aws-sdk-securitylake 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,1681 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
32
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
35
+
36
+ Aws::Plugins::GlobalConfiguration.add_identifier(:securitylake)
37
+
38
+ module Aws::SecurityLake
39
+ # An API client for SecurityLake. To construct a client, you need to configure a `:region` and `:credentials`.
40
+ #
41
+ # client = Aws::SecurityLake::Client.new(
42
+ # region: region_name,
43
+ # credentials: credentials,
44
+ # # ...
45
+ # )
46
+ #
47
+ # For details on configuring region and credentials see
48
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
49
+ #
50
+ # See {#initialize} for a full list of supported configuration options.
51
+ class Client < Seahorse::Client::Base
52
+
53
+ include Aws::ClientStubs
54
+
55
+ @identifier = :securitylake
56
+
57
+ set_api(ClientApi::API)
58
+
59
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
60
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
61
+ add_plugin(Aws::Plugins::Logging)
62
+ add_plugin(Aws::Plugins::ParamConverter)
63
+ add_plugin(Aws::Plugins::ParamValidator)
64
+ add_plugin(Aws::Plugins::UserAgent)
65
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
66
+ add_plugin(Aws::Plugins::RetryErrors)
67
+ add_plugin(Aws::Plugins::GlobalConfiguration)
68
+ add_plugin(Aws::Plugins::RegionalEndpoint)
69
+ add_plugin(Aws::Plugins::EndpointDiscovery)
70
+ add_plugin(Aws::Plugins::EndpointPattern)
71
+ add_plugin(Aws::Plugins::ResponsePaging)
72
+ add_plugin(Aws::Plugins::StubResponses)
73
+ add_plugin(Aws::Plugins::IdempotencyToken)
74
+ add_plugin(Aws::Plugins::JsonvalueConverter)
75
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
76
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
77
+ add_plugin(Aws::Plugins::TransferEncoding)
78
+ add_plugin(Aws::Plugins::HttpChecksum)
79
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
+ add_plugin(Aws::Plugins::DefaultsMode)
81
+ add_plugin(Aws::Plugins::RecursionDetection)
82
+ add_plugin(Aws::Plugins::Sign)
83
+ add_plugin(Aws::Plugins::Protocols::RestJson)
84
+ add_plugin(Aws::SecurityLake::Plugins::Endpoints)
85
+
86
+ # @overload initialize(options)
87
+ # @param [Hash] options
88
+ # @option options [required, Aws::CredentialProvider] :credentials
89
+ # Your AWS credentials. This can be an instance of any one of the
90
+ # following classes:
91
+ #
92
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
93
+ # credentials.
94
+ #
95
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
96
+ # shared file, such as `~/.aws/config`.
97
+ #
98
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
99
+ #
100
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
101
+ # assume a role after providing credentials via the web.
102
+ #
103
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
104
+ # access token generated from `aws login`.
105
+ #
106
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
107
+ # process that outputs to stdout.
108
+ #
109
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
110
+ # from an EC2 IMDS on an EC2 instance.
111
+ #
112
+ # * `Aws::ECSCredentials` - Used for loading credentials from
113
+ # instances running in ECS.
114
+ #
115
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
116
+ # from the Cognito Identity service.
117
+ #
118
+ # When `:credentials` are not configured directly, the following
119
+ # locations will be searched for credentials:
120
+ #
121
+ # * `Aws.config[:credentials]`
122
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
123
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
124
+ # * `~/.aws/credentials`
125
+ # * `~/.aws/config`
126
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
127
+ # are very aggressive. Construct and pass an instance of
128
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
129
+ # enable retries and extended timeouts. Instance profile credential
130
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
131
+ # to true.
132
+ #
133
+ # @option options [required, String] :region
134
+ # The AWS region to connect to. The configured `:region` is
135
+ # used to determine the service `:endpoint`. When not passed,
136
+ # a default `:region` is searched for in the following locations:
137
+ #
138
+ # * `Aws.config[:region]`
139
+ # * `ENV['AWS_REGION']`
140
+ # * `ENV['AMAZON_REGION']`
141
+ # * `ENV['AWS_DEFAULT_REGION']`
142
+ # * `~/.aws/credentials`
143
+ # * `~/.aws/config`
144
+ #
145
+ # @option options [String] :access_key_id
146
+ #
147
+ # @option options [Boolean] :active_endpoint_cache (false)
148
+ # When set to `true`, a thread polling for endpoints will be running in
149
+ # the background every 60 secs (default). Defaults to `false`.
150
+ #
151
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
152
+ # Used only in `adaptive` retry mode. When true, the request will sleep
153
+ # until there is sufficent client side capacity to retry the request.
154
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
155
+ # not retry instead of sleeping.
156
+ #
157
+ # @option options [Boolean] :client_side_monitoring (false)
158
+ # When `true`, client-side metrics will be collected for all API requests from
159
+ # this client.
160
+ #
161
+ # @option options [String] :client_side_monitoring_client_id ("")
162
+ # Allows you to provide an identifier for this client which will be attached to
163
+ # all generated client side metrics. Defaults to an empty string.
164
+ #
165
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
166
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
167
+ # side monitoring agent is running on, where client metrics will be published via UDP.
168
+ #
169
+ # @option options [Integer] :client_side_monitoring_port (31000)
170
+ # Required for publishing client metrics. The port that the client side monitoring
171
+ # agent is running on, where client metrics will be published via UDP.
172
+ #
173
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
174
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
175
+ # will use the Client Side Monitoring Agent Publisher.
176
+ #
177
+ # @option options [Boolean] :convert_params (true)
178
+ # When `true`, an attempt is made to coerce request parameters into
179
+ # the required types.
180
+ #
181
+ # @option options [Boolean] :correct_clock_skew (true)
182
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
183
+ # a clock skew correction and retry requests with skewed client clocks.
184
+ #
185
+ # @option options [String] :defaults_mode ("legacy")
186
+ # See {Aws::DefaultsModeConfiguration} for a list of the
187
+ # accepted modes and the configuration defaults that are included.
188
+ #
189
+ # @option options [Boolean] :disable_host_prefix_injection (false)
190
+ # Set to true to disable SDK automatically adding host prefix
191
+ # to default service endpoint when available.
192
+ #
193
+ # @option options [String] :endpoint
194
+ # The client endpoint is normally constructed from the `:region`
195
+ # option. You should only configure an `:endpoint` when connecting
196
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
197
+ #
198
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
199
+ # Used for the maximum size limit of the LRU cache storing endpoints data
200
+ # for endpoint discovery enabled operations. Defaults to 1000.
201
+ #
202
+ # @option options [Integer] :endpoint_cache_max_threads (10)
203
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
204
+ #
205
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
206
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
207
+ # Use this option to config the time interval in seconds for making
208
+ # requests fetching endpoints information. Defaults to 60 sec.
209
+ #
210
+ # @option options [Boolean] :endpoint_discovery (false)
211
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
212
+ #
213
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
214
+ # The log formatter.
215
+ #
216
+ # @option options [Symbol] :log_level (:info)
217
+ # The log level to send messages to the `:logger` at.
218
+ #
219
+ # @option options [Logger] :logger
220
+ # The Logger instance to send log messages to. If this option
221
+ # is not set, logging will be disabled.
222
+ #
223
+ # @option options [Integer] :max_attempts (3)
224
+ # An integer representing the maximum number attempts that will be made for
225
+ # a single request, including the initial attempt. For example,
226
+ # setting this value to 5 will result in a request being retried up to
227
+ # 4 times. Used in `standard` and `adaptive` retry modes.
228
+ #
229
+ # @option options [String] :profile ("default")
230
+ # Used when loading credentials from the shared credentials file
231
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
232
+ #
233
+ # @option options [Proc] :retry_backoff
234
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
235
+ # This option is only used in the `legacy` retry mode.
236
+ #
237
+ # @option options [Float] :retry_base_delay (0.3)
238
+ # The base delay in seconds used by the default backoff function. This option
239
+ # is only used in the `legacy` retry mode.
240
+ #
241
+ # @option options [Symbol] :retry_jitter (:none)
242
+ # A delay randomiser function used by the default backoff function.
243
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
244
+ # otherwise a Proc that takes and returns a number. This option is only used
245
+ # in the `legacy` retry mode.
