 +3813,9 @@ module Aws::GuardDuty
     # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html
     #
     # @option params [required, String] :detector_id
-    #   The ID of the detector to update the delegated administrator for.
+    #   The ID of the detector that configures the delegated administrator.
     #
-    # @option params [required, Boolean] :auto_enable
+    # @option params [Boolean] :auto_enable
     #   Indicates whether to automatically enable member accounts in the
     #   organization.
     #
@@ -3800,13 +3825,26 @@ module Aws::GuardDuty
     # @option params [Array<Types::OrganizationFeatureConfiguration>] :features
     #   A list of features that will be configured for the organization.
     #
+    # @option params [String] :auto_enable_organization_members
+    #   Indicates the auto-enablement configuration of GuardDuty for the
+    #   member accounts in the organization.
+    #
+    #   * `NEW`: Indicates that new accounts joining the organization are
+    #     configured to have GuardDuty enabled automatically.
+    #
+    #   * `ALL`: Indicates that all accounts (new and existing members) in the
+    #     organization are configured to have GuardDuty enabled automatically.
+    #
+    #   * `NONE`: Indicates that no account in the organization will be
+    #     configured to have GuardDuty enabled automatically.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.update_organization_configuration({
     #     detector_id: "DetectorId", # required
-    #     auto_enable: false, # required
+    #     auto_enable: false,
     #     data_sources: {
     #       s3_logs: {
     #         auto_enable: false, # required
@@ -3830,6 +3868,7 @@ module Aws::GuardDuty
     #         auto_enable: "NEW", # accepts NEW, NONE
     #       },
     #     ],
+    #     auto_enable_organization_members: "NEW", # accepts NEW, ALL, NONE
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfiguration AWS API Documentation
@@ -3932,7 +3971,7 @@ module Aws::GuardDuty
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.65.0'
+      context[:gem_version] = '1.66.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-guardduty/client_api.rb

@@ -34,6 +34,7 @@ module Aws::GuardDuty
     AffectedResources = Shapes::MapShape.new(name: 'AffectedResources')
     ArchiveFindingsRequest = Shapes::StructureShape.new(name: 'ArchiveFindingsRequest')
     ArchiveFindingsResponse = Shapes::StructureShape.new(name: 'ArchiveFindingsResponse')
+    AutoEnableMembers = Shapes::StringShape.new(name: 'AutoEnableMembers')
     AwsApiCallAction = Shapes::StructureShape.new(name: 'AwsApiCallAction')
     BadRequestException = Shapes::StructureShape.new(name: 'BadRequestException')
     BlockPublicAccess = Shapes::StructureShape.new(name: 'BlockPublicAccess')
@@ -715,11 +716,12 @@ module Aws::GuardDuty
     DescribeOrganizationConfigurationRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location: "querystring", location_name: "nextToken"))
     DescribeOrganizationConfigurationRequest.struct_class = Types::DescribeOrganizationConfigurationRequest
 
-    DescribeOrganizationConfigurationResponse.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "autoEnable"))
+    DescribeOrganizationConfigurationResponse.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, deprecated: true, location_name: "autoEnable", metadata: {"deprecatedMessage"=>"This field is deprecated, use AutoEnableOrganizationMembers instead"}))
     DescribeOrganizationConfigurationResponse.add_member(:member_account_limit_reached, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "memberAccountLimitReached"))
     DescribeOrganizationConfigurationResponse.add_member(:data_sources, Shapes::ShapeRef.new(shape: OrganizationDataSourceConfigurationsResult, deprecated: true, location_name: "dataSources", metadata: {"deprecatedMessage"=>"This parameter is deprecated, use Features instead"}))
     DescribeOrganizationConfigurationResponse.add_member(:features, Shapes::ShapeRef.new(shape: OrganizationFeaturesConfigurationsResults, location_name: "features"))
     DescribeOrganizationConfigurationResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
+    DescribeOrganizationConfigurationResponse.add_member(:auto_enable_organization_members, Shapes::ShapeRef.new(shape: AutoEnableMembers, location_name: "autoEnableOrganizationMembers"))
     DescribeOrganizationConfigurationResponse.struct_class = Types::DescribeOrganizationConfigurationResponse
 
     DescribePublishingDestinationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
@@ -1710,9 +1712,10 @@ module Aws::GuardDuty
     UpdateMemberDetectorsResponse.struct_class = Types::UpdateMemberDetectorsResponse
 
