aws-sdk-securitylake 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +8 -0
- data/LICENSE.txt +202 -0
- data/VERSION +1 -0
- data/lib/aws-sdk-securitylake/client.rb +1681 -0
- data/lib/aws-sdk-securitylake/client_api.rb +1005 -0
- data/lib/aws-sdk-securitylake/customizations.rb +0 -0
- data/lib/aws-sdk-securitylake/endpoint_parameters.rb +69 -0
- data/lib/aws-sdk-securitylake/endpoint_provider.rb +111 -0
- data/lib/aws-sdk-securitylake/endpoints.rb +435 -0
- data/lib/aws-sdk-securitylake/errors.rb +364 -0
- data/lib/aws-sdk-securitylake/plugins/endpoints.rb +128 -0
- data/lib/aws-sdk-securitylake/resource.rb +26 -0
- data/lib/aws-sdk-securitylake/types.rb +2023 -0
- data/lib/aws-sdk-securitylake.rb +57 -0
- metadata +94 -0
@@ -0,0 +1,1681 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
4
|
+
#
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
7
|
+
#
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
9
|
+
|
10
|
+
require 'seahorse/client/plugins/content_length.rb'
|
11
|
+
require 'aws-sdk-core/plugins/credentials_configuration.rb'
|
12
|
+
require 'aws-sdk-core/plugins/logging.rb'
|
13
|
+
require 'aws-sdk-core/plugins/param_converter.rb'
|
14
|
+
require 'aws-sdk-core/plugins/param_validator.rb'
|
15
|
+
require 'aws-sdk-core/plugins/user_agent.rb'
|
16
|
+
require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
|
17
|
+
require 'aws-sdk-core/plugins/retry_errors.rb'
|
18
|
+
require 'aws-sdk-core/plugins/global_configuration.rb'
|
19
|
+
require 'aws-sdk-core/plugins/regional_endpoint.rb'
|
20
|
+
require 'aws-sdk-core/plugins/endpoint_discovery.rb'
|
21
|
+
require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
22
|
+
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
|
+
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
|
+
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
|
+
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
|
+
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
28
|
+
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
30
|
+
require 'aws-sdk-core/plugins/checksum_algorithm.rb'
|
31
|
+
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
32
|
+
require 'aws-sdk-core/plugins/recursion_detection.rb'
|
33
|
+
require 'aws-sdk-core/plugins/sign.rb'
|
34
|
+
require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
35
|
+
|
36
|
+
Aws::Plugins::GlobalConfiguration.add_identifier(:securitylake)
|
37
|
+
|
38
|
+
module Aws::SecurityLake
|
39
|
+
# An API client for SecurityLake. To construct a client, you need to configure a `:region` and `:credentials`.
|
40
|
+
#
|
41
|
+
# client = Aws::SecurityLake::Client.new(
|
42
|
+
# region: region_name,
|
43
|
+
# credentials: credentials,
|
44
|
+
# # ...
|
45
|
+
# )
|
46
|
+
#
|
47
|
+
# For details on configuring region and credentials see
|
48
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
49
|
+
#
|
50
|
+
# See {#initialize} for a full list of supported configuration options.
|
51
|
+
class Client < Seahorse::Client::Base
|
52
|
+
|
53
|
+
include Aws::ClientStubs
|
54
|
+
|
55
|
+
@identifier = :securitylake
|
56
|
+
|
57
|
+
set_api(ClientApi::API)
|
58
|
+
|
59
|
+
add_plugin(Seahorse::Client::Plugins::ContentLength)
|
60
|
+
add_plugin(Aws::Plugins::CredentialsConfiguration)
|
61
|
+
add_plugin(Aws::Plugins::Logging)
|
62
|
+
add_plugin(Aws::Plugins::ParamConverter)
|
63
|
+
add_plugin(Aws::Plugins::ParamValidator)
|
64
|
+
add_plugin(Aws::Plugins::UserAgent)
|
65
|
+
add_plugin(Aws::Plugins::HelpfulSocketErrors)
|
66
|
+
add_plugin(Aws::Plugins::RetryErrors)
|
67
|
+
add_plugin(Aws::Plugins::GlobalConfiguration)
|
68
|
+
add_plugin(Aws::Plugins::RegionalEndpoint)
|
69
|
+
add_plugin(Aws::Plugins::EndpointDiscovery)
|
70
|
+
add_plugin(Aws::Plugins::EndpointPattern)
|
71
|
+
add_plugin(Aws::Plugins::ResponsePaging)
|
72
|
+
add_plugin(Aws::Plugins::StubResponses)
|
73
|
+
add_plugin(Aws::Plugins::IdempotencyToken)
|
74
|
+
add_plugin(Aws::Plugins::JsonvalueConverter)
|
75
|
+
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
76
|
+
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
77
|
+
add_plugin(Aws::Plugins::TransferEncoding)
|
78
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
79
|
+
add_plugin(Aws::Plugins::ChecksumAlgorithm)
|
80
|
+
add_plugin(Aws::Plugins::DefaultsMode)
|
81
|
+
add_plugin(Aws::Plugins::RecursionDetection)
|
82
|
+
add_plugin(Aws::Plugins::Sign)
|
83
|
+
add_plugin(Aws::Plugins::Protocols::RestJson)
|
84
|
+
add_plugin(Aws::SecurityLake::Plugins::Endpoints)
