aws-sdk-securitylake 1.2.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securitylake/client.rb +741 -656
- data/lib/aws-sdk-securitylake/client_api.rb +583 -601
- data/lib/aws-sdk-securitylake/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-securitylake/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-securitylake/endpoints.rb +19 -47
- data/lib/aws-sdk-securitylake/errors.rb +9 -187
- data/lib/aws-sdk-securitylake/plugins/endpoints.rb +36 -40
- data/lib/aws-sdk-securitylake/types.rb +1059 -928
- data/lib/aws-sdk-securitylake.rb +1 -1
- metadata +2 -2
@@ -372,64 +372,39 @@ module Aws::SecurityLake
|
|
372
372
|
# Lake source. Enables source types for member accounts in required
|
373
373
|
# Amazon Web Services Regions, based on the parameters you specify. You
|
374
374
|
# can choose any source type in any Region for either accounts that are
|
375
|
-
# part of a trusted organization or standalone accounts.
|
376
|
-
#
|
377
|
-
#
|
378
|
-
#
|
379
|
-
# By default, a dimension refers to the entire set. When you don't
|
380
|
-
# provide a dimension, Security Lake assumes that the missing dimension
|
381
|
-
# refers to the entire set. This is overridden when you supply any one
|
382
|
-
# of the inputs. For instance, when you do not specify members, the API
|
383
|
-
# enables all Security Lake member accounts for all sources. Similarly,
|
384
|
-
# when you do not specify Regions, Security Lake is enabled for all the
|
385
|
-
# Regions where Security Lake is available as a service.
|
375
|
+
# part of a trusted organization or standalone accounts. Once you add an
|
376
|
+
# Amazon Web Service as a source, Security Lake starts collecting logs
|
377
|
+
# and events from it,
|
386
378
|
#
|
387
379
|
# You can use this API only to enable natively supported Amazon Web
|
388
380
|
# Services as a source. Use `CreateCustomLogSource` to enable data
|
389
381
|
# collection from a custom source.
|
390
382
|
#
|
391
|
-
# @option params [
|
392
|
-
#
|
393
|
-
#
|
394
|
-
#
|
395
|
-
# @option params [Array<String>] :enable_single_dimension
|
396
|
-
# Enables data collection from all Amazon Web Services sources in
|
397
|
-
# specific accounts or Regions.
|
398
|
-
#
|
399
|
-
# @option params [Hash<String,Array>] :enable_two_dimensions
|
400
|
-
# Enables data collection from specific Amazon Web Services sources in
|
401
|
-
# specific accounts or Regions.
|
402
|
-
#
|
403
|
-
# @option params [required, Array<String>] :input_order
|
404
|
-
# Specifies the input order to enable dimensions in Security Lake,
|
405
|
-
# namely Region, source type, and member account.
|
383
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
384
|
+
# Specify the natively-supported Amazon Web Services service to add as a
|
385
|
+
# source in Security Lake.
|
406
386
|
#
|
407
387
|
# @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
408
388
|
#
|
409
389
|
# * {Types::CreateAwsLogSourceResponse#failed #failed} => Array<String>
|
410
|
-
# * {Types::CreateAwsLogSourceResponse#processing #processing} => Array<String>
|
411
390
|
#
|
412
391
|
# @example Request syntax with placeholder values
|
413
392
|
#
|
414
393
|
# resp = client.create_aws_log_source({
|
415
|
-
#
|
416
|
-
#
|
417
|
-
#
|
394
|
+
# sources: [ # required
|
395
|
+
# {
|
396
|
+
# accounts: ["AwsAccountId"],
|
397
|
+
# regions: ["Region"], # required
|
398
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
399
|
+
# source_version: "AwsLogSourceVersion",
|
418
400
|
# },
|
419
|
-
#
|
420
|
-
# enable_single_dimension: ["SafeString"],
|
421
|
-
# enable_two_dimensions: {
|
422
|
-
# "String" => ["String"],
|
423
|
-
# },
|
424
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
401
|
+
# ],
|
425
402
|
# })
|
426
403
|
#
|
427
404
|
# @example Response structure
|
428
405
|
#
|
429
406
|
# resp.failed #=> Array
|
430
407
|
# resp.failed[0] #=> String
|
431
|
-
# resp.processing #=> Array
|
432
|
-
# resp.processing[0] #=> String
|
433
408
|
#
|
434
409
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
|
435
410
|
#
|
@@ -447,54 +422,113 @@ module Aws::SecurityLake
|
|
447
422
|
# crawler, use this API to add a custom source name in Security Lake.
|
448
423
|
# This operation creates a partition in the Amazon S3 bucket for
|
449
424
|
# Security Lake as the target location for log files from the custom
|
450
|
-
# source
|
425
|
+
# source. In addition, this operation also creates an associated Glue
|
426
|
+
# table and an Glue crawler.
|
451
427
|
#
|
452
|
-
# @option params [
|
453
|
-
# The
|
454
|
-
# unique value.
|
428
|
+
# @option params [Types::CustomLogSourceConfiguration] :configuration
|
429
|
+
# The configuration for the third-party custom source.
|
455
430
|
#
|
456
|
-
# @option params [
|
457
|
-
# The Open Cybersecurity Schema Framework (OCSF) event
|
431
|
+
# @option params [Array<String>] :event_classes
|
432
|
+
# The Open Cybersecurity Schema Framework (OCSF) event classes which
|
458
433
|
# describes the type of data that the custom source will send to
|
459
|
-
# Security Lake.
|
434
|
+
# Security Lake. The supported event classes are:
|
435
|
+
#
|
436
|
+
# * `ACCESS_ACTIVITY`
|
437
|
+
#
|
438
|
+
# * `FILE_ACTIVITY`
|
439
|
+
#
|
440
|
+
# * `KERNEL_ACTIVITY`
|
441
|
+
#
|
442
|
+
# * `KERNEL_EXTENSION`
|
443
|
+
#
|
444
|
+
# * `MEMORY_ACTIVITY`
|
445
|
+
#
|
446
|
+
# * `MODULE_ACTIVITY`
|
447
|
+
#
|
448
|
+
# * `PROCESS_ACTIVITY`
|
449
|
+
#
|
450
|
+
# * `REGISTRY_KEY_ACTIVITY`
|
451
|
+
#
|
452
|
+
# * `REGISTRY_VALUE_ACTIVITY`
|
453
|
+
#
|
454
|
+
# * `RESOURCE_ACTIVITY`
|
455
|
+
#
|
456
|
+
# * `SCHEDULED_JOB_ACTIVITY`
|
457
|
+
#
|
458
|
+
# * `SECURITY_FINDING`
|
460
459
|
#
|
461
|
-
#
|
462
|
-
# The Amazon Resource Name (ARN) of the Identity and Access Management
|
463
|
-
# (IAM) role to be used by the Glue crawler. The recommended IAM
|
464
|
-
# policies are:
|
460
|
+
# * `ACCOUNT_CHANGE`
|
465
461
|
#
|
466
|
-
# *
|
462
|
+
# * `AUTHENTICATION`
|
467
463
|
#
|
468
|
-
# *
|
464
|
+
# * `AUTHORIZATION`
|
469
465
|
#
|
470
|
-
#
|
471
|
-
#
|
472
|
-
#
|
466
|
+
# * `ENTITY_MANAGEMENT_AUDIT`
|
467
|
+
#
|
468
|
+
# * `DHCP_ACTIVITY`
|
469
|
+
#
|
470
|
+
# * `NETWORK_ACTIVITY`
|
471
|
+
#
|
472
|
+
# * `DNS_ACTIVITY`
|
473
|
+
#
|
474
|
+
# * `FTP_ACTIVITY`
|
475
|
+
#
|
476
|
+
# * `HTTP_ACTIVITY`
|
477
|
+
#
|
478
|
+
# * `RDP_ACTIVITY`
|
479
|
+
#
|
480
|
+
# * `SMB_ACTIVITY`
|
481
|
+
#
|
482
|
+
# * `SSH_ACTIVITY`
|
483
|
+
#
|
484
|
+
# * `CONFIG_STATE`
|
485
|
+
#
|
486
|
+
# * `INVENTORY_INFO`
|
487
|
+
#
|
488
|
+
# * `EMAIL_ACTIVITY`
|
489
|
+
#
|
490
|
+
# * `API_ACTIVITY`
|
491
|
+
#
|
492
|
+
# * `CLOUD_API`
|
493
|
+
#
|
494
|
+
# @option params [required, String] :source_name
|
495
|
+
# Specify the name for a third-party custom source. This must be a
|
496
|
+
# Regionally unique value.
|
497
|
+
#
|
498
|
+
# @option params [String] :source_version
|
499
|
+
# Specify the source version for the third-party custom source, to limit
|
500
|
+
# log collection to a specific version of custom data source.
|
473
501
|
#
|
474
502
|
# @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
475
503
|
#
|
476
|
-
# * {Types::CreateCustomLogSourceResponse#
|
477
|
-
# * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
|
478
|
-
# * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
|
479
|
-
# * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
|
480
|
-
# * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
|
504
|
+
# * {Types::CreateCustomLogSourceResponse#source #source} => Types::CustomLogSourceResource
|
481
505
|
#
|
482
506
|
# @example Request syntax with placeholder values
|
483
507
|
#
|
484
508
|
# resp = client.create_custom_log_source({
|
485
|
-
#
|
486
|
-
#
|
487
|
-
#
|
488
|
-
#
|
509
|
+
# configuration: {
|
510
|
+
# crawler_configuration: { # required
|
511
|
+
# role_arn: "RoleArn", # required
|
512
|
+
# },
|
513
|
+
# provider_identity: { # required
|
514
|
+
# external_id: "ExternalId", # required
|
515
|
+
# principal: "AwsPrincipal", # required
|
516
|
+
# },
|
517
|
+
# },
|
518
|
+
# event_classes: ["OcsfEventClass"],
|
519
|
+
# source_name: "CustomLogSourceName", # required
|
520
|
+
# source_version: "CustomLogSourceVersion",
|
489
521
|
# })
|
490
522
|
#
|
491
523
|
# @example Response structure
|
492
524
|
#
|
493
|
-
# resp.
|
494
|
-
# resp.
|
495
|
-
# resp.
|
496
|
-
# resp.
|
497
|
-
# resp.
|
525
|
+
# resp.source.attributes.crawler_arn #=> String
|
526
|
+
# resp.source.attributes.database_arn #=> String
|
527
|
+
# resp.source.attributes.table_arn #=> String
|
528
|
+
# resp.source.provider.location #=> String
|
529
|
+
# resp.source.provider.role_arn #=> String
|
530
|
+
# resp.source.source_name #=> String
|
531
|
+
# resp.source.source_version #=> String
|
498
532
|
#
|
499
533
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
|
500
534
|
#
|
@@ -508,15 +542,14 @@ module Aws::SecurityLake
|
|
508
542
|
# Initializes an Amazon Security Lake instance with the provided (or
|
509
543
|
# default) configuration. You can enable Security Lake in Amazon Web
|
510
544
|
# Services Regions with customized settings before enabling log
|
511
|
-
# collection in Regions.
|
512
|
-
#
|
513
|
-
#
|
514
|
-
#
|
515
|
-
#
|
516
|
-
#
|
517
|
-
#
|
518
|
-
#
|
519
|
-
# data lake in the Region with the specified configurations.
|
545
|
+
# collection in Regions. By default, the `CreateDataLake` Security Lake
|
546
|
+
# in all Regions. To specify particular Regions, configure these Regions
|
547
|
+
# using the `configurations` parameter. If you have already enabled
|