246
+ #
247
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
248
+ #
249
+ # @option options [Integer] :retry_limit (3)
250
+ # The maximum number of times to retry failed requests. Only
251
+ # ~ 500 level server errors and certain ~ 400 level client errors
252
+ # are retried. Generally, these are throttling errors, data
253
+ # checksum errors, networking errors, timeout errors, auth errors,
254
+ # endpoint discovery, and errors from expired credentials.
255
+ # This option is only used in the `legacy` retry mode.
256
+ #
257
+ # @option options [Integer] :retry_max_delay (0)
258
+ # The maximum number of seconds to delay between retries (0 for no limit)
259
+ # used by the default backoff function. This option is only used in the
260
+ # `legacy` retry mode.
261
+ #
262
+ # @option options [String] :retry_mode ("legacy")
263
+ # Specifies which retry algorithm to use. Values are:
264
+ #
265
+ # * `legacy` - The pre-existing retry behavior. This is default value if
266
+ # no retry mode is provided.
267
+ #
268
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
269
+ # This includes support for retry quotas, which limit the number of
270
+ # unsuccessful retries a client can make.
271
+ #
272
+ # * `adaptive` - An experimental retry mode that includes all the
273
+ # functionality of `standard` mode along with automatic client side
274
+ # throttling. This is a provisional mode that may change behavior
275
+ # in the future.
276
+ #
277
+ #
278
+ # @option options [String] :secret_access_key
279
+ #
280
+ # @option options [String] :session_token
281
+ #
282
+ # @option options [Boolean] :stub_responses (false)
283
+ # Causes the client to return stubbed responses. By default
284
+ # fake responses are generated and returned. You can specify
285
+ # the response data to return or errors to raise by calling
286
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
287
+ #
288
+ # ** Please note ** When response stubbing is enabled, no HTTP
289
+ # requests are made, and retries are disabled.
290
+ #
291
+ # @option options [Aws::TokenProvider] :token_provider
292
+ # A Bearer Token Provider. This can be an instance of any one of the
293
+ # following classes:
294
+ #
295
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
296
+ # tokens.
297
+ #
298
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
299
+ # access token generated from `aws login`.
300
+ #
301
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
302
+ # will be used to search for tokens configured for your profile in shared configuration files.
303
+ #
304
+ # @option options [Boolean] :use_dualstack_endpoint
305
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
306
+ # will be used if available.
307
+ #
308
+ # @option options [Boolean] :use_fips_endpoint
309
+ # When set to `true`, fips compatible endpoints will be used if available.
310
+ # When a `fips` region is used, the region is normalized and this config
311
+ # is set to `true`.
312
+ #
313
+ # @option options [Boolean] :validate_params (true)
314
+ # When `true`, request parameters are validated before
315
+ # sending the request.
316
+ #
317
+ # @option options [Aws::SecurityLake::EndpointProvider] :endpoint_provider
318
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SecurityLake::EndpointParameters`
319
+ #
320
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
321
+ # requests through. Formatted like 'http://proxy.com:123'.
322
+ #
323
+ # @option options [Float] :http_open_timeout (15) The number of
324
+ # seconds to wait when opening a HTTP session before raising a
325
+ # `Timeout::Error`.
326
+ #
327
+ # @option options [Float] :http_read_timeout (60) The default
328
+ # number of seconds to wait for response data. This value can
329
+ # safely be set per-request on the session.
330
+ #
331
+ # @option options [Float] :http_idle_timeout (5) The number of
332
+ # seconds a connection is allowed to sit idle before it is
333
+ # considered stale. Stale connections are closed and removed
334
+ # from the pool before making a request.
335
+ #
336
+ # @option options [Float] :http_continue_timeout (1) The number of
337
+ # seconds to wait for a 100-continue response before sending the
338
+ # request body. This option has no effect unless the request has
339
+ # "Expect" header set to "100-continue". Defaults to `nil` which
340
+ # disables this behaviour. This value can safely be set per
341
+ # request on the session.
342
+ #
343
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
344
+ # in seconds.
345
+ #
346
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
347
+ # HTTP debug output will be sent to the `:logger`.
348
+ #
349
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
350
+ # SSL peer certificates are verified when establishing a
351
+ # connection.
352
+ #
353
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
354
+ # certificate authority bundle file that should be used when
355
+ # verifying peer certificates. If you do not pass
356
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
357
+ # will be used if available.
358
+ #
359
+ # @option options [String] :ssl_ca_directory Full path of the
360
+ # directory that contains the unbundled SSL certificate
361
+ # authority files for verifying peer certificates. If you do
362
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
363
+ # system default will be used if available.
364
+ #
365
+ def initialize(*args)
366
+ super
367
+ end
368
+
369
+ # @!group API Operations
370
+
371
+ # Adds a natively-supported Amazon Web Services service as a Security
372
+ # Lake source. Enables source types for member accounts in required
373
+ # Regions, based on specified parameters. You can choose any source type
374
+ # in any Region for accounts that are either part of a trusted
375
+ # organization or standalone accounts. At least one of the three
376
+ # dimensions is a mandatory input to this API. However, any combination
377
+ # of the three dimensions can be supplied to this API.
378
+ #
379
+ # By default, dimension refers to the entire set. When you don't
380
+ # provide a dimension, Security Lake assumes that the missing dimension
381
+ # refers to the entire set. This is overridden when you supply any one
382
+ # of the inputs. For instance, when members is not specified, the API
383
+ # disables all Security Lake member accounts for sources. Similarly,
384
+ # when Regions are not specified, Security Lake is disabled for all the
385
+ # Regions where Security Lake is available as a service.
386
+ #
387
+ # You can use this API only to enable a natively-supported Amazon Web
388
+ # Services services as a source. Use `CreateCustomLogSource` to enable
389
+ # data collection from a custom source.
390
+ #
391
+ # @option params [Hash<String,Hash>] :enable_all_dimensions
392
+ # Enables specific sources in all Regions and source types.
393
+ #
394
+ # @option params [Array<String>] :enable_single_dimension
395
+ # Enables all sources in specific accounts or Regions.
396
+ #
397
+ # @option params [Hash<String,Array>] :enable_two_dimensions
398
+ # Enables specific service sources in specific accounts or Regions.
399
+ #
400
+ # @option params [required, Array<String>] :input_order
401
+ # Specifies the input order to enable dimensions in Security Lake,
402
+ # namely region, source type, and member account.
403
+ #
404
+ # @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
405
+ #
406
+ # * {Types::CreateAwsLogSourceResponse#failed #failed} => Array&lt;String&gt;
407
+ # * {Types::CreateAwsLogSourceResponse#processing #processing} => Array&lt;String&gt;
408
+ #
409
+ # @example Request syntax with placeholder values
410
+ #
411
+ # resp = client.create_aws_log_source({
412
+ # enable_all_dimensions: {
413
+ # "String" => {
414
+ # "String" => ["String"],
415
+ # },
416
+ # },
417
+ # enable_single_dimension: ["SafeString"],
418
+ # enable_two_dimensions: {
419
+ # "String" => ["String"],
420
+ # },
421
+ # input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
422
+ # })
423
+ #
424
+ # @example Response structure
425
+ #
426
+ # resp.failed #=> Array
427
+ # resp.failed[0] #=> String
428
+ # resp.processing #=> Array
429
+ # resp.processing[0] #=> String
430
+ #
431
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
432
+ #
433
+ # @overload create_aws_log_source(params = {})
434
+ # @param [Hash] params ({})
435
+ def create_aws_log_source(params = {}, options = {})
436
+ req = build_request(:create_aws_log_source, params)
437
+ req.send_request(options)
438
+ end
439
+
440
+ # Adds a third-party custom source in Amazon Security Lake, from the
441
+ # Region where you want to create a custom source. Security Lake can
442
+ # collect logs and events from third-party custom sources. After
443
+ # creating the appropriate API roles, use this API to add a custom
444
+ # source name in Security Lake. This operation creates a partition in
445
+ # the Security Lake S3 bucket as the target location for log files from
446
+ # the custom source, an associated Glue table, and an Glue crawler.
447
+ #
448
+ # @option params [required, String] :custom_source_name
449
+ # The custom source name for a third-party custom source.
450
+ #
451
+ # @option params [required, String] :event_class
452
+ # The Open Cybersecurity Schema Framework (OCSF) event class.
453
+ #
454
+ # @option params [required, String] :glue_invocation_role_arn
455
+ # The IAM Role ARN to be used by the Glue Crawler. The recommended IAM
456
+ # policies are:
457
+ #
458
+ # * The managed policy `AWSGlueServiceRole`
459
+ #
460
+ # * A custom policy granting access to your S3 Data Lake
461
+ #
462
+ # @option params [required, String] :log_provider_account_id
463
+ # The Account ID that will assume the above Role to put logs into the
464
+ # Data Lake.