|
85
|
+
|
86
|
+
# @overload initialize(options)
|
87
|
+
# @param [Hash] options
|
88
|
+
# @option options [required, Aws::CredentialProvider] :credentials
|
89
|
+
# Your AWS credentials. This can be an instance of any one of the
|
90
|
+
# following classes:
|
91
|
+
#
|
92
|
+
# * `Aws::Credentials` - Used for configuring static, non-refreshing
|
93
|
+
# credentials.
|
94
|
+
#
|
95
|
+
# * `Aws::SharedCredentials` - Used for loading static credentials from a
|
96
|
+
# shared file, such as `~/.aws/config`.
|
97
|
+
#
|
98
|
+
# * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
|
99
|
+
#
|
100
|
+
# * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
|
101
|
+
# assume a role after providing credentials via the web.
|
102
|
+
#
|
103
|
+
# * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
|
104
|
+
# access token generated from `aws login`.
|
105
|
+
#
|
106
|
+
# * `Aws::ProcessCredentials` - Used for loading credentials from a
|
107
|
+
# process that outputs to stdout.
|
108
|
+
#
|
109
|
+
# * `Aws::InstanceProfileCredentials` - Used for loading credentials
|
110
|
+
# from an EC2 IMDS on an EC2 instance.
|
111
|
+
#
|
112
|
+
# * `Aws::ECSCredentials` - Used for loading credentials from
|
113
|
+
# instances running in ECS.
|
114
|
+
#
|
115
|
+
# * `Aws::CognitoIdentityCredentials` - Used for loading credentials
|
116
|
+
# from the Cognito Identity service.
|
117
|
+
#
|
118
|
+
# When `:credentials` are not configured directly, the following
|
119
|
+
# locations will be searched for credentials:
|
120
|
+
#
|
121
|
+
# * `Aws.config[:credentials]`
|
122
|
+
# * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
|
123
|
+
# * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
|
124
|
+
# * `~/.aws/credentials`
|
125
|
+
# * `~/.aws/config`
|
126
|
+
# * EC2/ECS IMDS instance profile - When used by default, the timeouts
|
127
|
+
# are very aggressive. Construct and pass an instance of
|
128
|
+
# `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
|
129
|
+
# enable retries and extended timeouts. Instance profile credential
|
130
|
+
# fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
|
131
|
+
# to true.
|
132
|
+
#
|
133
|
+
# @option options [required, String] :region
|
134
|
+
# The AWS region to connect to. The configured `:region` is
|
135
|
+
# used to determine the service `:endpoint`. When not passed,
|
136
|
+
# a default `:region` is searched for in the following locations:
|
137
|
+
#
|
138
|
+
# * `Aws.config[:region]`
|
139
|
+
# * `ENV['AWS_REGION']`
|
140
|
+
# * `ENV['AMAZON_REGION']`
|
141
|
+
# * `ENV['AWS_DEFAULT_REGION']`
|
142
|
+
# * `~/.aws/credentials`
|
143
|
+
# * `~/.aws/config`
|
144
|
+
#
|
145
|
+
# @option options [String] :access_key_id
|
146
|
+
#
|
147
|
+
# @option options [Boolean] :active_endpoint_cache (false)
|
148
|
+
# When set to `true`, a thread polling for endpoints will be running in
|
149
|
+
# the background every 60 secs (default). Defaults to `false`.
|
150
|
+
#
|
151
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
152
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
153
|
+
# until there is sufficent client side capacity to retry the request.
|
154
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
155
|
+
# not retry instead of sleeping.
|
156
|
+
#
|
157
|
+
# @option options [Boolean] :client_side_monitoring (false)
|
158
|
+
# When `true`, client-side metrics will be collected for all API requests from
|
159
|
+
# this client.
|
160
|
+
#
|
161
|
+
# @option options [String] :client_side_monitoring_client_id ("")
|
162
|
+
# Allows you to provide an identifier for this client which will be attached to
|
163
|
+
# all generated client side metrics. Defaults to an empty string.
|
164
|
+
#
|
165
|
+
# @option options [String] :client_side_monitoring_host ("127.0.0.1")
|
166
|
+
# Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
|
167
|
+
# side monitoring agent is running on, where client metrics will be published via UDP.
|
168
|
+
#
|
169
|
+
# @option options [Integer] :client_side_monitoring_port (31000)
|
170
|
+
# Required for publishing client metrics. The port that the client side monitoring
|
171
|
+
# agent is running on, where client metrics will be published via UDP.
|
172
|
+
#
|
173
|
+
# @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
|
174
|
+
# Allows you to provide a custom client-side monitoring publisher class. By default,
|
175
|
+
# will use the Client Side Monitoring Agent Publisher.
|
176
|
+
#
|
177
|
+
# @option options [Boolean] :convert_params (true)
|
178
|
+
# When `true`, an attempt is made to coerce request parameters into
|
179
|
+
# the required types.
|
180
|
+
#
|
181
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
182
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
183
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
184
|
+
#
|
185
|
+
# @option options [String] :defaults_mode ("legacy")
|
186
|
+
# See {Aws::DefaultsModeConfiguration} for a list of the
|
187
|
+
# accepted modes and the configuration defaults that are included.
|
188
|
+
#
|
189
|
+
# @option options [Boolean] :disable_host_prefix_injection (false)
|
190
|
+
# Set to true to disable SDK automatically adding host prefix
|
191
|
+
# to default service endpoint when available.
|
192
|
+
#
|
193
|
+
# @option options [String] :endpoint
|
194
|
+
# The client endpoint is normally constructed from the `:region`
|
195
|
+
# option. You should only configure an `:endpoint` when connecting
|
196
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
197
|
+
#
|
198
|
+
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
199
|
+
# Used for the maximum size limit of the LRU cache storing endpoints data
|
200
|
+
# for endpoint discovery enabled operations. Defaults to 1000.
|
201
|
+
#
|
202
|
+
# @option options [Integer] :endpoint_cache_max_threads (10)
|
203
|
+
# Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
|
204
|
+
#
|
205
|
+
# @option options [Integer] :endpoint_cache_poll_interval (60)
|
206
|
+
# When :endpoint_discovery and :active_endpoint_cache is enabled,
|
207
|
+
# Use this option to config the time interval in seconds for making
|
208
|
+
# requests fetching endpoints information. Defaults to 60 sec.
|
209
|
+
#
|
210
|
+
# @option options [Boolean] :endpoint_discovery (false)
|
211
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
212
|
+
#
|
213
|
+
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
214
|
+
# The log formatter.
|
215
|
+
#
|
216
|
+
# @option options [Symbol] :log_level (:info)
|
217
|
+
# The log level to send messages to the `:logger` at.
|
218
|
+
#
|
219
|
+
# @option options [Logger] :logger
|
220
|
+
# The Logger instance to send log messages to. If this option
|
221
|
+
# is not set, logging will be disabled.
|
222
|
+
#
|
223
|
+
# @option options [Integer] :max_attempts (3)
|
224
|
+
# An integer representing the maximum number attempts that will be made for
|
225
|
+
# a single request, including the initial attempt. For example,
|
226
|
+
# setting this value to 5 will result in a request being retried up to
|
227
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
228
|
+
#
|
229
|
+
# @option options [String] :profile ("default")
|
230
|
+
# Used when loading credentials from the shared credentials file
|
231
|
+
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
232
|
+
#
|
233
|
+
# @option options [Proc] :retry_backoff
|
234
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
235
|
+
# This option is only used in the `legacy` retry mode.
|
236
|
+
#
|
237
|
+
# @option options [Float] :retry_base_delay (0.3)
|
238
|
+
# The base delay in seconds used by the default backoff function. This option
|
239
|
+
# is only used in the `legacy` retry mode.
|
240
|
+
#
|
241
|
+
# @option options [Symbol] :retry_jitter (:none)
|
242
|
+
# A delay randomiser function used by the default backoff function.
|
243
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
244
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
245
|
+
# in the `legacy` retry mode.
|
246
|
+
#
|
247
|
+
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
248
|
+
#
|
249
|
+
# @option options [Integer] :retry_limit (3)
|
250
|
+
# The maximum number of times to retry failed requests. Only
|
251
|
+
# ~ 500 level server errors and certain ~ 400 level client errors
|
252
|
+
# are retried. Generally, these are throttling errors, data
|
253
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
254
|
+
# endpoint discovery, and errors from expired credentials.
|
255
|
+
# This option is only used in the `legacy` retry mode.
|
256
|
+
#
|
257
|
+
# @option options [Integer] :retry_max_delay (0)
|
258
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
259
|
+
# used by the default backoff function. This option is only used in the
|
260
|
+
# `legacy` retry mode.
|
261
|
+
#
|
262
|
+
# @option options [String] :retry_mode ("legacy")
|
263
|
+
# Specifies which retry algorithm to use. Values are:
|
264
|
+
#
|
265
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
266
|
+
# no retry mode is provided.
|
267
|
+
#
|
268
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
269
|
+
# This includes support for retry quotas, which limit the number of
|
270
|
+
# unsuccessful retries a client can make.
|
271
|
+
#
|
272
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
273
|
+
# functionality of `standard` mode along with automatic client side
|
274
|
+
# throttling. This is a provisional mode that may change behavior
|
275
|
+
# in the future.
|
276
|
+
#
|
277
|
+
#
|
278
|
+
# @option options [String] :secret_access_key
|
279
|
+
#
|
280
|
+
# @option options [String] :session_token
|
281
|
+
#
|
282
|
+
# @option options [Boolean] :stub_responses (false)
|
283
|
+
# Causes the client to return stubbed responses. By default
|
284
|
+
# fake responses are generated and returned. You can specify
|
285
|
+
# the response data to return or errors to raise by calling
|
286
|
+
# {ClientStubs#stub_responses}. See {ClientStubs} for more information.
|
287
|
+
#
|
288
|
+
# ** Please note ** When response stubbing is enabled, no HTTP
|
289
|
+
# requests are made, and retries are disabled.
|
290
|
+
#
|
291
|
+
# @option options [Aws::TokenProvider] :token_provider
|
292
|
+
# A Bearer Token Provider. This can be an instance of any one of the
|
293
|
+
# following classes:
|
294
|
+
#
|
295
|
+
# * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
|
296
|
+
# tokens.
|
297
|
+
#
|
298
|
+
# * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
|
299
|
+
# access token generated from `aws login`.
|
300
|
+
#
|
301
|
+
# When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
|
302
|
+
# will be used to search for tokens configured for your profile in shared configuration files.
|
303
|
+
#
|
304
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
305
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
306
|
+
# will be used if available.
|
307
|
+
#
|
308
|
+
# @option options [Boolean] :use_fips_endpoint
|
309
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
310
|
+
# When a `fips` region is used, the region is normalized and this config
|
311
|
+
# is set to `true`.
|
312
|
+
#
|
313
|
+
# @option options [Boolean] :validate_params (true)
|
314
|
+
# When `true`, request parameters are validated before
|
315
|
+
# sending the request.
|
316
|
+
#
|
317
|
+
# @option options [Aws::SecurityLake::EndpointProvider] :endpoint_provider
|
318
|
+
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SecurityLake::EndpointParameters`
|
319
|
+
#
|
320
|
+
# @option options [URI::HTTP,String] :http_proxy A proxy to send
|
321
|
+
# requests through. Formatted like 'http://proxy.com:123'.
|
322
|
+
#
|
323
|
+
# @option options [Float] :http_open_timeout (15) The number of
|
324
|
+
# seconds to wait when opening a HTTP session before raising a
|
325
|
+
# `Timeout::Error`.
|
326
|
+
#
|
327
|
+
# @option options [Float] :http_read_timeout (60) The default
|
328
|
+
# number of seconds to wait for response data. This value can
|
329
|
+
# safely be set per-request on the session.
|
330
|
+
#
|
331
|
+
# @option options [Float] :http_idle_timeout (5) The number of
|
332
|
+
# seconds a connection is allowed to sit idle before it is
|
333
|
+
# considered stale. Stale connections are closed and removed
|
334
|
+
# from the pool before making a request.
|
335
|
+
#
|
336
|
+
# @option options [Float] :http_continue_timeout (1) The number of
|
337
|
+
# seconds to wait for a 100-continue response before sending the
|
338
|
+
# request body. This option has no effect unless the request has
|
339
|
+
# "Expect" header set to "100-continue". Defaults to `nil` which
|
340
|
+
# disables this behaviour. This value can safely be set per
|
341
|
+
# request on the session.
|
342
|
+
#
|
343
|
+
# @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
|
344
|
+
# in seconds.
|
345
|
+
#
|
346
|
+
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
347
|
+
# HTTP debug output will be sent to the `:logger`.
|
348
|
+
#
|
349
|
+
# @option options [Boolean] :ssl_verify_peer (true) When `true`,
|
350
|
+
# SSL peer certificates are verified when establishing a
|
351
|
+
# connection.
|
352
|
+
#
|
353
|
+
# @option options [String] :ssl_ca_bundle Full path to the SSL
|
354
|
+
# certificate authority bundle file that should be used when
|
355
|
+
# verifying peer certificates. If you do not pass
|
356
|
+
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
357
|
+
# will be used if available.
|
358
|
+
#
|
359
|
+
# @option options [String] :ssl_ca_directory Full path of the
|
360
|
+
# directory that contains the unbundled SSL certificate
|
361
|
+
# authority files for verifying peer certificates. If you do
|
362
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
363
|
+
# system default will be used if available.
|
364
|
+
#
|
365
|
+
def initialize(*args)