548
|
+
# Security Lake in a Region when you call this command, the command will
|
549
|
+
# update the Region if you provide new configuration parameters. If you
|
550
|
+
# have not already enabled Security Lake in the Region when you call
|
551
|
+
# this API, it will set up the data lake in the Region with the
|
552
|
+
# specified configurations.
|
520
553
|
#
|
521
554
|
# When you enable Security Lake, it starts ingesting security data after
|
522
555
|
# the `CreateAwsLogSource` call. This includes ingesting security data
|
@@ -530,145 +563,141 @@ module Aws::SecurityLake
|
|
530
563
|
#
|
531
564
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html
|
532
565
|
#
|
533
|
-
# @option params [
|
566
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
534
567
|
# Specify the Region or Regions that will contribute data to the rollup
|
535
568
|
# region.
|
536
569
|
#
|
537
|
-
# @option params [
|
538
|
-
# Enable Security Lake in all Regions.
|
539
|
-
#
|
540
|
-
# @option params [String] :meta_store_manager_role_arn
|
570
|
+
# @option params [required, String] :meta_store_manager_role_arn
|
541
571
|
# The Amazon Resource Name (ARN) used to create and update the Glue
|
542
572
|
# table. This table contains partitions generated by the ingestion and
|
543
573
|
# normalization of Amazon Web Services log sources and custom sources.
|
544
574
|
#
|
545
|
-
# @
|
546
|
-
# Enable Security Lake in the specified Regions. To enable Security Lake
|
547
|
-
# in specific Amazon Web Services Regions, such as us-east-1 or
|
548
|
-
# ap-northeast-3, provide the Region codes. For a list of Region codes,
|
549
|
-
# see [Amazon Security Lake endpoints][1] in the Amazon Web Services
|
550
|
-
# General Reference.
|
551
|
-
#
|
552
|
-
#
|
575
|
+
# @return [Types::CreateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
553
576
|
#
|
554
|
-
#
|
555
|
-
#
|
556
|
-
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
577
|
+
# * {Types::CreateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
557
578
|
#
|
558
579
|
# @example Request syntax with placeholder values
|
559
580
|
#
|
560
|
-
# resp = client.
|
561
|
-
# configurations:
|
562
|
-
#
|
563
|
-
#
|
564
|
-
#
|
565
|
-
#
|
566
|
-
#
|
567
|
-
# {
|
568
|
-
#
|
569
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
581
|
+
# resp = client.create_data_lake({
|
582
|
+
# configurations: [ # required
|
583
|
+
# {
|
584
|
+
# encryption_configuration: {
|
585
|
+
# kms_key_id: "String",
|
586
|
+
# },
|
587
|
+
# lifecycle_configuration: {
|
588
|
+
# expiration: {
|
589
|
+
# days: 1,
|
570
590
|
# },
|
571
|
-
#
|
572
|
-
#
|
573
|
-
#
|
591
|
+
# transitions: [
|
592
|
+
# {
|
593
|
+
# days: 1,
|
594
|
+
# storage_class: "DataLakeStorageClass",
|
595
|
+
# },
|
596
|
+
# ],
|
597
|
+
# },
|
598
|
+
# region: "Region", # required
|
599
|
+
# replication_configuration: {
|
600
|
+
# regions: ["Region"],
|
601
|
+
# role_arn: "RoleArn",
|
574
602
|
# },
|
575
603
|
# },
|
576
|
-
#
|
577
|
-
#
|
578
|
-
# meta_store_manager_role_arn: "RoleArn",
|
579
|
-
# regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
604
|
+
# ],
|
605
|
+
# meta_store_manager_role_arn: "RoleArn", # required
|
580
606
|
# })
|
581
607
|
#
|
582
|
-
# @
|
608
|
+
# @example Response structure
|
583
609
|
#
|
584
|
-
#
|
610
|
+
# resp.data_lakes #=> Array
|
611
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
612
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
613
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
614
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
615
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
616
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
617
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
618
|
+
# resp.data_lakes[0].region #=> String
|
619
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
620
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
621
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
622
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
623
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
624
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
625
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
626
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
627
|
+
#
|
628
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLake AWS API Documentation
|
629
|
+
#
|
630
|
+
# @overload create_data_lake(params = {})
|
585
631
|
# @param [Hash] params ({})
|
586
|
-
def
|
587
|
-
req = build_request(:
|
632
|
+
def create_data_lake(params = {}, options = {})
|
633
|
+
req = build_request(:create_data_lake, params)
|
588
634
|
req.send_request(options)
|
589
635
|
end
|
590
636
|
|
591
|
-
#
|
592
|
-
#
|
593
|
-
# existing member accounts in your organization.
|
594
|
-
#
|
595
|
-
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
|
596
|
-
# Enable Security Lake with the specified configuration settings to
|
597
|
-
# begin collecting security data for new accounts in your organization.
|
598
|
-
#
|
599
|
-
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
600
|
-
#
|
601
|
-
# @example Request syntax with placeholder values
|
602
|
-
#
|
603
|
-
# resp = client.create_datalake_auto_enable({
|
604
|
-
# configuration_for_new_accounts: [ # required
|
605
|
-
# {
|
606
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
607
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
608
|
-
# },
|
609
|
-
# ],
|
610
|
-
# })
|
637
|
+
# Creates the specified notification subscription in Amazon Security
|
638
|
+
# Lake for the organization you specify.
|
611
639
|
#
|
612
|
-
# @
|
640
|
+
# @option params [Integer] :exception_time_to_live
|
641
|
+
# The expiration period and time-to-live (TTL).
|
613
642
|
#
|
614
|
-
# @
|
615
|
-
#
|
616
|
-
|
617
|
-
req = build_request(:create_datalake_auto_enable, params)
|
618
|
-
req.send_request(options)
|
619
|
-
end
|
620
|
-
|
621
|
-
# Designates the Amazon Security Lake delegated administrator account
|
622
|
-
# for the organization. This API can only be called by the organization
|
623
|
-
# management account. The organization management account cannot be the
|
624
|
-
# delegated administrator account.
|
643
|
+
# @option params [required, String] :notification_endpoint
|
644
|
+
# The Amazon Web Services account where you want to receive exception
|
645
|
+
# notifications.
|
625
646
|
#
|
626
|
-
# @option params [required, String] :
|
627
|
-
# The
|
628
|
-
# administrator.
|
647
|
+
# @option params [required, String] :subscription_protocol
|
648
|
+
# The subscription protocol to which exception notifications are posted.
|
629
649
|
#
|
630
650
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
631
651
|
#
|
632
652
|
# @example Request syntax with placeholder values
|
633
653
|
#
|
634
|
-
# resp = client.
|
635
|
-
#
|
654
|
+
# resp = client.create_data_lake_exception_subscription({
|
655
|
+
# exception_time_to_live: 1,
|
656
|
+
# notification_endpoint: "SafeString", # required
|
657
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
636
658
|
# })
|
637
659
|
#
|
638
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
660
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeExceptionSubscription AWS API Documentation
|
639
661
|
#
|
640
|
-
# @overload
|
662
|
+
# @overload create_data_lake_exception_subscription(params = {})
|
641
663
|
# @param [Hash] params ({})
|
642
|
-
def
|
643
|
-
req = build_request(:
|
664
|
+
def create_data_lake_exception_subscription(params = {}, options = {})
|
665
|
+
req = build_request(:create_data_lake_exception_subscription, params)
|
644
666
|
req.send_request(options)
|
645
667
|
end
|
646
668
|
|
647
|
-
#
|
648
|
-
# Lake
|
649
|
-
#
|
650
|
-
# @option params [required, String] :notification_endpoint
|
651
|
-
# The Amazon Web Services account where you want to receive exception
|
652
|
-
# notifications.
|
669
|
+
# Automatically enables Amazon Security Lake for new member accounts in
|
670
|
+
# your organization. Security Lake is not automatically enabled for any
|
671
|
+
# existing member accounts in your organization.
|
653
672
|
#
|
654
|
-
# @option params [required,
|
655
|
-
#
|
673
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
674
|
+
# Enable Security Lake with the specified configuration settings, to
|
675
|
+
# begin collecting security data for new accounts in your organization.
|
656
676
|
#
|
657
677
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
658
678
|
#
|
659
679
|
# @example Request syntax with placeholder values
|
660
680
|
#
|
661
|
-
# resp = client.
|
662
|
-
#
|
663
|
-
#
|
681
|
+
# resp = client.create_data_lake_organization_configuration({
|
682
|
+
# auto_enable_new_account: [ # required
|
683
|
+
# {
|
684
|
+
# region: "Region", # required
|
685
|
+
# sources: [ # required
|
686
|
+
# {
|
687
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
688
|
+
# source_version: "AwsLogSourceVersion",
|
689
|
+
# },
|
690
|
+
# ],
|
691
|
+
# },
|
692
|
+
# ],
|
664
693
|
# })
|
665
694
|
#
|
666
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
695
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeOrganizationConfiguration AWS API Documentation
|
667
696
|
#
|
668
|
-
# @overload
|
697
|
+
# @overload create_data_lake_organization_configuration(params = {})
|
669
698
|
# @param [Hash] params ({})
|
670
|
-
def
|
671
|
-
req = build_request(:
|
699
|
+
def create_data_lake_organization_configuration(params = {}, options = {})
|
700
|
+
req = build_request(:create_data_lake_organization_configuration, params)
|
672
701
|
req.send_request(options)
