aws-sdk-securitylake 1.3.0 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securitylake/client.rb +735 -665
- data/lib/aws-sdk-securitylake/client_api.rb +577 -614
- data/lib/aws-sdk-securitylake/endpoints.rb +19 -47
- data/lib/aws-sdk-securitylake/errors.rb +7 -190
- data/lib/aws-sdk-securitylake/plugins/endpoints.rb +36 -40
- data/lib/aws-sdk-securitylake/types.rb +1046 -1018
- data/lib/aws-sdk-securitylake.rb +1 -1
- metadata +4 -4
@@ -275,6 +275,11 @@ module Aws::SecurityLake
|
|
275
275
|
# in the future.
|
276
276
|
#
|
277
277
|
#
|
278
|
+
# @option options [String] :sdk_ua_app_id
|
279
|
+
# A unique and opaque application ID that is appended to the
|
280
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
281
|
+
# maximum length of 50.
|
282
|
+
#
|
278
283
|
# @option options [String] :secret_access_key
|
279
284
|
#
|
280
285
|
# @option options [String] :session_token
|
@@ -372,64 +377,39 @@ module Aws::SecurityLake
|
|
372
377
|
# Lake source. Enables source types for member accounts in required
|
373
378
|
# Amazon Web Services Regions, based on the parameters you specify. You
|
374
379
|
# can choose any source type in any Region for either accounts that are
|
375
|
-
# part of a trusted organization or standalone accounts.
|
376
|
-
#
|
377
|
-
#
|
378
|
-
#
|
379
|
-
# By default, a dimension refers to the entire set. When you don't
|
380
|
-
# provide a dimension, Security Lake assumes that the missing dimension
|
381
|
-
# refers to the entire set. This is overridden when you supply any one
|
382
|
-
# of the inputs. For instance, when you do not specify members, the API
|
383
|
-
# enables all Security Lake member accounts for all sources. Similarly,
|
384
|
-
# when you do not specify Regions, Security Lake is enabled for all the
|
385
|
-
# Regions where Security Lake is available as a service.
|
380
|
+
# part of a trusted organization or standalone accounts. Once you add an
|
381
|
+
# Amazon Web Service as a source, Security Lake starts collecting logs
|
382
|
+
# and events from it,
|
386
383
|
#
|
387
384
|
# You can use this API only to enable natively supported Amazon Web
|
388
385
|
# Services as a source. Use `CreateCustomLogSource` to enable data
|
389
386
|
# collection from a custom source.
|
390
387
|
#
|
391
|
-
# @option params [
|
392
|
-
#
|
393
|
-
#
|
394
|
-
#
|
395
|
-
# @option params [Array<String>] :enable_single_dimension
|
396
|
-
# Enables data collection from all Amazon Web Services sources in
|
397
|
-
# specific accounts or Regions.
|
398
|
-
#
|
399
|
-
# @option params [Hash<String,Array>] :enable_two_dimensions
|
400
|
-
# Enables data collection from specific Amazon Web Services sources in
|
401
|
-
# specific accounts or Regions.
|
402
|
-
#
|
403
|
-
# @option params [required, Array<String>] :input_order
|
404
|
-
# Specifies the input order to enable dimensions in Security Lake,
|
405
|
-
# namely Region, source type, and member account.
|
388
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
389
|
+
# Specify the natively-supported Amazon Web Services service to add as a
|
390
|
+
# source in Security Lake.
|
406
391
|
#
|
407
392
|
# @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
408
393
|
#
|
409
394
|
# * {Types::CreateAwsLogSourceResponse#failed #failed} => Array<String>
|
410
|
-
# * {Types::CreateAwsLogSourceResponse#processing #processing} => Array<String>
|
411
395
|
#
|
412
396
|
# @example Request syntax with placeholder values
|
413
397
|
#
|
414
398
|
# resp = client.create_aws_log_source({
|
415
|
-
#
|
416
|
-
#
|
417
|
-
#
|
399
|
+
# sources: [ # required
|
400
|
+
# {
|
401
|
+
# accounts: ["AwsAccountId"],
|
402
|
+
# regions: ["Region"], # required
|
403
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
404
|
+
# source_version: "AwsLogSourceVersion",
|
418
405
|
# },
|
419
|
-
#
|
420
|
-
# enable_single_dimension: ["SafeString"],
|
421
|
-
# enable_two_dimensions: {
|
422
|
-
# "String" => ["String"],
|
423
|
-
# },
|
424
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
406
|
+
# ],
|
425
407
|
# })
|
426
408
|
#
|
427
409
|
# @example Response structure
|
428
410
|
#
|
429
411
|
# resp.failed #=> Array
|
430
412
|
# resp.failed[0] #=> String
|
431
|
-
# resp.processing #=> Array
|
432
|
-
# resp.processing[0] #=> String
|
433
413
|
#
|
434
414
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
|
435
415
|
#
|
@@ -447,54 +427,113 @@ module Aws::SecurityLake
|
|
447
427
|
# crawler, use this API to add a custom source name in Security Lake.
|
448
428
|
# This operation creates a partition in the Amazon S3 bucket for
|
449
429
|
# Security Lake as the target location for log files from the custom
|
450
|
-
# source
|
430
|
+
# source. In addition, this operation also creates an associated Glue
|
431
|
+
# table and an Glue crawler.
|
451
432
|
#
|
452
|
-
# @option params [
|
453
|
-
# The
|
454
|
-
# unique value.
|
433
|
+
# @option params [Types::CustomLogSourceConfiguration] :configuration
|
434
|
+
# The configuration for the third-party custom source.
|
455
435
|
#
|
456
|
-
# @option params [
|
457
|
-
# The Open Cybersecurity Schema Framework (OCSF) event
|
436
|
+
# @option params [Array<String>] :event_classes
|
437
|
+
# The Open Cybersecurity Schema Framework (OCSF) event classes which
|
458
438
|
# describes the type of data that the custom source will send to
|
459
|
-
# Security Lake.
|
439
|
+
# Security Lake. The supported event classes are:
|
440
|
+
#
|
441
|
+
# * `ACCESS_ACTIVITY`
|
442
|
+
#
|
443
|
+
# * `FILE_ACTIVITY`
|
444
|
+
#
|
445
|
+
# * `KERNEL_ACTIVITY`
|
446
|
+
#
|
447
|
+
# * `KERNEL_EXTENSION`
|
448
|
+
#
|
449
|
+
# * `MEMORY_ACTIVITY`
|
450
|
+
#
|
451
|
+
# * `MODULE_ACTIVITY`
|
452
|
+
#
|
453
|
+
# * `PROCESS_ACTIVITY`
|
454
|
+
#
|
455
|
+
# * `REGISTRY_KEY_ACTIVITY`
|
456
|
+
#
|
457
|
+
# * `REGISTRY_VALUE_ACTIVITY`
|
458
|
+
#
|
459
|
+
# * `RESOURCE_ACTIVITY`
|
460
|
+
#
|
461
|
+
# * `SCHEDULED_JOB_ACTIVITY`
|
460
462
|
#
|
461
|
-
#
|
462
|
-
# The Amazon Resource Name (ARN) of the Identity and Access Management
|
463
|
-
# (IAM) role to be used by the Glue crawler. The recommended IAM
|
464
|
-
# policies are:
|
463
|
+
# * `SECURITY_FINDING`
|
465
464
|
#
|
466
|
-
# *
|
465
|
+
# * `ACCOUNT_CHANGE`
|
467
466
|
#
|
468
|
-
# *
|
467
|
+
# * `AUTHENTICATION`
|
469
468
|
#
|
470
|
-
#
|
471
|
-
#
|
472
|
-
#
|
469
|
+
# * `AUTHORIZATION`
|
470
|
+
#
|
471
|
+
# * `ENTITY_MANAGEMENT_AUDIT`
|
472
|
+
#
|
473
|
+
# * `DHCP_ACTIVITY`
|
474
|
+
#
|
475
|
+