|
366
|
+
super
|
367
|
+
end
|
368
|
+
|
369
|
+
# @!group API Operations
|
370
|
+
|
371
|
+
# Adds a natively-supported Amazon Web Services service as a Security
|
372
|
+
# Lake source. Enables source types for member accounts in required
|
373
|
+
# Regions, based on specified parameters. You can choose any source type
|
374
|
+
# in any Region for accounts that are either part of a trusted
|
375
|
+
# organization or standalone accounts. At least one of the three
|
376
|
+
# dimensions is a mandatory input to this API. However, any combination
|
377
|
+
# of the three dimensions can be supplied to this API.
|
378
|
+
#
|
379
|
+
# By default, dimension refers to the entire set. When you don't
|
380
|
+
# provide a dimension, Security Lake assumes that the missing dimension
|
381
|
+
# refers to the entire set. This is overridden when you supply any one
|
382
|
+
# of the inputs. For instance, when members is not specified, the API
|
383
|
+
# disables all Security Lake member accounts for sources. Similarly,
|
384
|
+
# when Regions are not specified, Security Lake is disabled for all the
|
385
|
+
# Regions where Security Lake is available as a service.
|
386
|
+
#
|
387
|
+
# You can use this API only to enable a natively-supported Amazon Web
|
388
|
+
# Services services as a source. Use `CreateCustomLogSource` to enable
|
389
|
+
# data collection from a custom source.
|
390
|
+
#
|
391
|
+
# @option params [Hash<String,Hash>] :enable_all_dimensions
|
392
|
+
# Enables specific sources in all Regions and source types.
|
393
|
+
#
|
394
|
+
# @option params [Array<String>] :enable_single_dimension
|
395
|
+
# Enables all sources in specific accounts or Regions.
|
396
|
+
#
|
397
|
+
# @option params [Hash<String,Array>] :enable_two_dimensions
|
398
|
+
# Enables specific service sources in specific accounts or Regions.
|
399
|
+
#
|
400
|
+
# @option params [required, Array<String>] :input_order
|
401
|
+
# Specifies the input order to enable dimensions in Security Lake,
|
402
|
+
# namely region, source type, and member account.
|
403
|
+
#
|
404
|
+
# @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
405
|
+
#
|
406
|
+
# * {Types::CreateAwsLogSourceResponse#failed #failed} => Array<String>
|
407
|
+
# * {Types::CreateAwsLogSourceResponse#processing #processing} => Array<String>
|
408
|
+
#
|
409
|
+
# @example Request syntax with placeholder values
|
410
|
+
#
|
411
|
+
# resp = client.create_aws_log_source({
|
412
|
+
# enable_all_dimensions: {
|
413
|
+
# "String" => {
|
414
|
+
# "String" => ["String"],
|
415
|
+
# },
|
416
|
+
# },
|
417
|
+
# enable_single_dimension: ["SafeString"],
|
418
|
+
# enable_two_dimensions: {
|
419
|
+
# "String" => ["String"],
|
420
|
+
# },
|
421
|
+
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
422
|
+
# })
|
423
|
+
#
|
424
|
+
# @example Response structure
|
425
|
+
#
|
426
|
+
# resp.failed #=> Array
|
427
|
+
# resp.failed[0] #=> String
|
428
|
+
# resp.processing #=> Array
|
429
|
+
# resp.processing[0] #=> String
|
430
|
+
#
|
431
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
|
432
|
+
#
|
433
|
+
# @overload create_aws_log_source(params = {})
|
434
|
+
# @param [Hash] params ({})
|
435
|
+
def create_aws_log_source(params = {}, options = {})
|
436
|
+
req = build_request(:create_aws_log_source, params)
|
437
|
+
req.send_request(options)
|
438
|
+
end
|
439
|
+
|
440
|
+
# Adds a third-party custom source in Amazon Security Lake, from the
|
441
|
+
# Region where you want to create a custom source. Security Lake can
|
442
|
+
# collect logs and events from third-party custom sources. After
|
443
|
+
# creating the appropriate API roles, use this API to add a custom
|
444
|
+
# source name in Security Lake. This operation creates a partition in
|
445
|
+
# the Security Lake S3 bucket as the target location for log files from
|
446
|
+
# the custom source, an associated Glue table, and an Glue crawler.
|
447
|
+
#
|
448
|
+
# @option params [required, String] :custom_source_name
|
449
|
+
# The custom source name for a third-party custom source.
|
450
|
+
#
|
451
|
+
# @option params [required, String] :event_class
|
452
|
+
# The Open Cybersecurity Schema Framework (OCSF) event class.
|
453
|
+
#
|
454
|
+
# @option params [required, String] :glue_invocation_role_arn
|
455
|
+
# The IAM Role ARN to be used by the Glue Crawler. The recommended IAM
|
456
|
+
# policies are:
|
457
|
+
#
|
458
|
+
# * The managed policy `AWSGlueServiceRole`
|
459
|
+
#
|
460
|
+
# * A custom policy granting access to your S3 Data Lake
|
461
|
+
#
|
462
|
+
# @option params [required, String] :log_provider_account_id
|
463
|
+
# The Account ID that will assume the above Role to put logs into the
|
464
|
+
# Data Lake.
|
465
|
+
#
|
466
|
+
# @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
467
|
+
#
|
468
|
+
# * {Types::CreateCustomLogSourceResponse#custom_data_location #custom_data_location} => String
|
469
|
+
# * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
|
470
|
+
# * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
|
471
|
+
# * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
|
472
|
+
# * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
|
473
|
+
#
|
474
|
+
# @example Request syntax with placeholder values
|
475
|
+
#
|
476
|
+
# resp = client.create_custom_log_source({
|
477
|
+
# custom_source_name: "CustomSourceType", # required
|
478
|
+
# event_class: "ACCESS_ACTIVITY", # required, accepts ACCESS_ACTIVITY, FILE_ACTIVITY, KERNEL_ACTIVITY, KERNEL_EXTENSION, MEMORY_ACTIVITY, MODULE_ACTIVITY, PROCESS_ACTIVITY, REGISTRY_KEY_ACTIVITY, REGISTRY_VALUE_ACTIVITY, RESOURCE_ACTIVITY, SCHEDULED_JOB_ACTIVITY, SECURITY_FINDING, ACCOUNT_CHANGE, AUTHENTICATION, AUTHORIZATION, ENTITY_MANAGEMENT_AUDIT, DHCP_ACTIVITY, NETWORK_ACTIVITY, DNS_ACTIVITY, FTP_ACTIVITY, HTTP_ACTIVITY, RDP_ACTIVITY, SMB_ACTIVITY, SSH_ACTIVITY, CLOUD_API, CONTAINER_LIFECYCLE, DATABASE_LIFECYCLE, CONFIG_STATE, CLOUD_STORAGE, INVENTORY_INFO, RFB_ACTIVITY, SMTP_ACTIVITY, VIRTUAL_MACHINE_ACTIVITY
|
479
|
+
# glue_invocation_role_arn: "RoleArn", # required
|
480
|
+
# log_provider_account_id: "AwsAccountId", # required
|
481
|
+
# })
|
482
|
+
#
|
483
|
+
# @example Response structure
|
484
|
+
#
|
485
|
+
# resp.custom_data_location #=> String
|
486
|
+
# resp.glue_crawler_name #=> String
|
487
|
+
# resp.glue_database_name #=> String
|
488
|
+
# resp.glue_table_name #=> String
|
489
|
+
# resp.log_provider_access_role_arn #=> String
|
490
|
+
#
|
491
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
|
492
|
+
#
|
493
|
+
# @overload create_custom_log_source(params = {})
|
494
|
+
# @param [Hash] params ({})
|
495
|
+
def create_custom_log_source(params = {}, options = {})
|
496
|
+
req = build_request(:create_custom_log_source, params)
|
497
|
+
req.send_request(options)
|
498
|
+
end
|
499
|
+
|
500
|
+
# Initializes an Amazon Security Lake instance with the provided (or
|
501
|
+
# default) configuration. You can enable Security Lake in Regions with
|
502
|
+
# customized settings in advance before enabling log collection in
|
503
|
+
# Regions. You can either use the `enableAll` parameter to specify all
|
504
|
+
# Regions or you can specify the Regions you want to enable Security
|
505
|
+
# Lake using the `Regions` parameter and configure these Regions using
|
506
|
+
# the `configurations` parameter. When the `CreateDataLake` API is
|
507
|
+
# called multiple times, if that Region is already enabled, it will
|
508
|
+
# update the Region if configuration for that Region is provided. If
|
509
|
+
# that Region is a new Region, it will be set up with the customized
|
510
|
+
# configurations if it is specified.
|
511
|
+
#
|
512
|
+
# When you enable Security Lake, it starts ingesting security data after
|
513
|
+
# the `CreateAwsLogSource` call. This includes ingesting security data
|
514
|
+
# from sources, storing data, and making data accessible to subscribers.
|
515
|
+
# Security Lake also enables all the existing settings and resources
|
516
|
+
# that it stores or maintains for your account in the current Region,
|
517
|
+
# including security log and event data. For more information, see the
|
518
|
+
# Amazon Security Lake User Guide.
|
519
|
+
#
|
520
|
+
# @option params [Hash<String,Types::LakeConfigurationRequest>] :configurations
|
521
|
+
# Enable Security Lake with the specified configurations settings to
|
522
|
+
# begin ingesting security data.
|
523
|
+
#
|
524
|
+
# @option params [Boolean] :enable_all
|
525
|
+
# Enable Security Lake in all Regions to begin ingesting security data.
|
526
|
+
#
|
527
|
+
# @option params [String] :meta_store_manager_role_arn
|
528
|
+
# The Role ARN used to create and update the Glue table with partitions
|
529
|
+
# generated by ingestion and normalization of Amazon Web Services log
|
530
|
+
# sources and custom sources.
|
531
|
+
#
|
532
|
+
# @option params [Array<String>] :regions
|
533
|
+
# Enable Security Lake in the specified Regions to begin ingesting
|
534
|
+
# security data. To enable Security Lake in specific Amazon Web Services
|
535
|
+
# Regions, such as us-east-1 or ap-northeast-3, provide the Region
|
536
|
+
# codes. For a list of Region codes, see [Region codes][1] in the Amazon
|
537
|
+
# Web Services General Reference.
|
538
|
+
#
|
539
|
+
#
|
540
|
+
#
|
541
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints
|
542
|
+
#
|
543
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
544
|
+
#
|
545
|
+
# @example Request syntax with placeholder values
|
546
|
+
#
|
547
|
+
# resp = client.create_datalake({
|
548
|
+
# configurations: {
|
549
|
+
# "us-east-1" => {
|
550
|
+
# encryption_key: "String",
|
551
|
+
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
552
|
+
# replication_role_arn: "RoleArn",
|
553
|
+
# retention_settings: [
|
554
|
+
# {
|
555
|
+
# retention_period: 1,
|
556
|
+
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
557
|
+
# },
|
558
|
+
# ],
|
559
|
+
# tags_map: {
|
560
|
+
# "String" => "String",
|
561
|
+
# },
|
562
|
+
# },
|
563
|
+
# },
|
564
|
+
# enable_all: false,
|
565
|
+
# meta_store_manager_role_arn: "RoleArn",
|
566
|
+
# regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
567
|
+
# })
|
568
|
+
#
|
569
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalake AWS API Documentation
|
570
|
+
#
|
571
|
+
# @overload create_datalake(params = {})
|
572
|
+
# @param [Hash] params ({})
|
573
|
+
def create_datalake(params = {}, options = {})
|
574
|
+
req = build_request(:create_datalake, params)
|
575
|
+
req.send_request(options)
|
576
|
+
end
|
577
|
+
|
578
|
+
# Automatically enable Security Lake in the specified Regions to begin
|
579
|
+
# ingesting security data. When you choose to enable organization
|
580
|
+
# accounts automatically, then Security Lake begins to enable new
|
581
|
+
# accounts as member accounts as they are added to the organization.
|
582
|
+
# Security Lake does not enable existing organization accounts that are
|
583
|
+
# not yet enabled.
|
584
|
+
#
|
585
|
+
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
|
586
|
+
# Enable Amazon Security Lake with the specified configurations settings
|
587
|
+
# to begin ingesting security data for new accounts in Security Lake.
|
588
|
+
#
|
589
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
590
|
+
#
|
591
|
+
# @example Request syntax with placeholder values
|
592
|
+
#
|
593
|
+
# resp = client.create_datalake_auto_enable({
|
594
|
+
# configuration_for_new_accounts: [ # required
|
595
|
+
# {
|
596
|
+
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
597
|
+
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
598
|
+
# },
|
599
|
+
# ],
|
600
|
+
# })
|
601
|
+
#
|
602
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeAutoEnable AWS API Documentation
|
603
|
+
#
|
604
|
+
# @overload create_datalake_auto_enable(params = {})
|
605
|
+
# @param [Hash] params ({})
|
606
|
+
def create_datalake_auto_enable(params = {}, options = {})
|
607
|
+
req = build_request(:create_datalake_auto_enable, params)
|
608
|
+
req.send_request(options)