     UpdateOrganizationConfigurationRequest.add_member(:detector_id, Shapes::ShapeRef.new(shape: DetectorId, required: true, location: "uri", location_name: "detectorId"))
-    UpdateOrganizationConfigurationRequest.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "autoEnable"))
+    UpdateOrganizationConfigurationRequest.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, deprecated: true, location_name: "autoEnable", metadata: {"deprecatedMessage"=>"This field is deprecated, use AutoEnableOrganizationMembers instead"}))
     UpdateOrganizationConfigurationRequest.add_member(:data_sources, Shapes::ShapeRef.new(shape: OrganizationDataSourceConfigurations, deprecated: true, location_name: "dataSources", metadata: {"deprecatedMessage"=>"This parameter is deprecated, use Features instead"}))
     UpdateOrganizationConfigurationRequest.add_member(:features, Shapes::ShapeRef.new(shape: OrganizationFeaturesConfigurations, location_name: "features"))
+    UpdateOrganizationConfigurationRequest.add_member(:auto_enable_organization_members, Shapes::ShapeRef.new(shape: AutoEnableMembers, location_name: "autoEnableOrganizationMembers"))
     UpdateOrganizationConfigurationRequest.struct_class = Types::UpdateOrganizationConfigurationRequest
 
     UpdateOrganizationConfigurationResponse.struct_class = Types::UpdateOrganizationConfigurationResponse

data/lib/aws-sdk-guardduty/types.rb

@@ -1585,6 +1585,21 @@ module Aws::GuardDuty
     #   retrieve more items.
     #   @return [String]
     #
+    # @!attribute [rw] auto_enable_organization_members
+    #   Indicates the auto-enablement configuration of GuardDuty for the
+    #   member accounts in the organization.
+    #
+    #   * `NEW`: Indicates that new accounts joining the organization are
+    #     configured to have GuardDuty enabled automatically.
+    #
+    #   * `ALL`: Indicates that all accounts (new and existing members) in
+    #     the organization are configured to have GuardDuty enabled
+    #     automatically.
+    #
+    #   * `NONE`: Indicates that no account in the organization will be
+    #     configured to have GuardDuty enabled automatically.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/DescribeOrganizationConfigurationResponse AWS API Documentation
     #
     class DescribeOrganizationConfigurationResponse < Struct.new(
@@ -1592,7 +1607,8 @@ module Aws::GuardDuty
       :member_account_limit_reached,
       :data_sources,
       :features,
-      :next_token)
+      :next_token,
+      :auto_enable_organization_members)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6070,7 +6086,7 @@ module Aws::GuardDuty
     end
 
     # @!attribute [rw] detector_id
-    #   The ID of the detector to update the delegated administrator for.
+    #   The ID of the detector that configures the delegated administrator.
     #   @return [String]
     #
     # @!attribute [rw] auto_enable
@@ -6086,13 +6102,29 @@ module Aws::GuardDuty
     #   A list of features that will be configured for the organization.
     #   @return [Array<Types::OrganizationFeatureConfiguration>]
     #
+    # @!attribute [rw] auto_enable_organization_members
+    #   Indicates the auto-enablement configuration of GuardDuty for the
+    #   member accounts in the organization.
+    #
+    #   * `NEW`: Indicates that new accounts joining the organization are
+    #     configured to have GuardDuty enabled automatically.
+    #
+    #   * `ALL`: Indicates that all accounts (new and existing members) in
+    #     the organization are configured to have GuardDuty enabled
+    #     automatically.
+    #
+    #   * `NONE`: Indicates that no account in the organization will be
+    #     configured to have GuardDuty enabled automatically.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/UpdateOrganizationConfigurationRequest AWS API Documentation
     #
     class UpdateOrganizationConfigurationRequest < Struct.new(
       :detector_id,
       :auto_enable,
       :data_sources,
-      :features)
+      :features,
+      :auto_enable_organization_members)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-guardduty.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-guardduty/customizations'
 # @!group service
 module Aws::GuardDuty
 
-  GEM_VERSION = '1.65.0'
+  GEM_VERSION = '1.66.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-guardduty
 version: !ruby/object:Gem::Version
-  version: 1.65.0
+  version: 1.66.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-03-16 00:00:00.000000000 Z
+date: 2023-03-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core