# * `NETWORK_ACTIVITY`
|
476
|
+
#
|
477
|
+
# * `DNS_ACTIVITY`
|
478
|
+
#
|
479
|
+
# * `FTP_ACTIVITY`
|
480
|
+
#
|
481
|
+
# * `HTTP_ACTIVITY`
|
482
|
+
#
|
483
|
+
# * `RDP_ACTIVITY`
|
484
|
+
#
|
485
|
+
# * `SMB_ACTIVITY`
|
486
|
+
#
|
487
|
+
# * `SSH_ACTIVITY`
|
488
|
+
#
|
489
|
+
# * `CONFIG_STATE`
|
490
|
+
#
|
491
|
+
# * `INVENTORY_INFO`
|
492
|
+
#
|
493
|
+
# * `EMAIL_ACTIVITY`
|
494
|
+
#
|
495
|
+
# * `API_ACTIVITY`
|
496
|
+
#
|
497
|
+
# * `CLOUD_API`
|
498
|
+
#
|
499
|
+
# @option params [required, String] :source_name
|
500
|
+
# Specify the name for a third-party custom source. This must be a
|
501
|
+
# Regionally unique value.
|
502
|
+
#
|
503
|
+
# @option params [String] :source_version
|
504
|
+
# Specify the source version for the third-party custom source, to limit
|
505
|
+
# log collection to a specific version of custom data source.
|
473
506
|
#
|
474
507
|
# @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
475
508
|
#
|
476
|
-
# * {Types::CreateCustomLogSourceResponse#
|
477
|
-
# * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
|
478
|
-
# * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
|
479
|
-
# * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
|
480
|
-
# * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
|
509
|
+
# * {Types::CreateCustomLogSourceResponse#source #source} => Types::CustomLogSourceResource
|
481
510
|
#
|
482
511
|
# @example Request syntax with placeholder values
|
483
512
|
#
|
484
513
|
# resp = client.create_custom_log_source({
|
485
|
-
#
|
486
|
-
#
|
487
|
-
#
|
488
|
-
#
|
514
|
+
# configuration: {
|
515
|
+
# crawler_configuration: { # required
|
516
|
+
# role_arn: "RoleArn", # required
|
517
|
+
# },
|
518
|
+
# provider_identity: { # required
|
519
|
+
# external_id: "ExternalId", # required
|
520
|
+
# principal: "AwsPrincipal", # required
|
521
|
+
# },
|
522
|
+
# },
|
523
|
+
# event_classes: ["OcsfEventClass"],
|
524
|
+
# source_name: "CustomLogSourceName", # required
|
525
|
+
# source_version: "CustomLogSourceVersion",
|
489
526
|
# })
|
490
527
|
#
|
491
528
|
# @example Response structure
|
492
529
|
#
|
493
|
-
# resp.
|
494
|
-
# resp.
|
495
|
-
# resp.
|
496
|
-
# resp.
|
497
|
-
# resp.
|
530
|
+
# resp.source.attributes.crawler_arn #=> String
|
531
|
+
# resp.source.attributes.database_arn #=> String
|
532
|
+
# resp.source.attributes.table_arn #=> String
|
533
|
+
# resp.source.provider.location #=> String
|
534
|
+
# resp.source.provider.role_arn #=> String
|
535
|
+
# resp.source.source_name #=> String
|
536
|
+
# resp.source.source_version #=> String
|
498
537
|
#
|
499
538
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
|
500
539
|
#
|
@@ -508,15 +547,14 @@ module Aws::SecurityLake
|
|
508
547
|
# Initializes an Amazon Security Lake instance with the provided (or
|
509
548
|
# default) configuration. You can enable Security Lake in Amazon Web
|
510
549
|
# Services Regions with customized settings before enabling log
|
511
|
-
# collection in Regions.
|
512
|
-
#
|
513
|
-
#
|
514
|
-
#
|
515
|
-
#
|
516
|
-
#
|
517
|
-
#
|
518
|
-
#
|
519
|
-
# data lake in the Region with the specified configurations.
|
550
|
+
# collection in Regions. By default, the `CreateDataLake` Security Lake
|
551
|
+
# in all Regions. To specify particular Regions, configure these Regions
|
552
|
+
# using the `configurations` parameter. If you have already enabled
|
553
|
+
# Security Lake in a Region when you call this command, the command will
|
554
|
+
# update the Region if you provide new configuration parameters. If you
|
555
|
+
# have not already enabled Security Lake in the Region when you call
|
556
|
+
# this API, it will set up the data lake in the Region with the
|
557
|
+
# specified configurations.
|
520
558
|
#
|
521
559
|
# When you enable Security Lake, it starts ingesting security data after
|
522
560
|
# the `CreateAwsLogSource` call. This includes ingesting security data
|
@@ -530,145 +568,141 @@ module Aws::SecurityLake
|
|
530
568
|
#
|
531
569
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html
|
532
570
|
#
|
533
|
-
# @option params [
|
571
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
534
572
|
# Specify the Region or Regions that will contribute data to the rollup
|
535
573
|
# region.
|
536
574
|
#
|
537
|
-
# @option params [
|
538
|
-
# Enable Security Lake in all Regions.
|
539
|
-
#
|
540
|
-
# @option params [String] :meta_store_manager_role_arn
|
575
|
+
# @option params [required, String] :meta_store_manager_role_arn
|
541
576
|
# The Amazon Resource Name (ARN) used to create and update the Glue
|
542
577
|
# table. This table contains partitions generated by the ingestion and
|
543
578
|
# normalization of Amazon Web Services log sources and custom sources.
|
544
579
|
#
|
545
|
-
# @
|
546
|
-
# Enable Security Lake in the specified Regions. To enable Security Lake
|
547
|
-
# in specific Amazon Web Services Regions, such as us-east-1 or
|
548
|
-
# ap-northeast-3, provide the Region codes. For a list of Region codes,
|
549
|
-
# see [Amazon Security Lake endpoints][1] in the Amazon Web Services
|
550
|
-
# General Reference.
|
551
|
-
#
|
552
|
-
#
|
553
|
-
#
|
554
|
-
# [1]: https://docs.aws.amazon.com/general/latest/gr/securitylake.html
|
580
|
+
# @return [Types::CreateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
555
581
|
#
|
556
|
-
#
|
582
|
+
# * {Types::CreateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
557
583
|
#
|
558
584
|
# @example Request syntax with placeholder values
|
559
585
|
#
|
560
|
-
# resp = client.
|
561
|
-
# configurations:
|
562
|
-
#
|
563
|
-
#
|
564
|
-
#
|
565
|
-
#
|
566
|
-
#
|
567
|
-
# {
|
568
|
-
#
|
569
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
586
|
+
# resp = client.create_data_lake({
|
587
|
+
# configurations: [ # required
|
588
|
+
# {
|
589
|
+
# encryption_configuration: {
|
590
|
+
# kms_key_id: "String",
|
591
|
+
# },
|
592
|
+
# lifecycle_configuration: {
|
593
|
+
# expiration: {
|
594
|
+
# days: 1,
|
570
595
|
# },
|
571
|
-
#
|
572
|
-
#
|
573
|
-
#
|
596
|
+
# transitions: [
|
597
|
+
# {
|
598
|
+
# days: 1,
|
599
|
+
# storage_class: "DataLakeStorageClass",
|
600
|
+
# },
|
601
|
+
# ],
|
602
|
+
# },
|
603
|
+
# region: "Region", # required
|
604
|
+
# replication_configuration: {
|
605
|
+
# regions: ["Region"],
|
606
|
+
# role_arn: "RoleArn",
|
574
607
|
# },
|
575
608
|
# },
|
576
|
-
#
|
577
|
-
#
|
578
|
-
# meta_store_manager_role_arn: "RoleArn",
|
579
|
-
# regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
609
|
+
# ],
|
610
|
+
# meta_store_manager_role_arn: "RoleArn", # required
|
580
611
|
# })
|
581
612
|
#
|
582
|
-
# @
|
613
|
+
# @example Response structure
|
583
614
|
#
|
584
|
-
#
|
615
|
+
# resp.data_lakes #=> Array
|
616
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
617
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
618
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
619
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
620
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
621
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
622
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
623
|
+
# resp.data_lakes[0].region #=> String
|
624
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
625
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
626
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
627
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
628
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
629
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
630
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
631
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
632
|
+
#
|
633
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLake AWS API Documentation
|
634
|
+
#
|
635
|
+
# @overload create_data_lake(params = {})
|
585
636
|
# @param [Hash] params ({})
|
586
|
-
def
|
587
|
-
req = build_request(:
|
637
|
+
def create_data_lake(params = {}, options = {})
|
638
|
+
req = build_request(:create_data_lake, params)
|
588
639
|
req.send_request(options)
|
589
640
|
end
|
590
641
|
|
591
|
-
#
|
592
|
-
#
|
593
|
-
# existing member accounts in your organization.
|
594
|
-
#
|
595
|
-
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
|
596
|
-
# Enable Security Lake with the specified configuration settings to
|
597
|
-
# begin collecting security data for new accounts in your organization.
|
598
|
-
#
|
599
|
-
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
600
|
-
#
|
601
|
-
# @example Request syntax with placeholder values
|
602
|
-
#
|
603
|
-
# resp = client.create_datalake_auto_enable({
|
604
|
-
# configuration_for_new_accounts: [ # required
|
605
|
-
# {
|
606
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
607
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
608
|
-
# },
|
609
|
-
# ],
|
610
|
-
# })
|
642
|
+
# Creates the specified notification subscription in Amazon Security
|
643
|
+
# Lake for the organization you specify.
|
611
644
|
#
|
612
|
-
# @
|
645
|
+
# @option params [Integer] :exception_time_to_live
|
646
|
+
# The expiration period and time-to-live (TTL).
|
613
647
|
#
|
614
|
-
# @
|
615
|
-
#
|
616
|
-
|
617
|
-
req = build_request(:create_datalake_auto_enable, params)
|
618
|
-
req.send_request(options)
|
619
|
-
end
|
620
|
-
|
621
|
-
# Designates the Amazon Security Lake delegated administrator account
|
622
|
-
# for the organization. This API can only be called by the organization
|
623
|
-
# management account. The organization management account cannot be the
|
624
|
-
# delegated administrator account.
|
648
|
+
# @option params [required, String] :notification_endpoint
|
649
|
+
# The Amazon Web Services account where you want to receive exception
|
650
|
+
# notifications.
|
625
651
|
#
|
626
|
-
# @option params [required, String] :
|
627
|
-
# The
|
628
|
-
# administrator.
|
652
|
+
# @option params [required, String] :subscription_protocol
|
653
|
+
# The subscription protocol to which exception notifications are posted.
|
629
654
|
#
|
630
655
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
631
656
|
#
|
632
657
|
# @example Request syntax with placeholder values
|
633
658
|
#
|
634
|
-
# resp = client.
|
635
|
-
#
|
659
|
+
# resp = client.create_data_lake_exception_subscription({
|
660
|
+
# exception_time_to_live: 1,
|
661
|
+
# notification_endpoint: "SafeString", # required
|
662
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
636
663
|
# })
|
637
664
|
#
|
638
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
665
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeExceptionSubscription AWS API Documentation
|
639
666
|
#
|
640
|
-
# @overload
|
667
|
+
# @overload create_data_lake_exception_subscription(params = {})
|
641
668
|
# @param [Hash] params ({})
|
642
|
-
def
|
643
|
-
req = build_request(:
|
669
|
+
def create_data_lake_exception_subscription(params = {}, options = {})
|
670
|
+
req = build_request(:create_data_lake_exception_subscription, params)
|
644
671
|
req.send_request(options)
|
645
672
|
end
|
646
673
|
|
647
|
-
#
|
648
|
-
# Lake
|
649
|
-
#
|
650
|
-
# @option params [required, String] :notification_endpoint
|
651
|
-
# The Amazon Web Services account where you want to receive exception
|
652
|
-
# notifications.
|
674
|
+
# Automatically enables Amazon Security Lake for new member accounts in
|
675
|
+
# your organization. Security Lake is not automatically enabled for any
|
676
|
+
# existing member accounts in your organization.
|
653
677
|
#
|
654
|
-
# @option params [required,
|
655
|
-
#
|
678
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
679
|
+
# Enable Security Lake with the specified configuration settings, to
|
680
|
+
# begin collecting security data for new accounts in your organization.
|
656
681
|
#
|
657
682
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
658
683
|
#
|
659
684
|
# @example Request syntax with placeholder values
|
660
685
|
#
|
661
|
-
# resp = client.
|
662
|
-
#
|
663
|
-
#
|
686
|
+
# resp = client.create_data_lake_organization_configuration({
|
687
|
+
# auto_enable_new_account: [ # required
|
688
|
+
# {
|
689
|
+
# region: "Region", # required
|
690
|
+
# sources: [ # required
|
691
|
+
# {
|
692
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
693
|
+
# source_version: "AwsLogSourceVersion",
|
694
|
+
# },
|
695
|
+
# ],
|
696
|
+
# },
|
697
|
+
# ],
|
664
698
|
# })
|
665
699
|
#
|
666
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
700
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeOrganizationConfiguration AWS API Documentation
|
667
701
|
#
|
668
|
-
# @overload
|
702
|
+
# @overload create_data_lake_organization_configuration(params = {})
|
669
703
|
# @param [Hash] params ({})
|
670
|
-
def
|
671
|
-
req = build_request(:
|
704
|
+
def create_data_lake_organization_configuration(params = {}, options = {})
|
705
|
+
req = build_request(:create_data_lake_organization_configuration, params)
|
672
706
|
req.send_request(options)