|
609
|
+
end
|
610
|
+
|
611
|
+
# Designates the Security Lake administrator account for the
|
612
|
+
# organization. This API can only be called by the organization
|
613
|
+
# management account. The organization management account cannot be the
|
614
|
+
# delegated administrator account.
|
615
|
+
#
|
616
|
+
# @option params [required, String] :account
|
617
|
+
# Account ID of the Security Lake delegated administrator.
|
618
|
+
#
|
619
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
620
|
+
#
|
621
|
+
# @example Request syntax with placeholder values
|
622
|
+
#
|
623
|
+
# resp = client.create_datalake_delegated_admin({
|
624
|
+
# account: "SafeString", # required
|
625
|
+
# })
|
626
|
+
#
|
627
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeDelegatedAdmin AWS API Documentation
|
628
|
+
#
|
629
|
+
# @overload create_datalake_delegated_admin(params = {})
|
630
|
+
# @param [Hash] params ({})
|
631
|
+
def create_datalake_delegated_admin(params = {}, options = {})
|
632
|
+
req = build_request(:create_datalake_delegated_admin, params)
|
633
|
+
req.send_request(options)
|
634
|
+
end
|
635
|
+
|
636
|
+
# Creates the specified notification subscription in Security Lake.
|
637
|
+
# Creates the specified subscription notifications in the specified
|
638
|
+
# organization.
|
639
|
+
#
|
640
|
+
# @option params [required, String] :notification_endpoint
|
641
|
+
# The account in which the exception notifications subscription is
|
642
|
+
# created.
|
643
|
+
#
|
644
|
+
# @option params [required, String] :subscription_protocol
|
645
|
+
# The subscription protocol to which exception messages are posted.
|
646
|
+
#
|
647
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
648
|
+
#
|
649
|
+
# @example Request syntax with placeholder values
|
650
|
+
#
|
651
|
+
# resp = client.create_datalake_exceptions_subscription({
|
652
|
+
# notification_endpoint: "SafeString", # required
|
653
|
+
# subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
|
654
|
+
# })
|
655
|
+
#
|
656
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeExceptionsSubscription AWS API Documentation
|
657
|
+
#
|
658
|
+
# @overload create_datalake_exceptions_subscription(params = {})
|
659
|
+
# @param [Hash] params ({})
|
660
|
+
def create_datalake_exceptions_subscription(params = {}, options = {})
|
661
|
+
req = build_request(:create_datalake_exceptions_subscription, params)
|
662
|
+
req.send_request(options)
|
663
|
+
end
|
664
|
+
|
665
|
+
# Creates a subscription permission for accounts that are already
|
666
|
+
# enabled in Security Lake.
|
667
|
+
#
|
668
|
+
# @option params [Array<String>] :access_types
|
669
|
+
# The Amazon S3 or Lake Formation access type.
|
670
|
+
#
|
671
|
+
# @option params [required, String] :account_id
|
672
|
+
# The third party Amazon Web Services account ID used to access your
|
673
|
+
# data.
|
674
|
+
#
|
675
|
+
# @option params [required, String] :external_id
|
676
|
+
# The external ID of the subscriber. External ID allows the user that is
|
677
|
+
# assuming the role to assert the circumstances in which they are
|
678
|
+
# operating. It also provides a way for the account owner to permit the
|
679
|
+
# role to be assumed only under specific circumstances.
|
680
|
+
#
|
681
|
+
# @option params [required, Array<Types::SourceType>] :source_types
|
682
|
+
# The supported Amazon Web Services services from which logs and events
|
683
|
+
# are collected. Amazon Security Lake supports logs and events
|
684
|
+
# collection for natively-supported Amazon Web Services services.
|
685
|
+
#
|
686
|
+
# @option params [String] :subscriber_description
|
687
|
+
# The subscriber descriptions for the subscriber account in Amazon
|
688
|
+
# Security Lake.
|
689
|
+
#
|
690
|
+
# @option params [required, String] :subscriber_name
|
691
|
+
# The name of your Amazon Security Lake subscriber account.
|
692
|
+
#
|
693
|
+
# @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
694
|
+
#
|
695
|
+
# * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
|
696
|
+
# * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
|
697
|
+
# * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
|
698
|
+
# * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
|
699
|
+
#
|
700
|
+
# @example Request syntax with placeholder values
|
701
|
+
#
|
702
|
+
# resp = client.create_subscriber({
|
703
|
+
# access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
|
704
|
+
# account_id: "AwsAccountId", # required
|
705
|
+
# external_id: "SafeString", # required
|
706
|
+
# source_types: [ # required
|
707
|
+
# {
|
708
|
+
# aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
709
|
+
# custom_source_type: "CustomSourceType",
|
710
|
+
# },
|
711
|
+
# ],
|
712
|
+
# subscriber_description: "SafeString",
|
713
|
+
# subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
|
714
|
+
# })
|
715
|
+
#
|
716
|
+
# @example Response structure
|
717
|
+
#
|
718
|
+
# resp.role_arn #=> String
|
719
|
+
# resp.s3_bucket_arn #=> String
|
720
|
+
# resp.sns_arn #=> String
|
721
|
+
# resp.subscription_id #=> String
|
722
|
+
#
|
723
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
|
724
|
+
#
|
725
|
+
# @overload create_subscriber(params = {})
|
726
|
+
# @param [Hash] params ({})
|
727
|
+
def create_subscriber(params = {}, options = {})
|
728
|
+
req = build_request(:create_subscriber, params)
|
729
|
+
req.send_request(options)
|
730
|
+
end
|
731
|
+
|
732
|
+
# Creates the specified notification subscription in Security Lake.
|
733
|
+
# Creates the specified subscription notifications from the specified
|
734
|
+
# organization.
|
735
|
+
#
|
736
|
+
# @option params [Boolean] :create_sqs
|
737
|
+
# Create a new subscription notification for the specified subscription
|
738
|
+
# ID in Security Lake.
|
739
|
+
#
|
740
|
+
# @option params [String] :https_api_key_name
|
741
|
+
# The key name for the subscription notification.
|
742
|
+
#
|
743
|
+
# @option params [String] :https_api_key_value
|
744
|
+
# The key value for the subscription notification.
|
745
|
+
#
|
746
|
+
# @option params [String] :https_method
|
747
|
+
# The HTTPS method used for the subscription notification.
|
748
|
+
#
|
749
|
+
# @option params [String] :role_arn
|
750
|
+
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
751
|
+
#
|
752
|
+
# @option params [String] :subscription_endpoint
|
753
|
+
# The subscription endpoint in Security Lake.
|
754
|
+
#
|
755
|
+
# @option params [required, String] :subscription_id
|
756
|
+
# The subscription ID for which the subscription notification is
|
757
|
+
# specified.
|
758
|
+
#
|
759
|
+
# @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
760
|
+
#
|
761
|
+
# * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
762
|
+
#
|
763
|
+
# @example Request syntax with placeholder values
|
764
|
+
#
|
765
|
+
# resp = client.create_subscription_notification_configuration({
|
766
|
+
# create_sqs: false,
|
767
|
+
# https_api_key_name: "String",
|
768
|
+
# https_api_key_value: "String",
|
769
|
+
# https_method: "POST", # accepts POST, PUT
|
770
|
+
# role_arn: "RoleArn",
|
771
|
+
# subscription_endpoint: "CreateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
|
772
|
+
# subscription_id: "UUID", # required
|
773
|
+
# })
|
774
|
+
#
|
775
|
+
# @example Response structure
|
776
|
+
#
|
777
|
+
# resp.queue_arn #=> String
|
778
|
+
#
|
779
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfiguration AWS API Documentation
|
780
|
+
#
|
781
|
+
# @overload create_subscription_notification_configuration(params = {})
|
782
|
+
# @param [Hash] params ({})
|
783
|
+
def create_subscription_notification_configuration(params = {}, options = {})
|
784
|
+
req = build_request(:create_subscription_notification_configuration, params)
|
785
|
+
req.send_request(options)
