aws-sdk-securitylake 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +8 -0
- data/LICENSE.txt +202 -0
- data/VERSION +1 -0
- data/lib/aws-sdk-securitylake/client.rb +1681 -0
- data/lib/aws-sdk-securitylake/client_api.rb +1005 -0
- data/lib/aws-sdk-securitylake/customizations.rb +0 -0
- data/lib/aws-sdk-securitylake/endpoint_parameters.rb +69 -0
- data/lib/aws-sdk-securitylake/endpoint_provider.rb +111 -0
- data/lib/aws-sdk-securitylake/endpoints.rb +435 -0
- data/lib/aws-sdk-securitylake/errors.rb +364 -0
- data/lib/aws-sdk-securitylake/plugins/endpoints.rb +128 -0
- data/lib/aws-sdk-securitylake/resource.rb +26 -0
- data/lib/aws-sdk-securitylake/types.rb +2023 -0
- data/lib/aws-sdk-securitylake.rb +57 -0
- metadata +94 -0
@@ -0,0 +1,1681 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# WARNING ABOUT GENERATED CODE
|
4
|
+
#
|
5
|
+
# This file is generated. See the contributing guide for more information:
|
6
|
+
# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
|
7
|
+
#
|
8
|
+
# WARNING ABOUT GENERATED CODE
|
9
|
+
|
10
|
+
require 'seahorse/client/plugins/content_length.rb'
|
11
|
+
require 'aws-sdk-core/plugins/credentials_configuration.rb'
|
12
|
+
require 'aws-sdk-core/plugins/logging.rb'
|
13
|
+
require 'aws-sdk-core/plugins/param_converter.rb'
|
14
|
+
require 'aws-sdk-core/plugins/param_validator.rb'
|
15
|
+
require 'aws-sdk-core/plugins/user_agent.rb'
|
16
|
+
require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
|
17
|
+
require 'aws-sdk-core/plugins/retry_errors.rb'
|
18
|
+
require 'aws-sdk-core/plugins/global_configuration.rb'
|
19
|
+
require 'aws-sdk-core/plugins/regional_endpoint.rb'
|
20
|
+
require 'aws-sdk-core/plugins/endpoint_discovery.rb'
|
21
|
+
require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
22
|
+
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
|
+
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
|
+
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
|
+
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
|
+
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
28
|
+
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
30
|
+
require 'aws-sdk-core/plugins/checksum_algorithm.rb'
|
31
|
+
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
32
|
+
require 'aws-sdk-core/plugins/recursion_detection.rb'
|
33
|
+
require 'aws-sdk-core/plugins/sign.rb'
|
34
|
+
require 'aws-sdk-core/plugins/protocols/rest_json.rb'
|
35
|
+
|
36
|
+
Aws::Plugins::GlobalConfiguration.add_identifier(:securitylake)
|
37
|
+
|
38
|
+
module Aws::SecurityLake
|
39
|
+
# An API client for SecurityLake. To construct a client, you need to configure a `:region` and `:credentials`.
|
40
|
+
#
|
41
|
+
# client = Aws::SecurityLake::Client.new(
|
42
|
+
# region: region_name,
|
43
|
+
# credentials: credentials,
|
44
|
+
# # ...
|
45
|
+
# )
|
46
|
+
#
|
47
|
+
# For details on configuring region and credentials see
|
48
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
49
|
+
#
|
50
|
+
# See {#initialize} for a full list of supported configuration options.
|
51
|
+
class Client < Seahorse::Client::Base
|
52
|
+
|
53
|
+
include Aws::ClientStubs
|
54
|
+
|
55
|
+
@identifier = :securitylake
|
56
|
+
|
57
|
+
set_api(ClientApi::API)
|
58
|
+
|
59
|
+
add_plugin(Seahorse::Client::Plugins::ContentLength)
|
60
|
+
add_plugin(Aws::Plugins::CredentialsConfiguration)
|
61
|
+
add_plugin(Aws::Plugins::Logging)
|
62
|
+
add_plugin(Aws::Plugins::ParamConverter)
|
63
|
+
add_plugin(Aws::Plugins::ParamValidator)
|
64
|
+
add_plugin(Aws::Plugins::UserAgent)
|
65
|
+
add_plugin(Aws::Plugins::HelpfulSocketErrors)
|
66
|
+
add_plugin(Aws::Plugins::RetryErrors)
|
67
|
+
add_plugin(Aws::Plugins::GlobalConfiguration)
|
68
|
+
add_plugin(Aws::Plugins::RegionalEndpoint)
|
69
|
+
add_plugin(Aws::Plugins::EndpointDiscovery)
|
70
|
+
add_plugin(Aws::Plugins::EndpointPattern)
|
71
|
+
add_plugin(Aws::Plugins::ResponsePaging)
|
72
|
+
add_plugin(Aws::Plugins::StubResponses)
|
73
|
+
add_plugin(Aws::Plugins::IdempotencyToken)
|
74
|
+
add_plugin(Aws::Plugins::JsonvalueConverter)
|
75
|
+
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
76
|
+
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
77
|
+
add_plugin(Aws::Plugins::TransferEncoding)
|
78
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
79
|
+
add_plugin(Aws::Plugins::ChecksumAlgorithm)
|
80
|
+
add_plugin(Aws::Plugins::DefaultsMode)
|
81
|
+
add_plugin(Aws::Plugins::RecursionDetection)
|
82
|
+
add_plugin(Aws::Plugins::Sign)
|
83
|
+
add_plugin(Aws::Plugins::Protocols::RestJson)
|
84
|
+
add_plugin(Aws::SecurityLake::Plugins::Endpoints)