465
+ #
466
+ # @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
467
+ #
468
+ # * {Types::CreateCustomLogSourceResponse#custom_data_location #custom_data_location} => String
469
+ # * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
470
+ # * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
471
+ # * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
472
+ # * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
473
+ #
474
+ # @example Request syntax with placeholder values
475
+ #
476
+ # resp = client.create_custom_log_source({
477
+ # custom_source_name: "CustomSourceType", # required
478
+ # event_class: "ACCESS_ACTIVITY", # required, accepts ACCESS_ACTIVITY, FILE_ACTIVITY, KERNEL_ACTIVITY, KERNEL_EXTENSION, MEMORY_ACTIVITY, MODULE_ACTIVITY, PROCESS_ACTIVITY, REGISTRY_KEY_ACTIVITY, REGISTRY_VALUE_ACTIVITY, RESOURCE_ACTIVITY, SCHEDULED_JOB_ACTIVITY, SECURITY_FINDING, ACCOUNT_CHANGE, AUTHENTICATION, AUTHORIZATION, ENTITY_MANAGEMENT_AUDIT, DHCP_ACTIVITY, NETWORK_ACTIVITY, DNS_ACTIVITY, FTP_ACTIVITY, HTTP_ACTIVITY, RDP_ACTIVITY, SMB_ACTIVITY, SSH_ACTIVITY, CLOUD_API, CONTAINER_LIFECYCLE, DATABASE_LIFECYCLE, CONFIG_STATE, CLOUD_STORAGE, INVENTORY_INFO, RFB_ACTIVITY, SMTP_ACTIVITY, VIRTUAL_MACHINE_ACTIVITY
479
+ # glue_invocation_role_arn: "RoleArn", # required
480
+ # log_provider_account_id: "AwsAccountId", # required
481
+ # })
482
+ #
483
+ # @example Response structure
484
+ #
485
+ # resp.custom_data_location #=> String
486
+ # resp.glue_crawler_name #=> String
487
+ # resp.glue_database_name #=> String
488
+ # resp.glue_table_name #=> String
489
+ # resp.log_provider_access_role_arn #=> String
490
+ #
491
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
492
+ #
493
+ # @overload create_custom_log_source(params = {})
494
+ # @param [Hash] params ({})
495
+ def create_custom_log_source(params = {}, options = {})
496
+ req = build_request(:create_custom_log_source, params)
497
+ req.send_request(options)
498
+ end
499
+
500
+ # Initializes an Amazon Security Lake instance with the provided (or
501
+ # default) configuration. You can enable Security Lake in Regions with
502
+ # customized settings in advance before enabling log collection in
503
+ # Regions. You can either use the `enableAll` parameter to specify all
504
+ # Regions or you can specify the Regions you want to enable Security
505
+ # Lake using the `Regions` parameter and configure these Regions using
506
+ # the `configurations` parameter. When the `CreateDataLake` API is
507
+ # called multiple times, if that Region is already enabled, it will
508
+ # update the Region if configuration for that Region is provided. If
509
+ # that Region is a new Region, it will be set up with the customized
510
+ # configurations if it is specified.
511
+ #
512
+ # When you enable Security Lake, it starts ingesting security data after
513
+ # the `CreateAwsLogSource` call. This includes ingesting security data
514
+ # from sources, storing data, and making data accessible to subscribers.
515
+ # Security Lake also enables all the existing settings and resources
516
+ # that it stores or maintains for your account in the current Region,
517
+ # including security log and event data. For more information, see the
518
+ # Amazon Security Lake User Guide.
519
+ #
520
+ # @option params [Hash<String,Types::LakeConfigurationRequest>] :configurations
521
+ # Enable Security Lake with the specified configurations settings to
522
+ # begin ingesting security data.
523
+ #
524
+ # @option params [Boolean] :enable_all
525
+ # Enable Security Lake in all Regions to begin ingesting security data.
526
+ #
527
+ # @option params [String] :meta_store_manager_role_arn
528
+ # The Role ARN used to create and update the Glue table with partitions
529
+ # generated by ingestion and normalization of Amazon Web Services log
530
+ # sources and custom sources.
531
+ #
532
+ # @option params [Array<String>] :regions
533
+ # Enable Security Lake in the specified Regions to begin ingesting
534
+ # security data. To enable Security Lake in specific Amazon Web Services
535
+ # Regions, such as us-east-1 or ap-northeast-3, provide the Region
536
+ # codes. For a list of Region codes, see [Region codes][1] in the Amazon
537
+ # Web Services General Reference.
538
+ #
539
+ #
540
+ #
541
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints
542
+ #
543
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
544
+ #
545
+ # @example Request syntax with placeholder values
546
+ #
547
+ # resp = client.create_datalake({
548
+ # configurations: {
549
+ # "us-east-1" => {
550
+ # encryption_key: "String",
551
+ # replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
552
+ # replication_role_arn: "RoleArn",
553
+ # retention_settings: [
554
+ # {
555
+ # retention_period: 1,
556
+ # storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
557
+ # },
558
+ # ],
559
+ # tags_map: {
560
+ # "String" => "String",
561
+ # },
562
+ # },
563
+ # },
564
+ # enable_all: false,
565
+ # meta_store_manager_role_arn: "RoleArn",
566
+ # regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
567
+ # })
568
+ #
569
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalake AWS API Documentation
570
+ #
571
+ # @overload create_datalake(params = {})
572
+ # @param [Hash] params ({})
573
+ def create_datalake(params = {}, options = {})
574
+ req = build_request(:create_datalake, params)
575
+ req.send_request(options)
576
+ end
577
+
578
+ # Automatically enable Security Lake in the specified Regions to begin
579
+ # ingesting security data. When you choose to enable organization
580
+ # accounts automatically, then Security Lake begins to enable new
581
+ # accounts as member accounts as they are added to the organization.
582
+ # Security Lake does not enable existing organization accounts that are
583
+ # not yet enabled.
584
+ #
585
+ # @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
586
+ # Enable Amazon Security Lake with the specified configurations settings
587
+ # to begin ingesting security data for new accounts in Security Lake.
588
+ #
589
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
590
+ #
591
+ # @example Request syntax with placeholder values
592
+ #
593
+ # resp = client.create_datalake_auto_enable({
594
+ # configuration_for_new_accounts: [ # required
595
+ # {
596
+ # region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
597
+ # sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
598
+ # },
599
+ # ],
600
+ # })
601
+ #
602
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeAutoEnable AWS API Documentation
603
+ #
604
+ # @overload create_datalake_auto_enable(params = {})
605
+ # @param [Hash] params ({})
606
+ def create_datalake_auto_enable(params = {}, options = {})
607
+ req = build_request(:create_datalake_auto_enable, params)
608
+ req.send_request(options)
609
+ end
610
+
611
+ # Designates the Security Lake administrator account for the
612
+ # organization. This API can only be called by the organization
613
+ # management account. The organization management account cannot be the
614
+ # delegated administrator account.
615
+ #
616
+ # @option params [required, String] :account
617
+ # Account ID of the Security Lake delegated administrator.
618
+ #
619
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
620
+ #
621
+ # @example Request syntax with placeholder values
622
+ #
623
+ # resp = client.create_datalake_delegated_admin({
624
+ # account: "SafeString", # required
625
+ # })
626
+ #
627
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeDelegatedAdmin AWS API Documentation
628
+ #
629
+ # @overload create_datalake_delegated_admin(params = {})
630
+ # @param [Hash] params ({})
631
+ def create_datalake_delegated_admin(params = {}, options = {})
632
+ req = build_request(:create_datalake_delegated_admin, params)
633
+ req.send_request(options)
634
+ end
635
+
636
+ # Creates the specified notification subscription in Security Lake.
637
+ # Creates the specified subscription notifications in the specified
638
+ # organization.
639
+ #
640
+ # @option params [required, String] :notification_endpoint
641
+ # The account in which the exception notifications subscription is
642
+ # created.
643
+ #
644
+ # @option params [required, String] :subscription_protocol
645
+ # The subscription protocol to which exception messages are posted.