|
786
|
+
end
|
787
|
+
|
788
|
+
# Removes a natively-supported Amazon Web Services service as a Amazon
|
789
|
+
# Security Lake source. When you remove the source, Security Lake stops
|
790
|
+
# collecting data from that source, and subscribers can no longer
|
791
|
+
# consume new data from the source. Subscribers can still consume data
|
792
|
+
# that Amazon Security Lake collected from the source before
|
793
|
+
# disablement.
|
794
|
+
#
|
795
|
+
# You can choose any source type in any Region for accounts that are
|
796
|
+
# either part of a trusted organization or standalone accounts. At least
|
797
|
+
# one of the three dimensions is a mandatory input to this API. However,
|
798
|
+
# any combination of the three dimensions can be supplied to this API.
|
799
|
+
#
|
800
|
+
# By default, dimension refers to the entire set. This is overridden
|
801
|
+
# when you supply any one of the inputs. For instance, when members is
|
802
|
+
# not specified, the API disables all Security Lake member accounts for
|
803
|
+
# sources. Similarly, when Regions are not specified, Security Lake is
|
804
|
+
# disabled for all the Regions where Security Lake is available as a
|
805
|
+
# service.
|
806
|
+
#
|
807
|
+
# You can use this API to remove a natively-supported Amazon Web
|
808
|
+
# Services service as a source. Use `DeregisterCustomData` to remove a
|
809
|
+
# custom source.
|
810
|
+
#
|
811
|
+
# When you don't provide a dimension, Security Lake assumes that the
|
812
|
+
# missing dimension refers to the entire set. For example, if you don't
|
813
|
+
# provide specific accounts, the API applies to the entire set of
|
814
|
+
# accounts in your organization.
|
815
|
+
#
|
816
|
+
# @option params [Hash<String,Hash>] :disable_all_dimensions
|
817
|
+
# Removes the specific Amazon Web Services sources from all Regions and
|
818
|
+
# source types.
|
819
|
+
#
|
820
|
+
# @option params [Array<String>] :disable_single_dimension
|
821
|
+
# Removes all Amazon Web Services sources from specific accounts or
|
822
|
+
# Regions.
|
823
|
+
#
|
824
|
+
# @option params [Hash<String,Array>] :disable_two_dimensions
|
825
|
+
# Remove a specific Amazon Web Services source from specific accounts or
|
826
|
+
# Regions.
|
827
|
+
#
|
828
|
+
# @option params [required, Array<String>] :input_order
|
829
|
+
# This is a mandatory input. Specifies the input order to disable
|
830
|
+
# dimensions in Security Lake, namely Region, source type, and member.
|
831
|
+
#
|
832
|
+
# @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
833
|
+
#
|
834
|
+
# * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array<String>
|
835
|
+
# * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array<String>
|
836
|
+
#
|
837
|
+
# @example Request syntax with placeholder values
|
838
|
+
#
|
839
|
+
# resp = client.delete_aws_log_source({
|
840
|
+
# disable_all_dimensions: {
|
841
|
+
# "String" => {
|
842
|
+
# "String" => ["String"],
|
843
|
+
# },
|
844
|
+
# },
|
845
|
+
# disable_single_dimension: ["SafeString"],
|
846
|
+
# disable_two_dimensions: {
|
847
|
+
# "String" => ["String"],
|
848
|
+
# },
|
849
|
+
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
850
|
+
# })
|
851
|
+
#
|
852
|
+
# @example Response structure
|
853
|
+
#
|
854
|
+
# resp.failed #=> Array
|
855
|
+
# resp.failed[0] #=> String
|
856
|
+
# resp.processing #=> Array
|
857
|
+
# resp.processing[0] #=> String
|
858
|
+
#
|
859
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
|
860
|
+
#
|
861
|
+
# @overload delete_aws_log_source(params = {})
|
862
|
+
# @param [Hash] params ({})
|
863
|
+
def delete_aws_log_source(params = {}, options = {})
|
864
|
+
req = build_request(:delete_aws_log_source, params)
|
865
|
+
req.send_request(options)
|
866
|
+
end
|
867
|
+
|
868
|
+
# Removes a custom log source from Security Lake.
|
869
|
+
#
|
870
|
+
# @option params [required, String] :custom_source_name
|
871
|
+
# The custom source name for the custome log source.
|
872
|
+
#
|
873
|
+
# @return [Types::DeleteCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
874
|
+
#
|
875
|
+
# * {Types::DeleteCustomLogSourceResponse#custom_data_location #custom_data_location} => String
|
876
|
+
#
|
877
|
+
# @example Request syntax with placeholder values
|
878
|
+
#
|
879
|
+
# resp = client.delete_custom_log_source({
|
880
|
+
# custom_source_name: "String", # required
|
881
|
+
# })
|
882
|
+
#
|
883
|
+
# @example Response structure
|
884
|
+
#
|
885
|
+
# resp.custom_data_location #=> String
|
886
|
+
#
|
887
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
|
888
|
+
#
|
889
|
+
# @overload delete_custom_log_source(params = {})
|
890
|
+
# @param [Hash] params ({})
|
891
|
+
def delete_custom_log_source(params = {}, options = {})
|
892
|
+
req = build_request(:delete_custom_log_source, params)
|
893
|
+
req.send_request(options)
|
894
|
+
end
|
895
|
+
|
896
|
+
# When you delete Amazon Security Lake from your account, Security Lake
|
897
|
+
# is disabled in all Regions. Also, this API automatically performs the
|
898
|
+
# off-boarding steps to off-board the account from Security Lake . This
|
899
|
+
# includes ingesting security data from sources, storing data, and
|
900
|
+
# making data accessible to subscribers. Security Lake also deletes all
|
901
|
+
# the existing settings and resources that it stores or maintains for
|
902
|
+
# your account in the current Region, including security log and event
|
903
|
+
# data. `DeleteDatalake` does not delete the S3 bucket which is owned by
|
904
|
+
# the Amazon Web Services account. For more information, see the Amazon
|
905
|
+
# Security Lake User Guide.
|
906
|
+
#
|
907
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
908
|
+
#
|
909
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
|
910
|
+
#
|
911
|
+
# @overload delete_datalake(params = {})
|
912
|
+
# @param [Hash] params ({})
|
913
|
+
def delete_datalake(params = {}, options = {})
|
914
|
+
req = build_request(:delete_datalake, params)
|
915
|
+
req.send_request(options)
|
916
|
+
end
|
917
|
+
|
918
|
+
# Automatically delete Security Lake in the specified Regions to stop
|
919
|
+
# ingesting security data. When you delete Amazon Security Lake from
|
920
|
+
# your account, Security Lake is disabled in all Regions. Also, this API
|
921
|
+
# automatically performs the off-boarding steps to off-board the account
|
922
|
+
# from Security Lake . This includes ingesting security data from
|
923
|
+
# sources, storing data, and making data accessible to subscribers.
|
924
|
+
# Security Lake also deletes all the existing settings and resources
|
925
|
+
# that it stores or maintains for your account in the current Region,
|
926
|
+
# including security log and event data. For more information, see the
|
927
|
+
# Amazon Security Lake User Guide.
|
928
|
+
#
|
929
|
+
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
|
930
|
+
# Delete Amazon Security Lake with the specified configurations settings
|
931
|
+
# to stop ingesting security data for new accounts in Security Lake.
|
932
|
+
#
|
933
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
934
|
+
#
|
935
|
+
# @example Request syntax with placeholder values
|
936
|
+
#
|
937
|
+
# resp = client.delete_datalake_auto_enable({
|
938
|
+
# remove_from_configuration_for_new_accounts: [ # required
|
939
|
+
# {
|
940
|
+
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
941
|
+
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
942
|
+
# },
|
943
|
+
# ],
|
944
|
+
# })
|
945
|
+
#
|
946
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnable AWS API Documentation
|
947
|
+
#
|
948
|
+
# @overload delete_datalake_auto_enable(params = {})
|
949
|
+
# @param [Hash] params ({})
|
950
|
+
def delete_datalake_auto_enable(params = {}, options = {})
|
951
|
+
req = build_request(:delete_datalake_auto_enable, params)
|
952
|
+
req.send_request(options)
|
953
|
+
end
|
954
|
+
|
955
|
+
# Deletes the Security Lake administrator account for the organization.
|
956
|
+
# This API can only be called by the organization management account.
|
957
|
+
# The organization management account cannot be the delegated
|
958
|
+
# administrator account.
|
959
|
+
#
|
960
|
+
# @option params [required, String] :account
|
961
|
+
# Account ID the Security Lake delegated administrator.
|
962
|
+
#
|
963
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
964
|
+
#
|
965
|
+
# @example Request syntax with placeholder values
|
966
|
+
#
|
967
|
+
# resp = client.delete_datalake_delegated_admin({
|
968
|
+
# account: "SafeString", # required
|
969
|
+
# })
|
970
|
+
#
|
971
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
|
972
|
+
#
|
973
|
+
# @overload delete_datalake_delegated_admin(params = {})
|
974
|
+
# @param [Hash] params ({})
|
975
|
+
def delete_datalake_delegated_admin(params = {}, options = {})
|
976
|
+
req = build_request(:delete_datalake_delegated_admin, params)
|
977
|
+
req.send_request(options)
|
978
|
+
end
|
979
|
+
|
980
|
+
# Deletes the specified notification subscription in Security Lake.
|
981
|
+
# Deletes the specified subscription notifications in the specified
|
982
|
+
# organization.
|
983
|
+
#
|
984
|
+
# @return [Types::DeleteDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
985
|
+
#
|
986
|
+
# * {Types::DeleteDatalakeExceptionsSubscriptionResponse#status #status} => String
|
987
|
+
#
|
988
|
+
# @example Response structure
|
989
|
+
#
|
990
|
+
# resp.status #=> String
|
991
|
+
#
|
992
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeExceptionsSubscription AWS API Documentation
|
993
|
+
#
|
994
|
+
# @overload delete_datalake_exceptions_subscription(params = {})
|
995
|
+
# @param [Hash] params ({})
|
996
|
+
def delete_datalake_exceptions_subscription(params = {}, options = {})
|
997
|
+
req = build_request(:delete_datalake_exceptions_subscription, params)
|
998
|
+
req.send_request(options)
|
999
|
+
end
|
1000
|
+
|
1001
|
+
# Deletes the specified subscription permissions to Security Lake.
|
1002
|
+
# Deletes the specified subscription permissions from the specified
|
1003
|
+
# organization.
|
1004
|
+
#
|
1005
|
+
# @option params [required, String] :id
|
1006
|
+
# A value created by Security Lake that uniquely identifies your
|
1007
|
+
# `DeleteSubscriber` API request.
|
1008
|
+
#
|
1009
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1010
|
+
#
|
1011
|
+
# @example Request syntax with placeholder values
|
1012
|
+
#
|
1013
|
+
# resp = client.delete_subscriber({
|
1014
|
+
# id: "String", # required
|
1015
|
+
# })
|
1016
|
+
#
|
1017
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
|
1018
|
+
#
|
1019
|
+
# @overload delete_subscriber(params = {})
|
1020
|
+
# @param [Hash] params ({})
|
1021
|
+
def delete_subscriber(params = {}, options = {})
|
1022
|
+
req = build_request(:delete_subscriber, params)
|
1023
|
+
req.send_request(options)
|
1024
|
+
end
|
1025
|
+
|
1026
|
+
# Deletes the specified notification subscription in Security Lake.
|
1027
|
+
# Deletes the specified subscription notifications from the specified
|
1028
|
+
# organization.
|
1029
|
+
#
|
1030
|
+
# @option params [required, String] :subscription_id
|
1031
|
+
# The subscription ID of the Amazon Security Lake subscriber account.
|
1032
|
+
#
|
1033
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1034
|
+
#
|
1035
|
+
# @example Request syntax with placeholder values
|
1036
|
+
#
|
1037
|
+
# resp = client.delete_subscription_notification_configuration({
|
1038
|
+
# subscription_id: "UUID", # required
|
1039
|
+
# })
|
1040
|
+
#
|
1041
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriptionNotificationConfiguration AWS API Documentation
|
1042
|
+
#
|
1043
|
+
# @overload delete_subscription_notification_configuration(params = {})
|
1044
|
+
# @param [Hash] params ({})
|
1045
|
+
def delete_subscription_notification_configuration(params = {}, options = {})
|
1046
|
+
req = build_request(:delete_subscription_notification_configuration, params)
|
1047
|
+
req.send_request(options)