|
85
|
+
|
86
|
+
# @overload initialize(options)
|
87
|
+
# @param [Hash] options
|
88
|
+
# @option options [required, Aws::CredentialProvider] :credentials
|
89
|
+
# Your AWS credentials. This can be an instance of any one of the
|
90
|
+
# following classes:
|
91
|
+
#
|
92
|
+
# * `Aws::Credentials` - Used for configuring static, non-refreshing
|
93
|
+
# credentials.
|
94
|
+
#
|
95
|
+
# * `Aws::SharedCredentials` - Used for loading static credentials from a
|
96
|
+
# shared file, such as `~/.aws/config`.
|
97
|
+
#
|
98
|
+
# * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
|
99
|
+
#
|
100
|
+
# * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
|
101
|
+
# assume a role after providing credentials via the web.
|
102
|
+
#
|
103
|
+
# * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
|
104
|
+
# access token generated from `aws login`.
|
105
|
+
#
|
106
|
+
# * `Aws::ProcessCredentials` - Used for loading credentials from a
|
107
|
+
# process that outputs to stdout.
|
108
|
+
#
|
109
|
+
# * `Aws::InstanceProfileCredentials` - Used for loading credentials
|
110
|
+
# from an EC2 IMDS on an EC2 instance.
|
111
|
+
#
|
112
|
+
# * `Aws::ECSCredentials` - Used for loading credentials from
|
113
|
+
# instances running in ECS.
|
114
|
+
#
|
115
|
+
# * `Aws::CognitoIdentityCredentials` - Used for loading credentials
|
116
|
+
# from the Cognito Identity service.
|
117
|
+
#
|
118
|
+
# When `:credentials` are not configured directly, the following
|
119
|
+
# locations will be searched for credentials:
|
120
|
+
#
|
121
|
+
# * `Aws.config[:credentials]`
|
122
|
+
# * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
|
123
|
+
# * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
|
124
|
+
# * `~/.aws/credentials`
|
125
|
+
# * `~/.aws/config`
|
126
|
+
# * EC2/ECS IMDS instance profile - When used by default, the timeouts
|
127
|
+
# are very aggressive. Construct and pass an instance of
|
128
|
+
# `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
|
129
|
+
# enable retries and extended timeouts. Instance profile credential
|
130
|
+
# fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
|
131
|
+
# to true.
|
132
|
+
#
|
133
|
+
# @option options [required, String] :region
|
134
|
+
# The AWS region to connect to. The configured `:region` is
|
135
|
+
# used to determine the service `:endpoint`. When not passed,
|
136
|
+
# a default `:region` is searched for in the following locations:
|
137
|
+
#
|
138
|
+
# * `Aws.config[:region]`
|
139
|
+
# * `ENV['AWS_REGION']`
|
140
|
+
# * `ENV['AMAZON_REGION']`
|
141
|
+
# * `ENV['AWS_DEFAULT_REGION']`
|
142
|
+
# * `~/.aws/credentials`
|
143
|
+
# * `~/.aws/config`
|
144
|
+
#
|
145
|
+
# @option options [String] :access_key_id
|
146
|
+
#
|
147
|
+
# @option options [Boolean] :active_endpoint_cache (false)
|
148
|
+
# When set to `true`, a thread polling for endpoints will be running in
|
149
|
+
# the background every 60 secs (default). Defaults to `false`.
|
150
|
+
#
|
151
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
152
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
153
|
+
# until there is sufficent client side capacity to retry the request.
|
154
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
155
|
+
# not retry instead of sleeping.
|
156
|
+
#
|
157
|
+
# @option options [Boolean] :client_side_monitoring (false)
|
158
|
+
# When `true`, client-side metrics will be collected for all API requests from
|
159
|
+
# this client.
|
160
|
+
#
|
161
|
+
# @option options [String] :client_side_monitoring_client_id ("")
|
162
|
+
# Allows you to provide an identifier for this client which will be attached to
|
163
|
+
# all generated client side metrics. Defaults to an empty string.
|
164
|
+
#
|
165
|
+
# @option options [String] :client_side_monitoring_host ("127.0.0.1")
|
166
|
+
# Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
|
167
|
+
# side monitoring agent is running on, where client metrics will be published via UDP.
|
168
|
+
#
|
169
|
+
# @option options [Integer] :client_side_monitoring_port (31000)
|
170
|
+
# Required for publishing client metrics. The port that the client side monitoring
|
171
|
+
# agent is running on, where client metrics will be published via UDP.
|
172
|
+
#
|
173
|
+
# @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
|
174
|
+
# Allows you to provide a custom client-side monitoring publisher class. By default,
|
175
|
+
# will use the Client Side Monitoring Agent Publisher.
|
176
|
+
#
|
177
|
+
# @option options [Boolean] :convert_params (true)
|
178
|
+
# When `true`, an attempt is made to coerce request parameters into
|
179
|
+
# the required types.
|
180
|
+
#
|
181
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
182
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
183
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
184
|
+
#
|
185
|
+
# @option options [String] :defaults_mode ("legacy")
|
186
|
+
# See {Aws::DefaultsModeConfiguration} for a list of the
|
187
|
+
# accepted modes and the configuration defaults that are included.
|
188
|
+
#
|
189
|
+
# @option options [Boolean] :disable_host_prefix_injection (false)
|
190
|
+
# Set to true to disable SDK automatically adding host prefix
|
191
|
+
# to default service endpoint when available.
|
192
|
+
#
|
193
|
+
# @option options [String] :endpoint
|
194
|
+
# The client endpoint is normally constructed from the `:region`
|
195
|
+
# option. You should only configure an `:endpoint` when connecting
|
196
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
197
|
+
#
|
198
|
+
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
199
|
+
# Used for the maximum size limit of the LRU cache storing endpoints data
|
200
|
+
# for endpoint discovery enabled operations. Defaults to 1000.
|
201
|
+
#
|
202
|
+
# @option options [Integer] :endpoint_cache_max_threads (10)
|
203
|
+
# Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
|
204
|
+
#
|
205
|
+
# @option options [Integer] :endpoint_cache_poll_interval (60)
|
206
|
+
# When :endpoint_discovery and :active_endpoint_cache is enabled,
|
207
|
+
# Use this option to config the time interval in seconds for making
|
208
|
+
# requests fetching endpoints information. Defaults to 60 sec.
|
209
|
+
#
|
210
|
+
# @option options [Boolean] :endpoint_discovery (false)
|
211
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
212
|
+
#
|
213
|
+
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
214
|
+
# The log formatter.
|
215
|
+
#
|
216
|
+
# @option options [Symbol] :log_level (:info)
|
217
|
+
# The log level to send messages to the `:logger` at.
|
218
|
+
#
|
219
|
+
# @option options [Logger] :logger
|
220
|
+
# The Logger instance to send log messages to. If this option
|
221
|
+
# is not set, logging will be disabled.
|
222
|
+
#
|
223
|
+
# @option options [Integer] :max_attempts (3)
|
224
|
+
# An integer representing the maximum number attempts that will be made for
|
225
|
+
# a single request, including the initial attempt. For example,
|
226
|
+
# setting this value to 5 will result in a request being retried up to
|
227
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
228
|
+
#
|
229
|
+
# @option options [String] :profile ("default")
|
230
|
+
# Used when loading credentials from the shared credentials file
|
231
|
+
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
232
|
+
#
|
233
|
+
# @option options [Proc] :retry_backoff
|
234
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
235
|
+
# This option is only used in the `legacy` retry mode.
|
236
|
+
#
|
237
|
+
# @option options [Float] :retry_base_delay (0.3)
|
238
|
+
# The base delay in seconds used by the default backoff function. This option
|
239
|
+
# is only used in the `legacy` retry mode.
|
240
|
+
#
|
241
|
+
# @option options [Symbol] :retry_jitter (:none)
|
242
|
+
# A delay randomiser function used by the default backoff function.
|
243
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
244
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
245
|
+
# in the `legacy` retry mode.
|
246
|
+
#
|
247
|
+
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
248
|
+
#
|
249
|
+
# @option options [Integer] :retry_limit (3)
|
250
|
+
# The maximum number of times to retry failed requests. Only
|
251
|
+
# ~ 500 level server errors and certain ~ 400 level client errors
|
252
|
+
# are retried. Generally, these are throttling errors, data
|
253
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
254
|
+
# endpoint discovery, and errors from expired credentials.
|
255
|
+
# This option is only used in the `legacy` retry mode.
|
256
|
+
#
|
257
|
+
# @option options [Integer] :retry_max_delay (0)
|
258
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
259
|
+
# used by the default backoff function. This option is only used in the
|
260
|
+
# `legacy` retry mode.
|
261
|
+
#
|
262
|
+
# @option options [String] :retry_mode ("legacy")
|
263
|
+
# Specifies which retry algorithm to use. Values are:
|
264
|
+
#
|
265
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
266
|
+
# no retry mode is provided.
|
267
|
+
#
|
268
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
269
|
+
# This includes support for retry quotas, which limit the number of
|
270
|
+
# unsuccessful retries a client can make.
|
271
|
+
#
|
272
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
273
|
+
# functionality of `standard` mode along with automatic client side
|
274
|
+
# throttling. This is a provisional mode that may change behavior
|
275
|
+
# in the future.
|
276
|
+
#
|
277
|
+
#
|
278
|
+
# @option options [String] :secret_access_key
|
279
|
+
#
|
280
|
+
# @option options [String] :session_token
|
281
|
+
#
|
282
|
+
# @option options [Boolean] :stub_responses (false)
|
283
|
+
# Causes the client to return stubbed responses. By default
|
284
|
+
# fake responses are generated and returned. You can specify
|
285
|
+
# the response data to return or errors to raise by calling
|
286
|
+
# {ClientStubs#stub_responses}. See {ClientStubs} for more information.
|
287
|
+
#
|
288
|
+
# ** Please note ** When response stubbing is enabled, no HTTP
|
289
|
+
# requests are made, and retries are disabled.
|
290
|
+
#
|
291
|
+
# @option options [Aws::TokenProvider] :token_provider
|
292
|
+
# A Bearer Token Provider. This can be an instance of any one of the
|
293
|
+
# following classes:
|
294
|
+
#
|
295
|
+
# * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
|
296
|
+
# tokens.
|
297
|
+
#
|
298
|
+
# * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
|
299
|
+
# access token generated from `aws login`.
|
300
|
+
#
|
301
|
+
# When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
|
302
|
+
# will be used to search for tokens configured for your profile in shared configuration files.
|
303
|
+
#
|
304
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
305
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
306
|
+
# will be used if available.
|
307
|
+
#
|
308
|
+
# @option options [Boolean] :use_fips_endpoint
|
309
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
310
|
+
# When a `fips` region is used, the region is normalized and this config
|
311
|
+
# is set to `true`.
|
312
|
+
#
|
313
|
+
# @option options [Boolean] :validate_params (true)
|
314
|
+
# When `true`, request parameters are validated before
|
315
|
+
# sending the request.
|
316
|
+
#
|
317
|
+
# @option options [Aws::SecurityLake::EndpointProvider] :endpoint_provider
|
318
|
+
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SecurityLake::EndpointParameters`
|
319
|
+
#
|
320
|
+
# @option options [URI::HTTP,String] :http_proxy A proxy to send
|
321
|
+
# requests through. Formatted like 'http://proxy.com:123'.
|
322
|
+
#
|
323
|
+
# @option options [Float] :http_open_timeout (15) The number of
|
324
|
+
# seconds to wait when opening a HTTP session before raising a
|
325
|
+
# `Timeout::Error`.
|
326
|
+
#
|
327
|
+
# @option options [Float] :http_read_timeout (60) The default
|
328
|
+
# number of seconds to wait for response data. This value can
|
329
|
+
# safely be set per-request on the session.
|
330
|
+
#
|
331
|
+
# @option options [Float] :http_idle_timeout (5) The number of
|
332
|
+
# seconds a connection is allowed to sit idle before it is
|
333
|
+
# considered stale. Stale connections are closed and removed
|
334
|
+
# from the pool before making a request.
|
335
|
+
#
|
336
|
+
# @option options [Float] :http_continue_timeout (1) The number of
|
337
|
+
# seconds to wait for a 100-continue response before sending the
|
338
|
+
# request body. This option has no effect unless the request has
|
339
|
+
# "Expect" header set to "100-continue". Defaults to `nil` which
|
340
|
+
# disables this behaviour. This value can safely be set per
|
341
|
+
# request on the session.
|
342
|
+
#
|
343
|
+
# @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
|
344
|
+
# in seconds.
|
345
|
+
#
|
346
|
+
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
347
|
+
# HTTP debug output will be sent to the `:logger`.
|
348
|
+
#
|
349
|
+
# @option options [Boolean] :ssl_verify_peer (true) When `true`,
|
350
|
+
# SSL peer certificates are verified when establishing a
|
351
|
+
# connection.
|
352
|
+
#
|
353
|
+
# @option options [String] :ssl_ca_bundle Full path to the SSL
|
354
|
+
# certificate authority bundle file that should be used when
|
355
|
+
# verifying peer certificates. If you do not pass
|
356
|
+
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
357
|
+
# will be used if available.
|
358
|
+
#
|
359
|
+
# @option options [String] :ssl_ca_directory Full path of the
|
360
|
+
# directory that contains the unbundled SSL certificate
|
361
|
+
# authority files for verifying peer certificates. If you do
|
362
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
363
|
+
# system default will be used if available.
|
364
|
+
#
|
365
|
+
def initialize(*args)