|
673
702
|
end
|
674
703
|
|
@@ -679,16 +708,7 @@ module Aws::SecurityLake
|
|
679
708
|
# @option params [Array<String>] :access_types
|
680
709
|
# The Amazon S3 or Lake Formation access type.
|
681
710
|
#
|
682
|
-
# @option params [required,
|
683
|
-
# The Amazon Web Services account ID used to access your data.
|
684
|
-
#
|
685
|
-
# @option params [required, String] :external_id
|
686
|
-
# The external ID of the subscriber. This lets the user that is assuming
|
687
|
-
# the role assert the circumstances in which they are operating. It also
|
688
|
-
# provides a way for the account owner to permit the role to be assumed
|
689
|
-
# only under specific circumstances.
|
690
|
-
#
|
691
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
711
|
+
# @option params [required, Array<Types::LogSourceResource>] :sources
|
692
712
|
# The supported Amazon Web Services from which logs and events are
|
693
713
|
# collected. Security Lake supports log and event collection for
|
694
714
|
# natively supported Amazon Web Services.
|
@@ -696,38 +716,77 @@ module Aws::SecurityLake
|
|
696
716
|
# @option params [String] :subscriber_description
|
697
717
|
# The description for your subscriber account in Security Lake.
|
698
718
|
#
|
719
|
+
# @option params [required, Types::AwsIdentity] :subscriber_identity
|
720
|
+
# The AWS identity used to access your data.
|
721
|
+
#
|
699
722
|
# @option params [required, String] :subscriber_name
|
700
723
|
# The name of your Security Lake subscriber account.
|
701
724
|
#
|
702
725
|
# @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
703
726
|
#
|
704
|
-
# * {Types::CreateSubscriberResponse#
|
705
|
-
# * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
|
706
|
-
# * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
|
707
|
-
# * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
|
727
|
+
# * {Types::CreateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
708
728
|
#
|
709
729
|
# @example Request syntax with placeholder values
|
710
730
|
#
|
711
731
|
# resp = client.create_subscriber({
|
712
732
|
# access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
|
713
|
-
#
|
714
|
-
# external_id: "SafeString", # required
|
715
|
-
# source_types: [ # required
|
733
|
+
# sources: [ # required
|
716
734
|
# {
|
717
|
-
#
|
718
|
-
#
|
735
|
+
# aws_log_source: {
|
736
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
737
|
+
# source_version: "AwsLogSourceVersion",
|
738
|
+
# },
|
739
|
+
# custom_log_source: {
|
740
|
+
# attributes: {
|
741
|
+
# crawler_arn: "AmazonResourceName",
|
742
|
+
# database_arn: "AmazonResourceName",
|
743
|
+
# table_arn: "AmazonResourceName",
|
744
|
+
# },
|
745
|
+
# provider: {
|
746
|
+
# location: "S3URI",
|
747
|
+
# role_arn: "RoleArn",
|
748
|
+
# },
|
749
|
+
# source_name: "CustomLogSourceName",
|
750
|
+
# source_version: "CustomLogSourceVersion",
|
751
|
+
# },
|
719
752
|
# },
|
720
753
|
# ],
|
721
754
|
# subscriber_description: "DescriptionString",
|
755
|
+
# subscriber_identity: { # required
|
756
|
+
# external_id: "ExternalId", # required
|
757
|
+
# principal: "AwsPrincipal", # required
|
758
|
+
# },
|
722
759
|
# subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
|
723
760
|
# })
|
724
761
|
#
|
725
762
|
# @example Response structure
|
726
763
|
#
|
727
|
-
# resp.
|
728
|
-
# resp.
|
729
|
-
# resp.
|
730
|
-
# resp.
|
764
|
+
# resp.subscriber.access_types #=> Array
|
765
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
766
|
+
# resp.subscriber.created_at #=> Time
|
767
|
+
# resp.subscriber.resource_share_arn #=> String
|
768
|
+
# resp.subscriber.resource_share_name #=> String
|
769
|
+
# resp.subscriber.role_arn #=> String
|
770
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
771
|
+
# resp.subscriber.sources #=> Array
|
772
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
773
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
774
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
775
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
776
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
777
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
778
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
779
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
780
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
781
|
+
# resp.subscriber.subscriber_arn #=> String
|
782
|
+
# resp.subscriber.subscriber_description #=> String
|
783
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
784
|
+
# resp.subscriber.subscriber_id #=> String
|
785
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
786
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
787
|
+
# resp.subscriber.subscriber_name #=> String
|
788
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
789
|
+
# resp.subscriber.updated_at #=> Time
|
731
790
|
#
|
732
791
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
|
733
792
|
#
|
@@ -739,128 +798,87 @@ module Aws::SecurityLake
|
|
739
798
|
end
|
740
799
|
|
741
800
|
# Notifies the subscriber when new data is written to the data lake for
|
742
|
-
# the sources that the subscriber consumes in Security Lake.
|
743
|
-
#
|
744
|
-
# @option params [Boolean] :create_sqs
|
745
|
-
# Create an Amazon Simple Queue Service queue.
|
746
|
-
#
|
747
|
-
# @option params [String] :https_api_key_name
|
748
|
-
# The key name for the notification subscription.
|
749
|
-
#
|
750
|
-
# @option params [String] :https_api_key_value
|
751
|
-
# The key value for the notification subscription.
|
752
|
-
#
|
753
|
-
# @option params [String] :https_method
|
754
|
-
# The HTTPS method used for the notification subscription.
|
801
|
+
# the sources that the subscriber consumes in Security Lake. You can
|
802
|
+
# create only one subscriber notification per subscriber.
|
755
803
|
#
|
756
|
-
# @option params [
|
757
|
-
#
|
758
|
-
#
|
804
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
805
|
+
# Specify the configuration using which you want to create the
|
806
|
+
# subscriber notification.
|
759
807
|
#
|
760
|
-
# @option params [String] :
|
761
|
-
# The
|
762
|
-
# with an HTTPs endpoint, populate this field.
|
808
|
+
# @option params [required, String] :subscriber_id
|
809
|
+
# The subscriber ID for the notification subscription.
|
763
810
|
#
|
764
|
-
# @
|
765
|
-
# The subscription ID for the notification subscription/
|
811
|
+
# @return [Types::CreateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
766
812
|
#
|
767
|
-
#
|
768
|
-
#
|
769
|
-
# * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
813
|
+
# * {Types::CreateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
770
814
|
#
|
771
815
|
# @example Request syntax with placeholder values
|
772
816
|
#
|
773
|
-
# resp = client.
|
774
|
-
#
|
775
|
-
#
|
776
|
-
#
|
777
|
-
#
|
778
|
-
#
|
779
|
-
#
|
780
|
-
#
|
817
|
+
# resp = client.create_subscriber_notification({
|
818
|
+
# configuration: { # required
|
819
|
+
# https_notification_configuration: {
|
820
|
+
# authorization_api_key_name: "String",
|
821
|
+
# authorization_api_key_value: "String",
|
822
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
823
|
+
# http_method: "POST", # accepts POST, PUT
|
824
|
+
# target_role_arn: "RoleArn", # required
|
825
|
+
# },
|
826
|
+
# sqs_notification_configuration: {
|
827
|
+
# },
|
828
|
+
# },
|
829
|
+
# subscriber_id: "UUID", # required
|
781
830
|
# })
|
782
831
|
#
|
783
832
|
# @example Response structure
|
784
833
|
#
|
785
|
-
# resp.
|
834
|
+
# resp.subscriber_endpoint #=> String
|
786
835
|
#
|
787
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
836
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberNotification AWS API Documentation
|
788
837
|
#
|
789
|
-
# @overload
|
838
|
+
# @overload create_subscriber_notification(params = {})
|
790
839
|
# @param [Hash] params ({})
|
791
|
-
def
|
792
|
-
req = build_request(:
|
840
|
+
def create_subscriber_notification(params = {}, options = {})
|
841
|
+
req = build_request(:create_subscriber_notification, params)
|
793
842
|
req.send_request(options)