646
+ #
647
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
648
+ #
649
+ # @example Request syntax with placeholder values
650
+ #
651
+ # resp = client.create_datalake_exceptions_subscription({
652
+ # notification_endpoint: "SafeString", # required
653
+ # subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
654
+ # })
655
+ #
656
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeExceptionsSubscription AWS API Documentation
657
+ #
658
+ # @overload create_datalake_exceptions_subscription(params = {})
659
+ # @param [Hash] params ({})
660
+ def create_datalake_exceptions_subscription(params = {}, options = {})
661
+ req = build_request(:create_datalake_exceptions_subscription, params)
662
+ req.send_request(options)
663
+ end
664
+
665
+ # Creates a subscription permission for accounts that are already
666
+ # enabled in Security Lake.
667
+ #
668
+ # @option params [Array<String>] :access_types
669
+ # The Amazon S3 or Lake Formation access type.
670
+ #
671
+ # @option params [required, String] :account_id
672
+ # The third party Amazon Web Services account ID used to access your
673
+ # data.
674
+ #
675
+ # @option params [required, String] :external_id
676
+ # The external ID of the subscriber. External ID allows the user that is
677
+ # assuming the role to assert the circumstances in which they are
678
+ # operating. It also provides a way for the account owner to permit the
679
+ # role to be assumed only under specific circumstances.
680
+ #
681
+ # @option params [required, Array<Types::SourceType>] :source_types
682
+ # The supported Amazon Web Services services from which logs and events
683
+ # are collected. Amazon Security Lake supports logs and events
684
+ # collection for natively-supported Amazon Web Services services.
685
+ #
686
+ # @option params [String] :subscriber_description
687
+ # The subscriber descriptions for the subscriber account in Amazon
688
+ # Security Lake.
689
+ #
690
+ # @option params [required, String] :subscriber_name
691
+ # The name of your Amazon Security Lake subscriber account.
692
+ #
693
+ # @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
694
+ #
695
+ # * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
696
+ # * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
697
+ # * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
698
+ # * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
699
+ #
700
+ # @example Request syntax with placeholder values
701
+ #
702
+ # resp = client.create_subscriber({
703
+ # access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
704
+ # account_id: "AwsAccountId", # required
705
+ # external_id: "SafeString", # required
706
+ # source_types: [ # required
707
+ # {
708
+ # aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
709
+ # custom_source_type: "CustomSourceType",
710
+ # },
711
+ # ],
712
+ # subscriber_description: "SafeString",
713
+ # subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
714
+ # })
715
+ #
716
+ # @example Response structure
717
+ #
718
+ # resp.role_arn #=> String
719
+ # resp.s3_bucket_arn #=> String
720
+ # resp.sns_arn #=> String
721
+ # resp.subscription_id #=> String
722
+ #
723
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
724
+ #
725
+ # @overload create_subscriber(params = {})
726
+ # @param [Hash] params ({})
727
+ def create_subscriber(params = {}, options = {})
728
+ req = build_request(:create_subscriber, params)
729
+ req.send_request(options)
730
+ end
731
+
732
+ # Creates the specified notification subscription in Security Lake.
733
+ # Creates the specified subscription notifications from the specified
734
+ # organization.
735
+ #
736
+ # @option params [Boolean] :create_sqs
737
+ # Create a new subscription notification for the specified subscription
738
+ # ID in Security Lake.
739
+ #
740
+ # @option params [String] :https_api_key_name
741
+ # The key name for the subscription notification.
742
+ #
743
+ # @option params [String] :https_api_key_value
744
+ # The key value for the subscription notification.
745
+ #
746
+ # @option params [String] :https_method
747
+ # The HTTPS method used for the subscription notification.
748
+ #
749
+ # @option params [String] :role_arn
750
+ # The Amazon Resource Name (ARN) specifying the role of the subscriber.
751
+ #
752
+ # @option params [String] :subscription_endpoint
753
+ # The subscription endpoint in Security Lake.
754
+ #
755
+ # @option params [required, String] :subscription_id
756
+ # The subscription ID for which the subscription notification is
757
+ # specified.
758
+ #
759
+ # @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
760
+ #
761
+ # * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
762
+ #
763
+ # @example Request syntax with placeholder values
764
+ #
765
+ # resp = client.create_subscription_notification_configuration({
766
+ # create_sqs: false,
767
+ # https_api_key_name: "String",
768
+ # https_api_key_value: "String",
769
+ # https_method: "POST", # accepts POST, PUT
770
+ # role_arn: "RoleArn",
771
+ # subscription_endpoint: "CreateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
772
+ # subscription_id: "UUID", # required
773
+ # })
774
+ #
775
+ # @example Response structure
776
+ #
777
+ # resp.queue_arn #=> String
778
+ #
779
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfiguration AWS API Documentation
780
+ #
781
+ # @overload create_subscription_notification_configuration(params = {})
782
+ # @param [Hash] params ({})
783
+ def create_subscription_notification_configuration(params = {}, options = {})
784
+ req = build_request(:create_subscription_notification_configuration, params)
785
+ req.send_request(options)
786
+ end
787
+
788
+ # Removes a natively-supported Amazon Web Services service as a Amazon
789
+ # Security Lake source. When you remove the source, Security Lake stops
790
+ # collecting data from that source, and subscribers can no longer
791
+ # consume new data from the source. Subscribers can still consume data
792
+ # that Amazon Security Lake collected from the source before
793
+ # disablement.
794
+ #
795
+ # You can choose any source type in any Region for accounts that are
796
+ # either part of a trusted organization or standalone accounts. At least
797
+ # one of the three dimensions is a mandatory input to this API. However,
798
+ # any combination of the three dimensions can be supplied to this API.
799
+ #
800
+ # By default, dimension refers to the entire set. This is overridden
801
+ # when you supply any one of the inputs. For instance, when members is
802
+ # not specified, the API disables all Security Lake member accounts for
803
+ # sources. Similarly, when Regions are not specified, Security Lake is
804
+ # disabled for all the Regions where Security Lake is available as a
805
+ # service.
806
+ #
807
+ # You can use this API to remove a natively-supported Amazon Web
808
+ # Services service as a source. Use `DeregisterCustomData` to remove a
809
+ # custom source.
810
+ #
811
+ # When you don't provide a dimension, Security Lake assumes that the
812
+ # missing dimension refers to the entire set. For example, if you don't
813
+ # provide specific accounts, the API applies to the entire set of
814
+ # accounts in your organization.
815
+ #
816
+ # @option params [Hash<String,Hash>] :disable_all_dimensions
817
+ # Removes the specific Amazon Web Services sources from all Regions and
818
+ # source types.
819
+ #
820
+ # @option params [Array<String>] :disable_single_dimension
821
+ # Removes all Amazon Web Services sources from specific accounts or
822
+ # Regions.
823
+ #
824
+ # @option params [Hash<String,Array>] :disable_two_dimensions
825
+ # Remove a specific Amazon Web Services source from specific accounts or
826
+ # Regions.
827
+ #
828
+ # @option params [required, Array<String>] :input_order
829
+ # This is a mandatory input. Specifies the input order to disable
830
+ # dimensions in Security Lake, namely Region, source type, and member.
831
+ #
832
+ # @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
833
+ #
834
+ # * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array&lt;String&gt;
835
+ # * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array&lt;String&gt;
836
+ #
837
+ # @example Request syntax with placeholder values
838
+ #
839
+ # resp = client.delete_aws_log_source({
840
+ # disable_all_dimensions: {
841
+ # "String" => {
842
+ # "String" => ["String"],
843
+ # },
844
+ # },
845
+ # disable_single_dimension: ["SafeString"],
846
+ # disable_two_dimensions: {
847
+ # "String" => ["String"],
848
+ # },
849
+ # input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
850
+ # })
851
+ #
852
+ # @example Response structure
853
+ #
854
+ # resp.failed #=> Array
855
+ # resp.failed[0] #=> String
856
+ # resp.processing #=> Array
857
+ # resp.processing[0] #=> String
858
+ #
859
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
860
+ #
861
+ # @overload delete_aws_log_source(params = {})
862
+ # @param [Hash] params ({})
863
+ def delete_aws_log_source(params = {}, options = {})
864
+ req = build_request(:delete_aws_log_source, params)
865
+ req.send_request(options)
866
+ end
867
+
868
+ # Removes a custom log source from Security Lake.
869
+ #
870
+ # @option params [required, String] :custom_source_name
871
+ # The custom source name for the custome log source.