|
366
|
+
super
|
367
|
+
end
|
368
|
+
|
369
|
+
# @!group API Operations
|
370
|
+
|
371
|
+
# Adds a natively-supported Amazon Web Services service as a Security
|
372
|
+
# Lake source. Enables source types for member accounts in required
|
373
|
+
# Regions, based on specified parameters. You can choose any source type
|
374
|
+
# in any Region for accounts that are either part of a trusted
|
375
|
+
# organization or standalone accounts. At least one of the three
|
376
|
+
# dimensions is a mandatory input to this API. However, any combination
|
377
|
+
# of the three dimensions can be supplied to this API.
|
378
|
+
#
|
379
|
+
# By default, dimension refers to the entire set. When you don't
|
380
|
+
# provide a dimension, Security Lake assumes that the missing dimension
|
381
|
+
# refers to the entire set. This is overridden when you supply any one
|
382
|
+
# of the inputs. For instance, when members is not specified, the API
|
383
|
+
# disables all Security Lake member accounts for sources. Similarly,
|
384
|
+
# when Regions are not specified, Security Lake is disabled for all the
|
385
|
+
# Regions where Security Lake is available as a service.
|
386
|
+
#
|
387
|
+
# You can use this API only to enable a natively-supported Amazon Web
|
388
|
+
# Services services as a source. Use `CreateCustomLogSource` to enable
|
389
|
+
# data collection from a custom source.
|
390
|
+
#
|
391
|
+
# @option params [Hash<String,Hash>] :enable_all_dimensions
|
392
|
+
# Enables specific sources in all Regions and source types.
|
393
|
+
#
|
394
|
+
# @option params [Array<String>] :enable_single_dimension
|
395
|
+
# Enables all sources in specific accounts or Regions.
|
396
|
+
#
|
397
|
+
# @option params [Hash<String,Array>] :enable_two_dimensions
|
398
|
+
# Enables specific service sources in specific accounts or Regions.
|
399
|
+
#
|
400
|
+
# @option params [required, Array<String>] :input_order
|
401
|
+
# Specifies the input order to enable dimensions in Security Lake,
|
402
|
+
# namely region, source type, and member account.
|
403
|
+
#
|
404
|
+
# @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
405
|
+
#
|
406
|
+
# * {Types::CreateAwsLogSourceResponse#failed #failed} => Array<String>
|
407
|
+
# * {Types::CreateAwsLogSourceResponse#processing #processing} => Array<String>
|
408
|
+
#
|
409
|
+
# @example Request syntax with placeholder values
|
410
|
+
#
|
411
|
+
# resp = client.create_aws_log_source({
|
412
|
+
# enable_all_dimensions: {
|
413
|
+
# "String" => {
|
414
|
+
# "String" => ["String"],
|
415
|
+
# },
|
416
|
+
# },
|
417
|
+
# enable_single_dimension: ["SafeString"],
|
418
|
+
# enable_two_dimensions: {
|
419
|
+
# "String" => ["String"],
|
420
|
+
# },
|
421
|
+
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
422
|
+
# })
|
423
|
+
#
|
424
|
+
# @example Response structure
|
425
|
+
#
|
426
|
+
# resp.failed #=> Array
|
427
|
+
# resp.failed[0] #=> String
|
428
|
+
# resp.processing #=> Array
|
429
|
+
# resp.processing[0] #=> String
|
430
|
+
#
|
431
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
|
432
|
+
#
|
433
|
+
# @overload create_aws_log_source(params = {})
|
434
|
+
# @param [Hash] params ({})
|
435
|
+
def create_aws_log_source(params = {}, options = {})
|
436
|
+
req = build_request(:create_aws_log_source, params)
|
437
|
+
req.send_request(options)
|
438
|
+
end
|
439
|
+
|
440
|
+
# Adds a third-party custom source in Amazon Security Lake, from the
|
441
|
+
# Region where you want to create a custom source. Security Lake can
|
442
|
+
# collect logs and events from third-party custom sources. After
|
443
|
+
# creating the appropriate API roles, use this API to add a custom
|
444
|
+
# source name in Security Lake. This operation creates a partition in
|
445
|
+
# the Security Lake S3 bucket as the target location for log files from
|
446
|
+
# the custom source, an associated Glue table, and an Glue crawler.
|
447
|
+
#
|
448
|
+
# @option params [required, String] :custom_source_name
|
449
|
+
# The custom source name for a third-party custom source.
|
450
|
+
#
|
451
|
+
# @option params [required, String] :event_class
|
452
|
+
# The Open Cybersecurity Schema Framework (OCSF) event class.
|
453
|
+
#
|
454
|
+
# @option params [required, String] :glue_invocation_role_arn
|
455
|
+
# The IAM Role ARN to be used by the Glue Crawler. The recommended IAM
|
456
|
+
# policies are:
|
457
|
+
#
|
458
|
+
# * The managed policy `AWSGlueServiceRole`
|
459
|
+
#
|
460
|
+
# * A custom policy granting access to your S3 Data Lake
|
461
|
+
#
|
462
|
+
# @option params [required, String] :log_provider_account_id
|
463
|
+
# The Account ID that will assume the above Role to put logs into the
|
464
|
+
# Data Lake.
|
465
|
+
#
|
466
|
+
# @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
467
|
+
#
|
468
|
+
# * {Types::CreateCustomLogSourceResponse#custom_data_location #custom_data_location} => String
|
469
|
+
# * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
|
470
|
+
# * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
|
471
|
+
# * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
|
472
|
+
# * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
|
473
|
+
#
|
474
|
+
# @example Request syntax with placeholder values
|
475
|
+
#
|
476
|
+
# resp = client.create_custom_log_source({
|
477
|
+
# custom_source_name: "CustomSourceType", # required
|
478
|
+
# event_class: "ACCESS_ACTIVITY", # required, accepts ACCESS_ACTIVITY, FILE_ACTIVITY, KERNEL_ACTIVITY, KERNEL_EXTENSION, MEMORY_ACTIVITY, MODULE_ACTIVITY, PROCESS_ACTIVITY, REGISTRY_KEY_ACTIVITY, REGISTRY_VALUE_ACTIVITY, RESOURCE_ACTIVITY, SCHEDULED_JOB_ACTIVITY, SECURITY_FINDING, ACCOUNT_CHANGE, AUTHENTICATION, AUTHORIZATION, ENTITY_MANAGEMENT_AUDIT, DHCP_ACTIVITY, NETWORK_ACTIVITY, DNS_ACTIVITY, FTP_ACTIVITY, HTTP_ACTIVITY, RDP_ACTIVITY, SMB_ACTIVITY, SSH_ACTIVITY, CLOUD_API, CONTAINER_LIFECYCLE, DATABASE_LIFECYCLE, CONFIG_STATE, CLOUD_STORAGE, INVENTORY_INFO, RFB_ACTIVITY, SMTP_ACTIVITY, VIRTUAL_MACHINE_ACTIVITY
|
479
|
+
# glue_invocation_role_arn: "RoleArn", # required
|
480
|
+
# log_provider_account_id: "AwsAccountId", # required
|
481
|
+
# })
|
482
|
+
#
|
483
|
+
# @example Response structure
|
484
|
+
#
|
485
|
+
# resp.custom_data_location #=> String
|
486
|
+
# resp.glue_crawler_name #=> String
|
487
|
+
# resp.glue_database_name #=> String
|
488
|
+
# resp.glue_table_name #=> String
|
489
|
+
# resp.log_provider_access_role_arn #=> String
|
490
|
+
#
|
491
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
|
492
|
+
#
|
493
|
+
# @overload create_custom_log_source(params = {})
|
494
|
+
# @param [Hash] params ({})
|
495
|
+
def create_custom_log_source(params = {}, options = {})
|
496
|
+
req = build_request(:create_custom_log_source, params)
|
497
|
+
req.send_request(options)
|
498
|
+
end
|
499
|
+
|
500
|
+
# Initializes an Amazon Security Lake instance with the provided (or
|
501
|
+
# default) configuration. You can enable Security Lake in Regions with
|
502
|
+
# customized settings in advance before enabling log collection in
|
503
|
+
# Regions. You can either use the `enableAll` parameter to specify all
|
504
|
+
# Regions or you can specify the Regions you want to enable Security
|
505
|
+
# Lake using the `Regions` parameter and configure these Regions using
|
506
|
+
# the `configurations` parameter. When the `CreateDataLake` API is
|
507
|
+
# called multiple times, if that Region is already enabled, it will
|
508
|
+
# update the Region if configuration for that Region is provided. If
|
509
|
+
# that Region is a new Region, it will be set up with the customized
|
510
|
+
# configurations if it is specified.
|
511
|
+
#
|
512
|
+
# When you enable Security Lake, it starts ingesting security data after
|
513
|
+
# the `CreateAwsLogSource` call. This includes ingesting security data
|
514
|
+
# from sources, storing data, and making data accessible to subscribers.
|
515
|
+
# Security Lake also enables all the existing settings and resources
|
516
|
+
# that it stores or maintains for your account in the current Region,
|
517
|
+
# including security log and event data. For more information, see the
|
518
|
+
# Amazon Security Lake User Guide.
|
519
|
+
#
|
520
|
+
# @option params [Hash<String,Types::LakeConfigurationRequest>] :configurations
|
521
|
+
# Enable Security Lake with the specified configurations settings to
|
522
|
+
# begin ingesting security data.
|
523
|
+
#
|
524
|
+
# @option params [Boolean] :enable_all
|
525
|
+
# Enable Security Lake in all Regions to begin ingesting security data.
|
526
|
+
#
|
527
|
+
# @option params [String] :meta_store_manager_role_arn
|
528
|
+
# The Role ARN used to create and update the Glue table with partitions
|
529
|
+
# generated by ingestion and normalization of Amazon Web Services log
|
530
|
+
# sources and custom sources.
|
531
|
+
#
|
532
|
+
# @option params [Array<String>] :regions
|
533
|
+
# Enable Security Lake in the specified Regions to begin ingesting
|
534
|
+
# security data. To enable Security Lake in specific Amazon Web Services
|
535
|
+
# Regions, such as us-east-1 or ap-northeast-3, provide the Region
|
536
|
+
# codes. For a list of Region codes, see [Region codes][1] in the Amazon
|
537
|
+
# Web Services General Reference.
|
538
|
+
#
|
539
|
+
#
|
540
|
+
#
|
541
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints
|
542
|
+
#
|
543
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
544
|
+
#
|
545
|
+
# @example Request syntax with placeholder values
|
546
|
+
#
|
547
|
+
# resp = client.create_datalake({
|
548
|
+
# configurations: {
|
549
|
+
# "us-east-1" => {
|
550
|
+
# encryption_key: "String",
|
551
|
+
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
552
|
+
# replication_role_arn: "RoleArn",
|
553
|
+
# retention_settings: [
|
554
|
+
# {
|
555
|
+
# retention_period: 1,
|
556
|
+
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
557
|
+
# },
|
558
|
+
# ],
|
559
|
+
# tags_map: {
|
560
|
+
# "String" => "String",
|
561
|
+
# },
|
562
|
+
# },
|
563
|
+
# },
|
564
|
+
# enable_all: false,
|
565
|
+
# meta_store_manager_role_arn: "RoleArn",
|
566
|
+
# regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
567
|
+
# })
|
568
|
+
#
|
569
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalake AWS API Documentation
|
570
|
+
#
|
571
|
+
# @overload create_datalake(params = {})
|
572
|
+
# @param [Hash] params ({})
|
573
|
+
def create_datalake(params = {}, options = {})
|
574
|
+
req = build_request(:create_datalake, params)
|
575
|
+
req.send_request(options)
|
576
|
+
end
|
577
|
+
|
578
|
+
# Automatically enable Security Lake in the specified Regions to begin
|
579
|
+
# ingesting security data. When you choose to enable organization
|
580
|
+
# accounts automatically, then Security Lake begins to enable new
|
581
|
+
# accounts as member accounts as they are added to the organization.
|
582
|
+
# Security Lake does not enable existing organization accounts that are
|
583
|
+
# not yet enabled.
|
584
|
+
#
|
585
|
+
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
|
586
|
+
# Enable Amazon Security Lake with the specified configurations settings
|
587
|
+
# to begin ingesting security data for new accounts in Security Lake.
|
588
|
+
#
|
589
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
590
|
+
#
|
591
|
+
# @example Request syntax with placeholder values
|
592
|
+
#
|
593
|
+
# resp = client.create_datalake_auto_enable({
|
594
|
+
# configuration_for_new_accounts: [ # required
|
595
|
+
# {
|
596
|
+
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
597
|
+
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
598
|
+
# },
|
599
|
+
# ],
|
600
|
+
# })
|
601
|
+
#
|
602
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeAutoEnable AWS API Documentation
|
603
|
+
#
|
604
|
+
# @overload create_datalake_auto_enable(params = {})
|
605
|
+
# @param [Hash] params ({})
|
606
|
+
def create_datalake_auto_enable(params = {}, options = {})
|
607
|
+
req = build_request(:create_datalake_auto_enable, params)
|
608
|
+
req.send_request(options)