|
794
843
|
end
|
795
844
|
|
796
845
|
# Removes a natively supported Amazon Web Service as an Amazon Security
|
797
|
-
# Lake source.
|
798
|
-
#
|
799
|
-
#
|
800
|
-
#
|
846
|
+
# Lake source. You can remove a source for one or more Regions. When you
|
847
|
+
# remove the source, Security Lake stops collecting data from that
|
848
|
+
# source in the specified Regions and accounts, and subscribers can no
|
849
|
+
# longer consume new data from the source. However, subscribers can
|
850
|
+
# still consume data that Security Lake collected from the source before
|
851
|
+
# removal.
|
801
852
|
#
|
802
853
|
# You can choose any source type in any Amazon Web Services Region for
|
803
854
|
# either accounts that are part of a trusted organization or standalone
|
804
|
-
# accounts.
|
805
|
-
#
|
806
|
-
#
|
807
|
-
#
|
808
|
-
#
|
809
|
-
# when you supply any one of the inputs. For instance, when you do not
|
810
|
-
# specify members, the API disables all Security Lake member accounts
|
811
|
-
# for sources. Similarly, when you do not specify Regions, Security Lake
|
812
|
-
# is disabled for all the Regions where Security Lake is available as a
|
813
|
-
# service.
|
814
|
-
#
|
815
|
-
# When you don't provide a dimension, Security Lake assumes that the
|
816
|
-
# missing dimension refers to the entire set. For example, if you don't
|
817
|
-
# provide specific accounts, the API applies to the entire set of
|
818
|
-
# accounts in your organization.
|
819
|
-
#
|
820
|
-
# @option params [Hash<String,Hash>] :disable_all_dimensions
|
821
|
-
# Removes the specific Amazon Web Services sources from specific
|
822
|
-
# accounts and specific Regions.
|
823
|
-
#
|
824
|
-
# @option params [Array<String>] :disable_single_dimension
|
825
|
-
# Removes all Amazon Web Services sources from specific accounts or
|
826
|
-
# Regions.
|
827
|
-
#
|
828
|
-
# @option params [Hash<String,Array>] :disable_two_dimensions
|
829
|
-
# Remove a specific Amazon Web Services source from specific accounts or
|
830
|
-
# Regions.
|
831
|
-
#
|
832
|
-
# @option params [required, Array<String>] :input_order
|
833
|
-
# This is a mandatory input. Specify the input order to disable
|
834
|
-
# dimensions in Security Lake, namely Region (Amazon Web Services Region
|
835
|
-
# code, source type, and member (account ID of a specific Amazon Web
|
836
|
-
# Services account).
|
855
|
+
# accounts.
|
856
|
+
#
|
857
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
858
|
+
# Specify the natively-supported Amazon Web Services service to remove
|
859
|
+
# as a source in Security Lake.
|
837
860
|
#
|
838
861
|
# @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
839
862
|
#
|
840
863
|
# * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array<String>
|
841
|
-
# * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array<String>
|
842
864
|
#
|
843
865
|
# @example Request syntax with placeholder values
|
844
866
|
#
|
845
867
|
# resp = client.delete_aws_log_source({
|
846
|
-
#
|
847
|
-
#
|
848
|
-
#
|
868
|
+
# sources: [ # required
|
869
|
+
# {
|
870
|
+
# accounts: ["AwsAccountId"],
|
871
|
+
# regions: ["Region"], # required
|
872
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
873
|
+
# source_version: "AwsLogSourceVersion",
|
849
874
|
# },
|
850
|
-
#
|
851
|
-
# disable_single_dimension: ["SafeString"],
|
852
|
-
# disable_two_dimensions: {
|
853
|
-
# "String" => ["String"],
|
854
|
-
# },
|
855
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
875
|
+
# ],
|
856
876
|
# })
|
857
877
|
#
|
858
878
|
# @example Response structure
|
859
879
|
#
|
860
880
|
# resp.failed #=> Array
|
861
881
|
# resp.failed[0] #=> String
|
862
|
-
# resp.processing #=> Array
|
863
|
-
# resp.processing[0] #=> String
|
864
882
|
#
|
865
883
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
|
866
884
|
#
|
@@ -871,25 +889,25 @@ module Aws::SecurityLake
|
|
871
889
|
req.send_request(options)
|
872
890
|
end
|
873
891
|
|
874
|
-
# Removes a custom log source from Amazon Security Lake
|
892
|
+
# Removes a custom log source from Amazon Security Lake, to stop sending
|
893
|
+
# data from the custom source to Security Lake.
|
875
894
|
#
|
876
|
-
# @option params [required, String] :
|
877
|
-
# The
|
895
|
+
# @option params [required, String] :source_name
|
896
|
+
# The source name of custom log source that you want to delete.
|
878
897
|
#
|
879
|
-
# @
|
898
|
+
# @option params [String] :source_version
|
899
|
+
# The source version for the third-party custom source. You can limit
|
900
|
+
# the custom source removal to the specified source version.
|
880
901
|
#
|
881
|
-
#
|
902
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
882
903
|
#
|
883
904
|
# @example Request syntax with placeholder values
|
884
905
|
#
|
885
906
|
# resp = client.delete_custom_log_source({
|
886
|
-
#
|
907
|
+
# source_name: "CustomLogSourceName", # required
|
908
|
+
# source_version: "CustomLogSourceVersion",
|
887
909
|
# })
|
888
910
|
#
|
889
|
-
# @example Response structure
|
890
|
-
#
|
891
|
-
# resp.custom_data_location #=> String
|
892
|
-
#
|
893
911
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
|
894
912
|
#
|
895
913
|
# @overload delete_custom_log_source(params = {})
|
@@ -899,128 +917,103 @@ module Aws::SecurityLake
|
|
899
917
|
req.send_request(options)
|
900
918
|
end
|
901
919
|
|
902
|
-
# When you
|
903
|
-
# is disabled in all Amazon Web Services Regions
|
904
|
-
#
|
905
|
-
#
|
906
|
-
#
|
907
|
-
#
|
908
|
-
#
|
909
|
-
# stores or maintains for your Amazon Web Services account in the
|
910
|
-
# current Region, including security log and event data. The
|
911
|
-
# `DeleteDatalake` operation does not delete the Amazon S3 bucket, which
|
912
|
-
# is owned by your Amazon Web Services account. For more information,
|
913
|
-
# see the [Amazon Security Lake User Guide][1].
|
914
|
-
#
|
915
|
-
#
|
916
|
-
#
|
917
|
-
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html
|
918
|
-
#
|
919
|
-
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
920
|
-
#
|
921
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
|
922
|
-
#
|
923
|
-
# @overload delete_datalake(params = {})
|
924
|
-
# @param [Hash] params ({})
|
925
|
-
def delete_datalake(params = {}, options = {})
|
926
|
-
req = build_request(:delete_datalake, params)
|
927
|
-
req.send_request(options)
|
928
|
-
end
|
929
|
-
|
930
|
-
# Automatically deletes Amazon Security Lake to stop collecting security
|
931
|
-
# data. When you delete Amazon Security Lake from your account, Security
|
932
|
-
# Lake is disabled in all Regions. Also, this API automatically takes
|
933
|
-
# steps to remove the account from Security Lake .
|
920
|
+
# When you disable Amazon Security Lake from your account, Security Lake
|
921
|
+
# is disabled in all Amazon Web Services Regions and it stops collecting
|
922
|
+
# data from your sources. Also, this API automatically takes steps to
|
923
|
+
# remove the account from Security Lake. However, Security Lake retains
|
924
|
+
# all of your existing settings and the resources that it created in
|
925
|
+
# your Amazon Web Services account in the current Amazon Web Services
|
926
|
+
# Region.
|
934
927
|
#
|
935
|
-
#
|
936
|
-
#
|
937
|
-
#
|
938
|
-
#
|
939
|
-
# current Region, including security log and event data. The
|
940
|
-
# `DeleteDatalake` operation does not delete the Amazon S3 bucket, which
|
941
|
-
# is owned by your Amazon Web Services account. For more information,
|
942
|
-
# see the [Amazon Security Lake User Guide][1].
|
928
|
+
# The `DeleteDataLake` operation does not delete the data that is stored
|
929
|
+
# in your Amazon S3 bucket, which is owned by your Amazon Web Services
|
930
|
+
# account. For more information, see the [Amazon Security Lake User
|
931
|
+
# Guide][1].
|
943
932
|
#
|
944
933
|
#
|
945
934
|
#
|
946
935
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html
|
947
936
|
#
|
948
|
-
# @option params [required, Array<
|
949
|
-
#
|
950
|
-
# to stop ingesting security data for new accounts in Security Lake.
|
937
|
+
# @option params [required, Array<String>] :regions
|
938
|
+
# The list of Regions where Security Lake is enabled.
|
951
939
|
#
|
952
940
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
953
941
|
#
|
954
942
|
# @example Request syntax with placeholder values
|
955
943
|
#
|
956
|
-
# resp = client.
|
957
|
-
#
|
958
|
-
# {
|
959
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
960
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
961
|
-
# },
|
962
|
-
# ],
|
944
|
+
# resp = client.delete_data_lake({
|
945
|
+
# regions: ["Region"], # required
|
963
946
|
# })
|
964
947
|
#
|
965
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
948
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLake AWS API Documentation
|
966
949
|
#
|
967
|
-
# @overload
|
950
|
+
# @overload delete_data_lake(params = {})
|
968
951
|
# @param [Hash] params ({})
|
969
|
-
def
|
970
|
-
req = build_request(:
|
952
|
+
def delete_data_lake(params = {}, options = {})
|
953
|
+
req = build_request(:delete_data_lake, params)
|
971
954
|
req.send_request(options)
|
972
955
|
end
|
973
956
|
|
974
|
-
# Deletes the
|
975
|
-
# the organization
|
976
|
-
# management account. The organization management account cannot be the
|
977
|
-
# delegated administrator account.
|
978
|
-
#
|
979
|
-
# @option params [required, String] :account
|
980
|
-
# The account ID the Security Lake delegated administrator.
|
957
|
+
# Deletes the specified notification subscription in Amazon Security
|
958
|
+
# Lake for the organization you specify.
|
981
959
|
#
|
982
960
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
983
961
|
#
|
984
|
-
# @
|
962
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeExceptionSubscription AWS API Documentation
|
985
963
|
#
|
986
|
-
#
|
987
|
-
# account: "SafeString", # required
|
988
|
-
# })
|
989
|
-
#
|
990
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
|
991
|
-
#
|
992
|
-
# @overload delete_datalake_delegated_admin(params = {})
|
964
|
+
# @overload delete_data_lake_exception_subscription(params = {})
|
993
965
|
# @param [Hash] params ({})
|
994
|
-
def
|
995
|
-
req = build_request(:
|
966
|
+
def delete_data_lake_exception_subscription(params = {}, options = {})
|
967
|
+
req = build_request(:delete_data_lake_exception_subscription, params)
|
996
968
|
req.send_request(options)
|
997
969
|
end
|
998
970
|
|
999
|
-
#
|
1000
|
-
#
|
971
|
+
# Removes automatic the enablement of configuration settings for new
|
972
|
+
# member accounts (but retains the settings for the delegated
|
973
|
+
# administrator) from Amazon Security Lake. You must run this API using
|
974
|
+
# the credentials of the delegated administrator. When you run this API,
|
975
|
+
# new member accounts that are added after the organization enables
|
976
|
+
# Security Lake won't contribute to the data lake.
|
1001
977
|
#
|
1002
|
-
# @
|
978
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
979
|
+
# Removes the automatic enablement of configuration settings for new
|
980
|
+
# member accounts in Security Lake.
|
1003
981
|
#
|
1004
|
-
#
|
982
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1005
983
|
#
|
1006
|
-
# @example
|
984
|
+
# @example Request syntax with placeholder values
|
1007
985
|
#
|
1008
|
-
# resp
|
986
|
+
# resp = client.delete_data_lake_organization_configuration({
|
987
|
+
# auto_enable_new_account: [ # required
|
988
|
+
# {
|
989
|
+
# region: "Region", # required
|
990
|
+
# sources: [ # required
|
991
|
+
# {
|
992
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
993
|
+
# source_version: "AwsLogSourceVersion",
|
994
|
+
# },
|
995
|
+
# ],
|
996
|
+
# },
|
997
|
+
# ],
|
998
|
+
# })
|
1009
999
|
#
|
1010
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1000
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfiguration AWS API Documentation
|
1011
1001
|
#
|
1012
|
-
# @overload
|
1002
|
+
# @overload delete_data_lake_organization_configuration(params = {})
|
1013
1003
|
# @param [Hash] params ({})
|
1014
|
-
def
|
1015
|
-
req = build_request(:
|
1004
|
+
def delete_data_lake_organization_configuration(params = {}, options = {})
|
1005
|
+
req = build_request(:delete_data_lake_organization_configuration, params)
|
1016
1006
|
req.send_request(options)