872
+ #
873
+ # @return [Types::DeleteCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
874
+ #
875
+ # * {Types::DeleteCustomLogSourceResponse#custom_data_location #custom_data_location} => String
876
+ #
877
+ # @example Request syntax with placeholder values
878
+ #
879
+ # resp = client.delete_custom_log_source({
880
+ # custom_source_name: "String", # required
881
+ # })
882
+ #
883
+ # @example Response structure
884
+ #
885
+ # resp.custom_data_location #=> String
886
+ #
887
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
888
+ #
889
+ # @overload delete_custom_log_source(params = {})
890
+ # @param [Hash] params ({})
891
+ def delete_custom_log_source(params = {}, options = {})
892
+ req = build_request(:delete_custom_log_source, params)
893
+ req.send_request(options)
894
+ end
895
+
896
+ # When you delete Amazon Security Lake from your account, Security Lake
897
+ # is disabled in all Regions. Also, this API automatically performs the
898
+ # off-boarding steps to off-board the account from Security Lake . This
899
+ # includes ingesting security data from sources, storing data, and
900
+ # making data accessible to subscribers. Security Lake also deletes all
901
+ # the existing settings and resources that it stores or maintains for
902
+ # your account in the current Region, including security log and event
903
+ # data. `DeleteDatalake` does not delete the S3 bucket which is owned by
904
+ # the Amazon Web Services account. For more information, see the Amazon
905
+ # Security Lake User Guide.
906
+ #
907
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
908
+ #
909
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
910
+ #
911
+ # @overload delete_datalake(params = {})
912
+ # @param [Hash] params ({})
913
+ def delete_datalake(params = {}, options = {})
914
+ req = build_request(:delete_datalake, params)
915
+ req.send_request(options)
916
+ end
917
+
918
+ # Automatically delete Security Lake in the specified Regions to stop
919
+ # ingesting security data. When you delete Amazon Security Lake from
920
+ # your account, Security Lake is disabled in all Regions. Also, this API
921
+ # automatically performs the off-boarding steps to off-board the account
922
+ # from Security Lake . This includes ingesting security data from
923
+ # sources, storing data, and making data accessible to subscribers.
924
+ # Security Lake also deletes all the existing settings and resources
925
+ # that it stores or maintains for your account in the current Region,
926
+ # including security log and event data. For more information, see the
927
+ # Amazon Security Lake User Guide.
928
+ #
929
+ # @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
930
+ # Delete Amazon Security Lake with the specified configurations settings
931
+ # to stop ingesting security data for new accounts in Security Lake.
932
+ #
933
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
934
+ #
935
+ # @example Request syntax with placeholder values
936
+ #
937
+ # resp = client.delete_datalake_auto_enable({
938
+ # remove_from_configuration_for_new_accounts: [ # required
939
+ # {
940
+ # region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
941
+ # sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
942
+ # },
943
+ # ],
944
+ # })
945
+ #
946
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnable AWS API Documentation
947
+ #
948
+ # @overload delete_datalake_auto_enable(params = {})
949
+ # @param [Hash] params ({})
950
+ def delete_datalake_auto_enable(params = {}, options = {})
951
+ req = build_request(:delete_datalake_auto_enable, params)
952
+ req.send_request(options)
953
+ end
954
+
955
+ # Deletes the Security Lake administrator account for the organization.
956
+ # This API can only be called by the organization management account.
957
+ # The organization management account cannot be the delegated
958
+ # administrator account.
959
+ #
960
+ # @option params [required, String] :account
961
+ # Account ID the Security Lake delegated administrator.
962
+ #
963
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
964
+ #
965
+ # @example Request syntax with placeholder values
966
+ #
967
+ # resp = client.delete_datalake_delegated_admin({
968
+ # account: "SafeString", # required
969
+ # })
970
+ #
971
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
972
+ #
973
+ # @overload delete_datalake_delegated_admin(params = {})
974
+ # @param [Hash] params ({})
975
+ def delete_datalake_delegated_admin(params = {}, options = {})
976
+ req = build_request(:delete_datalake_delegated_admin, params)
977
+ req.send_request(options)
978
+ end
979
+
980
+ # Deletes the specified notification subscription in Security Lake.
981
+ # Deletes the specified subscription notifications in the specified
982
+ # organization.
983
+ #
984
+ # @return [Types::DeleteDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
985
+ #
986
+ # * {Types::DeleteDatalakeExceptionsSubscriptionResponse#status #status} => String
987
+ #
988
+ # @example Response structure
989
+ #
990
+ # resp.status #=> String
991
+ #
992
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeExceptionsSubscription AWS API Documentation
993
+ #
994
+ # @overload delete_datalake_exceptions_subscription(params = {})
995
+ # @param [Hash] params ({})
996
+ def delete_datalake_exceptions_subscription(params = {}, options = {})
997
+ req = build_request(:delete_datalake_exceptions_subscription, params)
998
+ req.send_request(options)
999
+ end
1000
+
1001
+ # Deletes the specified subscription permissions to Security Lake.
1002
+ # Deletes the specified subscription permissions from the specified
1003
+ # organization.
1004
+ #
1005
+ # @option params [required, String] :id
1006
+ # A value created by Security Lake that uniquely identifies your
1007
+ # `DeleteSubscriber` API request.
1008
+ #
1009
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1010
+ #
1011
+ # @example Request syntax with placeholder values
1012
+ #
1013
+ # resp = client.delete_subscriber({
1014
+ # id: "String", # required
1015
+ # })
1016
+ #
1017
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
1018
+ #
1019
+ # @overload delete_subscriber(params = {})
1020
+ # @param [Hash] params ({})
1021
+ def delete_subscriber(params = {}, options = {})
1022
+ req = build_request(:delete_subscriber, params)
1023
+ req.send_request(options)
1024
+ end
1025
+
1026
+ # Deletes the specified notification subscription in Security Lake.
1027
+ # Deletes the specified subscription notifications from the specified
1028
+ # organization.
1029
+ #
1030
+ # @option params [required, String] :subscription_id
1031
+ # The subscription ID of the Amazon Security Lake subscriber account.
1032
+ #
1033
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1034
+ #
1035
+ # @example Request syntax with placeholder values
1036
+ #
1037
+ # resp = client.delete_subscription_notification_configuration({
1038
+ # subscription_id: "UUID", # required
1039
+ # })
1040
+ #
1041
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriptionNotificationConfiguration AWS API Documentation
1042
+ #
1043
+ # @overload delete_subscription_notification_configuration(params = {})
1044
+ # @param [Hash] params ({})
1045
+ def delete_subscription_notification_configuration(params = {}, options = {})
1046
+ req = build_request(:delete_subscription_notification_configuration, params)
1047
+ req.send_request(options)
1048
+ end
1049
+
1050
+ # Retrieve the Security Lake configuration object for the specified
1051
+ # account ID. This API does not take input parameters.
1052
+ #
1053
+ # @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1054
+ #
1055
+ # * {Types::GetDatalakeResponse#configurations #configurations} => Hash&lt;String,Types::LakeConfigurationResponse&gt;
1056
+ #
1057
+ # @example Response structure
1058
+ #
1059
+ # resp.configurations #=> Hash
1060
+ # resp.configurations["Region"].encryption_key #=> String
1061
+ # resp.configurations["Region"].replication_destination_regions #=> Array
1062
+ # resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
1063
+ # resp.configurations["Region"].replication_role_arn #=> String
1064
+ # resp.configurations["Region"].retention_settings #=> Array
1065
+ # resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
1066
+ # resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
1067
+ # resp.configurations["Region"].s3_bucket_arn #=> String
1068
+ # resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
1069
+ # resp.configurations["Region"].tags_map #=> Hash
1070
+ # resp.configurations["Region"].tags_map["String"] #=> String
1071
+ #
1072
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
1073
+ #
1074
+ # @overload get_datalake(params = {})
1075
+ # @param [Hash] params ({})
1076
+ def get_datalake(params = {}, options = {})
1077
+ req = build_request(:get_datalake, params)
1078
+ req.send_request(options)
1079
+ end
1080
+
1081
+ # Retrieves the configuration that will be automatically set up for
1082
+ # accounts added to the organization after the organization has on
1083
+ # boarded to Amazon Security Lake. This API does not take input
1084
+ # parameters.