|
609
|
+
end
|
610
|
+
|
611
|
+
# Designates the Security Lake administrator account for the
|
612
|
+
# organization. This API can only be called by the organization
|
613
|
+
# management account. The organization management account cannot be the
|
614
|
+
# delegated administrator account.
|
615
|
+
#
|
616
|
+
# @option params [required, String] :account
|
617
|
+
# Account ID of the Security Lake delegated administrator.
|
618
|
+
#
|
619
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
620
|
+
#
|
621
|
+
# @example Request syntax with placeholder values
|
622
|
+
#
|
623
|
+
# resp = client.create_datalake_delegated_admin({
|
624
|
+
# account: "SafeString", # required
|
625
|
+
# })
|
626
|
+
#
|
627
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeDelegatedAdmin AWS API Documentation
|
628
|
+
#
|
629
|
+
# @overload create_datalake_delegated_admin(params = {})
|
630
|
+
# @param [Hash] params ({})
|
631
|
+
def create_datalake_delegated_admin(params = {}, options = {})
|
632
|
+
req = build_request(:create_datalake_delegated_admin, params)
|
633
|
+
req.send_request(options)
|
634
|
+
end
|
635
|
+
|
636
|
+
# Creates the specified notification subscription in Security Lake.
|
637
|
+
# Creates the specified subscription notifications in the specified
|
638
|
+
# organization.
|
639
|
+
#
|
640
|
+
# @option params [required, String] :notification_endpoint
|
641
|
+
# The account in which the exception notifications subscription is
|
642
|
+
# created.
|
643
|
+
#
|
644
|
+
# @option params [required, String] :subscription_protocol
|
645
|
+
# The subscription protocol to which exception messages are posted.
|
646
|
+
#
|
647
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
648
|
+
#
|
649
|
+
# @example Request syntax with placeholder values
|
650
|
+
#
|
651
|
+
# resp = client.create_datalake_exceptions_subscription({
|
652
|
+
# notification_endpoint: "SafeString", # required
|
653
|
+
# subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
|
654
|
+
# })
|
655
|
+
#
|
656
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDatalakeExceptionsSubscription AWS API Documentation
|
657
|
+
#
|
658
|
+
# @overload create_datalake_exceptions_subscription(params = {})
|
659
|
+
# @param [Hash] params ({})
|
660
|
+
def create_datalake_exceptions_subscription(params = {}, options = {})
|
661
|
+
req = build_request(:create_datalake_exceptions_subscription, params)
|
662
|
+
req.send_request(options)
|
663
|
+
end
|
664
|
+
|
665
|
+
# Creates a subscription permission for accounts that are already
|
666
|
+
# enabled in Security Lake.
|
667
|
+
#
|
668
|
+
# @option params [Array<String>] :access_types
|
669
|
+
# The Amazon S3 or Lake Formation access type.
|
670
|
+
#
|
671
|
+
# @option params [required, String] :account_id
|
672
|
+
# The third party Amazon Web Services account ID used to access your
|
673
|
+
# data.
|
674
|
+
#
|
675
|
+
# @option params [required, String] :external_id
|
676
|
+
# The external ID of the subscriber. External ID allows the user that is
|
677
|
+
# assuming the role to assert the circumstances in which they are
|
678
|
+
# operating. It also provides a way for the account owner to permit the
|
679
|
+
# role to be assumed only under specific circumstances.
|
680
|
+
#
|
681
|
+
# @option params [required, Array<Types::SourceType>] :source_types
|
682
|
+
# The supported Amazon Web Services services from which logs and events
|
683
|
+
# are collected. Amazon Security Lake supports logs and events
|
684
|
+
# collection for natively-supported Amazon Web Services services.
|
685
|
+
#
|
686
|
+
# @option params [String] :subscriber_description
|
687
|
+
# The subscriber descriptions for the subscriber account in Amazon
|
688
|
+
# Security Lake.
|
689
|
+
#
|
690
|
+
# @option params [required, String] :subscriber_name
|
691
|
+
# The name of your Amazon Security Lake subscriber account.
|
692
|
+
#
|
693
|
+
# @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
694
|
+
#
|
695
|
+
# * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
|
696
|
+
# * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
|
697
|
+
# * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
|
698
|
+
# * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
|
699
|
+
#
|
700
|
+
# @example Request syntax with placeholder values
|
701
|
+
#
|
702
|
+
# resp = client.create_subscriber({
|
703
|
+
# access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
|
704
|
+
# account_id: "AwsAccountId", # required
|
705
|
+
# external_id: "SafeString", # required
|
706
|
+
# source_types: [ # required
|
707
|
+
# {
|
708
|
+
# aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
709
|
+
# custom_source_type: "CustomSourceType",
|
710
|
+
# },
|
711
|
+
# ],
|
712
|
+
# subscriber_description: "SafeString",
|
713
|
+
# subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
|
714
|
+
# })
|
715
|
+
#
|
716
|
+
# @example Response structure
|
717
|
+
#
|
718
|
+
# resp.role_arn #=> String
|
719
|
+
# resp.s3_bucket_arn #=> String
|
720
|
+
# resp.sns_arn #=> String
|
721
|
+
# resp.subscription_id #=> String
|
722
|
+
#
|
723
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
|
724
|
+
#
|
725
|
+
# @overload create_subscriber(params = {})
|
726
|
+
# @param [Hash] params ({})
|
727
|
+
def create_subscriber(params = {}, options = {})
|
728
|
+
req = build_request(:create_subscriber, params)
|
729
|
+
req.send_request(options)
|
730
|
+
end
|
731
|
+
|
732
|
+
# Creates the specified notification subscription in Security Lake.
|
733
|
+
# Creates the specified subscription notifications from the specified
|
734
|
+
# organization.
|
735
|
+
#
|
736
|
+
# @option params [Boolean] :create_sqs
|
737
|
+
# Create a new subscription notification for the specified subscription
|
738
|
+
# ID in Security Lake.
|
739
|
+
#
|
740
|
+
# @option params [String] :https_api_key_name
|
741
|
+
# The key name for the subscription notification.
|
742
|
+
#
|
743
|
+
# @option params [String] :https_api_key_value
|
744
|
+
# The key value for the subscription notification.
|
745
|
+
#
|
746
|
+
# @option params [String] :https_method
|
747
|
+
# The HTTPS method used for the subscription notification.
|
748
|
+
#
|
749
|
+
# @option params [String] :role_arn
|
750
|
+
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
751
|
+
#
|
752
|
+
# @option params [String] :subscription_endpoint
|
753
|
+
# The subscription endpoint in Security Lake.
|
754
|
+
#
|
755
|
+
# @option params [required, String] :subscription_id
|
756
|
+
# The subscription ID for which the subscription notification is
|
757
|
+
# specified.
|
758
|
+
#
|
759
|
+
# @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
760
|
+
#
|
761
|
+
# * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
762
|
+
#
|
763
|
+
# @example Request syntax with placeholder values
|
764
|
+
#
|
765
|
+
# resp = client.create_subscription_notification_configuration({
|
766
|
+
# create_sqs: false,
|
767
|
+
# https_api_key_name: "String",
|
768
|
+
# https_api_key_value: "String",
|
769
|
+
# https_method: "POST", # accepts POST, PUT
|
770
|
+
# role_arn: "RoleArn",
|
771
|
+
# subscription_endpoint: "CreateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
|
772
|
+
# subscription_id: "UUID", # required
|
773
|
+
# })
|
774
|
+
#
|
775
|
+
# @example Response structure
|
776
|
+
#
|
777
|
+
# resp.queue_arn #=> String
|
778
|
+
#
|
779
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriptionNotificationConfiguration AWS API Documentation
|
780
|
+
#
|
781
|
+
# @overload create_subscription_notification_configuration(params = {})
|
782
|
+
# @param [Hash] params ({})
|
783
|
+
def create_subscription_notification_configuration(params = {}, options = {})
|
784
|
+
req = build_request(:create_subscription_notification_configuration, params)
|
785
|
+
req.send_request(options)