|
1017
1007
|
end
|
1018
1008
|
|
1019
|
-
# Deletes the subscription permission
|
1020
|
-
# enabled in Amazon Security Lake.
|
1021
|
-
#
|
1022
|
-
#
|
1023
|
-
#
|
1009
|
+
# Deletes the subscription permission and all notification settings for
|
1010
|
+
# accounts that are already enabled in Amazon Security Lake. When you
|
1011
|
+
# run `DeleteSubscriber`, the subscriber will no longer consume data
|
1012
|
+
# from Security Lake and the subscriber is removed. This operation
|
1013
|
+
# deletes the subscriber and removes access to data in the current
|
1014
|
+
# Amazon Web Services Region.
|
1015
|
+
#
|
1016
|
+
# @option params [required, String] :subscriber_id
|
1024
1017
|
# A value created by Security Lake that uniquely identifies your
|
1025
1018
|
# `DeleteSubscriber` API request.
|
1026
1019
|
#
|
@@ -1029,7 +1022,7 @@ module Aws::SecurityLake
|
|
1029
1022
|
# @example Request syntax with placeholder values
|
1030
1023
|
#
|
1031
1024
|
# resp = client.delete_subscriber({
|
1032
|
-
#
|
1025
|
+
# subscriber_id: "UUID", # required
|
1033
1026
|
# })
|
1034
1027
|
#
|
1035
1028
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
|
@@ -1044,124 +1037,89 @@ module Aws::SecurityLake
|
|
1044
1037
|
# Deletes the specified notification subscription in Amazon Security
|
1045
1038
|
# Lake for the organization you specify.
|
1046
1039
|
#
|
1047
|
-
# @option params [required, String] :
|
1040
|
+
# @option params [required, String] :subscriber_id
|
1048
1041
|
# The ID of the Security Lake subscriber account.
|
1049
1042
|
#
|
1050
1043
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1051
1044
|
#
|
1052
1045
|
# @example Request syntax with placeholder values
|
1053
1046
|
#
|
1054
|
-
# resp = client.
|
1055
|
-
#
|
1047
|
+
# resp = client.delete_subscriber_notification({
|
1048
|
+
# subscriber_id: "UUID", # required
|
1056
1049
|
# })
|
1057
1050
|
#
|
1058
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1051
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberNotification AWS API Documentation
|
1059
1052
|
#
|
1060
|
-
# @overload
|
1053
|
+
# @overload delete_subscriber_notification(params = {})
|
1061
1054
|
# @param [Hash] params ({})
|
1062
|
-
def
|
1063
|
-
req = build_request(:
|
1055
|
+
def delete_subscriber_notification(params = {}, options = {})
|
1056
|
+
req = build_request(:delete_subscriber_notification, params)
|
1064
1057
|
req.send_request(options)
|
1065
1058
|
end
|
1066
1059
|
|
1067
|
-
#
|
1068
|
-
#
|
1069
|
-
#
|
1070
|
-
#
|
1071
|
-
#
|
1072
|
-
# @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1073
|
-
#
|
1074
|
-
# * {Types::GetDatalakeResponse#configurations #configurations} => Hash<String,Types::LakeConfigurationResponse>
|
1075
|
-
#
|
1076
|
-
# @example Response structure
|
1077
|
-
#
|
1078
|
-
# resp.configurations #=> Hash
|
1079
|
-
# resp.configurations["Region"].encryption_key #=> String
|
1080
|
-
# resp.configurations["Region"].replication_destination_regions #=> Array
|
1081
|
-
# resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1082
|
-
# resp.configurations["Region"].replication_role_arn #=> String
|
1083
|
-
# resp.configurations["Region"].retention_settings #=> Array
|
1084
|
-
# resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
|
1085
|
-
# resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
|
1086
|
-
# resp.configurations["Region"].s3_bucket_arn #=> String
|
1087
|
-
# resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1088
|
-
# resp.configurations["Region"].tags_map #=> Hash
|
1089
|
-
# resp.configurations["Region"].tags_map["String"] #=> String
|
1090
|
-
#
|
1091
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
|
1092
|
-
#
|
1093
|
-
# @overload get_datalake(params = {})
|
1094
|
-
# @param [Hash] params ({})
|
1095
|
-
def get_datalake(params = {}, options = {})
|
1096
|
-
req = build_request(:get_datalake, params)
|
1097
|
-
req.send_request(options)
|
1098
|
-
end
|
1099
|
-
|
1100
|
-
# Retrieves the configuration that will be automatically set up for
|
1101
|
-
# accounts added to the organization after the organization has
|
1102
|
-
# onboarded to Amazon Security Lake. This API does not take input
|
1103
|
-
# parameters.
|
1104
|
-
#
|
1105
|
-
# @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1106
|
-
#
|
1107
|
-
# * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array<Types::AutoEnableNewRegionConfiguration>
|
1108
|
-
#
|
1109
|
-
# @example Response structure
|
1060
|
+
# Deletes the Amazon Security Lake delegated administrator account for
|
1061
|
+
# the organization. This API can only be called by the organization
|
1062
|
+
# management account. The organization management account cannot be the
|
1063
|
+
# delegated administrator account.
|
1110
1064
|
#
|
1111
|
-
#
|
1112
|
-
# resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1113
|
-
# resp.auto_enable_new_accounts[0].sources #=> Array
|
1114
|
-
# resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1065
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1115
1066
|
#
|
1116
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1067
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeregisterDataLakeDelegatedAdministrator AWS API Documentation
|
1117
1068
|
#
|
1118
|
-
# @overload
|
1069
|
+
# @overload deregister_data_lake_delegated_administrator(params = {})
|
1119
1070
|
# @param [Hash] params ({})
|
1120
|
-
def
|
1121
|
-
req = build_request(:
|
1071
|
+
def deregister_data_lake_delegated_administrator(params = {}, options = {})
|
1072
|
+
req = build_request(:deregister_data_lake_delegated_administrator, params)
|
1122
1073
|
req.send_request(options)
|
1123
1074
|
end
|
1124
1075
|
|
1125
|
-
# Retrieves the
|
1126
|
-
#
|
1127
|
-
# weeks from when a record was created in Amazon Security Lake. This API
|
1128
|
-
# does not take input parameters.
|
1076
|
+
# Retrieves the details of exception notifications for the account in
|
1077
|
+
# Amazon Security Lake.
|
1129
1078
|
#
|
1130
|
-
# @return [Types::
|
1079
|
+
# @return [Types::GetDataLakeExceptionSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1131
1080
|
#
|
1132
|
-
# * {Types::
|
1081
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#exception_time_to_live #exception_time_to_live} => Integer
|
1082
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#notification_endpoint #notification_endpoint} => String
|
1083
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#subscription_protocol #subscription_protocol} => String
|
1133
1084
|
#
|
1134
1085
|
# @example Response structure
|
1135
1086
|
#
|
1136
|
-
# resp.
|
1087
|
+
# resp.exception_time_to_live #=> Integer
|
1088
|
+
# resp.notification_endpoint #=> String
|
1089
|
+
# resp.subscription_protocol #=> String
|
1137
1090
|
#
|
1138
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1091
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeExceptionSubscription AWS API Documentation
|
1139
1092
|
#
|
1140
|
-
# @overload
|
1093
|
+
# @overload get_data_lake_exception_subscription(params = {})
|
1141
1094
|
# @param [Hash] params ({})
|
1142
|
-
def
|
1143
|
-
req = build_request(:
|
1095
|
+
def get_data_lake_exception_subscription(params = {}, options = {})
|
1096
|
+
req = build_request(:get_data_lake_exception_subscription, params)
|
1144
1097
|
req.send_request(options)
|
1145
1098
|
end
|
1146
1099
|
|
1147
|
-
# Retrieves the
|
1148
|
-
#
|
1100
|
+
# Retrieves the configuration that will be automatically set up for
|
1101
|
+
# accounts added to the organization after the organization has
|
1102
|
+
# onboarded to Amazon Security Lake. This API does not take input
|
1103
|
+
# parameters.
|
1149
1104
|
#
|
1150
|
-
# @return [Types::
|
1105
|
+
# @return [Types::GetDataLakeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1151
1106
|
#
|
1152
|
-
# * {Types::
|
1107
|
+
# * {Types::GetDataLakeOrganizationConfigurationResponse#auto_enable_new_account #auto_enable_new_account} => Array<Types::DataLakeAutoEnableNewAccountConfiguration>
|
1153
1108
|
#
|
1154
1109
|
# @example Response structure
|
1155
1110
|
#
|
1156
|
-
# resp.
|
1157
|
-
# resp.
|
1111
|
+
# resp.auto_enable_new_account #=> Array
|
1112
|
+
# resp.auto_enable_new_account[0].region #=> String
|
1113
|
+
# resp.auto_enable_new_account[0].sources #=> Array
|
1114
|
+
# resp.auto_enable_new_account[0].sources[0].source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1115
|
+
# resp.auto_enable_new_account[0].sources[0].source_version #=> String
|
1158
1116
|
#
|
1159
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1117
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeOrganizationConfiguration AWS API Documentation
|
1160
1118
|
#
|
1161
|
-
# @overload
|
1119
|
+
# @overload get_data_lake_organization_configuration(params = {})
|
1162
1120
|
# @param [Hash] params ({})
|
1163
|
-
def
|
1164
|
-
req = build_request(:
|
1121
|
+
def get_data_lake_organization_configuration(params = {}, options = {})
|
1122
|
+
req = build_request(:get_data_lake_organization_configuration, params)
|
1165
1123
|
req.send_request(options)
|
1166
1124
|
end
|
1167
1125
|
|
@@ -1169,12 +1127,12 @@ module Aws::SecurityLake
|
|
1169
1127
|
# Security Lake is enabled for those accounts and which sources Security
|
1170
1128
|
# Lake is collecting data from.
|
1171
1129
|
#
|
1172
|
-
# @option params [Array<String>] :
|
1130
|
+
# @option params [Array<String>] :accounts
|
1173
1131
|
# The Amazon Web Services account ID for which a static snapshot of the
|
1174
1132
|
# current Amazon Web Services Region, including enabled accounts and log
|
1175
1133
|
# sources, is retrieved.
|
1176
1134
|
#
|
1177
|
-
# @option params [Integer] :
|
1135
|
+
# @option params [Integer] :max_results
|
1178
1136
|
# The maximum limit of accounts for which the static snapshot of the
|
1179
1137
|
# current Region, including enabled accounts and log sources, is
|
1180
1138
|
# retrieved.
|
@@ -1188,45 +1146,48 @@ module Aws::SecurityLake
|
|
1188
1146
|
# Each pagination token expires after 24 hours. Using an expired
|
1189
1147
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1190
1148
|
#
|
1191
|
-
# @return [Types::
|
1149
|
+
# @return [Types::GetDataLakeSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1192
1150
|
#
|
1193
|
-
# * {Types::
|
1194
|
-
# * {Types::
|
1151
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_arn #data_lake_arn} => String
|
1152
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_sources #data_lake_sources} => Array<Types::DataLakeSource>