1085
+ #
1086
+ # @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1087
+ #
1088
+ # * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array&lt;Types::AutoEnableNewRegionConfiguration&gt;
1089
+ #
1090
+ # @example Response structure
1091
+ #
1092
+ # resp.auto_enable_new_accounts #=> Array
1093
+ # resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
1094
+ # resp.auto_enable_new_accounts[0].sources #=> Array
1095
+ # resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
1096
+ #
1097
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeAutoEnable AWS API Documentation
1098
+ #
1099
+ # @overload get_datalake_auto_enable(params = {})
1100
+ # @param [Hash] params ({})
1101
+ def get_datalake_auto_enable(params = {}, options = {})
1102
+ req = build_request(:get_datalake_auto_enable, params)
1103
+ req.send_request(options)
1104
+ end
1105
+
1106
+ # Retrieves the expiration period and time-to-live (TTL) for which the
1107
+ # exception message will remain. Exceptions are stored by default, for a
1108
+ # 2 week period of time from when a record was created in Security Lake.
1109
+ # This API does not take input parameters. This API does not take input
1110
+ # parameters.
1111
+ #
1112
+ # @return [Types::GetDatalakeExceptionsExpiryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1113
+ #
1114
+ # * {Types::GetDatalakeExceptionsExpiryResponse#exception_message_expiry #exception_message_expiry} => Integer
1115
+ #
1116
+ # @example Response structure
1117
+ #
1118
+ # resp.exception_message_expiry #=> Integer
1119
+ #
1120
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsExpiry AWS API Documentation
1121
+ #
1122
+ # @overload get_datalake_exceptions_expiry(params = {})
1123
+ # @param [Hash] params ({})
1124
+ def get_datalake_exceptions_expiry(params = {}, options = {})
1125
+ req = build_request(:get_datalake_exceptions_expiry, params)
1126
+ req.send_request(options)
1127
+ end
1128
+
1129
+ # Retrieves the details of exception notifications for the account in
1130
+ # Amazon Security Lake.
1131
+ #
1132
+ # @return [Types::GetDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1133
+ #
1134
+ # * {Types::GetDatalakeExceptionsSubscriptionResponse#protocol_and_notification_endpoint #protocol_and_notification_endpoint} => Types::ProtocolAndNotificationEndpoint
1135
+ #
1136
+ # @example Response structure
1137
+ #
1138
+ # resp.protocol_and_notification_endpoint.endpoint #=> String
1139
+ # resp.protocol_and_notification_endpoint.protocol #=> String
1140
+ #
1141
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsSubscription AWS API Documentation
1142
+ #
1143
+ # @overload get_datalake_exceptions_subscription(params = {})
1144
+ # @param [Hash] params ({})
1145
+ def get_datalake_exceptions_subscription(params = {}, options = {})
1146
+ req = build_request(:get_datalake_exceptions_subscription, params)
1147
+ req.send_request(options)
1148
+ end
1149
+
1150
+ # Retrieve the Security Lake configuration object for the specified
1151
+ # account ID. This API does not take input parameters.
1152
+ #
1153
+ # @option params [Array<String>] :account_set
1154
+ # The account IDs for which a static snapshot of the current Region,
1155
+ # including enabled accounts and log sources is retrieved.
1156
+ #
1157
+ # @option params [Integer] :max_account_results
1158
+ # The maximum limit of accounts for which the static snapshot of the
1159
+ # current Region including enabled accounts and log sources is
1160
+ # retrieved.
1161
+ #
1162
+ # @option params [String] :next_token
1163
+ # If nextToken is returned, there are more results available. The value
1164
+ # of nextToken is a unique pagination token for each page. Make the call
1165
+ # again using the returned token to retrieve the next page. Keep all
1166
+ # other arguments unchanged. Each pagination token expires after 24
1167
+ # hours. Using an expired pagination token will return an HTTP 400
1168
+ # InvalidToken error.
1169
+ #
1170
+ # @return [Types::GetDatalakeStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1171
+ #
1172
+ # * {Types::GetDatalakeStatusResponse#account_sources_list #account_sources_list} => Array&lt;Types::AccountSources&gt;
1173
+ # * {Types::GetDatalakeStatusResponse#next_token #next_token} => String
1174
+ #
1175
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1176
+ #
1177
+ # @example Request syntax with placeholder values
1178
+ #
1179
+ # resp = client.get_datalake_status({
1180
+ # account_set: ["SafeString"],
1181
+ # max_account_results: 1,
1182
+ # next_token: "SafeString",
1183
+ # })
1184
+ #
1185
+ # @example Response structure
1186
+ #
1187
+ # resp.account_sources_list #=> Array
1188
+ # resp.account_sources_list[0].account #=> String
1189
+ # resp.account_sources_list[0].event_class #=> String, one of "ACCESS_ACTIVITY", "FILE_ACTIVITY", "KERNEL_ACTIVITY", "KERNEL_EXTENSION", "MEMORY_ACTIVITY", "MODULE_ACTIVITY", "PROCESS_ACTIVITY", "REGISTRY_KEY_ACTIVITY", "REGISTRY_VALUE_ACTIVITY", "RESOURCE_ACTIVITY", "SCHEDULED_JOB_ACTIVITY", "SECURITY_FINDING", "ACCOUNT_CHANGE", "AUTHENTICATION", "AUTHORIZATION", "ENTITY_MANAGEMENT_AUDIT", "DHCP_ACTIVITY", "NETWORK_ACTIVITY", "DNS_ACTIVITY", "FTP_ACTIVITY", "HTTP_ACTIVITY", "RDP_ACTIVITY", "SMB_ACTIVITY", "SSH_ACTIVITY", "CLOUD_API", "CONTAINER_LIFECYCLE", "DATABASE_LIFECYCLE", "CONFIG_STATE", "CLOUD_STORAGE", "INVENTORY_INFO", "RFB_ACTIVITY", "SMTP_ACTIVITY", "VIRTUAL_MACHINE_ACTIVITY"
1190
+ # resp.account_sources_list[0].logs_status #=> Array
1191
+ # resp.account_sources_list[0].logs_status[0].health_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING"
1192
+ # resp.account_sources_list[0].logs_status[0].path_to_logs #=> String
1193
+ # resp.account_sources_list[0].source_type #=> String
1194
+ # resp.next_token #=> String
1195
+ #
1196
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeStatus AWS API Documentation
1197
+ #
1198
+ # @overload get_datalake_status(params = {})
1199
+ # @param [Hash] params ({})
1200
+ def get_datalake_status(params = {}, options = {})
1201
+ req = build_request(:get_datalake_status, params)
1202
+ req.send_request(options)
1203
+ end
1204
+
1205
+ # Retrieves subscription information for the specified subscription ID.
1206
+ #
1207
+ # @option params [required, String] :id
1208
+ # A value created by Security Lake that uniquely identifies your
1209
+ # `GetSubscriber` API request.
1210
+ #
1211
+ # @return [Types::GetSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1212
+ #
1213
+ # * {Types::GetSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
1214
+ #
1215
+ # @example Request syntax with placeholder values
1216
+ #
1217
+ # resp = client.get_subscriber({
1218
+ # id: "String", # required
1219
+ # })
1220
+ #
1221
+ # @example Response structure
1222
+ #
1223
+ # resp.subscriber.access_types #=> Array
1224
+ # resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
1225
+ # resp.subscriber.account_id #=> String
1226
+ # resp.subscriber.created_at #=> Time
1227
+ # resp.subscriber.external_id #=> String
1228
+ # resp.subscriber.role_arn #=> String
1229
+ # resp.subscriber.s3_bucket_arn #=> String
1230
+ # resp.subscriber.sns_arn #=> String
1231
+ # resp.subscriber.source_types #=> Array
1232
+ # resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
1233
+ # resp.subscriber.source_types[0].custom_source_type #=> String
1234
+ # resp.subscriber.subscriber_description #=> String
1235
+ # resp.subscriber.subscriber_name #=> String
1236
+ # resp.subscriber.subscription_endpoint #=> String
1237
+ # resp.subscriber.subscription_id #=> String
1238
+ # resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
1239
+ # resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
1240
+ # resp.subscriber.updated_at #=> Time
1241
+ #
1242
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
1243
+ #
1244
+ # @overload get_subscriber(params = {})
1245
+ # @param [Hash] params ({})
1246
+ def get_subscriber(params = {}, options = {})
1247
+ req = build_request(:get_subscriber, params)
1248
+ req.send_request(options)
1249
+ end
1250
+
1251
+ # List the Amazon Security Lake exceptions that you can use to find the
1252
+ # source of problems and fix them.
1253
+ #
1254
+ # @option params [Integer] :max_failures
1255
+ # List the maximum number of failures in Security Lake.