|
1048
|
+
end
|
1049
|
+
|
1050
|
+
# Retrieve the Security Lake configuration object for the specified
|
1051
|
+
# account ID. This API does not take input parameters.
|
1052
|
+
#
|
1053
|
+
# @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1054
|
+
#
|
1055
|
+
# * {Types::GetDatalakeResponse#configurations #configurations} => Hash<String,Types::LakeConfigurationResponse>
|
1056
|
+
#
|
1057
|
+
# @example Response structure
|
1058
|
+
#
|
1059
|
+
# resp.configurations #=> Hash
|
1060
|
+
# resp.configurations["Region"].encryption_key #=> String
|
1061
|
+
# resp.configurations["Region"].replication_destination_regions #=> Array
|
1062
|
+
# resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1063
|
+
# resp.configurations["Region"].replication_role_arn #=> String
|
1064
|
+
# resp.configurations["Region"].retention_settings #=> Array
|
1065
|
+
# resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
|
1066
|
+
# resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
|
1067
|
+
# resp.configurations["Region"].s3_bucket_arn #=> String
|
1068
|
+
# resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1069
|
+
# resp.configurations["Region"].tags_map #=> Hash
|
1070
|
+
# resp.configurations["Region"].tags_map["String"] #=> String
|
1071
|
+
#
|
1072
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
|
1073
|
+
#
|
1074
|
+
# @overload get_datalake(params = {})
|
1075
|
+
# @param [Hash] params ({})
|
1076
|
+
def get_datalake(params = {}, options = {})
|
1077
|
+
req = build_request(:get_datalake, params)
|
1078
|
+
req.send_request(options)
|
1079
|
+
end
|
1080
|
+
|
1081
|
+
# Retrieves the configuration that will be automatically set up for
|
1082
|
+
# accounts added to the organization after the organization has on
|
1083
|
+
# boarded to Amazon Security Lake. This API does not take input
|
1084
|
+
# parameters.
|
1085
|
+
#
|
1086
|
+
# @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1087
|
+
#
|
1088
|
+
# * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array<Types::AutoEnableNewRegionConfiguration>
|
1089
|
+
#
|
1090
|
+
# @example Response structure
|
1091
|
+
#
|
1092
|
+
# resp.auto_enable_new_accounts #=> Array
|
1093
|
+
# resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1094
|
+
# resp.auto_enable_new_accounts[0].sources #=> Array
|
1095
|
+
# resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1096
|
+
#
|
1097
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeAutoEnable AWS API Documentation
|
1098
|
+
#
|
1099
|
+
# @overload get_datalake_auto_enable(params = {})
|
1100
|
+
# @param [Hash] params ({})
|
1101
|
+
def get_datalake_auto_enable(params = {}, options = {})
|
1102
|
+
req = build_request(:get_datalake_auto_enable, params)
|
1103
|
+
req.send_request(options)
|
1104
|
+
end
|
1105
|
+
|
1106
|
+
# Retrieves the expiration period and time-to-live (TTL) for which the
|
1107
|
+
# exception message will remain. Exceptions are stored by default, for a
|
1108
|
+
# 2 week period of time from when a record was created in Security Lake.
|
1109
|
+
# This API does not take input parameters. This API does not take input
|
1110
|
+
# parameters.
|
1111
|
+
#
|
1112
|
+
# @return [Types::GetDatalakeExceptionsExpiryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1113
|
+
#
|
1114
|
+
# * {Types::GetDatalakeExceptionsExpiryResponse#exception_message_expiry #exception_message_expiry} => Integer
|
1115
|
+
#
|
1116
|
+
# @example Response structure
|
1117
|
+
#
|
1118
|
+
# resp.exception_message_expiry #=> Integer
|
1119
|
+
#
|
1120
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsExpiry AWS API Documentation
|
1121
|
+
#
|
1122
|
+
# @overload get_datalake_exceptions_expiry(params = {})
|
1123
|
+
# @param [Hash] params ({})
|
1124
|
+
def get_datalake_exceptions_expiry(params = {}, options = {})
|
1125
|
+
req = build_request(:get_datalake_exceptions_expiry, params)
|
1126
|
+
req.send_request(options)
|
1127
|
+
end
|
1128
|
+
|
1129
|
+
# Retrieves the details of exception notifications for the account in
|
1130
|
+
# Amazon Security Lake.
|
1131
|
+
#
|
1132
|
+
# @return [Types::GetDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1133
|
+
#
|
1134
|
+
# * {Types::GetDatalakeExceptionsSubscriptionResponse#protocol_and_notification_endpoint #protocol_and_notification_endpoint} => Types::ProtocolAndNotificationEndpoint
|
1135
|
+
#
|
1136
|
+
# @example Response structure
|
1137
|
+
#
|
1138
|
+
# resp.protocol_and_notification_endpoint.endpoint #=> String
|
1139
|
+
# resp.protocol_and_notification_endpoint.protocol #=> String
|
1140
|
+
#
|
1141
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsSubscription AWS API Documentation
|
1142
|
+
#
|
1143
|
+
# @overload get_datalake_exceptions_subscription(params = {})
|
1144
|
+
# @param [Hash] params ({})
|
1145
|
+
def get_datalake_exceptions_subscription(params = {}, options = {})
|
1146
|
+
req = build_request(:get_datalake_exceptions_subscription, params)
|
1147
|
+
req.send_request(options)
|
1148
|
+
end
|
1149
|
+
|
1150
|
+
# Retrieve the Security Lake configuration object for the specified
|
1151
|
+
# account ID. This API does not take input parameters.
|
1152
|
+
#
|
1153
|
+
# @option params [Array<String>] :account_set
|
1154
|
+
# The account IDs for which a static snapshot of the current Region,
|
1155
|
+
# including enabled accounts and log sources is retrieved.
|
1156
|
+
#
|
1157
|
+
# @option params [Integer] :max_account_results
|
1158
|
+
# The maximum limit of accounts for which the static snapshot of the
|
1159
|
+
# current Region including enabled accounts and log sources is
|
1160
|
+
# retrieved.
|
1161
|
+
#
|
1162
|
+
# @option params [String] :next_token
|
1163
|
+
# If nextToken is returned, there are more results available. The value
|
1164
|
+
# of nextToken is a unique pagination token for each page. Make the call
|
1165
|
+
# again using the returned token to retrieve the next page. Keep all
|
1166
|
+
# other arguments unchanged. Each pagination token expires after 24
|
1167
|
+
# hours. Using an expired pagination token will return an HTTP 400
|
1168
|
+
# InvalidToken error.
|
1169
|
+
#
|
1170
|
+
# @return [Types::GetDatalakeStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1171
|
+
#
|
1172
|
+
# * {Types::GetDatalakeStatusResponse#account_sources_list #account_sources_list} => Array<Types::AccountSources>
|
1173
|
+
# * {Types::GetDatalakeStatusResponse#next_token #next_token} => String
|
1174
|
+
#
|
1175
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1176
|
+
#
|
1177
|
+
# @example Request syntax with placeholder values
|
1178
|
+
#
|
1179
|
+
# resp = client.get_datalake_status({
|
1180
|
+
# account_set: ["SafeString"],
|
1181
|
+
# max_account_results: 1,
|
1182
|
+
# next_token: "SafeString",
|
1183
|
+
# })
|
1184
|
+
#
|
1185
|
+
# @example Response structure
|
1186
|
+
#
|
1187
|
+
# resp.account_sources_list #=> Array
|
1188
|
+
# resp.account_sources_list[0].account #=> String
|
1189
|
+
# resp.account_sources_list[0].event_class #=> String, one of "ACCESS_ACTIVITY", "FILE_ACTIVITY", "KERNEL_ACTIVITY", "KERNEL_EXTENSION", "MEMORY_ACTIVITY", "MODULE_ACTIVITY", "PROCESS_ACTIVITY", "REGISTRY_KEY_ACTIVITY", "REGISTRY_VALUE_ACTIVITY", "RESOURCE_ACTIVITY", "SCHEDULED_JOB_ACTIVITY", "SECURITY_FINDING", "ACCOUNT_CHANGE", "AUTHENTICATION", "AUTHORIZATION", "ENTITY_MANAGEMENT_AUDIT", "DHCP_ACTIVITY", "NETWORK_ACTIVITY", "DNS_ACTIVITY", "FTP_ACTIVITY", "HTTP_ACTIVITY", "RDP_ACTIVITY", "SMB_ACTIVITY", "SSH_ACTIVITY", "CLOUD_API", "CONTAINER_LIFECYCLE", "DATABASE_LIFECYCLE", "CONFIG_STATE", "CLOUD_STORAGE", "INVENTORY_INFO", "RFB_ACTIVITY", "SMTP_ACTIVITY", "VIRTUAL_MACHINE_ACTIVITY"
|
1190
|
+
# resp.account_sources_list[0].logs_status #=> Array
|
1191
|
+
# resp.account_sources_list[0].logs_status[0].health_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING"
|
1192
|
+
# resp.account_sources_list[0].logs_status[0].path_to_logs #=> String
|
1193
|
+
# resp.account_sources_list[0].source_type #=> String
|
1194
|
+
# resp.next_token #=> String
|
1195
|
+
#
|
1196
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeStatus AWS API Documentation
|
1197
|
+
#
|
1198
|
+
# @overload get_datalake_status(params = {})
|
1199
|
+
# @param [Hash] params ({})
|
1200
|
+
def get_datalake_status(params = {}, options = {})
|
1201
|
+
req = build_request(:get_datalake_status, params)
|
1202
|
+
req.send_request(options)
|
1203
|
+
end
|
1204
|
+
|
1205
|
+
# Retrieves subscription information for the specified subscription ID.
|
1206
|
+
#
|
1207
|
+
# @option params [required, String] :id
|
1208
|
+
# A value created by Security Lake that uniquely identifies your
|
1209
|
+
# `GetSubscriber` API request.
|
1210
|
+
#
|
1211
|
+
# @return [Types::GetSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1212
|
+
#
|
1213
|
+
# * {Types::GetSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
1214
|
+
#
|
1215
|
+
# @example Request syntax with placeholder values
|
1216
|
+
#
|
1217
|
+
# resp = client.get_subscriber({
|
1218
|
+
# id: "String", # required
|
1219
|
+
# })
|
1220
|
+
#
|
1221
|
+
# @example Response structure
|
1222
|
+
#
|
1223
|
+
# resp.subscriber.access_types #=> Array
|
1224
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1225
|
+
# resp.subscriber.account_id #=> String
|
1226
|
+
# resp.subscriber.created_at #=> Time
|
1227
|
+
# resp.subscriber.external_id #=> String
|
1228
|
+
# resp.subscriber.role_arn #=> String
|
1229
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
1230
|
+
# resp.subscriber.sns_arn #=> String
|
1231
|
+
# resp.subscriber.source_types #=> Array
|
1232
|
+
# resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1233
|
+
# resp.subscriber.source_types[0].custom_source_type #=> String
|
1234
|
+
# resp.subscriber.subscriber_description #=> String
|
1235
|
+
# resp.subscriber.subscriber_name #=> String
|
1236
|
+
# resp.subscriber.subscription_endpoint #=> String
|
1237
|
+
# resp.subscriber.subscription_id #=> String
|
1238
|
+
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1239
|
+
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1240
|
+
# resp.subscriber.updated_at #=> Time
|
1241
|
+
#
|
1242
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
|
1243
|
+
#
|
1244
|
+
# @overload get_subscriber(params = {})
|
1245
|
+
# @param [Hash] params ({})
|
1246
|
+
def get_subscriber(params = {}, options = {})
|
1247
|
+
req = build_request(:get_subscriber, params)
|
1248
|
+
req.send_request(options)