|
1153
|
+
# * {Types::GetDataLakeSourcesResponse#next_token #next_token} => String
|
1195
1154
|
#
|
1196
1155
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1197
1156
|
#
|
1198
1157
|
# @example Request syntax with placeholder values
|
1199
1158
|
#
|
1200
|
-
# resp = client.
|
1201
|
-
#
|
1202
|
-
#
|
1203
|
-
# next_token: "
|
1159
|
+
# resp = client.get_data_lake_sources({
|
1160
|
+
# accounts: ["AwsAccountId"],
|
1161
|
+
# max_results: 1,
|
1162
|
+
# next_token: "NextToken",
|
1204
1163
|
# })
|
1205
1164
|
#
|
1206
1165
|
# @example Response structure
|
1207
1166
|
#
|
1208
|
-
# resp.
|
1209
|
-
# resp.
|
1210
|
-
# resp.
|
1211
|
-
# resp.
|
1212
|
-
# resp.
|
1213
|
-
# resp.
|
1214
|
-
# resp.
|
1167
|
+
# resp.data_lake_arn #=> String
|
1168
|
+
# resp.data_lake_sources #=> Array
|
1169
|
+
# resp.data_lake_sources[0].account #=> String
|
1170
|
+
# resp.data_lake_sources[0].event_classes #=> Array
|
1171
|
+
# resp.data_lake_sources[0].event_classes[0] #=> String
|
1172
|
+
# resp.data_lake_sources[0].source_name #=> String
|
1173
|
+
# resp.data_lake_sources[0].source_statuses #=> Array
|
1174
|
+
# resp.data_lake_sources[0].source_statuses[0].resource #=> String
|
1175
|
+
# resp.data_lake_sources[0].source_statuses[0].status #=> String, one of "COLLECTING", "MISCONFIGURED", "NOT_COLLECTING"
|
1215
1176
|
# resp.next_token #=> String
|
1216
1177
|
#
|
1217
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1178
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeSources AWS API Documentation
|
1218
1179
|
#
|
1219
|
-
# @overload
|
1180
|
+
# @overload get_data_lake_sources(params = {})
|
1220
1181
|
# @param [Hash] params ({})
|
1221
|
-
def
|
1222
|
-
req = build_request(:
|
1182
|
+
def get_data_lake_sources(params = {}, options = {})
|
1183
|
+
req = build_request(:get_data_lake_sources, params)
|
1223
1184
|
req.send_request(options)
|
1224
1185
|
end
|
1225
1186
|
|
1226
1187
|
# Retrieves the subscription information for the specified subscription
|
1227
1188
|
# ID. You can get information about a specific subscriber.
|
1228
1189
|
#
|
1229
|
-
# @option params [required, String] :
|
1190
|
+
# @option params [required, String] :subscriber_id
|
1230
1191
|
# A value created by Amazon Security Lake that uniquely identifies your
|
1231
1192
|
# `GetSubscriber` API request.
|
1232
1193
|
#
|
@@ -1237,28 +1198,36 @@ module Aws::SecurityLake
|
|
1237
1198
|
# @example Request syntax with placeholder values
|
1238
1199
|
#
|
1239
1200
|
# resp = client.get_subscriber({
|
1240
|
-
#
|
1201
|
+
# subscriber_id: "UUID", # required
|
1241
1202
|
# })
|
1242
1203
|
#
|
1243
1204
|
# @example Response structure
|
1244
1205
|
#
|
1245
1206
|
# resp.subscriber.access_types #=> Array
|
1246
1207
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1247
|
-
# resp.subscriber.account_id #=> String
|
1248
1208
|
# resp.subscriber.created_at #=> Time
|
1249
|
-
# resp.subscriber.
|
1209
|
+
# resp.subscriber.resource_share_arn #=> String
|
1210
|
+
# resp.subscriber.resource_share_name #=> String
|
1250
1211
|
# resp.subscriber.role_arn #=> String
|
1251
1212
|
# resp.subscriber.s3_bucket_arn #=> String
|
1252
|
-
# resp.subscriber.
|
1253
|
-
# resp.subscriber.
|
1254
|
-
# resp.subscriber.
|
1255
|
-
# resp.subscriber.
|
1213
|
+
# resp.subscriber.sources #=> Array
|
1214
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1215
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1216
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1217
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1218
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1219
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1220
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1221
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1222
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1223
|
+
# resp.subscriber.subscriber_arn #=> String
|
1256
1224
|
# resp.subscriber.subscriber_description #=> String
|
1225
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1226
|
+
# resp.subscriber.subscriber_id #=> String
|
1227
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1228
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1257
1229
|
# resp.subscriber.subscriber_name #=> String
|
1258
|
-
# resp.subscriber.
|
1259
|
-
# resp.subscriber.subscription_id #=> String
|
1260
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1261
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1230
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1262
1231
|
# resp.subscriber.updated_at #=> Time
|
1263
1232
|
#
|
1264
1233
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
|
@@ -1273,7 +1242,7 @@ module Aws::SecurityLake
|
|
1273
1242
|
# Lists the Amazon Security Lake exceptions that you can use to find the
|
1274
1243
|
# source of problems and fix them.
|
1275
1244
|
#
|
1276
|
-
# @option params [Integer] :
|
1245
|
+
# @option params [Integer] :max_results
|
1277
1246
|
# List the maximum number of failures in Security Lake.
|
1278
1247
|
#
|
1279
1248
|
# @option params [String] :next_token
|
@@ -1285,64 +1254,95 @@ module Aws::SecurityLake
|
|
1285
1254
|
# Each pagination token expires after 24 hours. Using an expired
|
1286
1255
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1287
1256
|
#
|
1288
|
-
# @option params [Array<String>] :
|
1257
|
+
# @option params [Array<String>] :regions
|
1289
1258
|
# List the Amazon Web Services Regions from which exceptions are
|
1290
1259
|
# retrieved.
|
1291
1260
|
#
|
1292
|
-
# @return [Types::
|
1261
|
+
# @return [Types::ListDataLakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1293
1262
|
#
|
1294
|
-
# * {Types::
|
1295
|
-
# * {Types::
|
1263
|
+
# * {Types::ListDataLakeExceptionsResponse#exceptions #exceptions} => Array<Types::DataLakeException>
|
1264
|
+
# * {Types::ListDataLakeExceptionsResponse#next_token #next_token} => String
|
1296
1265
|
#
|
1297
1266
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1298
1267
|
#
|
1299
1268
|
# @example Request syntax with placeholder values
|
1300
1269
|
#
|
1301
|
-
# resp = client.
|
1302
|
-
#
|
1303
|
-
# next_token: "
|
1304
|
-
#
|
1270
|
+
# resp = client.list_data_lake_exceptions({
|
1271
|
+
# max_results: 1,
|
1272
|
+
# next_token: "NextToken",
|
1273
|
+
# regions: ["Region"],
|
1305
1274
|
# })
|
1306
1275
|
#
|
1307
1276
|
# @example Response structure
|
1308
1277
|
#
|
1278
|
+
# resp.exceptions #=> Array
|
1279
|
+
# resp.exceptions[0].exception #=> String
|
1280
|
+
# resp.exceptions[0].region #=> String
|
1281
|
+
# resp.exceptions[0].remediation #=> String
|
1282
|
+
# resp.exceptions[0].timestamp #=> Time
|
1309
1283
|
# resp.next_token #=> String
|
1310
|
-
# resp.non_retryable_failures #=> Array
|
1311
|
-
# resp.non_retryable_failures[0].failures #=> Array
|
1312
|
-
# resp.non_retryable_failures[0].failures[0].exception_message #=> String
|
1313
|
-
# resp.non_retryable_failures[0].failures[0].remediation #=> String
|
1314
|
-
# resp.non_retryable_failures[0].failures[0].timestamp #=> Time
|
1315
|
-
# resp.non_retryable_failures[0].region #=> String
|
1316
1284
|
#
|
1317
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1285
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakeExceptions AWS API Documentation
|
1318
1286
|
#
|
1319
|
-
# @overload
|
1287
|
+
# @overload list_data_lake_exceptions(params = {})
|
1320
1288
|
# @param [Hash] params ({})
|
1321
|
-
def
|
1322
|
-
req = build_request(:
|
1289
|
+
def list_data_lake_exceptions(params = {}, options = {})
|
1290
|
+
req = build_request(:list_data_lake_exceptions, params)
|
1323
1291
|
req.send_request(options)
|
1324
1292
|
end
|
1325
1293
|
|
1326
|
-
# Retrieves the
|
1294
|
+
# Retrieves the Amazon Security Lake configuration object for the
|
1295
|
+
# specified Amazon Web Services account ID. You can use the
|
1296
|
+
# `ListDataLakes` API to know whether Security Lake is enabled for any
|
1297
|
+
# region.
|
1327
1298
|
#
|
1328
|
-
# @option params [Array<String>] :
|
1329
|
-
#
|
1330
|
-
#
|
1299
|
+
# @option params [Array<String>] :regions
|
1300
|
+
# The list of regions where Security Lake is enabled.
|
1301
|
+
#
|
1302
|
+
# @return [Types::ListDataLakesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1331
1303
|
#
|
1332
|
-
#
|
1333
|
-
# List the view of log sources for enabled Amazon Security Lake accounts
|
1334
|
-
# for specific Amazon Web Services sources from specific accounts and
|
1335
|
-
# specific Regions.
|
1304
|
+
# * {Types::ListDataLakesResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1336
1305
|
#
|
1337
|
-
# @
|
1338
|
-
#
|
1339
|
-
#
|
1340
|
-
#
|
1306
|
+
# @example Request syntax with placeholder values
|
1307
|
+
#
|
1308
|
+
# resp = client.list_data_lakes({
|
1309
|
+
# regions: ["Region"],
|
1310
|
+
# })
|
1311
|
+
#
|
1312
|
+
# @example Response structure
|
1313
|
+
#
|
1314
|
+
# resp.data_lakes #=> Array
|
1315
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1316
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1317
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1318
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1319
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1320
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1321
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1322
|
+
# resp.data_lakes[0].region #=> String
|
1323
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1324
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1325
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1326
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1327
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1328
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1329
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1330
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1331
|
+
#
|
1332
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakes AWS API Documentation
|
1333
|
+
#
|
1334
|
+
# @overload list_data_lakes(params = {})
|
1335
|
+
# @param [Hash] params ({})
|
1336
|
+
def list_data_lakes(params = {}, options = {})
|
1337
|
+
req = build_request(:list_data_lakes, params)
|
1338
|
+
req.send_request(options)