|
673
707
|
end
|
674
708
|
|
@@ -679,16 +713,7 @@ module Aws::SecurityLake
|
|
679
713
|
# @option params [Array<String>] :access_types
|
680
714
|
# The Amazon S3 or Lake Formation access type.
|
681
715
|
#
|
682
|
-
# @option params [required,
|
683
|
-
# The Amazon Web Services account ID used to access your data.
|
684
|
-
#
|
685
|
-
# @option params [required, String] :external_id
|
686
|
-
# The external ID of the subscriber. This lets the user that is assuming
|
687
|
-
# the role assert the circumstances in which they are operating. It also
|
688
|
-
# provides a way for the account owner to permit the role to be assumed
|
689
|
-
# only under specific circumstances.
|
690
|
-
#
|
691
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
716
|
+
# @option params [required, Array<Types::LogSourceResource>] :sources
|
692
717
|
# The supported Amazon Web Services from which logs and events are
|
693
718
|
# collected. Security Lake supports log and event collection for
|
694
719
|
# natively supported Amazon Web Services.
|
@@ -696,42 +721,77 @@ module Aws::SecurityLake
|
|
696
721
|
# @option params [String] :subscriber_description
|
697
722
|
# The description for your subscriber account in Security Lake.
|
698
723
|
#
|
724
|
+
# @option params [required, Types::AwsIdentity] :subscriber_identity
|
725
|
+
# The AWS identity used to access your data.
|
726
|
+
#
|
699
727
|
# @option params [required, String] :subscriber_name
|
700
728
|
# The name of your Security Lake subscriber account.
|
701
729
|
#
|
702
730
|
# @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
703
731
|
#
|
704
|
-
# * {Types::CreateSubscriberResponse#
|
705
|
-
# * {Types::CreateSubscriberResponse#resource_share_name #resource_share_name} => String
|
706
|
-
# * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
|
707
|
-
# * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
|
708
|
-
# * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
|
709
|
-
# * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
|
732
|
+
# * {Types::CreateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
710
733
|
#
|
711
734
|
# @example Request syntax with placeholder values
|
712
735
|
#
|
713
736
|
# resp = client.create_subscriber({
|
714
737
|
# access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
|
715
|
-
#
|
716
|
-
# external_id: "SafeString", # required
|
717
|
-
# source_types: [ # required
|
738
|
+
# sources: [ # required
|
718
739
|
# {
|
719
|
-
#
|
720
|
-
#
|
740
|
+
# aws_log_source: {
|
741
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
742
|
+
# source_version: "AwsLogSourceVersion",
|
743
|
+
# },
|
744
|
+
# custom_log_source: {
|
745
|
+
# attributes: {
|
746
|
+
# crawler_arn: "AmazonResourceName",
|
747
|
+
# database_arn: "AmazonResourceName",
|
748
|
+
# table_arn: "AmazonResourceName",
|
749
|
+
# },
|
750
|
+
# provider: {
|
751
|
+
# location: "S3URI",
|
752
|
+
# role_arn: "RoleArn",
|
753
|
+
# },
|
754
|
+
# source_name: "CustomLogSourceName",
|
755
|
+
# source_version: "CustomLogSourceVersion",
|
756
|
+
# },
|
721
757
|
# },
|
722
758
|
# ],
|
723
759
|
# subscriber_description: "DescriptionString",
|
760
|
+
# subscriber_identity: { # required
|
761
|
+
# external_id: "ExternalId", # required
|
762
|
+
# principal: "AwsPrincipal", # required
|
763
|
+
# },
|
724
764
|
# subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
|
725
765
|
# })
|
726
766
|
#
|
727
767
|
# @example Response structure
|
728
768
|
#
|
729
|
-
# resp.
|
730
|
-
# resp.
|
731
|
-
# resp.
|
732
|
-
# resp.
|
733
|
-
# resp.
|
734
|
-
# resp.
|
769
|
+
# resp.subscriber.access_types #=> Array
|
770
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
771
|
+
# resp.subscriber.created_at #=> Time
|
772
|
+
# resp.subscriber.resource_share_arn #=> String
|
773
|
+
# resp.subscriber.resource_share_name #=> String
|
774
|
+
# resp.subscriber.role_arn #=> String
|
775
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
776
|
+
# resp.subscriber.sources #=> Array
|
777
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
778
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
779
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
780
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
781
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
782
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
783
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
784
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
785
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
786
|
+
# resp.subscriber.subscriber_arn #=> String
|
787
|
+
# resp.subscriber.subscriber_description #=> String
|
788
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
789
|
+
# resp.subscriber.subscriber_id #=> String
|
790
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
791
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
792
|
+
# resp.subscriber.subscriber_name #=> String
|
793
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
794
|
+
# resp.subscriber.updated_at #=> Time
|
735
795
|
#
|
736
796
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
|
737
797
|
#
|
@@ -746,133 +806,84 @@ module Aws::SecurityLake
|
|
746
806
|
# the sources that the subscriber consumes in Security Lake. You can
|
747
807
|
# create only one subscriber notification per subscriber.
|
748
808
|
#
|
749
|
-
# @option params [
|
750
|
-
#
|
751
|
-
#
|
752
|
-
# @option params [String] :https_api_key_name
|
753
|
-
# The key name for the notification subscription.
|
754
|
-
#
|
755
|
-
# @option params [String] :https_api_key_value
|
756
|
-
# The key value for the notification subscription.
|
809
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
810
|
+
# Specify the configuration using which you want to create the
|
811
|
+
# subscriber notification.
|
757
812
|
#
|
758
|
-
# @option params [String] :
|
759
|
-
# The
|
813
|
+
# @option params [required, String] :subscriber_id
|
814
|
+
# The subscriber ID for the notification subscription.
|
760
815
|
#
|
761
|
-
# @
|
762
|
-
# The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
|
763
|
-
# role that you created. For more information about ARNs and how to use
|
764
|
-
# them in policies, see [Managing data access][1] and [Amazon Web
|
765
|
-
# Services Managed Policies][2] in the Amazon Security Lake User Guide.
|
816
|
+
# @return [Types::CreateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
766
817
|
#
|
767
|
-
#
|
768
|
-
#
|
769
|
-
# [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
|
770
|
-
# [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
|
771
|
-
#
|
772
|
-
# @option params [String] :subscription_endpoint
|
773
|
-
# The subscription endpoint in Security Lake. If you prefer notification
|
774
|
-
# with an HTTPs endpoint, populate this field.
|
775
|
-
#
|
776
|
-
# @option params [required, String] :subscription_id
|
777
|
-
# The subscription ID for the notification subscription.
|
778
|
-
#
|
779
|
-
# @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
780
|
-
#
|
781
|
-
# * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
818
|
+
# * {Types::CreateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
782
819
|
#
|
783
820
|
# @example Request syntax with placeholder values
|
784
821
|
#
|
785
|
-
# resp = client.
|
786
|
-
#
|
787
|
-
#
|
788
|
-
#
|
789
|
-
#
|
790
|
-
#
|
791
|
-
#
|
792
|
-
#
|
822
|
+
# resp = client.create_subscriber_notification({
|
823
|
+
# configuration: { # required
|
824
|
+
# https_notification_configuration: {
|
825
|
+
# authorization_api_key_name: "String",
|
826
|
+
# authorization_api_key_value: "String",
|
827
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
828
|
+
# http_method: "POST", # accepts POST, PUT
|
829
|
+
# target_role_arn: "RoleArn", # required
|
830
|
+
# },
|
831
|
+
# sqs_notification_configuration: {
|
832
|
+
# },
|
833
|
+
# },
|
834
|
+
# subscriber_id: "UUID", # required
|
793
835
|
# })
|
794
836
|
#
|
795
837
|
# @example Response structure
|
796
838
|
#
|
797
|
-
# resp.
|
839
|
+
# resp.subscriber_endpoint #=> String
|
798
840
|
#
|
799
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
841
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberNotification AWS API Documentation
|
800
842
|
#
|
801
|
-
# @overload
|
843
|
+
# @overload create_subscriber_notification(params = {})
|
802
844
|
# @param [Hash] params ({})
|
803
|
-
def
|
804
|
-
req = build_request(:
|
845
|
+
def create_subscriber_notification(params = {}, options = {})
|
846
|
+
req = build_request(:create_subscriber_notification, params)
|
805
847
|
req.send_request(options)