|
786
|
+
end
|
787
|
+
|
788
|
+
# Removes a natively-supported Amazon Web Services service as a Amazon
|
789
|
+
# Security Lake source. When you remove the source, Security Lake stops
|
790
|
+
# collecting data from that source, and subscribers can no longer
|
791
|
+
# consume new data from the source. Subscribers can still consume data
|
792
|
+
# that Amazon Security Lake collected from the source before
|
793
|
+
# disablement.
|
794
|
+
#
|
795
|
+
# You can choose any source type in any Region for accounts that are
|
796
|
+
# either part of a trusted organization or standalone accounts. At least
|
797
|
+
# one of the three dimensions is a mandatory input to this API. However,
|
798
|
+
# any combination of the three dimensions can be supplied to this API.
|
799
|
+
#
|
800
|
+
# By default, dimension refers to the entire set. This is overridden
|
801
|
+
# when you supply any one of the inputs. For instance, when members is
|
802
|
+
# not specified, the API disables all Security Lake member accounts for
|
803
|
+
# sources. Similarly, when Regions are not specified, Security Lake is
|
804
|
+
# disabled for all the Regions where Security Lake is available as a
|
805
|
+
# service.
|
806
|
+
#
|
807
|
+
# You can use this API to remove a natively-supported Amazon Web
|
808
|
+
# Services service as a source. Use `DeregisterCustomData` to remove a
|
809
|
+
# custom source.
|
810
|
+
#
|
811
|
+
# When you don't provide a dimension, Security Lake assumes that the
|
812
|
+
# missing dimension refers to the entire set. For example, if you don't
|
813
|
+
# provide specific accounts, the API applies to the entire set of
|
814
|
+
# accounts in your organization.
|
815
|
+
#
|
816
|
+
# @option params [Hash<String,Hash>] :disable_all_dimensions
|
817
|
+
# Removes the specific Amazon Web Services sources from all Regions and
|
818
|
+
# source types.
|
819
|
+
#
|
820
|
+
# @option params [Array<String>] :disable_single_dimension
|
821
|
+
# Removes all Amazon Web Services sources from specific accounts or
|
822
|
+
# Regions.
|
823
|
+
#
|
824
|
+
# @option params [Hash<String,Array>] :disable_two_dimensions
|
825
|
+
# Remove a specific Amazon Web Services source from specific accounts or
|
826
|
+
# Regions.
|
827
|
+
#
|
828
|
+
# @option params [required, Array<String>] :input_order
|
829
|
+
# This is a mandatory input. Specifies the input order to disable
|
830
|
+
# dimensions in Security Lake, namely Region, source type, and member.
|
831
|
+
#
|
832
|
+
# @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
833
|
+
#
|
834
|
+
# * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array<String>
|
835
|
+
# * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array<String>
|
836
|
+
#
|
837
|
+
# @example Request syntax with placeholder values
|
838
|
+
#
|
839
|
+
# resp = client.delete_aws_log_source({
|
840
|
+
# disable_all_dimensions: {
|
841
|
+
# "String" => {
|
842
|
+
# "String" => ["String"],
|
843
|
+
# },
|
844
|
+
# },
|
845
|
+
# disable_single_dimension: ["SafeString"],
|
846
|
+
# disable_two_dimensions: {
|
847
|
+
# "String" => ["String"],
|
848
|
+
# },
|
849
|
+
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
850
|
+
# })
|
851
|
+
#
|
852
|
+
# @example Response structure
|
853
|
+
#
|
854
|
+
# resp.failed #=> Array
|
855
|
+
# resp.failed[0] #=> String
|
856
|
+
# resp.processing #=> Array
|
857
|
+
# resp.processing[0] #=> String
|
858
|
+
#
|
859
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
|
860
|
+
#
|
861
|
+
# @overload delete_aws_log_source(params = {})
|
862
|
+
# @param [Hash] params ({})
|
863
|
+
def delete_aws_log_source(params = {}, options = {})
|
864
|
+
req = build_request(:delete_aws_log_source, params)
|
865
|
+
req.send_request(options)
|
866
|
+
end
|
867
|
+
|
868
|
+
# Removes a custom log source from Security Lake.
|
869
|
+
#
|
870
|
+
# @option params [required, String] :custom_source_name
|
871
|
+
# The custom source name for the custome log source.
|
872
|
+
#
|
873
|
+
# @return [Types::DeleteCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
874
|
+
#
|
875
|
+
# * {Types::DeleteCustomLogSourceResponse#custom_data_location #custom_data_location} => String
|
876
|
+
#
|
877
|
+
# @example Request syntax with placeholder values
|
878
|
+
#
|
879
|
+
# resp = client.delete_custom_log_source({
|
880
|
+
# custom_source_name: "String", # required
|
881
|
+
# })
|
882
|
+
#
|
883
|
+
# @example Response structure
|
884
|
+
#
|
885
|
+
# resp.custom_data_location #=> String
|
886
|
+
#
|
887
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
|
888
|
+
#
|
889
|
+
# @overload delete_custom_log_source(params = {})
|
890
|
+
# @param [Hash] params ({})
|
891
|
+
def delete_custom_log_source(params = {}, options = {})
|
892
|
+
req = build_request(:delete_custom_log_source, params)
|
893
|
+
req.send_request(options)
|
894
|
+
end
|
895
|
+
|
896
|
+
# When you delete Amazon Security Lake from your account, Security Lake
|
897
|
+
# is disabled in all Regions. Also, this API automatically performs the
|
898
|
+
# off-boarding steps to off-board the account from Security Lake . This
|
899
|
+
# includes ingesting security data from sources, storing data, and
|
900
|
+
# making data accessible to subscribers. Security Lake also deletes all
|
901
|
+
# the existing settings and resources that it stores or maintains for
|
902
|
+
# your account in the current Region, including security log and event
|
903
|
+
# data. `DeleteDatalake` does not delete the S3 bucket which is owned by
|
904
|
+
# the Amazon Web Services account. For more information, see the Amazon
|
905
|
+
# Security Lake User Guide.
|
906
|
+
#
|
907
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
908
|
+
#
|
909
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
|
910
|
+
#
|
911
|
+
# @overload delete_datalake(params = {})
|
912
|
+
# @param [Hash] params ({})
|
913
|
+
def delete_datalake(params = {}, options = {})
|
914
|
+
req = build_request(:delete_datalake, params)
|
915
|
+
req.send_request(options)
|
916
|
+
end
|
917
|
+
|
918
|
+
# Automatically delete Security Lake in the specified Regions to stop
|
919
|
+
# ingesting security data. When you delete Amazon Security Lake from
|
920
|
+
# your account, Security Lake is disabled in all Regions. Also, this API
|
921
|
+
# automatically performs the off-boarding steps to off-board the account
|
922
|
+
# from Security Lake . This includes ingesting security data from
|
923
|
+
# sources, storing data, and making data accessible to subscribers.
|
924
|
+
# Security Lake also deletes all the existing settings and resources
|
925
|
+
# that it stores or maintains for your account in the current Region,
|
926
|
+
# including security log and event data. For more information, see the
|
927
|
+
# Amazon Security Lake User Guide.
|
928
|
+
#
|
929
|
+
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
|
930
|
+
# Delete Amazon Security Lake with the specified configurations settings
|
931
|
+
# to stop ingesting security data for new accounts in Security Lake.
|
932
|
+
#
|
933
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
934
|
+
#
|
935
|
+
# @example Request syntax with placeholder values
|
936
|
+
#
|
937
|
+
# resp = client.delete_datalake_auto_enable({
|
938
|
+
# remove_from_configuration_for_new_accounts: [ # required
|
939
|
+
# {
|
940
|
+
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
941
|
+
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
942
|
+
# },
|
943
|
+
# ],
|
944
|
+
# })
|
945
|
+
#
|
946
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeAutoEnable AWS API Documentation
|
947
|
+
#
|
948
|
+
# @overload delete_datalake_auto_enable(params = {})
|
949
|
+
# @param [Hash] params ({})
|
950
|
+
def delete_datalake_auto_enable(params = {}, options = {})
|
951
|
+
req = build_request(:delete_datalake_auto_enable, params)
|
952
|
+
req.send_request(options)
|
953
|
+
end
|
954
|
+
|
955
|
+
# Deletes the Security Lake administrator account for the organization.
|
956
|
+
# This API can only be called by the organization management account.
|
957
|
+
# The organization management account cannot be the delegated
|
958
|
+
# administrator account.
|
959
|
+
#
|
960
|
+
# @option params [required, String] :account
|
961
|
+
# Account ID the Security Lake delegated administrator.
|
962
|
+
#
|
963
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
964
|
+
#
|
965
|
+
# @example Request syntax with placeholder values
|
966
|
+
#
|
967
|
+
# resp = client.delete_datalake_delegated_admin({
|
968
|
+
# account: "SafeString", # required
|
969
|
+
# })
|
970
|
+
#
|
971
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
|
972
|
+
#
|
973
|
+
# @overload delete_datalake_delegated_admin(params = {})
|
974
|
+
# @param [Hash] params ({})
|
975
|
+
def delete_datalake_delegated_admin(params = {}, options = {})
|
976
|
+
req = build_request(:delete_datalake_delegated_admin, params)
|
977
|
+
req.send_request(options)
|
978
|
+
end
|
979
|
+
|
980
|
+
# Deletes the specified notification subscription in Security Lake.
|
981
|
+
# Deletes the specified subscription notifications in the specified
|
982
|
+
# organization.
|
983
|
+
#
|
984
|
+
# @return [Types::DeleteDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
985
|
+
#
|
986
|
+
# * {Types::DeleteDatalakeExceptionsSubscriptionResponse#status #status} => String
|
987
|
+
#
|
988
|
+
# @example Response structure
|
989
|
+
#
|
990
|
+
# resp.status #=> String
|
991
|
+
#
|
992
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeExceptionsSubscription AWS API Documentation
|
993
|
+
#
|
994
|
+
# @overload delete_datalake_exceptions_subscription(params = {})
|
995
|
+
# @param [Hash] params ({})
|
996
|
+
def delete_datalake_exceptions_subscription(params = {}, options = {})
|
997
|
+
req = build_request(:delete_datalake_exceptions_subscription, params)
|
998
|
+
req.send_request(options)
|
999
|
+
end
|
1000
|
+
|
1001
|
+
# Deletes the specified subscription permissions to Security Lake.
|
1002
|
+
# Deletes the specified subscription permissions from the specified
|
1003
|
+
# organization.
|
1004
|
+
#
|
1005
|
+
# @option params [required, String] :id
|
1006
|
+
# A value created by Security Lake that uniquely identifies your
|
1007
|
+
# `DeleteSubscriber` API request.
|
1008
|
+
#
|
1009
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1010
|
+
#
|
1011
|
+
# @example Request syntax with placeholder values
|
1012
|
+
#
|
1013
|
+
# resp = client.delete_subscriber({
|
1014
|
+
# id: "String", # required
|
1015
|
+
# })
|
1016
|
+
#
|
1017
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
|
1018
|
+
#
|
1019
|
+
# @overload delete_subscriber(params = {})
|
1020
|
+
# @param [Hash] params ({})
|
1021
|
+
def delete_subscriber(params = {}, options = {})
|
1022
|
+
req = build_request(:delete_subscriber, params)
|
1023
|
+
req.send_request(options)
|
1024
|
+
end
|
1025
|
+
|
1026
|
+
# Deletes the specified notification subscription in Security Lake.
|
1027
|
+
# Deletes the specified subscription notifications from the specified
|
1028
|
+
# organization.
|
1029
|
+
#
|
1030
|
+
# @option params [required, String] :subscription_id
|
1031
|
+
# The subscription ID of the Amazon Security Lake subscriber account.
|
1032
|
+
#
|
1033
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1034
|
+
#
|
1035
|
+
# @example Request syntax with placeholder values
|
1036
|
+
#
|
1037
|
+
# resp = client.delete_subscription_notification_configuration({
|
1038
|
+
# subscription_id: "UUID", # required
|
1039
|
+
# })
|
1040
|
+
#
|
1041
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriptionNotificationConfiguration AWS API Documentation
|
1042
|
+
#
|
1043
|
+
# @overload delete_subscription_notification_configuration(params = {})
|
1044
|
+
# @param [Hash] params ({})
|
1045
|
+
def delete_subscription_notification_configuration(params = {}, options = {})
|
1046
|
+
req = build_request(:delete_subscription_notification_configuration, params)
|
1047
|
+
req.send_request(options)