|
1339
|
+
end
|
1340
|
+
|
1341
|
+
# Retrieves the log sources in the current Amazon Web Services Region.
|
1341
1342
|
#
|
1342
|
-
# @option params [
|
1343
|
-
#
|
1344
|
-
#
|
1345
|
-
# specific Regions.
|
1343
|
+
# @option params [Array<String>] :accounts
|
1344
|
+
# The list of Amazon Web Services accounts for which log sources are
|
1345
|
+
# displayed.
|
1346
1346
|
#
|
1347
1347
|
# @option params [Integer] :max_results
|
1348
1348
|
# The maximum number of accounts for which the log sources are
|
@@ -1352,38 +1352,65 @@ module Aws::SecurityLake
|
|
1352
1352
|
# If nextToken is returned, there are more results available. You can
|
1353
1353
|
# repeat the call using the returned token to retrieve the next page.
|
1354
1354
|
#
|
1355
|
+
# @option params [Array<String>] :regions
|
1356
|
+
# The list of regions for which log sources are displayed.
|
1357
|
+
#
|
1358
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1359
|
+
# The list of sources for which log sources are displayed.
|
1360
|
+
#
|
1355
1361
|
# @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1356
1362
|
#
|
1357
1363
|
# * {Types::ListLogSourcesResponse#next_token #next_token} => String
|
1358
|
-
# * {Types::ListLogSourcesResponse#
|
1364
|
+
# * {Types::ListLogSourcesResponse#sources #sources} => Array<Types::LogSource>
|
1359
1365
|
#
|
1360
1366
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1361
1367
|
#
|
1362
1368
|
# @example Request syntax with placeholder values
|
1363
1369
|
#
|
1364
1370
|
# resp = client.list_log_sources({
|
1365
|
-
#
|
1366
|
-
# list_all_dimensions: {
|
1367
|
-
# "String" => {
|
1368
|
-
# "String" => ["String"],
|
1369
|
-
# },
|
1370
|
-
# },
|
1371
|
-
# list_single_dimension: ["SafeString"],
|
1372
|
-
# list_two_dimensions: {
|
1373
|
-
# "String" => ["String"],
|
1374
|
-
# },
|
1371
|
+
# accounts: ["AwsAccountId"],
|
1375
1372
|
# max_results: 1,
|
1376
|
-
# next_token: "
|
1373
|
+
# next_token: "NextToken",
|
1374
|
+
# regions: ["Region"],
|
1375
|
+
# sources: [
|
1376
|
+
# {
|
1377
|
+
# aws_log_source: {
|
1378
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1379
|
+
# source_version: "AwsLogSourceVersion",
|
1380
|
+
# },
|
1381
|
+
# custom_log_source: {
|
1382
|
+
# attributes: {
|
1383
|
+
# crawler_arn: "AmazonResourceName",
|
1384
|
+
# database_arn: "AmazonResourceName",
|
1385
|
+
# table_arn: "AmazonResourceName",
|
1386
|
+
# },
|
1387
|
+
# provider: {
|
1388
|
+
# location: "S3URI",
|
1389
|
+
# role_arn: "RoleArn",
|
1390
|
+
# },
|
1391
|
+
# source_name: "CustomLogSourceName",
|
1392
|
+
# source_version: "CustomLogSourceVersion",
|
1393
|
+
# },
|
1394
|
+
# },
|
1395
|
+
# ],
|
1377
1396
|
# })
|
1378
1397
|
#
|
1379
1398
|
# @example Response structure
|
1380
1399
|
#
|
1381
1400
|
# resp.next_token #=> String
|
1382
|
-
# resp.
|
1383
|
-
# resp.
|
1384
|
-
# resp.
|
1385
|
-
# resp.
|
1386
|
-
# resp.
|
1401
|
+
# resp.sources #=> Array
|
1402
|
+
# resp.sources[0].account #=> String
|
1403
|
+
# resp.sources[0].region #=> String
|
1404
|
+
# resp.sources[0].sources #=> Array
|
1405
|
+
# resp.sources[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1406
|
+
# resp.sources[0].sources[0].aws_log_source.source_version #=> String
|
1407
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1408
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1409
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1410
|
+
# resp.sources[0].sources[0].custom_log_source.provider.location #=> String
|
1411
|
+
# resp.sources[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1412
|
+
# resp.sources[0].sources[0].custom_log_source.source_name #=> String
|
1413
|
+
# resp.sources[0].sources[0].custom_log_source.source_version #=> String
|
1387
1414
|
#
|
1388
1415
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
|
1389
1416
|
#
|
@@ -1417,7 +1444,7 @@ module Aws::SecurityLake
|
|
1417
1444
|
#
|
1418
1445
|
# resp = client.list_subscribers({
|
1419
1446
|
# max_results: 1,
|
1420
|
-
# next_token: "
|
1447
|
+
# next_token: "NextToken",
|
1421
1448
|
# })
|
1422
1449
|
#
|
1423
1450
|
# @example Response structure
|
@@ -1426,21 +1453,29 @@ module Aws::SecurityLake
|
|
1426
1453
|
# resp.subscribers #=> Array
|
1427
1454
|
# resp.subscribers[0].access_types #=> Array
|
1428
1455
|
# resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1429
|
-
# resp.subscribers[0].account_id #=> String
|
1430
1456
|
# resp.subscribers[0].created_at #=> Time
|
1431
|
-
# resp.subscribers[0].
|
1457
|
+
# resp.subscribers[0].resource_share_arn #=> String
|
1458
|
+
# resp.subscribers[0].resource_share_name #=> String
|
1432
1459
|
# resp.subscribers[0].role_arn #=> String
|
1433
1460
|
# resp.subscribers[0].s3_bucket_arn #=> String
|
1434
|
-
# resp.subscribers[0].
|
1435
|
-
# resp.subscribers[0].
|
1436
|
-
# resp.subscribers[0].
|
1437
|
-
# resp.subscribers[0].
|
1461
|
+
# resp.subscribers[0].sources #=> Array
|
1462
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1463
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_version #=> String
|
1464
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1465
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1466
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1467
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.location #=> String
|
1468
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1469
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_name #=> String
|
1470
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_version #=> String
|
1471
|
+
# resp.subscribers[0].subscriber_arn #=> String
|
1438
1472
|
# resp.subscribers[0].subscriber_description #=> String
|
1473
|
+
# resp.subscribers[0].subscriber_endpoint #=> String
|
1474
|
+
# resp.subscribers[0].subscriber_id #=> String
|
1475
|
+
# resp.subscribers[0].subscriber_identity.external_id #=> String
|
1476
|
+
# resp.subscribers[0].subscriber_identity.principal #=> String
|
1439
1477
|
# resp.subscribers[0].subscriber_name #=> String
|
1440
|
-
# resp.subscribers[0].
|
1441
|
-
# resp.subscribers[0].subscription_id #=> String
|
1442
|
-
# resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1443
|
-
# resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1478
|
+
# resp.subscribers[0].subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1444
1479
|
# resp.subscribers[0].updated_at #=> Time
|
1445
1480
|
#
|
1446
1481
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
|
@@ -1452,74 +1487,107 @@ module Aws::SecurityLake
|
|
1452
1487
|
req.send_request(options)
|
1453
1488
|
end
|
1454
1489
|
|
1455
|
-
#
|
1456
|
-
#
|
1457
|
-
#
|
1490
|
+
# Designates the Amazon Security Lake delegated administrator account
|
1491
|
+
# for the organization. This API can only be called by the organization
|
1492
|
+
# management account. The organization management account cannot be the
|
1493
|
+
# delegated administrator account.
|
1458
1494
|
#
|
1459
|
-
# @option params [required,
|
1460
|
-
#
|
1461
|
-
#
|
1495
|
+
# @option params [required, String] :account_id
|
1496
|
+
# The Amazon Web Services account ID of the Security Lake delegated
|
1497
|
+
# administrator.
|
1462
1498
|
#
|
1463
1499
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1464
1500
|
#
|
1465
1501
|
# @example Request syntax with placeholder values
|
1466
1502
|
#
|
1467
|
-
# resp = client.
|
1468
|
-
#
|
1469
|
-
# "us-east-1" => {
|
1470
|
-
# encryption_key: "String",
|
1471
|
-
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1472
|
-
# replication_role_arn: "RoleArn",
|
1473
|
-
# retention_settings: [
|
1474
|
-
# {
|
1475
|
-
# retention_period: 1,
|
1476
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
1477
|
-
# },
|
1478
|
-
# ],
|
1479
|
-
# tags_map: {
|
1480
|
-
# "String" => "String",
|
1481
|
-
# },
|
1482
|
-
# },
|
1483
|
-
# },
|
1503
|
+
# resp = client.register_data_lake_delegated_administrator({
|
1504
|
+
# account_id: "SafeString", # required
|
1484
1505
|
# })
|
1485
1506
|
#
|
1486
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1507
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RegisterDataLakeDelegatedAdministrator AWS API Documentation
|
1487
1508
|
#
|
1488
|
-
# @overload
|
1509
|
+
# @overload register_data_lake_delegated_administrator(params = {})
|
1489
1510
|
# @param [Hash] params ({})
|
1490
|
-
def
|
1491
|
-
req = build_request(:
|
1511
|
+
def register_data_lake_delegated_administrator(params = {}, options = {})
|
1512
|
+
req = build_request(:register_data_lake_delegated_administrator, params)
|
1492
1513
|
req.send_request(options)
|
1493
1514
|
end
|
1494
1515
|
|
1495
|
-
#
|
1496
|
-
#
|
1497
|
-
#
|
1498
|
-
# when a record was created in Amazon Security Lake.
|
1516
|
+
# Specifies where to store your security data and for how long. You can
|
1517
|
+
# add a rollup Region to consolidate data from multiple Amazon Web
|
1518
|
+
# Services Regions.
|
1499
1519
|
#
|
1500
|
-
# @option params [required,
|
1501
|
-
#
|
1520
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
1521
|
+
# Specify the Region or Regions that will contribute data to the rollup
|
1522
|
+
# region.
|
1502
1523
|
#
|
1503
|
-
# @return [
|
1524
|
+
# @return [Types::UpdateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1525
|
+
#
|
1526
|
+
# * {Types::UpdateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1504
1527
|
#
|
1505
1528
|
# @example Request syntax with placeholder values
|
1506
1529
|
#
|
1507
|
-
# resp = client.
|
1508
|
-
#
|
1530
|
+
# resp = client.update_data_lake({
|
1531
|
+
# configurations: [ # required
|
1532
|
+
# {
|
1533
|
+
# encryption_configuration: {
|
1534
|
+
# kms_key_id: "String",
|
1535
|
+
# },
|
1536
|
+
# lifecycle_configuration: {
|
1537
|
+
# expiration: {
|
1538
|
+
# days: 1,
|
1539
|
+
# },
|
1540
|
+
# transitions: [
|
1541
|
+
# {
|
1542
|
+
# days: 1,
|
1543
|
+
# storage_class: "DataLakeStorageClass",
|
1544
|
+
# },
|
1545
|
+
# ],
|
1546
|
+
# },
|
1547
|
+
# region: "Region", # required
|
1548
|
+
# replication_configuration: {
|
1549
|
+
# regions: ["Region"],
|
1550
|
+
# role_arn: "RoleArn",
|
1551
|
+
# },
|
1552
|
+
# },
|
1553
|
+
# ],
|
1509
1554
|
# })
|
1510
1555
|
#
|
1511
|
-
# @
|
1556
|
+
# @example Response structure
|
1512
1557
|
#
|
1513
|
-
#
|
1558
|
+
# resp.data_lakes #=> Array
|
1559
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1560
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1561
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1562
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1563
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1564
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1565
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1566
|
+
# resp.data_lakes[0].region #=> String
|
1567
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1568
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1569
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1570
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1571
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1572
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1573
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1574
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1575
|
+
#
|
1576
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLake AWS API Documentation
|
1577
|
+
#
|
1578
|
+
# @overload update_data_lake(params = {})
|
1514
1579
|
# @param [Hash] params ({})
|
1515
|
-
def
|
1516
|
-
req = build_request(:
|
1580
|
+
def update_data_lake(params = {}, options = {})
|
1581
|
+
req = build_request(:update_data_lake, params)
|
1517
1582
|
req.send_request(options)