|
806
848
|
end
|
807
849
|
|
808
850
|
# Removes a natively supported Amazon Web Service as an Amazon Security
|
809
|
-
# Lake source.
|
810
|
-
#
|
811
|
-
#
|
812
|
-
#
|
851
|
+
# Lake source. You can remove a source for one or more Regions. When you
|
852
|
+
# remove the source, Security Lake stops collecting data from that
|
853
|
+
# source in the specified Regions and accounts, and subscribers can no
|
854
|
+
# longer consume new data from the source. However, subscribers can
|
855
|
+
# still consume data that Security Lake collected from the source before
|
856
|
+
# removal.
|
813
857
|
#
|
814
858
|
# You can choose any source type in any Amazon Web Services Region for
|
815
859
|
# either accounts that are part of a trusted organization or standalone
|
816
|
-
# accounts.
|
817
|
-
#
|
818
|
-
#
|
819
|
-
#
|
820
|
-
#
|
821
|
-
# when you supply any one of the inputs. For instance, when you do not
|
822
|
-
# specify members, the API disables all Security Lake member accounts
|
823
|
-
# for sources. Similarly, when you do not specify Regions, Security Lake
|
824
|
-
# is disabled for all the Regions where Security Lake is available as a
|
825
|
-
# service.
|
826
|
-
#
|
827
|
-
# When you don't provide a dimension, Security Lake assumes that the
|
828
|
-
# missing dimension refers to the entire set. For example, if you don't
|
829
|
-
# provide specific accounts, the API applies to the entire set of
|
830
|
-
# accounts in your organization.
|
831
|
-
#
|
832
|
-
# @option params [Hash<String,Hash>] :disable_all_dimensions
|
833
|
-
# Removes the specific Amazon Web Services sources from specific
|
834
|
-
# accounts and specific Regions.
|
835
|
-
#
|
836
|
-
# @option params [Array<String>] :disable_single_dimension
|
837
|
-
# Removes all Amazon Web Services sources from specific accounts or
|
838
|
-
# Regions.
|
839
|
-
#
|
840
|
-
# @option params [Hash<String,Array>] :disable_two_dimensions
|
841
|
-
# Remove a specific Amazon Web Services source from specific accounts or
|
842
|
-
# Regions.
|
843
|
-
#
|
844
|
-
# @option params [required, Array<String>] :input_order
|
845
|
-
# This is a mandatory input. Specify the input order to disable
|
846
|
-
# dimensions in Security Lake, namely Region (Amazon Web Services Region
|
847
|
-
# code, source type, and member (account ID of a specific Amazon Web
|
848
|
-
# Services account).
|
860
|
+
# accounts.
|
861
|
+
#
|
862
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
863
|
+
# Specify the natively-supported Amazon Web Services service to remove
|
864
|
+
# as a source in Security Lake.
|
849
865
|
#
|
850
866
|
# @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
851
867
|
#
|
852
868
|
# * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array<String>
|
853
|
-
# * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array<String>
|
854
869
|
#
|
855
870
|
# @example Request syntax with placeholder values
|
856
871
|
#
|
857
872
|
# resp = client.delete_aws_log_source({
|
858
|
-
#
|
859
|
-
#
|
860
|
-
#
|
873
|
+
# sources: [ # required
|
874
|
+
# {
|
875
|
+
# accounts: ["AwsAccountId"],
|
876
|
+
# regions: ["Region"], # required
|
877
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
878
|
+
# source_version: "AwsLogSourceVersion",
|
861
879
|
# },
|
862
|
-
#
|
863
|
-
# disable_single_dimension: ["SafeString"],
|
864
|
-
# disable_two_dimensions: {
|
865
|
-
# "String" => ["String"],
|
866
|
-
# },
|
867
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
880
|
+
# ],
|
868
881
|
# })
|
869
882
|
#
|
870
883
|
# @example Response structure
|
871
884
|
#
|
872
885
|
# resp.failed #=> Array
|
873
886
|
# resp.failed[0] #=> String
|
874
|
-
# resp.processing #=> Array
|
875
|
-
# resp.processing[0] #=> String
|
876
887
|
#
|
877
888
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
|
878
889
|
#
|
@@ -883,25 +894,25 @@ module Aws::SecurityLake
|
|
883
894
|
req.send_request(options)
|
884
895
|
end
|
885
896
|
|
886
|
-
# Removes a custom log source from Amazon Security Lake
|
897
|
+
# Removes a custom log source from Amazon Security Lake, to stop sending
|
898
|
+
# data from the custom source to Security Lake.
|
887
899
|
#
|
888
|
-
# @option params [required, String] :
|
889
|
-
# The
|
900
|
+
# @option params [required, String] :source_name
|
901
|
+
# The source name of custom log source that you want to delete.
|
890
902
|
#
|
891
|
-
# @
|
903
|
+
# @option params [String] :source_version
|
904
|
+
# The source version for the third-party custom source. You can limit
|
905
|
+
# the custom source removal to the specified source version.
|
892
906
|
#
|
893
|
-
#
|
907
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
894
908
|
#
|
895
909
|
# @example Request syntax with placeholder values
|
896
910
|
#
|
897
911
|
# resp = client.delete_custom_log_source({
|
898
|
-
#
|
912
|
+
# source_name: "CustomLogSourceName", # required
|
913
|
+
# source_version: "CustomLogSourceVersion",
|
899
914
|
# })
|
900
915
|
#
|
901
|
-
# @example Response structure
|
902
|
-
#
|
903
|
-
# resp.custom_data_location #=> String
|
904
|
-
#
|
905
916
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
|
906
917
|
#
|
907
918
|
# @overload delete_custom_log_source(params = {})
|
@@ -911,117 +922,103 @@ module Aws::SecurityLake
|
|
911
922
|
req.send_request(options)