|
1249
|
+
end
|
1250
|
+
|
1251
|
+
# List the Amazon Security Lake exceptions that you can use to find the
|
1252
|
+
# source of problems and fix them.
|
1253
|
+
#
|
1254
|
+
# @option params [Integer] :max_failures
|
1255
|
+
# List the maximum number of failures in Security Lake.
|
1256
|
+
#
|
1257
|
+
# @option params [String] :next_token
|
1258
|
+
# List if there are more results available. if nextToken is returned,
|
1259
|
+
# You can make the call again using the returned token to retrieve the
|
1260
|
+
# next page
|
1261
|
+
#
|
1262
|
+
# @option params [Array<String>] :region_set
|
1263
|
+
# List the regions from which exceptions are retrieved.
|
1264
|
+
#
|
1265
|
+
# @return [Types::ListDatalakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1266
|
+
#
|
1267
|
+
# * {Types::ListDatalakeExceptionsResponse#next_token #next_token} => String
|
1268
|
+
# * {Types::ListDatalakeExceptionsResponse#non_retryable_failures #non_retryable_failures} => Array<Types::FailuresResponse>
|
1269
|
+
#
|
1270
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1271
|
+
#
|
1272
|
+
# @example Request syntax with placeholder values
|
1273
|
+
#
|
1274
|
+
# resp = client.list_datalake_exceptions({
|
1275
|
+
# max_failures: 1,
|
1276
|
+
# next_token: "SafeString",
|
1277
|
+
# region_set: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1278
|
+
# })
|
1279
|
+
#
|
1280
|
+
# @example Response structure
|
1281
|
+
#
|
1282
|
+
# resp.next_token #=> String
|
1283
|
+
# resp.non_retryable_failures #=> Array
|
1284
|
+
# resp.non_retryable_failures[0].failures #=> Array
|
1285
|
+
# resp.non_retryable_failures[0].failures[0].exception_message #=> String
|
1286
|
+
# resp.non_retryable_failures[0].failures[0].remediation #=> String
|
1287
|
+
# resp.non_retryable_failures[0].failures[0].timestamp #=> Time
|
1288
|
+
# resp.non_retryable_failures[0].region #=> String
|
1289
|
+
#
|
1290
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDatalakeExceptions AWS API Documentation
|
1291
|
+
#
|
1292
|
+
# @overload list_datalake_exceptions(params = {})
|
1293
|
+
# @param [Hash] params ({})
|
1294
|
+
def list_datalake_exceptions(params = {}, options = {})
|
1295
|
+
req = build_request(:list_datalake_exceptions, params)
|
1296
|
+
req.send_request(options)
|
1297
|
+
end
|
1298
|
+
|
1299
|
+
# Lists the log sources in the current region.
|
1300
|
+
#
|
1301
|
+
# @option params [Array<String>] :input_order
|
1302
|
+
# Lists the log sources in input order, namely Region, source type, and
|
1303
|
+
# member account.
|
1304
|
+
#
|
1305
|
+
# @option params [Hash<String,Hash>] :list_all_dimensions
|
1306
|
+
# List the view of log sources for enabled Security Lake accounts in all
|
1307
|
+
# Regions and source types.
|
1308
|
+
#
|
1309
|
+
# @option params [Array<String>] :list_single_dimension
|
1310
|
+
# List the view of log sources for enabled Security Lake accounts for
|
1311
|
+
# the entire region.
|
1312
|
+
#
|
1313
|
+
# @option params [Hash<String,Array>] :list_two_dimensions
|
1314
|
+
# Lists the log sources for the specified source types in enabled
|
1315
|
+
# Security Lake accounts for the entire Region, for selected member
|
1316
|
+
# accounts.
|
1317
|
+
#
|
1318
|
+
# @option params [Integer] :max_results
|
1319
|
+
# The maximum number of accounts for which the configuration is
|
1320
|
+
# displayed.
|
1321
|
+
#
|
1322
|
+
# @option params [String] :next_token
|
1323
|
+
# If nextToken is returned, there are more results available. You can
|
1324
|
+
# make the call again using the returned token to retrieve the next
|
1325
|
+
# page.
|
1326
|
+
#
|
1327
|
+
# @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1328
|
+
#
|
1329
|
+
# * {Types::ListLogSourcesResponse#next_token #next_token} => String
|
1330
|
+
# * {Types::ListLogSourcesResponse#region_source_types_accounts_list #region_source_types_accounts_list} => Array<Hash<String,Hash<String,Array<String>>>>
|
1331
|
+
#
|
1332
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1333
|
+
#
|
1334
|
+
# @example Request syntax with placeholder values
|
1335
|
+
#
|
1336
|
+
# resp = client.list_log_sources({
|
1337
|
+
# input_order: ["REGION"], # accepts REGION, SOURCE_TYPE, MEMBER
|
1338
|
+
# list_all_dimensions: {
|
1339
|
+
# "String" => {
|
1340
|
+
# "String" => ["String"],
|
1341
|
+
# },
|
1342
|
+
# },
|
1343
|
+
# list_single_dimension: ["SafeString"],
|
1344
|
+
# list_two_dimensions: {
|
1345
|
+
# "String" => ["String"],
|
1346
|
+
# },
|
1347
|
+
# max_results: 1,
|
1348
|
+
# next_token: "SafeString",
|
1349
|
+
# })
|
1350
|
+
#
|
1351
|
+
# @example Response structure
|
1352
|
+
#
|
1353
|
+
# resp.next_token #=> String
|
1354
|
+
# resp.region_source_types_accounts_list #=> Array
|
1355
|
+
# resp.region_source_types_accounts_list[0] #=> Hash
|
1356
|
+
# resp.region_source_types_accounts_list[0]["String"] #=> Hash
|
1357
|
+
# resp.region_source_types_accounts_list[0]["String"]["String"] #=> Array
|
1358
|
+
# resp.region_source_types_accounts_list[0]["String"]["String"][0] #=> String
|
1359
|
+
#
|
1360
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
|
1361
|
+
#
|
1362
|
+
# @overload list_log_sources(params = {})
|
1363
|
+
# @param [Hash] params ({})
|
1364
|
+
def list_log_sources(params = {}, options = {})
|
1365
|
+
req = build_request(:list_log_sources, params)
|
1366
|
+
req.send_request(options)
|
1367
|
+
end
|
1368
|
+
|
1369
|
+
# List all subscribers for the specific Security Lake account ID.
|
1370
|
+
#
|
1371
|
+
# @option params [Integer] :max_results
|
1372
|
+
# The maximum number of accounts for which the configuration is
|
1373
|
+
# displayed.
|
1374
|
+
#
|
1375
|
+
# @option params [String] :next_token
|
1376
|
+
# If nextToken is returned, there are more results available. You can
|
1377
|
+
# make the call again using the returned token to retrieve the next
|
1378
|
+
# page.
|
1379
|
+
#
|
1380
|
+
# @return [Types::ListSubscribersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1381
|
+
#
|
1382
|
+
# * {Types::ListSubscribersResponse#next_token #next_token} => String
|
1383
|
+
# * {Types::ListSubscribersResponse#subscribers #subscribers} => Array<Types::SubscriberResource>
|
1384
|
+
#
|
1385
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1386
|
+
#
|
1387
|
+
# @example Request syntax with placeholder values
|
1388
|
+
#
|
1389
|
+
# resp = client.list_subscribers({
|
1390
|
+
# max_results: 1,
|
1391
|
+
# next_token: "SafeString",
|
1392
|
+
# })
|
1393
|
+
#
|
1394
|
+
# @example Response structure
|
1395
|
+
#
|
1396
|
+
# resp.next_token #=> String
|
1397
|
+
# resp.subscribers #=> Array
|
1398
|
+
# resp.subscribers[0].access_types #=> Array
|
1399
|
+
# resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1400
|
+
# resp.subscribers[0].account_id #=> String
|
1401
|
+
# resp.subscribers[0].created_at #=> Time
|
1402
|
+
# resp.subscribers[0].external_id #=> String
|
1403
|
+
# resp.subscribers[0].role_arn #=> String
|
1404
|
+
# resp.subscribers[0].s3_bucket_arn #=> String
|
1405
|
+
# resp.subscribers[0].sns_arn #=> String
|
1406
|
+
# resp.subscribers[0].source_types #=> Array
|
1407
|
+
# resp.subscribers[0].source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1408
|
+
# resp.subscribers[0].source_types[0].custom_source_type #=> String
|
1409
|
+
# resp.subscribers[0].subscriber_description #=> String
|
1410
|
+
# resp.subscribers[0].subscriber_name #=> String
|
1411
|
+
# resp.subscribers[0].subscription_endpoint #=> String
|
1412
|
+
# resp.subscribers[0].subscription_id #=> String
|
1413
|
+
# resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1414
|
+
# resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1415
|
+
# resp.subscribers[0].updated_at #=> Time
|
1416
|
+
#
|
1417
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
|
1418
|
+
#
|
1419
|
+
# @overload list_subscribers(params = {})
|
1420
|
+
# @param [Hash] params ({})
|
1421
|
+
def list_subscribers(params = {}, options = {})
|
1422
|
+
req = build_request(:list_subscribers, params)
|
1423
|
+
req.send_request(options)