|
1048
|
+
end
|
1049
|
+
|
1050
|
+
# Retrieve the Security Lake configuration object for the specified
|
1051
|
+
# account ID. This API does not take input parameters.
|
1052
|
+
#
|
1053
|
+
# @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1054
|
+
#
|
1055
|
+
# * {Types::GetDatalakeResponse#configurations #configurations} => Hash<String,Types::LakeConfigurationResponse>
|
1056
|
+
#
|
1057
|
+
# @example Response structure
|
1058
|
+
#
|
1059
|
+
# resp.configurations #=> Hash
|
1060
|
+
# resp.configurations["Region"].encryption_key #=> String
|
1061
|
+
# resp.configurations["Region"].replication_destination_regions #=> Array
|
1062
|
+
# resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1063
|
+
# resp.configurations["Region"].replication_role_arn #=> String
|
1064
|
+
# resp.configurations["Region"].retention_settings #=> Array
|
1065
|
+
# resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
|
1066
|
+
# resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
|
1067
|
+
# resp.configurations["Region"].s3_bucket_arn #=> String
|
1068
|
+
# resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1069
|
+
# resp.configurations["Region"].tags_map #=> Hash
|
1070
|
+
# resp.configurations["Region"].tags_map["String"] #=> String
|
1071
|
+
#
|
1072
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
|
1073
|
+
#
|
1074
|
+
# @overload get_datalake(params = {})
|
1075
|
+
# @param [Hash] params ({})
|
1076
|
+
def get_datalake(params = {}, options = {})
|
1077
|
+
req = build_request(:get_datalake, params)
|
1078
|
+
req.send_request(options)
|
1079
|
+
end
|
1080
|
+
|
1081
|
+
# Retrieves the configuration that will be automatically set up for
|
1082
|
+
# accounts added to the organization after the organization has on
|
1083
|
+
# boarded to Amazon Security Lake. This API does not take input
|
1084
|
+
# parameters.
|
1085
|
+
#
|
1086
|
+
# @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1087
|
+
#
|
1088
|
+
# * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array<Types::AutoEnableNewRegionConfiguration>
|
1089
|
+
#
|
1090
|
+
# @example Response structure
|
1091
|
+
#
|
1092
|
+
# resp.auto_enable_new_accounts #=> Array
|
1093
|
+
# resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1094
|
+
# resp.auto_enable_new_accounts[0].sources #=> Array
|
1095
|
+
# resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1096
|
+
#
|
1097
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeAutoEnable AWS API Documentation
|
1098
|
+
#
|
1099
|
+
# @overload get_datalake_auto_enable(params = {})
|
1100
|
+
# @param [Hash] params ({})
|
1101
|
+
def get_datalake_auto_enable(params = {}, options = {})
|
1102
|
+
req = build_request(:get_datalake_auto_enable, params)
|
1103
|
+
req.send_request(options)
|
1104
|
+
end
|
1105
|
+
|
1106
|
+
# Retrieves the expiration period and time-to-live (TTL) for which the
|
1107
|
+
# exception message will remain. Exceptions are stored by default, for a
|
1108
|
+
# 2 week period of time from when a record was created in Security Lake.
|
1109
|
+
# This API does not take input parameters. This API does not take input
|
1110
|
+
# parameters.
|
1111
|
+
#
|
1112
|
+
# @return [Types::GetDatalakeExceptionsExpiryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1113
|
+
#
|
1114
|
+
# * {Types::GetDatalakeExceptionsExpiryResponse#exception_message_expiry #exception_message_expiry} => Integer
|
1115
|
+
#
|
1116
|
+
# @example Response structure
|
1117
|
+
#
|
1118
|
+
# resp.exception_message_expiry #=> Integer
|
1119
|
+
#
|
1120
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsExpiry AWS API Documentation
|
1121
|
+
#
|
1122
|
+
# @overload get_datalake_exceptions_expiry(params = {})
|
1123
|
+
# @param [Hash] params ({})
|
1124
|
+
def get_datalake_exceptions_expiry(params = {}, options = {})
|
1125
|
+
req = build_request(:get_datalake_exceptions_expiry, params)
|
1126
|
+
req.send_request(options)
|
1127
|
+
end
|
1128
|
+
|
1129
|
+
# Retrieves the details of exception notifications for the account in
|
1130
|
+
# Amazon Security Lake.
|
1131
|
+
#
|
1132
|
+
# @return [Types::GetDatalakeExceptionsSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1133
|
+
#
|
1134
|
+
# * {Types::GetDatalakeExceptionsSubscriptionResponse#protocol_and_notification_endpoint #protocol_and_notification_endpoint} => Types::ProtocolAndNotificationEndpoint
|
1135
|
+
#
|
1136
|
+
# @example Response structure
|
1137
|
+
#
|
1138
|
+
# resp.protocol_and_notification_endpoint.endpoint #=> String
|
1139
|
+
# resp.protocol_and_notification_endpoint.protocol #=> String
|
1140
|
+
#
|
1141
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeExceptionsSubscription AWS API Documentation
|
1142
|
+
#
|
1143
|
+
# @overload get_datalake_exceptions_subscription(params = {})
|
1144
|
+
# @param [Hash] params ({})
|
1145
|
+
def get_datalake_exceptions_subscription(params = {}, options = {})
|
1146
|
+
req = build_request(:get_datalake_exceptions_subscription, params)
|
1147
|
+
req.send_request(options)
|
1148
|
+
end
|
1149
|
+
|
1150
|
+
# Retrieve the Security Lake configuration object for the specified
|
1151
|
+
# account ID. This API does not take input parameters.
|
1152
|
+
#
|
1153
|
+
# @option params [Array<String>] :account_set
|
1154
|
+
# The account IDs for which a static snapshot of the current Region,
|
1155
|
+
# including enabled accounts and log sources is retrieved.
|
1156
|
+
#
|
1157
|
+
# @option params [Integer] :max_account_results
|
1158
|
+
# The maximum limit of accounts for which the static snapshot of the
|
1159
|
+
# current Region including enabled accounts and log sources is
|
1160
|
+
# retrieved.
|
1161
|
+
#
|
1162
|
+
# @option params [String] :next_token
|
1163
|
+
# If nextToken is returned, there are more results available. The value
|
1164
|
+
# of nextToken is a unique pagination token for each page. Make the call
|
1165
|
+
# again using the returned token to retrieve the next page. Keep all
|
1166
|
+
# other arguments unchanged. Each pagination token expires after 24
|
1167
|
+
# hours. Using an expired pagination token will return an HTTP 400
|
1168
|
+
# InvalidToken error.
|
1169
|
+
#
|
1170
|
+
# @return [Types::GetDatalakeStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1171
|
+
#
|
1172
|
+
# * {Types::GetDatalakeStatusResponse#account_sources_list #account_sources_list} => Array<Types::AccountSources>
|
1173
|
+
# * {Types::GetDatalakeStatusResponse#next_token #next_token} => String
|
1174
|
+
#
|
1175
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1176
|
+
#
|
1177
|
+
# @example Request syntax with placeholder values
|
1178
|
+
#
|
1179
|
+
# resp = client.get_datalake_status({
|
1180
|
+
# account_set: ["SafeString"],
|
1181
|
+
# max_account_results: 1,
|
1182
|
+
# next_token: "SafeString",
|
1183
|
+
# })
|
1184
|
+
#
|
1185
|
+
# @example Response structure
|
1186
|
+
#
|
1187
|
+
# resp.account_sources_list #=> Array
|
1188
|
+
# resp.account_sources_list[0].account #=> String
|
1189
|
+
# resp.account_sources_list[0].event_class #=> String, one of "ACCESS_ACTIVITY", "FILE_ACTIVITY", "KERNEL_ACTIVITY", "KERNEL_EXTENSION", "MEMORY_ACTIVITY", "MODULE_ACTIVITY", "PROCESS_ACTIVITY", "REGISTRY_KEY_ACTIVITY", "REGISTRY_VALUE_ACTIVITY", "RESOURCE_ACTIVITY", "SCHEDULED_JOB_ACTIVITY", "SECURITY_FINDING", "ACCOUNT_CHANGE", "AUTHENTICATION", "AUTHORIZATION", "ENTITY_MANAGEMENT_AUDIT", "DHCP_ACTIVITY", "NETWORK_ACTIVITY", "DNS_ACTIVITY", "FTP_ACTIVITY", "HTTP_ACTIVITY", "RDP_ACTIVITY", "SMB_ACTIVITY", "SSH_ACTIVITY", "CLOUD_API", "CONTAINER_LIFECYCLE", "DATABASE_LIFECYCLE", "CONFIG_STATE", "CLOUD_STORAGE", "INVENTORY_INFO", "RFB_ACTIVITY", "SMTP_ACTIVITY", "VIRTUAL_MACHINE_ACTIVITY"
|
1190
|
+
# resp.account_sources_list[0].logs_status #=> Array
|
1191
|
+
# resp.account_sources_list[0].logs_status[0].health_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING"
|
1192
|
+
# resp.account_sources_list[0].logs_status[0].path_to_logs #=> String
|
1193
|
+
# resp.account_sources_list[0].source_type #=> String
|
1194
|
+
# resp.next_token #=> String
|
1195
|
+
#
|
1196
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalakeStatus AWS API Documentation
|
1197
|
+
#
|
1198
|
+
# @overload get_datalake_status(params = {})
|
1199
|
+
# @param [Hash] params ({})
|
1200
|
+
def get_datalake_status(params = {}, options = {})
|
1201
|
+
req = build_request(:get_datalake_status, params)
|
1202
|
+
req.send_request(options)
|
1203
|
+
end
|
1204
|
+
|
1205
|
+
# Retrieves subscription information for the specified subscription ID.
|
1206
|
+
#
|
1207
|
+
# @option params [required, String] :id
|
1208
|
+
# A value created by Security Lake that uniquely identifies your
|
1209
|
+
# `GetSubscriber` API request.
|
1210
|
+
#
|
1211
|
+
# @return [Types::GetSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1212
|
+
#
|
1213
|
+
# * {Types::GetSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
1214
|
+
#
|
1215
|
+
# @example Request syntax with placeholder values
|
1216
|
+
#
|
1217
|
+
# resp = client.get_subscriber({
|
1218
|
+
# id: "String", # required
|
1219
|
+
# })
|
1220
|
+
#
|
1221
|
+
# @example Response structure
|
1222
|
+
#
|
1223
|
+
# resp.subscriber.access_types #=> Array
|
1224
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1225
|
+
# resp.subscriber.account_id #=> String
|
1226
|
+
# resp.subscriber.created_at #=> Time
|
1227
|
+
# resp.subscriber.external_id #=> String
|
1228
|
+
# resp.subscriber.role_arn #=> String
|
1229
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
1230
|
+
# resp.subscriber.sns_arn #=> String
|
1231
|
+
# resp.subscriber.source_types #=> Array
|
1232
|
+
# resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1233
|
+
# resp.subscriber.source_types[0].custom_source_type #=> String
|
1234
|
+
# resp.subscriber.subscriber_description #=> String
|
1235
|
+
# resp.subscriber.subscriber_name #=> String
|
1236
|
+
# resp.subscriber.subscription_endpoint #=> String
|
1237
|
+
# resp.subscriber.subscription_id #=> String
|
1238
|
+
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1239
|
+
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1240
|
+
# resp.subscriber.updated_at #=> Time
|
1241
|
+
#
|
1242
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
|
1243
|
+
#
|
1244
|
+
# @overload get_subscriber(params = {})
|
1245
|
+
# @param [Hash] params ({})
|
1246
|
+
def get_subscriber(params = {}, options = {})
|
1247
|
+
req = build_request(:get_subscriber, params)
|
1248
|
+
req.send_request(options)