|
912
923
|
end
|
913
924
|
|
914
|
-
# When you
|
915
|
-
# is disabled in all Amazon Web Services Regions
|
916
|
-
#
|
925
|
+
# When you disable Amazon Security Lake from your account, Security Lake
|
926
|
+
# is disabled in all Amazon Web Services Regions and it stops collecting
|
927
|
+
# data from your sources. Also, this API automatically takes steps to
|
928
|
+
# remove the account from Security Lake. However, Security Lake retains
|
929
|
+
# all of your existing settings and the resources that it created in
|
930
|
+
# your Amazon Web Services account in the current Amazon Web Services
|
931
|
+
# Region.
|
917
932
|
#
|
918
|
-
#
|
919
|
-
#
|
920
|
-
#
|
921
|
-
#
|
922
|
-
# current Region, including security log and event data. The
|
923
|
-
# `DeleteDatalake` operation does not delete the Amazon S3 bucket, which
|
924
|
-
# is owned by your Amazon Web Services account. For more information,
|
925
|
-
# see the [Amazon Security Lake User Guide][1].
|
933
|
+
# The `DeleteDataLake` operation does not delete the data that is stored
|
934
|
+
# in your Amazon S3 bucket, which is owned by your Amazon Web Services
|
935
|
+
# account. For more information, see the [Amazon Security Lake User
|
936
|
+
# Guide][1].
|
926
937
|
#
|
927
938
|
#
|
928
939
|
#
|
929
940
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html
|
930
941
|
#
|
931
|
-
# @
|
932
|
-
#
|
933
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
|
934
|
-
#
|
935
|
-
# @overload delete_datalake(params = {})
|
936
|
-
# @param [Hash] params ({})
|
937
|
-
def delete_datalake(params = {}, options = {})
|
938
|
-
req = build_request(:delete_datalake, params)
|
939
|
-
req.send_request(options)
|
940
|
-
end
|
941
|
-
|
942
|
-
# `DeleteDatalakeAutoEnable` removes automatic enablement of
|
943
|
-
# configuration settings for new member accounts (but keeps settings for
|
944
|
-
# the delegated administrator) from Amazon Security Lake. You must run
|
945
|
-
# this API using credentials of the delegated administrator. When you
|
946
|
-
# run this API, new member accounts that are added after the
|
947
|
-
# organization enables Security Lake won't contribute to the data lake.
|
948
|
-
#
|
949
|
-
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
|
950
|
-
# Remove automatic enablement of configuration settings for new member
|
951
|
-
# accounts in Security Lake.
|
942
|
+
# @option params [required, Array<String>] :regions
|
943
|
+
# The list of Regions where Security Lake is enabled.
|
952
944
|
#
|
953
945
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
954
946
|
#
|
955
947
|
# @example Request syntax with placeholder values
|
956
948
|
#
|
957
|
-
# resp = client.
|
958
|
-
#
|
959
|
-
# {
|
960
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
961
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
962
|
-
# },
|
963
|
-
# ],
|
949
|
+
# resp = client.delete_data_lake({
|
950
|
+
# regions: ["Region"], # required
|
964
951
|
# })
|
965
952
|
#
|
966
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
953
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLake AWS API Documentation
|
967
954
|
#
|
968
|
-
# @overload
|
955
|
+
# @overload delete_data_lake(params = {})
|
969
956
|
# @param [Hash] params ({})
|
970
|
-
def
|
971
|
-
req = build_request(:
|
957
|
+
def delete_data_lake(params = {}, options = {})
|
958
|
+
req = build_request(:delete_data_lake, params)
|
972
959
|
req.send_request(options)
|
973
960
|
end
|
974
961
|
|
975
|
-
# Deletes the
|
976
|
-
# the organization
|
977
|
-
# management account. The organization management account cannot be the
|
978
|
-
# delegated administrator account.
|
979
|
-
#
|
980
|
-
# @option params [required, String] :account
|
981
|
-
# The account ID the Security Lake delegated administrator.
|
962
|
+
# Deletes the specified notification subscription in Amazon Security
|
963
|
+
# Lake for the organization you specify.
|
982
964
|
#
|
983
965
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
984
966
|
#
|
985
|
-
# @
|
967
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeExceptionSubscription AWS API Documentation
|
986
968
|
#
|
987
|
-
#
|
988
|
-
# account: "SafeString", # required
|
989
|
-
# })
|
990
|
-
#
|
991
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
|
992
|
-
#
|
993
|
-
# @overload delete_datalake_delegated_admin(params = {})
|
969
|
+
# @overload delete_data_lake_exception_subscription(params = {})
|
994
970
|
# @param [Hash] params ({})
|
995
|
-
def
|
996
|
-
req = build_request(:
|
971
|
+
def delete_data_lake_exception_subscription(params = {}, options = {})
|
972
|
+
req = build_request(:delete_data_lake_exception_subscription, params)
|
997
973
|
req.send_request(options)
|
998
974
|
end
|
999
975
|
|
1000
|
-
#
|
1001
|
-
#
|
976
|
+
# Removes automatic the enablement of configuration settings for new
|
977
|
+
# member accounts (but retains the settings for the delegated
|
978
|
+
# administrator) from Amazon Security Lake. You must run this API using
|
979
|
+
# the credentials of the delegated administrator. When you run this API,
|
980
|
+
# new member accounts that are added after the organization enables
|
981
|
+
# Security Lake won't contribute to the data lake.
|
1002
982
|
#
|
1003
|
-
# @
|
983
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
984
|
+
# Removes the automatic enablement of configuration settings for new
|
985
|
+
# member accounts in Security Lake.
|
1004
986
|
#
|
1005
|
-
#
|
987
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1006
988
|
#
|
1007
|
-
# @example
|
989
|
+
# @example Request syntax with placeholder values
|
1008
990
|
#
|
1009
|
-
# resp
|
991
|
+
# resp = client.delete_data_lake_organization_configuration({
|
992
|
+
# auto_enable_new_account: [ # required
|
993
|
+
# {
|
994
|
+
# region: "Region", # required
|
995
|
+
# sources: [ # required
|
996
|
+
# {
|
997
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
998
|
+
# source_version: "AwsLogSourceVersion",
|
999
|
+
# },
|
1000
|
+
# ],
|
1001
|
+
# },
|
1002
|
+
# ],
|
1003
|
+
# })
|
1010
1004
|
#
|
1011
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1005
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfiguration AWS API Documentation
|
1012
1006
|
#
|
1013
|
-
# @overload
|
1007
|
+
# @overload delete_data_lake_organization_configuration(params = {})
|
1014
1008
|
# @param [Hash] params ({})
|
1015
|
-
def
|
1016
|
-
req = build_request(:
|
1009
|
+
def delete_data_lake_organization_configuration(params = {}, options = {})
|
1010
|
+
req = build_request(:delete_data_lake_organization_configuration, params)
|
1017
1011
|
req.send_request(options)