|
1424
|
+
end
|
1425
|
+
|
1426
|
+
# Amazon Security Lake allows you to specify where to store your
|
1427
|
+
# security data and for how long. You can specify a rollup Region to
|
1428
|
+
# consolidate data from multiple regions.
|
1429
|
+
#
|
1430
|
+
# You can update the properties of a Region or source. Input can either
|
1431
|
+
# be directly specified to the API.
|
1432
|
+
#
|
1433
|
+
# @option params [required, Hash<String,Types::LakeConfigurationRequest>] :configurations
|
1434
|
+
# The configuration object
|
1435
|
+
#
|
1436
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1437
|
+
#
|
1438
|
+
# @example Request syntax with placeholder values
|
1439
|
+
#
|
1440
|
+
# resp = client.update_datalake({
|
1441
|
+
# configurations: { # required
|
1442
|
+
# "us-east-1" => {
|
1443
|
+
# encryption_key: "String",
|
1444
|
+
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1445
|
+
# replication_role_arn: "RoleArn",
|
1446
|
+
# retention_settings: [
|
1447
|
+
# {
|
1448
|
+
# retention_period: 1,
|
1449
|
+
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
1450
|
+
# },
|
1451
|
+
# ],
|
1452
|
+
# tags_map: {
|
1453
|
+
# "String" => "String",
|
1454
|
+
# },
|
1455
|
+
# },
|
1456
|
+
# },
|
1457
|
+
# })
|
1458
|
+
#
|
1459
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalake AWS API Documentation
|
1460
|
+
#
|
1461
|
+
# @overload update_datalake(params = {})
|
1462
|
+
# @param [Hash] params ({})
|
1463
|
+
def update_datalake(params = {}, options = {})
|
1464
|
+
req = build_request(:update_datalake, params)
|
1465
|
+
req.send_request(options)
|
1466
|
+
end
|
1467
|
+
|
1468
|
+
# Update the expiration period for the exception message to your
|
1469
|
+
# preferred time, and control the time-to-live (TTL) for the exception
|
1470
|
+
# message to remain. Exceptions are stored by default, for a 2 week
|
1471
|
+
# period of time from when a record was created in Security Lake.
|
1472
|
+
#
|
1473
|
+
# @option params [required, Integer] :exception_message_expiry
|
1474
|
+
# The time-to-live (TTL) for the exception message to remain.
|
1475
|
+
#
|
1476
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1477
|
+
#
|
1478
|
+
# @example Request syntax with placeholder values
|
1479
|
+
#
|
1480
|
+
# resp = client.update_datalake_exceptions_expiry({
|
1481
|
+
# exception_message_expiry: 1, # required
|
1482
|
+
# })
|
1483
|
+
#
|
1484
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsExpiry AWS API Documentation
|
1485
|
+
#
|
1486
|
+
# @overload update_datalake_exceptions_expiry(params = {})
|
1487
|
+
# @param [Hash] params ({})
|
1488
|
+
def update_datalake_exceptions_expiry(params = {}, options = {})
|
1489
|
+
req = build_request(:update_datalake_exceptions_expiry, params)
|
1490
|
+
req.send_request(options)
|
1491
|
+
end
|
1492
|
+
|
1493
|
+
# Update the subscription notification for exception notification.
|
1494
|
+
#
|
1495
|
+
# @option params [required, String] :notification_endpoint
|
1496
|
+
# The account which is subscribed to receive exception notifications.
|
1497
|
+
#
|
1498
|
+
# @option params [required, String] :subscription_protocol
|
1499
|
+
# The subscription protocol to which exception messages are posted.
|
1500
|
+
#
|
1501
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1502
|
+
#
|
1503
|
+
# @example Request syntax with placeholder values
|
1504
|
+
#
|
1505
|
+
# resp = client.update_datalake_exceptions_subscription({
|
1506
|
+
# notification_endpoint: "SafeString", # required
|
1507
|
+
# subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
|
1508
|
+
# })
|
1509
|
+
#
|
1510
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsSubscription AWS API Documentation
|
1511
|
+
#
|
1512
|
+
# @overload update_datalake_exceptions_subscription(params = {})
|
1513
|
+
# @param [Hash] params ({})
|
1514
|
+
def update_datalake_exceptions_subscription(params = {}, options = {})
|
1515
|
+
req = build_request(:update_datalake_exceptions_subscription, params)
|
1516
|
+
req.send_request(options)
|
1517
|
+
end
|
1518
|
+
|
1519
|
+
# Update the subscription permission for the given Security Lake account
|
1520
|
+
# ID.
|
1521
|
+
#
|
1522
|
+
# @option params [String] :external_id
|
1523
|
+
# External ID of the Security Lake account.
|
1524
|
+
#
|
1525
|
+
# @option params [required, String] :id
|
1526
|
+
# A value created by Security Lake that uniquely identifies your
|
1527
|
+
# `UpdateSubscriber` API request.
|
1528
|
+
#
|
1529
|
+
# @option params [Array<Types::SourceType>] :source_types
|
1530
|
+
# The supported Amazon Web Services services from which logs and events
|
1531
|
+
# are collected. Amazon Security Lake supports logs and events
|
1532
|
+
# collection for the following natively-supported Amazon Web Services
|
1533
|
+
# services. For more information, see the Amazon Security Lake User
|
1534
|
+
# Guide.
|
1535
|
+
#
|
1536
|
+
# @option params [String] :subscriber_description
|
1537
|
+
# Description of the Security Lake account subscriber.
|
1538
|
+
#
|
1539
|
+
# @option params [String] :subscriber_name
|
1540
|
+
# Name of the Security Lake account subscriber.
|
1541
|
+
#
|
1542
|
+
# @return [Types::UpdateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1543
|
+
#
|
1544
|
+
# * {Types::UpdateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
1545
|
+
#
|
1546
|
+
# @example Request syntax with placeholder values
|
1547
|
+
#
|
1548
|
+
# resp = client.update_subscriber({
|
1549
|
+
# external_id: "SafeString",
|
1550
|
+
# id: "String", # required
|
1551
|
+
# source_types: [
|
1552
|
+
# {
|
1553
|
+
# aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
1554
|
+
# custom_source_type: "CustomSourceType",
|
1555
|
+
# },
|
1556
|
+
# ],
|
1557
|
+
# subscriber_description: "SafeString",
|
1558
|
+
# subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
|
1559
|
+
# })
|
1560
|
+
#
|
1561
|
+
# @example Response structure
|
1562
|
+
#
|
1563
|
+
# resp.subscriber.access_types #=> Array
|
1564
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1565
|
+
# resp.subscriber.account_id #=> String
|
1566
|
+
# resp.subscriber.created_at #=> Time
|
1567
|
+
# resp.subscriber.external_id #=> String
|
1568
|
+
# resp.subscriber.role_arn #=> String
|
1569
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
1570
|
+
# resp.subscriber.sns_arn #=> String
|
1571
|
+
# resp.subscriber.source_types #=> Array
|
1572
|
+
# resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1573
|
+
# resp.subscriber.source_types[0].custom_source_type #=> String
|
1574
|
+
# resp.subscriber.subscriber_description #=> String
|
1575
|
+
# resp.subscriber.subscriber_name #=> String
|
1576
|
+
# resp.subscriber.subscription_endpoint #=> String
|
1577
|
+
# resp.subscriber.subscription_id #=> String
|
1578
|
+
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1579
|
+
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1580
|
+
# resp.subscriber.updated_at #=> Time
|
1581
|
+
#
|
1582
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
|
1583
|
+
#
|
1584
|
+
# @overload update_subscriber(params = {})
|
1585
|
+
# @param [Hash] params ({})
|
1586
|
+
def update_subscriber(params = {}, options = {})
|
1587
|
+
req = build_request(:update_subscriber, params)
|
1588
|
+
req.send_request(options)
|
1589
|
+
end
|
1590
|
+
|
1591
|
+
# Create a new subscription notification or add the existing
|
1592
|
+
# subscription notification setting for the specified subscription ID.
|
1593
|
+
#
|
1594
|
+
# @option params [Boolean] :create_sqs
|
1595
|
+
# Create a new subscription notification for the specified subscription
|
1596
|
+
# ID in Security Lake.
|
1597
|
+
#
|
1598
|
+
# @option params [String] :https_api_key_name
|
1599
|
+
# The key name for the subscription notification.
|
1600
|
+
#
|
1601
|
+
# @option params [String] :https_api_key_value
|
1602
|
+
# The key value for the subscription notification.
|
1603
|
+
#
|
1604
|
+
# @option params [String] :https_method
|
1605
|
+
# The HTTPS method used for the subscription notification.
|
1606
|
+
#
|
1607
|
+
# @option params [String] :role_arn
|
1608
|
+
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
1609
|
+
#
|
1610
|
+
# @option params [String] :subscription_endpoint
|
1611
|
+
# The subscription endpoint in Security Lake.
|
1612
|
+
#
|
1613
|
+
# @option params [required, String] :subscription_id
|
1614
|
+
# The subscription ID for which the subscription notification is
|
1615
|
+
# specified.
|
1616
|
+
#
|
1617
|
+
# @return [Types::UpdateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1618
|
+
#
|
1619
|
+
# * {Types::UpdateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
1620
|
+
#
|
1621
|
+
# @example Request syntax with placeholder values
|
1622
|
+
#
|
1623
|
+
# resp = client.update_subscription_notification_configuration({
|
1624
|
+
# create_sqs: false,
|
1625
|
+
# https_api_key_name: "String",
|
1626
|
+
# https_api_key_value: "String",
|
1627
|
+
# https_method: "POST", # accepts POST, PUT
|
1628
|
+
# role_arn: "RoleArn",
|
1629
|
+
# subscription_endpoint: "UpdateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
|
1630
|
+
# subscription_id: "UUID", # required
|
1631
|
+
# })
|
1632
|
+
#
|
1633
|
+
# @example Response structure
|
1634
|
+
#
|
1635
|
+
# resp.queue_arn #=> String
|
1636
|
+
#
|
1637
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriptionNotificationConfiguration AWS API Documentation
|
1638
|
+
#
|
1639
|
+
# @overload update_subscription_notification_configuration(params = {})
|
1640
|
+
# @param [Hash] params ({})
|
1641
|
+
def update_subscription_notification_configuration(params = {}, options = {})
|
1642
|
+
req = build_request(:update_subscription_notification_configuration, params)
|
1643
|
+
req.send_request(options)
|
1644
|
+
end
|
1645
|
+
|
1646
|
+
# @!endgroup
|
1647
|
+
|
1648
|
+
# @param params ({})
|
1649
|
+
# @api private
|
1650
|
+
def build_request(operation_name, params = {})
|
1651
|
+
handlers = @handlers.for(operation_name)
|
1652
|
+
context = Seahorse::Client::RequestContext.new(
|
1653
|
+
operation_name: operation_name,
|
1654
|
+
operation: config.api.operation(operation_name),
|
1655
|
+
client: self,
|
1656
|
+
params: params,
|
1657
|
+
config: config)
|
1658
|
+
context[:gem_name] = 'aws-sdk-securitylake'
|
1659
|
+
context[:gem_version] = '1.0.0'
|
1660
|
+
Seahorse::Client::Request.new(handlers, context)
|
1661
|
+
end
|
1662
|
+
|
1663
|
+
# @api private
|
1664
|
+
# @deprecated
|
1665
|
+
def waiter_names
|
1666
|
+
[]
|
1667
|
+
end
|
1668
|
+
|
1669
|
+
class << self
|
1670
|
+
|
1671
|
+
# @api private
|
1672
|
+
attr_reader :identifier
|
1673
|
+
|
1674
|
+
# @api private
|
1675
|
+
def errors_module
|
1676
|
+
Errors
|
1677
|
+
end
|
1678
|
+
|
1679
|
+
end
|
1680
|
+
end
|
1681
|
+
end
|