|
1518
1583
|
end
|
1519
1584
|
|
1520
1585
|
# Updates the specified notification subscription in Amazon Security
|
1521
1586
|
# Lake for the organization you specify.
|
1522
1587
|
#
|
1588
|
+
# @option params [Integer] :exception_time_to_live
|
1589
|
+
# The time-to-live (TTL) for the exception message to remain.
|
1590
|
+
#
|
1523
1591
|
# @option params [required, String] :notification_endpoint
|
1524
1592
|
# The account that is subscribed to receive exception notifications.
|
1525
1593
|
#
|
@@ -1530,17 +1598,18 @@ module Aws::SecurityLake
|
|
1530
1598
|
#
|
1531
1599
|
# @example Request syntax with placeholder values
|
1532
1600
|
#
|
1533
|
-
# resp = client.
|
1601
|
+
# resp = client.update_data_lake_exception_subscription({
|
1602
|
+
# exception_time_to_live: 1,
|
1534
1603
|
# notification_endpoint: "SafeString", # required
|
1535
|
-
# subscription_protocol: "
|
1604
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
1536
1605
|
# })
|
1537
1606
|
#
|
1538
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1607
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeExceptionSubscription AWS API Documentation
|
1539
1608
|
#
|
1540
|
-
# @overload
|
1609
|
+
# @overload update_data_lake_exception_subscription(params = {})
|
1541
1610
|
# @param [Hash] params ({})
|
1542
|
-
def
|
1543
|
-
req = build_request(:
|
1611
|
+
def update_data_lake_exception_subscription(params = {}, options = {})
|
1612
|
+
req = build_request(:update_data_lake_exception_subscription, params)
|
1544
1613
|
req.send_request(options)
|
1545
1614
|
end
|
1546
1615
|
|
@@ -1548,14 +1617,7 @@ module Aws::SecurityLake
|
|
1548
1617
|
# account ID. You can update a subscriber by changing the sources that
|
1549
1618
|
# the subscriber consumes data from.
|
1550
1619
|
#
|
1551
|
-
# @option params [
|
1552
|
-
# The external ID of the Security Lake account.
|
1553
|
-
#
|
1554
|
-
# @option params [required, String] :id
|
1555
|
-
# A value created by Security Lake that uniquely identifies your
|
1556
|
-
# subscription.
|
1557
|
-
#
|
1558
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
1620
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1559
1621
|
# The supported Amazon Web Services from which logs and events are
|
1560
1622
|
# collected. For the list of supported Amazon Web Services, see the
|
1561
1623
|
# [Amazon Security Lake User Guide][1].
|
@@ -1567,6 +1629,13 @@ module Aws::SecurityLake
|
|
1567
1629
|
# @option params [String] :subscriber_description
|
1568
1630
|
# The description of the Security Lake account subscriber.
|
1569
1631
|
#
|
1632
|
+
# @option params [required, String] :subscriber_id
|
1633
|
+
# A value created by Security Lake that uniquely identifies your
|
1634
|
+
# subscription.
|
1635
|
+
#
|
1636
|
+
# @option params [Types::AwsIdentity] :subscriber_identity
|
1637
|
+
# The AWS identity used to access your data.
|
1638
|
+
#
|
1570
1639
|
# @option params [String] :subscriber_name
|
1571
1640
|
# The name of the Security Lake account subscriber.
|
1572
1641
|
#
|
@@ -1577,15 +1646,33 @@ module Aws::SecurityLake
|
|
1577
1646
|
# @example Request syntax with placeholder values
|
1578
1647
|
#
|
1579
1648
|
# resp = client.update_subscriber({
|
1580
|
-
#
|
1581
|
-
# id: "String", # required
|
1582
|
-
# source_types: [ # required
|
1649
|
+
# sources: [
|
1583
1650
|
# {
|
1584
|
-
#
|
1585
|
-
#
|
1651
|
+
# aws_log_source: {
|
1652
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1653
|
+
# source_version: "AwsLogSourceVersion",
|
1654
|
+
# },
|
1655
|
+
# custom_log_source: {
|
1656
|
+
# attributes: {
|
1657
|
+
# crawler_arn: "AmazonResourceName",
|
1658
|
+
# database_arn: "AmazonResourceName",
|
1659
|
+
# table_arn: "AmazonResourceName",
|
1660
|
+
# },
|
1661
|
+
# provider: {
|
1662
|
+
# location: "S3URI",
|
1663
|
+
# role_arn: "RoleArn",
|
1664
|
+
# },
|
1665
|
+
# source_name: "CustomLogSourceName",
|
1666
|
+
# source_version: "CustomLogSourceVersion",
|
1667
|
+
# },
|
1586
1668
|
# },
|
1587
1669
|
# ],
|
1588
1670
|
# subscriber_description: "DescriptionString",
|
1671
|
+
# subscriber_id: "UUID", # required
|
1672
|
+
# subscriber_identity: {
|
1673
|
+
# external_id: "ExternalId", # required
|
1674
|
+
# principal: "AwsPrincipal", # required
|
1675
|
+
# },
|
1589
1676
|
# subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
|
1590
1677
|
# })
|
1591
1678
|
#
|
@@ -1593,21 +1680,29 @@ module Aws::SecurityLake
|
|
1593
1680
|
#
|
1594
1681
|
# resp.subscriber.access_types #=> Array
|
1595
1682
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1596
|
-
# resp.subscriber.account_id #=> String
|
1597
1683
|
# resp.subscriber.created_at #=> Time
|
1598
|
-
# resp.subscriber.
|
1684
|
+
# resp.subscriber.resource_share_arn #=> String
|
1685
|
+
# resp.subscriber.resource_share_name #=> String
|
1599
1686
|
# resp.subscriber.role_arn #=> String
|
1600
1687
|
# resp.subscriber.s3_bucket_arn #=> String
|
1601
|
-
# resp.subscriber.
|
1602
|
-
# resp.subscriber.
|
1603
|
-
# resp.subscriber.
|
1604
|
-
# resp.subscriber.
|
1688
|
+
# resp.subscriber.sources #=> Array
|
1689
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1690
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1691
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1692
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1693
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1694
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1695
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1696
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1697
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1698
|
+
# resp.subscriber.subscriber_arn #=> String
|
1605
1699
|
# resp.subscriber.subscriber_description #=> String
|
1700
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1701
|
+
# resp.subscriber.subscriber_id #=> String
|
1702
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1703
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1606
1704
|
# resp.subscriber.subscriber_name #=> String
|
1607
|
-
# resp.subscriber.
|
1608
|
-
# resp.subscriber.subscription_id #=> String
|
1609
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1610
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1705
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1611
1706
|
# resp.subscriber.updated_at #=> Time
|
1612
1707
|
#
|
1613
1708
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
|
@@ -1619,58 +1714,48 @@ module Aws::SecurityLake
|
|
1619
1714
|
req.send_request(options)
|
1620
1715
|
end
|
1621
1716
|
|
1622
|
-
#
|
1623
|
-
#
|
1624
|
-
#
|
1625
|
-
# @option params [Boolean] :create_sqs
|
1626
|
-
# Create a new subscription notification for the specified subscription
|
1627
|
-
# ID in Amazon Security Lake.
|
1628
|
-
#
|
1629
|
-
# @option params [String] :https_api_key_name
|
1630
|
-
# The key name for the subscription notification.
|
1631
|
-
#
|
1632
|
-
# @option params [String] :https_api_key_value
|
1633
|
-
# The key value for the subscription notification.
|
1634
|
-
#
|
1635
|
-
# @option params [String] :https_method
|
1636
|
-
# The HTTPS method used for the subscription notification.
|
1717
|
+
# Updates an existing notification method for the subscription (SQS or
|
1718
|
+
# HTTPs endpoint) or switches the notification subscription endpoint for
|
1719
|
+
# a subscriber.
|
1637
1720
|
#
|
1638
|
-
# @option params [
|
1639
|
-
# The
|
1721
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
1722
|
+
# The configuration for subscriber notification.
|
1640
1723
|
#
|
1641
|
-
# @option params [String] :
|
1642
|
-
# The subscription endpoint in Security Lake.
|
1643
|
-
#
|
1644
|
-
# @option params [required, String] :subscription_id
|
1724
|
+
# @option params [required, String] :subscriber_id
|
1645
1725
|
# The subscription ID for which the subscription notification is
|
1646
1726
|
# specified.
|
1647
1727
|
#
|
1648
|
-
# @return [Types::
|
1728
|
+
# @return [Types::UpdateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1649
1729
|
#
|
1650
|
-
# * {Types::
|
1730
|
+
# * {Types::UpdateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
1651
1731
|
#
|
1652
1732
|
# @example Request syntax with placeholder values
|
1653
1733
|
#
|
1654
|
-
# resp = client.
|
1655
|
-
#
|
1656
|
-
#
|
1657
|
-
#
|
1658
|
-
#
|
1659
|
-
#
|
1660
|
-
#
|
1661
|
-
#
|
1734
|
+
# resp = client.update_subscriber_notification({
|
1735
|
+
# configuration: { # required
|
1736
|
+
# https_notification_configuration: {
|
1737
|
+
# authorization_api_key_name: "String",
|
1738
|
+
# authorization_api_key_value: "String",
|
1739
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
1740
|
+
# http_method: "POST", # accepts POST, PUT
|
1741
|
+
# target_role_arn: "RoleArn", # required
|
1742
|
+
# },
|
1743
|
+
# sqs_notification_configuration: {
|
1744
|
+
# },
|
1745
|
+
# },
|
1746
|
+
# subscriber_id: "UUID", # required
|
1662
1747
|
# })
|
1663
1748
|
#
|
1664
1749
|
# @example Response structure
|
1665
1750
|
#
|
1666
|
-
# resp.
|
1751
|
+
# resp.subscriber_endpoint #=> String
|
1667
1752
|
#
|
1668
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1753
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberNotification AWS API Documentation
|
1669
1754
|
#
|
1670
|
-
# @overload
|
1755
|
+
# @overload update_subscriber_notification(params = {})
|
1671
1756
|
# @param [Hash] params ({})
|
1672
|
-
def
|
1673
|
-
req = build_request(:
|
1757
|
+
def update_subscriber_notification(params = {}, options = {})
|
1758
|
+
req = build_request(:update_subscriber_notification, params)
|
1674
1759
|
req.send_request(options)
|
1675
1760
|
end
|
1676
1761
|
|
@@ -1687,7 +1772,7 @@ module Aws::SecurityLake
|
|
1687
1772
|
params: params,
|
1688
1773
|
config: config)
|
1689
1774
|
context[:gem_name] = 'aws-sdk-securitylake'
|
1690
|
-
context[:gem_version] = '1.
|
1775
|
+
context[:gem_version] = '1.4.0'
|
1691
1776
|
Seahorse::Client::Request.new(handlers, context)
|
1692
1777
|
end
|
1693
1778
|
|