1256
+ #
1257
+ # @option params [String] :next_token
1258
+ # List if there are more results available. if nextToken is returned,
1259
+ # You can make the call again using the returned token to retrieve the
1260
+ # next page
1261
+ #
1262
+ # @option params [Array<String>] :region_set
1263
+ # List the regions from which exceptions are retrieved.
1264
+ #
1265
+ # @return [Types::ListDatalakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1266
+ #
1267
+ # * {Types::ListDatalakeExceptionsResponse#next_token #next_token} => String
1268
+ # * {Types::ListDatalakeExceptionsResponse#non_retryable_failures #non_retryable_failures} => Array&lt;Types::FailuresResponse&gt;
1269
+ #
1270
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1271
+ #
1272
+ # @example Request syntax with placeholder values
1273
+ #
1274
+ # resp = client.list_datalake_exceptions({
1275
+ # max_failures: 1,
1276
+ # next_token: "SafeString",
1277
+ # region_set: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
1278
+ # })
1279
+ #
1280
+ # @example Response structure
1281
+ #
1282
+ # resp.next_token #=> String
1283
+ # resp.non_retryable_failures #=> Array
1284
+ # resp.non_retryable_failures[0].failures #=> Array
1285
+ # resp.non_retryable_failures[0].failures[0].exception_message #=> String
1286
+ # resp.non_retryable_failures[0].failures[0].remediation #=> String
1287
+ # resp.non_retryable_failures[0].failures[0].timestamp #=> Time
1288
+ # resp.non_retryable_failures[0].region #=> String
1289
+ #
1290
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDatalakeExceptions AWS API Documentation
1291
+ #
1292
+ # @overload list_datalake_exceptions(params = {})
1293
+ # @param [Hash] params ({})
1294
+ def list_datalake_exceptions(params = {}, options = {})
1295
+ req = build_request(:list_datalake_exceptions, params)
1296
+ req.send_request(options)
1297
+ end
1298
+
1299
+ # Lists the log sources in the current region.
1300
+ #
1301
+ # @option params [Array<String>] :input_order
1302
+ # Lists the log sources in input order, namely Region, source type, and
1303
+ # member account.
1304
+ #
1305
+ # @option params [Hash<String,Hash>] :list_all_dimensions
1306
+ # List the view of log sources for enabled Security Lake accounts in all
1307
+ # Regions and source types.
1308
+ #
1309
+ # @option params [Array<String>] :list_single_dimension
1310
+ # List the view of log sources for enabled Security Lake accounts for
1311
+ # the entire region.
1312
+ #
1313
+ # @option params [Hash<String,Array>] :list_two_dimensions
1314
+ # Lists the log sources for the specified source types in enabled
1315
+ # Security Lake accounts for the entire Region, for selected member
1316
+ # accounts.
1317
+ #
1318
+ # @option params [Integer] :max_results
1319
+ # The maximum number of accounts for which the configuration is
1320
+ # displayed.
1321
+ #
1322
+ # @option params [String] :next_token
1323
+ # If nextToken is returned, there are more results available. You can
1324
+ # make the call again using the returned token to retrieve the next
1325
+ # page.
1326
+ #
1327
+ # @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1328
+ #
1329
+ # * {Types::ListLogSourcesResponse#next_token #next_token} => String
1330
+ # * {Types::ListLogSourcesResponse#region_source_types_accounts_list #region_source_types_accounts_list} => Array&lt;Hash&lt;String,Hash&lt;String,Array&lt;String&gt;&gt;&gt;&gt;
1331
+ #
1332
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1333
+ #
1334
+ # @example Request syntax with placeholder values
1335
+ #
1336
+ # resp = client.list_log_sources({
1337
+ # input_order: ["REGION"], # accepts REGION, SOURCE_TYPE, MEMBER
1338
+ # list_all_dimensions: {
1339
+ # "String" => {
1340
+ # "String" => ["String"],
1341
+ # },
1342
+ # },
1343
+ # list_single_dimension: ["SafeString"],
1344
+ # list_two_dimensions: {
1345
+ # "String" => ["String"],
1346
+ # },
1347
+ # max_results: 1,
1348
+ # next_token: "SafeString",
1349
+ # })
1350
+ #
1351
+ # @example Response structure
1352
+ #
1353
+ # resp.next_token #=> String
1354
+ # resp.region_source_types_accounts_list #=> Array
1355
+ # resp.region_source_types_accounts_list[0] #=> Hash
1356
+ # resp.region_source_types_accounts_list[0]["String"] #=> Hash
1357
+ # resp.region_source_types_accounts_list[0]["String"]["String"] #=> Array
1358
+ # resp.region_source_types_accounts_list[0]["String"]["String"][0] #=> String
1359
+ #
1360
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
1361
+ #
1362
+ # @overload list_log_sources(params = {})
1363
+ # @param [Hash] params ({})
1364
+ def list_log_sources(params = {}, options = {})
1365
+ req = build_request(:list_log_sources, params)
1366
+ req.send_request(options)
1367
+ end
1368
+
1369
+ # List all subscribers for the specific Security Lake account ID.
1370
+ #
1371
+ # @option params [Integer] :max_results
1372
+ # The maximum number of accounts for which the configuration is
1373
+ # displayed.
1374
+ #
1375
+ # @option params [String] :next_token
1376
+ # If nextToken is returned, there are more results available. You can
1377
+ # make the call again using the returned token to retrieve the next
1378
+ # page.
1379
+ #
1380
+ # @return [Types::ListSubscribersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1381
+ #
1382
+ # * {Types::ListSubscribersResponse#next_token #next_token} => String
1383
+ # * {Types::ListSubscribersResponse#subscribers #subscribers} => Array&lt;Types::SubscriberResource&gt;
1384
+ #
1385
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
1386
+ #
1387
+ # @example Request syntax with placeholder values
1388
+ #
1389
+ # resp = client.list_subscribers({
1390
+ # max_results: 1,
1391
+ # next_token: "SafeString",
1392
+ # })
1393
+ #
1394
+ # @example Response structure
1395
+ #
1396
+ # resp.next_token #=> String
1397
+ # resp.subscribers #=> Array
1398
+ # resp.subscribers[0].access_types #=> Array
1399
+ # resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
1400
+ # resp.subscribers[0].account_id #=> String
1401
+ # resp.subscribers[0].created_at #=> Time
1402
+ # resp.subscribers[0].external_id #=> String
1403
+ # resp.subscribers[0].role_arn #=> String
1404
+ # resp.subscribers[0].s3_bucket_arn #=> String
1405
+ # resp.subscribers[0].sns_arn #=> String
1406
+ # resp.subscribers[0].source_types #=> Array
1407
+ # resp.subscribers[0].source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
1408
+ # resp.subscribers[0].source_types[0].custom_source_type #=> String
1409
+ # resp.subscribers[0].subscriber_description #=> String
1410
+ # resp.subscribers[0].subscriber_name #=> String
1411
+ # resp.subscribers[0].subscription_endpoint #=> String
1412
+ # resp.subscribers[0].subscription_id #=> String
1413
+ # resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
1414
+ # resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
1415
+ # resp.subscribers[0].updated_at #=> Time
1416
+ #
1417
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
1418
+ #
1419
+ # @overload list_subscribers(params = {})
1420
+ # @param [Hash] params ({})
1421
+ def list_subscribers(params = {}, options = {})
1422
+ req = build_request(:list_subscribers, params)
1423
+ req.send_request(options)
1424
+ end
1425
+
1426
+ # Amazon Security Lake allows you to specify where to store your
1427
+ # security data and for how long. You can specify a rollup Region to
1428
+ # consolidate data from multiple regions.
1429
+ #
1430
+ # You can update the properties of a Region or source. Input can either
1431
+ # be directly specified to the API.
1432
+ #
1433
+ # @option params [required, Hash<String,Types::LakeConfigurationRequest>] :configurations
1434
+ # The configuration object
1435
+ #
1436
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1437
+ #
1438
+ # @example Request syntax with placeholder values
1439
+ #
1440
+ # resp = client.update_datalake({
1441
+ # configurations: { # required
1442
+ # "us-east-1" => {
1443
+ # encryption_key: "String",
1444
+ # replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
1445
+ # replication_role_arn: "RoleArn",
1446
+ # retention_settings: [
1447
+ # {
1448
+ # retention_period: 1,
1449
+ # storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
1450
+ # },
1451
+ # ],
1452
+ # tags_map: {
1453
+ # "String" => "String",
1454
+ # },
1455
+ # },
1456
+ # },
1457
+ # })
1458
+ #
1459
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalake AWS API Documentation
1460
+ #
1461
+ # @overload update_datalake(params = {})
1462
+ # @param [Hash] params ({})
1463
+ def update_datalake(params = {}, options = {})
1464
+ req = build_request(:update_datalake, params)
1465
+ req.send_request(options)
1466
+ end
1467
+
1468
+ # Update the expiration period for the exception message to your
1469
+ # preferred time, and control the time-to-live (TTL) for the exception
1470
+ # message to remain. Exceptions are stored by default, for a 2 week
1471
+ # period of time from when a record was created in Security Lake.