|
1018
1012
|
end
|
1019
1013
|
|
1020
|
-
# Deletes the subscription permission
|
1021
|
-
# enabled in Amazon Security Lake.
|
1022
|
-
#
|
1023
|
-
#
|
1024
|
-
#
|
1014
|
+
# Deletes the subscription permission and all notification settings for
|
1015
|
+
# accounts that are already enabled in Amazon Security Lake. When you
|
1016
|
+
# run `DeleteSubscriber`, the subscriber will no longer consume data
|
1017
|
+
# from Security Lake and the subscriber is removed. This operation
|
1018
|
+
# deletes the subscriber and removes access to data in the current
|
1019
|
+
# Amazon Web Services Region.
|
1020
|
+
#
|
1021
|
+
# @option params [required, String] :subscriber_id
|
1025
1022
|
# A value created by Security Lake that uniquely identifies your
|
1026
1023
|
# `DeleteSubscriber` API request.
|
1027
1024
|
#
|
@@ -1030,7 +1027,7 @@ module Aws::SecurityLake
|
|
1030
1027
|
# @example Request syntax with placeholder values
|
1031
1028
|
#
|
1032
1029
|
# resp = client.delete_subscriber({
|
1033
|
-
#
|
1030
|
+
# subscriber_id: "UUID", # required
|
1034
1031
|
# })
|
1035
1032
|
#
|
1036
1033
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
|
@@ -1045,128 +1042,89 @@ module Aws::SecurityLake
|
|
1045
1042
|
# Deletes the specified notification subscription in Amazon Security
|
1046
1043
|
# Lake for the organization you specify.
|
1047
1044
|
#
|
1048
|
-
# @option params [required, String] :
|
1045
|
+
# @option params [required, String] :subscriber_id
|
1049
1046
|
# The ID of the Security Lake subscriber account.
|
1050
1047
|
#
|
1051
1048
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1052
1049
|
#
|
1053
1050
|
# @example Request syntax with placeholder values
|
1054
1051
|
#
|
1055
|
-
# resp = client.
|
1056
|
-
#
|
1052
|
+
# resp = client.delete_subscriber_notification({
|
1053
|
+
# subscriber_id: "UUID", # required
|
1057
1054
|
# })
|
1058
1055
|
#
|
1059
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1056
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberNotification AWS API Documentation
|
1060
1057
|
#
|
1061
|
-
# @overload
|
1058
|
+
# @overload delete_subscriber_notification(params = {})
|
1062
1059
|
# @param [Hash] params ({})
|
1063
|
-
def
|
1064
|
-
req = build_request(:
|
1060
|
+
def delete_subscriber_notification(params = {}, options = {})
|
1061
|
+
req = build_request(:delete_subscriber_notification, params)
|
1065
1062
|
req.send_request(options)
|
1066
1063
|
end
|
1067
1064
|
|
1068
|
-
#
|
1069
|
-
#
|
1070
|
-
#
|
1071
|
-
#
|
1072
|
-
#
|
1073
|
-
# @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1074
|
-
#
|
1075
|
-
# * {Types::GetDatalakeResponse#configurations #configurations} => Hash<String,Types::LakeConfigurationResponse>
|
1076
|
-
#
|
1077
|
-
# @example Response structure
|
1078
|
-
#
|
1079
|
-
# resp.configurations #=> Hash
|
1080
|
-
# resp.configurations["Region"].encryption_key #=> String
|
1081
|
-
# resp.configurations["Region"].replication_destination_regions #=> Array
|
1082
|
-
# resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1083
|
-
# resp.configurations["Region"].replication_role_arn #=> String
|
1084
|
-
# resp.configurations["Region"].retention_settings #=> Array
|
1085
|
-
# resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
|
1086
|
-
# resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
|
1087
|
-
# resp.configurations["Region"].s3_bucket_arn #=> String
|
1088
|
-
# resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1089
|
-
# resp.configurations["Region"].tags_map #=> Hash
|
1090
|
-
# resp.configurations["Region"].tags_map["String"] #=> String
|
1091
|
-
# resp.configurations["Region"].update_status.last_update_failure.code #=> String
|
1092
|
-
# resp.configurations["Region"].update_status.last_update_failure.reason #=> String
|
1093
|
-
# resp.configurations["Region"].update_status.last_update_request_id #=> String
|
1094
|
-
# resp.configurations["Region"].update_status.last_update_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1095
|
-
#
|
1096
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
|
1097
|
-
#
|
1098
|
-
# @overload get_datalake(params = {})
|
1099
|
-
# @param [Hash] params ({})
|
1100
|
-
def get_datalake(params = {}, options = {})
|
1101
|
-
req = build_request(:get_datalake, params)
|
1102
|
-
req.send_request(options)
|
1103
|
-
end
|
1104
|
-
|
1105
|
-
# Retrieves the configuration that will be automatically set up for
|
1106
|
-
# accounts added to the organization after the organization has
|
1107
|
-
# onboarded to Amazon Security Lake. This API does not take input
|
1108
|
-
# parameters.
|
1109
|
-
#
|
1110
|
-
# @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1111
|
-
#
|
1112
|
-
# * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array<Types::AutoEnableNewRegionConfiguration>
|
1113
|
-
#
|
1114
|
-
# @example Response structure
|
1065
|
+
# Deletes the Amazon Security Lake delegated administrator account for
|
1066
|
+
# the organization. This API can only be called by the organization
|
1067
|
+
# management account. The organization management account cannot be the
|
1068
|
+
# delegated administrator account.
|
1115
1069
|
#
|
1116
|
-
#
|
1117
|
-
# resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1118
|
-
# resp.auto_enable_new_accounts[0].sources #=> Array
|
1119
|
-
# resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1070
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1120
1071
|
#
|
1121
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1072
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeregisterDataLakeDelegatedAdministrator AWS API Documentation
|
1122
1073
|
#
|
1123
|
-
# @overload
|
1074
|
+
# @overload deregister_data_lake_delegated_administrator(params = {})
|
1124
1075
|
# @param [Hash] params ({})
|
1125
|
-
def
|
1126
|
-
req = build_request(:
|
1076
|
+
def deregister_data_lake_delegated_administrator(params = {}, options = {})
|
1077
|
+
req = build_request(:deregister_data_lake_delegated_administrator, params)
|
1127
1078
|
req.send_request(options)
|
1128
1079
|
end
|
1129
1080
|
|
1130
|
-
# Retrieves the
|
1131
|
-
#
|
1132
|
-
# weeks from when a record was created in Amazon Security Lake. This API
|
1133
|
-
# does not take input parameters.
|
1081
|
+
# Retrieves the details of exception notifications for the account in
|
1082
|
+
# Amazon Security Lake.
|
1134
1083
|
#
|
1135
|
-
# @return [Types::
|
1084
|
+
# @return [Types::GetDataLakeExceptionSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1136
1085
|
#
|
1137
|
-
# * {Types::
|
1086
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#exception_time_to_live #exception_time_to_live} => Integer
|
1087
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#notification_endpoint #notification_endpoint} => String
|
1088
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#subscription_protocol #subscription_protocol} => String
|
1138
1089
|
#
|
1139
1090
|
# @example Response structure
|
1140
1091
|
#
|
1141
|
-
# resp.
|
1092
|
+
# resp.exception_time_to_live #=> Integer
|
1093
|
+
# resp.notification_endpoint #=> String
|
1094
|
+
# resp.subscription_protocol #=> String
|
1142
1095
|
#
|
1143
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1096
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeExceptionSubscription AWS API Documentation
|
1144
1097
|
#
|
1145
|
-
# @overload
|
1098
|
+
# @overload get_data_lake_exception_subscription(params = {})
|
1146
1099
|
# @param [Hash] params ({})
|
1147
|
-
def
|
1148
|
-
req = build_request(:
|
1100
|
+
def get_data_lake_exception_subscription(params = {}, options = {})
|
1101
|
+
req = build_request(:get_data_lake_exception_subscription, params)
|
1149
1102
|
req.send_request(options)
|
1150
1103
|
end
|
1151
1104
|
|
1152
|
-
# Retrieves the
|
1153
|
-
#
|
1105
|
+
# Retrieves the configuration that will be automatically set up for
|
1106
|
+
# accounts added to the organization after the organization has
|
1107
|
+
# onboarded to Amazon Security Lake. This API does not take input
|
1108
|
+
# parameters.
|
1154
1109
|
#
|
1155
|
-
# @return [Types::
|
1110
|
+
# @return [Types::GetDataLakeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1156
1111
|
#
|
1157
|
-
# * {Types::
|
1112
|
+
# * {Types::GetDataLakeOrganizationConfigurationResponse#auto_enable_new_account #auto_enable_new_account} => Array<Types::DataLakeAutoEnableNewAccountConfiguration>
|
1158
1113
|
#
|
1159
1114
|
# @example Response structure
|
1160
1115
|
#
|
1161
|
-
# resp.
|
1162
|
-
# resp.
|
1116
|
+
# resp.auto_enable_new_account #=> Array
|
1117
|
+
# resp.auto_enable_new_account[0].region #=> String
|
1118
|
+
# resp.auto_enable_new_account[0].sources #=> Array
|
1119
|
+
# resp.auto_enable_new_account[0].sources[0].source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1120
|
+
# resp.auto_enable_new_account[0].sources[0].source_version #=> String
|
1163
1121
|
#
|
1164
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1122
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeOrganizationConfiguration AWS API Documentation
|
1165
1123
|
#
|
1166
|
-
# @overload
|
1124
|
+
# @overload get_data_lake_organization_configuration(params = {})
|
1167
1125
|
# @param [Hash] params ({})
|
1168
|
-
def
|
1169
|
-
req = build_request(:
|
1126
|
+
def get_data_lake_organization_configuration(params = {}, options = {})
|
1127
|
+
req = build_request(:get_data_lake_organization_configuration, params)
|
1170
1128
|
req.send_request(options)