|
1249
|
+
end
|
1250
|
+
|
1251
|
+
# List the Amazon Security Lake exceptions that you can use to find the
|
1252
|
+
# source of problems and fix them.
|
1253
|
+
#
|
1254
|
+
# @option params [Integer] :max_failures
|
1255
|
+
# List the maximum number of failures in Security Lake.
|
1256
|
+
#
|
1257
|
+
# @option params [String] :next_token
|
1258
|
+
# List if there are more results available. if nextToken is returned,
|
1259
|
+
# You can make the call again using the returned token to retrieve the
|
1260
|
+
# next page
|
1261
|
+
#
|
1262
|
+
# @option params [Array<String>] :region_set
|
1263
|
+
# List the regions from which exceptions are retrieved.
|
1264
|
+
#
|
1265
|
+
# @return [Types::ListDatalakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1266
|
+
#
|
1267
|
+
# * {Types::ListDatalakeExceptionsResponse#next_token #next_token} => String
|
1268
|
+
# * {Types::ListDatalakeExceptionsResponse#non_retryable_failures #non_retryable_failures} => Array<Types::FailuresResponse>
|
1269
|
+
#
|
1270
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1271
|
+
#
|
1272
|
+
# @example Request syntax with placeholder values
|
1273
|
+
#
|
1274
|
+
# resp = client.list_datalake_exceptions({
|
1275
|
+
# max_failures: 1,
|
1276
|
+
# next_token: "SafeString",
|
1277
|
+
# region_set: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1278
|
+
# })
|
1279
|
+
#
|
1280
|
+
# @example Response structure
|
1281
|
+
#
|
1282
|
+
# resp.next_token #=> String
|
1283
|
+
# resp.non_retryable_failures #=> Array
|
1284
|
+
# resp.non_retryable_failures[0].failures #=> Array
|
1285
|
+
# resp.non_retryable_failures[0].failures[0].exception_message #=> String
|
1286
|
+
# resp.non_retryable_failures[0].failures[0].remediation #=> String
|
1287
|
+
# resp.non_retryable_failures[0].failures[0].timestamp #=> Time
|
1288
|
+
# resp.non_retryable_failures[0].region #=> String
|
1289
|
+
#
|
1290
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDatalakeExceptions AWS API Documentation
|
1291
|
+
#
|
1292
|
+
# @overload list_datalake_exceptions(params = {})
|
1293
|
+
# @param [Hash] params ({})
|
1294
|
+
def list_datalake_exceptions(params = {}, options = {})
|
1295
|
+
req = build_request(:list_datalake_exceptions, params)
|
1296
|
+
req.send_request(options)
|
1297
|
+
end
|
1298
|
+
|
1299
|
+
# Lists the log sources in the current region.
|
1300
|
+
#
|
1301
|
+
# @option params [Array<String>] :input_order
|
1302
|
+
# Lists the log sources in input order, namely Region, source type, and
|
1303
|
+
# member account.
|
1304
|
+
#
|
1305
|
+
# @option params [Hash<String,Hash>] :list_all_dimensions
|
1306
|
+
# List the view of log sources for enabled Security Lake accounts in all
|
1307
|
+
# Regions and source types.
|
1308
|
+
#
|
1309
|
+
# @option params [Array<String>] :list_single_dimension
|
1310
|
+
# List the view of log sources for enabled Security Lake accounts for
|
1311
|
+
# the entire region.
|
1312
|
+
#
|
1313
|
+
# @option params [Hash<String,Array>] :list_two_dimensions
|
1314
|
+
# Lists the log sources for the specified source types in enabled
|
1315
|
+
# Security Lake accounts for the entire Region, for selected member
|
1316
|
+
# accounts.
|
1317
|
+
#
|
1318
|
+
# @option params [Integer] :max_results
|
1319
|
+
# The maximum number of accounts for which the configuration is
|
1320
|
+
# displayed.
|
1321
|
+
#
|
1322
|
+
# @option params [String] :next_token
|
1323
|
+
# If nextToken is returned, there are more results available. You can
|
1324
|
+
# make the call again using the returned token to retrieve the next
|
1325
|
+
# page.
|
1326
|
+
#
|
1327
|
+
# @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1328
|
+
#
|
1329
|
+
# * {Types::ListLogSourcesResponse#next_token #next_token} => String
|
1330
|
+
# * {Types::ListLogSourcesResponse#region_source_types_accounts_list #region_source_types_accounts_list} => Array<Hash<String,Hash<String,Array<String>>>>
|
1331
|
+
#
|
1332
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1333
|
+
#
|
1334
|
+
# @example Request syntax with placeholder values
|
1335
|
+
#
|
1336
|
+
# resp = client.list_log_sources({
|
1337
|
+
# input_order: ["REGION"], # accepts REGION, SOURCE_TYPE, MEMBER
|
1338
|
+
# list_all_dimensions: {
|
1339
|
+
# "String" => {
|
1340
|
+
# "String" => ["String"],
|
1341
|
+
# },
|
1342
|
+
# },
|
1343
|
+
# list_single_dimension: ["SafeString"],
|
1344
|
+
# list_two_dimensions: {
|
1345
|
+
# "String" => ["String"],
|
1346
|
+
# },
|
1347
|
+
# max_results: 1,
|
1348
|
+
# next_token: "SafeString",
|
1349
|
+
# })
|
1350
|
+
#
|
1351
|
+
# @example Response structure
|
1352
|
+
#
|
1353
|
+
# resp.next_token #=> String
|
1354
|
+
# resp.region_source_types_accounts_list #=> Array
|
1355
|
+
# resp.region_source_types_accounts_list[0] #=> Hash
|
1356
|
+
# resp.region_source_types_accounts_list[0]["String"] #=> Hash
|
1357
|
+
# resp.region_source_types_accounts_list[0]["String"]["String"] #=> Array
|
1358
|
+
# resp.region_source_types_accounts_list[0]["String"]["String"][0] #=> String
|
1359
|
+
#
|
1360
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
|
1361
|
+
#
|
1362
|
+
# @overload list_log_sources(params = {})
|
1363
|
+
# @param [Hash] params ({})
|
1364
|
+
def list_log_sources(params = {}, options = {})
|
1365
|
+
req = build_request(:list_log_sources, params)
|
1366
|
+
req.send_request(options)
|
1367
|
+
end
|
1368
|
+
|
1369
|
+
# List all subscribers for the specific Security Lake account ID.
|
1370
|
+
#
|
1371
|
+
# @option params [Integer] :max_results
|
1372
|
+
# The maximum number of accounts for which the configuration is
|
1373
|
+
# displayed.
|
1374
|
+
#
|
1375
|
+
# @option params [String] :next_token
|
1376
|
+
# If nextToken is returned, there are more results available. You can
|
1377
|
+
# make the call again using the returned token to retrieve the next
|
1378
|
+
# page.
|
1379
|
+
#
|
1380
|
+
# @return [Types::ListSubscribersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1381
|
+
#
|
1382
|
+
# * {Types::ListSubscribersResponse#next_token #next_token} => String
|
1383
|
+
# * {Types::ListSubscribersResponse#subscribers #subscribers} => Array<Types::SubscriberResource>
|
1384
|
+
#
|
1385
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1386
|
+
#
|
1387
|
+
# @example Request syntax with placeholder values
|
1388
|
+
#
|
1389
|
+
# resp = client.list_subscribers({
|
1390
|
+
# max_results: 1,
|
1391
|
+
# next_token: "SafeString",
|
1392
|
+
# })
|
1393
|
+
#
|
1394
|
+
# @example Response structure
|
1395
|
+
#
|
1396
|
+
# resp.next_token #=> String
|
1397
|
+
# resp.subscribers #=> Array
|
1398
|
+
# resp.subscribers[0].access_types #=> Array
|
1399
|
+
# resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1400
|
+
# resp.subscribers[0].account_id #=> String
|
1401
|
+
# resp.subscribers[0].created_at #=> Time
|
1402
|
+
# resp.subscribers[0].external_id #=> String
|
1403
|
+
# resp.subscribers[0].role_arn #=> String
|
1404
|
+
# resp.subscribers[0].s3_bucket_arn #=> String
|
1405
|
+
# resp.subscribers[0].sns_arn #=> String
|
1406
|
+
# resp.subscribers[0].source_types #=> Array
|
1407
|
+
# resp.subscribers[0].source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1408
|
+
# resp.subscribers[0].source_types[0].custom_source_type #=> String
|
1409
|
+
# resp.subscribers[0].subscriber_description #=> String
|
1410
|
+
# resp.subscribers[0].subscriber_name #=> String
|
1411
|
+
# resp.subscribers[0].subscription_endpoint #=> String
|
1412
|
+
# resp.subscribers[0].subscription_id #=> String
|
1413
|
+
# resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1414
|
+
# resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1415
|
+
# resp.subscribers[0].updated_at #=> Time
|
1416
|
+
#
|
1417
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
|
1418
|
+
#
|
1419
|
+
# @overload list_subscribers(params = {})
|
1420
|
+
# @param [Hash] params ({})
|
1421
|
+
def list_subscribers(params = {}, options = {})
|
1422
|
+
req = build_request(:list_subscribers, params)
|
1423
|
+
req.send_request(options)
|
1424
|
+
end
|
1425
|
+
|
1426
|
+
# Amazon Security Lake allows you to specify where to store your
|
1427
|
+
# security data and for how long. You can specify a rollup Region to
|
1428
|
+
# consolidate data from multiple regions.
|
1429
|
+
#
|
1430
|
+
# You can update the properties of a Region or source. Input can either
|
1431
|
+
# be directly specified to the API.
|
1432
|
+
#
|
1433
|
+
# @option params [required, Hash<String,Types::LakeConfigurationRequest>] :configurations
|
1434
|
+
# The configuration object
|
1435
|
+
#
|
1436
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1437
|
+
#
|
1438
|
+
# @example Request syntax with placeholder values
|
1439
|
+
#
|
1440
|
+
# resp = client.update_datalake({
|
1441
|
+
# configurations: { # required
|
1442
|
+
# "us-east-1" => {
|
1443
|
+
# encryption_key: "String",
|
1444
|
+
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1445
|
+
# replication_role_arn: "RoleArn",
|
1446
|
+
# retention_settings: [
|
1447
|
+
# {
|
1448
|
+
# retention_period: 1,
|
1449
|
+
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
1450
|
+
# },
|
1451
|
+
# ],
|
1452
|
+
# tags_map: {
|
1453
|
+
# "String" => "String",
|
1454
|
+
# },
|
1455
|
+
# },
|
1456
|
+
# },
|
1457
|
+
# })
|
1458
|
+
#
|
1459
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalake AWS API Documentation
|
1460
|
+
#
|
1461
|
+
# @overload update_datalake(params = {})
|
1462
|
+
# @param [Hash] params ({})
|
1463
|
+
def update_datalake(params = {}, options = {})
|
1464
|
+
req = build_request(:update_datalake, params)
|
1465
|
+
req.send_request(options)