1472
+ #
1473
+ # @option params [required, Integer] :exception_message_expiry
1474
+ # The time-to-live (TTL) for the exception message to remain.
1475
+ #
1476
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1477
+ #
1478
+ # @example Request syntax with placeholder values
1479
+ #
1480
+ # resp = client.update_datalake_exceptions_expiry({
1481
+ # exception_message_expiry: 1, # required
1482
+ # })
1483
+ #
1484
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsExpiry AWS API Documentation
1485
+ #
1486
+ # @overload update_datalake_exceptions_expiry(params = {})
1487
+ # @param [Hash] params ({})
1488
+ def update_datalake_exceptions_expiry(params = {}, options = {})
1489
+ req = build_request(:update_datalake_exceptions_expiry, params)
1490
+ req.send_request(options)
1491
+ end
1492
+
1493
+ # Update the subscription notification for exception notification.
1494
+ #
1495
+ # @option params [required, String] :notification_endpoint
1496
+ # The account which is subscribed to receive exception notifications.
1497
+ #
1498
+ # @option params [required, String] :subscription_protocol
1499
+ # The subscription protocol to which exception messages are posted.
1500
+ #
1501
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1502
+ #
1503
+ # @example Request syntax with placeholder values
1504
+ #
1505
+ # resp = client.update_datalake_exceptions_subscription({
1506
+ # notification_endpoint: "SafeString", # required
1507
+ # subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
1508
+ # })
1509
+ #
1510
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsSubscription AWS API Documentation
1511
+ #
1512
+ # @overload update_datalake_exceptions_subscription(params = {})
1513
+ # @param [Hash] params ({})
1514
+ def update_datalake_exceptions_subscription(params = {}, options = {})
1515
+ req = build_request(:update_datalake_exceptions_subscription, params)
1516
+ req.send_request(options)
1517
+ end
1518
+
1519
+ # Update the subscription permission for the given Security Lake account
1520
+ # ID.
1521
+ #
1522
+ # @option params [String] :external_id
1523
+ # External ID of the Security Lake account.
1524
+ #
1525
+ # @option params [required, String] :id
1526
+ # A value created by Security Lake that uniquely identifies your
1527
+ # `UpdateSubscriber` API request.
1528
+ #
1529
+ # @option params [Array<Types::SourceType>] :source_types
1530
+ # The supported Amazon Web Services services from which logs and events
1531
+ # are collected. Amazon Security Lake supports logs and events
1532
+ # collection for the following natively-supported Amazon Web Services
1533
+ # services. For more information, see the Amazon Security Lake User
1534
+ # Guide.
1535
+ #
1536
+ # @option params [String] :subscriber_description
1537
+ # Description of the Security Lake account subscriber.
1538
+ #
1539
+ # @option params [String] :subscriber_name
1540
+ # Name of the Security Lake account subscriber.
1541
+ #
1542
+ # @return [Types::UpdateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1543
+ #
1544
+ # * {Types::UpdateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
1545
+ #
1546
+ # @example Request syntax with placeholder values
1547
+ #
1548
+ # resp = client.update_subscriber({
1549
+ # external_id: "SafeString",
1550
+ # id: "String", # required
1551
+ # source_types: [
1552
+ # {
1553
+ # aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
1554
+ # custom_source_type: "CustomSourceType",
1555
+ # },
1556
+ # ],
1557
+ # subscriber_description: "SafeString",
1558
+ # subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
1559
+ # })
1560
+ #
1561
+ # @example Response structure
1562
+ #
1563
+ # resp.subscriber.access_types #=> Array
1564
+ # resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
1565
+ # resp.subscriber.account_id #=> String
1566
+ # resp.subscriber.created_at #=> Time
1567
+ # resp.subscriber.external_id #=> String
1568
+ # resp.subscriber.role_arn #=> String
1569
+ # resp.subscriber.s3_bucket_arn #=> String
1570
+ # resp.subscriber.sns_arn #=> String
1571
+ # resp.subscriber.source_types #=> Array
1572
+ # resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
1573
+ # resp.subscriber.source_types[0].custom_source_type #=> String
1574
+ # resp.subscriber.subscriber_description #=> String
1575
+ # resp.subscriber.subscriber_name #=> String
1576
+ # resp.subscriber.subscription_endpoint #=> String
1577
+ # resp.subscriber.subscription_id #=> String
1578
+ # resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
1579
+ # resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
1580
+ # resp.subscriber.updated_at #=> Time
1581
+ #
1582
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
1583
+ #
1584
+ # @overload update_subscriber(params = {})
1585
+ # @param [Hash] params ({})
1586
+ def update_subscriber(params = {}, options = {})
1587
+ req = build_request(:update_subscriber, params)
1588
+ req.send_request(options)
1589
+ end
1590
+
1591
+ # Create a new subscription notification or add the existing
1592
+ # subscription notification setting for the specified subscription ID.
1593
+ #
1594
+ # @option params [Boolean] :create_sqs
1595
+ # Create a new subscription notification for the specified subscription
1596
+ # ID in Security Lake.
1597
+ #
1598
+ # @option params [String] :https_api_key_name
1599
+ # The key name for the subscription notification.
1600
+ #
1601
+ # @option params [String] :https_api_key_value
1602
+ # The key value for the subscription notification.
1603
+ #
1604
+ # @option params [String] :https_method
1605
+ # The HTTPS method used for the subscription notification.
1606
+ #
1607
+ # @option params [String] :role_arn
1608
+ # The Amazon Resource Name (ARN) specifying the role of the subscriber.
1609
+ #
1610
+ # @option params [String] :subscription_endpoint
1611
+ # The subscription endpoint in Security Lake.
1612
+ #
1613
+ # @option params [required, String] :subscription_id
1614
+ # The subscription ID for which the subscription notification is
1615
+ # specified.
1616
+ #
1617
+ # @return [Types::UpdateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1618
+ #
1619
+ # * {Types::UpdateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
1620
+ #
1621
+ # @example Request syntax with placeholder values
1622
+ #
1623
+ # resp = client.update_subscription_notification_configuration({
1624
+ # create_sqs: false,
1625
+ # https_api_key_name: "String",
1626
+ # https_api_key_value: "String",
1627
+ # https_method: "POST", # accepts POST, PUT
1628
+ # role_arn: "RoleArn",
1629
+ # subscription_endpoint: "UpdateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
1630
+ # subscription_id: "UUID", # required
1631
+ # })
1632
+ #
1633
+ # @example Response structure
1634
+ #
1635
+ # resp.queue_arn #=> String
1636
+ #
1637
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriptionNotificationConfiguration AWS API Documentation
1638
+ #
1639
+ # @overload update_subscription_notification_configuration(params = {})
1640
+ # @param [Hash] params ({})
1641
+ def update_subscription_notification_configuration(params = {}, options = {})
1642
+ req = build_request(:update_subscription_notification_configuration, params)
1643
+ req.send_request(options)
1644
+ end
1645
+
1646
+ # @!endgroup
1647
+
1648
+ # @param params ({})
1649
+ # @api private
1650
+ def build_request(operation_name, params = {})
1651
+ handlers = @handlers.for(operation_name)
1652
+ context = Seahorse::Client::RequestContext.new(
1653
+ operation_name: operation_name,
1654
+ operation: config.api.operation(operation_name),
1655
+ client: self,
1656
+ params: params,
1657
+ config: config)
1658
+ context[:gem_name] = 'aws-sdk-securitylake'
1659
+ context[:gem_version] = '1.0.0'
1660
+ Seahorse::Client::Request.new(handlers, context)
1661
+ end
1662
+
1663
+ # @api private
1664
+ # @deprecated
1665
+ def waiter_names
1666
+ []
1667
+ end
1668
+
1669
+ class << self
1670
+
1671
+ # @api private
1672
+ attr_reader :identifier
1673
+
1674
+ # @api private
1675
+ def errors_module
1676
+ Errors
1677
+ end
1678
+
1679
+ end
1680
+ end
1681
+ end