|
1466
|
+
end
|
1467
|
+
|
1468
|
+
# Update the expiration period for the exception message to your
|
1469
|
+
# preferred time, and control the time-to-live (TTL) for the exception
|
1470
|
+
# message to remain. Exceptions are stored by default, for a 2 week
|
1471
|
+
# period of time from when a record was created in Security Lake.
|
1472
|
+
#
|
1473
|
+
# @option params [required, Integer] :exception_message_expiry
|
1474
|
+
# The time-to-live (TTL) for the exception message to remain.
|
1475
|
+
#
|
1476
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1477
|
+
#
|
1478
|
+
# @example Request syntax with placeholder values
|
1479
|
+
#
|
1480
|
+
# resp = client.update_datalake_exceptions_expiry({
|
1481
|
+
# exception_message_expiry: 1, # required
|
1482
|
+
# })
|
1483
|
+
#
|
1484
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsExpiry AWS API Documentation
|
1485
|
+
#
|
1486
|
+
# @overload update_datalake_exceptions_expiry(params = {})
|
1487
|
+
# @param [Hash] params ({})
|
1488
|
+
def update_datalake_exceptions_expiry(params = {}, options = {})
|
1489
|
+
req = build_request(:update_datalake_exceptions_expiry, params)
|
1490
|
+
req.send_request(options)
|
1491
|
+
end
|
1492
|
+
|
1493
|
+
# Update the subscription notification for exception notification.
|
1494
|
+
#
|
1495
|
+
# @option params [required, String] :notification_endpoint
|
1496
|
+
# The account which is subscribed to receive exception notifications.
|
1497
|
+
#
|
1498
|
+
# @option params [required, String] :subscription_protocol
|
1499
|
+
# The subscription protocol to which exception messages are posted.
|
1500
|
+
#
|
1501
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1502
|
+
#
|
1503
|
+
# @example Request syntax with placeholder values
|
1504
|
+
#
|
1505
|
+
# resp = client.update_datalake_exceptions_subscription({
|
1506
|
+
# notification_endpoint: "SafeString", # required
|
1507
|
+
# subscription_protocol: "HTTP", # required, accepts HTTP, HTTPS, EMAIL, EMAIL_JSON, SMS, SQS, LAMBDA, APP, FIREHOSE
|
1508
|
+
# })
|
1509
|
+
#
|
1510
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDatalakeExceptionsSubscription AWS API Documentation
|
1511
|
+
#
|
1512
|
+
# @overload update_datalake_exceptions_subscription(params = {})
|
1513
|
+
# @param [Hash] params ({})
|
1514
|
+
def update_datalake_exceptions_subscription(params = {}, options = {})
|
1515
|
+
req = build_request(:update_datalake_exceptions_subscription, params)
|
1516
|
+
req.send_request(options)
|
1517
|
+
end
|
1518
|
+
|
1519
|
+
# Update the subscription permission for the given Security Lake account
|
1520
|
+
# ID.
|
1521
|
+
#
|
1522
|
+
# @option params [String] :external_id
|
1523
|
+
# External ID of the Security Lake account.
|
1524
|
+
#
|
1525
|
+
# @option params [required, String] :id
|
1526
|
+
# A value created by Security Lake that uniquely identifies your
|
1527
|
+
# `UpdateSubscriber` API request.
|
1528
|
+
#
|
1529
|
+
# @option params [Array<Types::SourceType>] :source_types
|
1530
|
+
# The supported Amazon Web Services services from which logs and events
|
1531
|
+
# are collected. Amazon Security Lake supports logs and events
|
1532
|
+
# collection for the following natively-supported Amazon Web Services
|
1533
|
+
# services. For more information, see the Amazon Security Lake User
|
1534
|
+
# Guide.
|
1535
|
+
#
|
1536
|
+
# @option params [String] :subscriber_description
|
1537
|
+
# Description of the Security Lake account subscriber.
|
1538
|
+
#
|
1539
|
+
# @option params [String] :subscriber_name
|
1540
|
+
# Name of the Security Lake account subscriber.
|
1541
|
+
#
|
1542
|
+
# @return [Types::UpdateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1543
|
+
#
|
1544
|
+
# * {Types::UpdateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
1545
|
+
#
|
1546
|
+
# @example Request syntax with placeholder values
|
1547
|
+
#
|
1548
|
+
# resp = client.update_subscriber({
|
1549
|
+
# external_id: "SafeString",
|
1550
|
+
# id: "String", # required
|
1551
|
+
# source_types: [
|
1552
|
+
# {
|
1553
|
+
# aws_source_type: "ROUTE53", # accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
1554
|
+
# custom_source_type: "CustomSourceType",
|
1555
|
+
# },
|
1556
|
+
# ],
|
1557
|
+
# subscriber_description: "SafeString",
|
1558
|
+
# subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
|
1559
|
+
# })
|
1560
|
+
#
|
1561
|
+
# @example Response structure
|
1562
|
+
#
|
1563
|
+
# resp.subscriber.access_types #=> Array
|
1564
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1565
|
+
# resp.subscriber.account_id #=> String
|
1566
|
+
# resp.subscriber.created_at #=> Time
|
1567
|
+
# resp.subscriber.external_id #=> String
|
1568
|
+
# resp.subscriber.role_arn #=> String
|
1569
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
1570
|
+
# resp.subscriber.sns_arn #=> String
|
1571
|
+
# resp.subscriber.source_types #=> Array
|
1572
|
+
# resp.subscriber.source_types[0].aws_source_type #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1573
|
+
# resp.subscriber.source_types[0].custom_source_type #=> String
|
1574
|
+
# resp.subscriber.subscriber_description #=> String
|
1575
|
+
# resp.subscriber.subscriber_name #=> String
|
1576
|
+
# resp.subscriber.subscription_endpoint #=> String
|
1577
|
+
# resp.subscriber.subscription_id #=> String
|
1578
|
+
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1579
|
+
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1580
|
+
# resp.subscriber.updated_at #=> Time
|
1581
|
+
#
|
1582
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
|
1583
|
+
#
|
1584
|
+
# @overload update_subscriber(params = {})
|
1585
|
+
# @param [Hash] params ({})
|
1586
|
+
def update_subscriber(params = {}, options = {})
|
1587
|
+
req = build_request(:update_subscriber, params)
|
1588
|
+
req.send_request(options)
|
1589
|
+
end
|
1590
|
+
|
1591
|
+
# Create a new subscription notification or add the existing
|
1592
|
+
# subscription notification setting for the specified subscription ID.
|
1593
|
+
#
|
1594
|
+
# @option params [Boolean] :create_sqs
|
1595
|
+
# Create a new subscription notification for the specified subscription
|
1596
|
+
# ID in Security Lake.
|
1597
|
+
#
|
1598
|
+
# @option params [String] :https_api_key_name
|
1599
|
+
# The key name for the subscription notification.
|
1600
|
+
#
|
1601
|
+
# @option params [String] :https_api_key_value
|
1602
|
+
# The key value for the subscription notification.
|
1603
|
+
#
|
1604
|
+
# @option params [String] :https_method
|
1605
|
+
# The HTTPS method used for the subscription notification.
|
1606
|
+
#
|
1607
|
+
# @option params [String] :role_arn
|
1608
|
+
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
1609
|
+
#
|
1610
|
+
# @option params [String] :subscription_endpoint
|
1611
|
+
# The subscription endpoint in Security Lake.
|
1612
|
+
#
|
1613
|
+
# @option params [required, String] :subscription_id
|
1614
|
+
# The subscription ID for which the subscription notification is
|
1615
|
+
# specified.
|
1616
|
+
#
|
1617
|
+
# @return [Types::UpdateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1618
|
+
#
|
1619
|
+
# * {Types::UpdateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
1620
|
+
#
|
1621
|
+
# @example Request syntax with placeholder values
|
1622
|
+
#
|
1623
|
+
# resp = client.update_subscription_notification_configuration({
|
1624
|
+
# create_sqs: false,
|
1625
|
+
# https_api_key_name: "String",
|
1626
|
+
# https_api_key_value: "String",
|
1627
|
+
# https_method: "POST", # accepts POST, PUT
|
1628
|
+
# role_arn: "RoleArn",
|
1629
|
+
# subscription_endpoint: "UpdateSubscriptionNotificationConfigurationRequestSubscriptionEndpointString",
|
1630
|
+
# subscription_id: "UUID", # required
|
1631
|
+
# })
|
1632
|
+
#
|
1633
|
+
# @example Response structure
|
1634
|
+
#
|
1635
|
+
# resp.queue_arn #=> String
|
1636
|
+
#
|
1637
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriptionNotificationConfiguration AWS API Documentation
|
1638
|
+
#
|
1639
|
+
# @overload update_subscription_notification_configuration(params = {})
|
1640
|
+
# @param [Hash] params ({})
|
1641
|
+
def update_subscription_notification_configuration(params = {}, options = {})
|
1642
|
+
req = build_request(:update_subscription_notification_configuration, params)
|
1643
|
+
req.send_request(options)
|
1644
|
+
end
|
1645
|
+
|
1646
|
+
# @!endgroup
|
1647
|
+
|
1648
|
+
# @param params ({})
|
1649
|
+
# @api private
|
1650
|
+
def build_request(operation_name, params = {})
|
1651
|
+
handlers = @handlers.for(operation_name)
|
1652
|
+
context = Seahorse::Client::RequestContext.new(
|
1653
|
+
operation_name: operation_name,
|
1654
|
+
operation: config.api.operation(operation_name),
|
1655
|
+
client: self,
|
1656
|
+
params: params,
|
1657
|
+
config: config)
|
1658
|
+
context[:gem_name] = 'aws-sdk-securitylake'
|
1659
|
+
context[:gem_version] = '1.0.0'
|
1660
|
+
Seahorse::Client::Request.new(handlers, context)
|
1661
|
+
end
|
1662
|
+
|
1663
|
+
# @api private
|
1664
|
+
# @deprecated
|
1665
|
+
def waiter_names
|
1666
|
+
[]
|
1667
|
+
end
|
1668
|
+
|
1669
|
+
class << self
|
1670
|
+
|
1671
|
+
# @api private
|
1672
|
+
attr_reader :identifier
|
1673
|
+
|
1674
|
+
# @api private
|
1675
|
+
def errors_module
|
1676
|
+
Errors
|
1677
|
+
end
|
1678
|
+
|
1679
|
+
end
|
1680
|
+
end
|
1681
|
+
end
|