|
1171
1129
|
end
|
1172
1130
|
|
@@ -1174,12 +1132,12 @@ module Aws::SecurityLake
|
|
1174
1132
|
# Security Lake is enabled for those accounts and which sources Security
|
1175
1133
|
# Lake is collecting data from.
|
1176
1134
|
#
|
1177
|
-
# @option params [Array<String>] :
|
1135
|
+
# @option params [Array<String>] :accounts
|
1178
1136
|
# The Amazon Web Services account ID for which a static snapshot of the
|
1179
1137
|
# current Amazon Web Services Region, including enabled accounts and log
|
1180
1138
|
# sources, is retrieved.
|
1181
1139
|
#
|
1182
|
-
# @option params [Integer] :
|
1140
|
+
# @option params [Integer] :max_results
|
1183
1141
|
# The maximum limit of accounts for which the static snapshot of the
|
1184
1142
|
# current Region, including enabled accounts and log sources, is
|
1185
1143
|
# retrieved.
|
@@ -1193,45 +1151,48 @@ module Aws::SecurityLake
|
|
1193
1151
|
# Each pagination token expires after 24 hours. Using an expired
|
1194
1152
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1195
1153
|
#
|
1196
|
-
# @return [Types::
|
1154
|
+
# @return [Types::GetDataLakeSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1197
1155
|
#
|
1198
|
-
# * {Types::
|
1199
|
-
# * {Types::
|
1156
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_arn #data_lake_arn} => String
|
1157
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_sources #data_lake_sources} => Array<Types::DataLakeSource>
|
1158
|
+
# * {Types::GetDataLakeSourcesResponse#next_token #next_token} => String
|
1200
1159
|
#
|
1201
1160
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1202
1161
|
#
|
1203
1162
|
# @example Request syntax with placeholder values
|
1204
1163
|
#
|
1205
|
-
# resp = client.
|
1206
|
-
#
|
1207
|
-
#
|
1208
|
-
# next_token: "
|
1164
|
+
# resp = client.get_data_lake_sources({
|
1165
|
+
# accounts: ["AwsAccountId"],
|
1166
|
+
# max_results: 1,
|
1167
|
+
# next_token: "NextToken",
|
1209
1168
|
# })
|
1210
1169
|
#
|
1211
1170
|
# @example Response structure
|
1212
1171
|
#
|
1213
|
-
# resp.
|
1214
|
-
# resp.
|
1215
|
-
# resp.
|
1216
|
-
# resp.
|
1217
|
-
# resp.
|
1218
|
-
# resp.
|
1219
|
-
# resp.
|
1172
|
+
# resp.data_lake_arn #=> String
|
1173
|
+
# resp.data_lake_sources #=> Array
|
1174
|
+
# resp.data_lake_sources[0].account #=> String
|
1175
|
+
# resp.data_lake_sources[0].event_classes #=> Array
|
1176
|
+
# resp.data_lake_sources[0].event_classes[0] #=> String
|
1177
|
+
# resp.data_lake_sources[0].source_name #=> String
|
1178
|
+
# resp.data_lake_sources[0].source_statuses #=> Array
|
1179
|
+
# resp.data_lake_sources[0].source_statuses[0].resource #=> String
|
1180
|
+
# resp.data_lake_sources[0].source_statuses[0].status #=> String, one of "COLLECTING", "MISCONFIGURED", "NOT_COLLECTING"
|
1220
1181
|
# resp.next_token #=> String
|
1221
1182
|
#
|
1222
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1183
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeSources AWS API Documentation
|
1223
1184
|
#
|
1224
|
-
# @overload
|
1185
|
+
# @overload get_data_lake_sources(params = {})
|
1225
1186
|
# @param [Hash] params ({})
|
1226
|
-
def
|
1227
|
-
req = build_request(:
|
1187
|
+
def get_data_lake_sources(params = {}, options = {})
|
1188
|
+
req = build_request(:get_data_lake_sources, params)
|
1228
1189
|
req.send_request(options)
|
1229
1190
|
end
|
1230
1191
|
|
1231
1192
|
# Retrieves the subscription information for the specified subscription
|
1232
1193
|
# ID. You can get information about a specific subscriber.
|
1233
1194
|
#
|
1234
|
-
# @option params [required, String] :
|
1195
|
+
# @option params [required, String] :subscriber_id
|
1235
1196
|
# A value created by Amazon Security Lake that uniquely identifies your
|
1236
1197
|
# `GetSubscriber` API request.
|
1237
1198
|
#
|
@@ -1242,30 +1203,36 @@ module Aws::SecurityLake
|
|
1242
1203
|
# @example Request syntax with placeholder values
|
1243
1204
|
#
|
1244
1205
|
# resp = client.get_subscriber({
|
1245
|
-
#
|
1206
|
+
# subscriber_id: "UUID", # required
|
1246
1207
|
# })
|
1247
1208
|
#
|
1248
1209
|
# @example Response structure
|
1249
1210
|
#
|
1250
1211
|
# resp.subscriber.access_types #=> Array
|
1251
1212
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1252
|
-
# resp.subscriber.account_id #=> String
|
1253
1213
|
# resp.subscriber.created_at #=> Time
|
1254
|
-
# resp.subscriber.external_id #=> String
|
1255
1214
|
# resp.subscriber.resource_share_arn #=> String
|
1256
1215
|
# resp.subscriber.resource_share_name #=> String
|
1257
1216
|
# resp.subscriber.role_arn #=> String
|
1258
1217
|
# resp.subscriber.s3_bucket_arn #=> String
|
1259
|
-
# resp.subscriber.
|
1260
|
-
# resp.subscriber.
|
1261
|
-
# resp.subscriber.
|
1262
|
-
# resp.subscriber.
|
1218
|
+
# resp.subscriber.sources #=> Array
|
1219
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1220
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1221
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1222
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1223
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1224
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1225
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1226
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1227
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1228
|
+
# resp.subscriber.subscriber_arn #=> String
|
1263
1229
|
# resp.subscriber.subscriber_description #=> String
|
1230
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1231
|
+
# resp.subscriber.subscriber_id #=> String
|
1232
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1233
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1264
1234
|
# resp.subscriber.subscriber_name #=> String
|
1265
|
-
# resp.subscriber.
|
1266
|
-
# resp.subscriber.subscription_id #=> String
|
1267
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1268
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1235
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1269
1236
|
# resp.subscriber.updated_at #=> Time
|
1270
1237
|
#
|
1271
1238
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
|
@@ -1280,7 +1247,7 @@ module Aws::SecurityLake
|
|
1280
1247
|
# Lists the Amazon Security Lake exceptions that you can use to find the
|
1281
1248
|
# source of problems and fix them.
|
1282
1249
|
#
|
1283
|
-
# @option params [Integer] :
|
1250
|
+
# @option params [Integer] :max_results
|
1284
1251
|
# List the maximum number of failures in Security Lake.
|
1285
1252
|
#
|
1286
1253
|
# @option params [String] :next_token
|
@@ -1292,64 +1259,95 @@ module Aws::SecurityLake
|
|
1292
1259
|
# Each pagination token expires after 24 hours. Using an expired
|
1293
1260
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1294
1261
|
#
|
1295
|
-
# @option params [Array<String>] :
|
1262
|
+
# @option params [Array<String>] :regions
|
1296
1263
|
# List the Amazon Web Services Regions from which exceptions are
|
1297
1264
|
# retrieved.
|
1298
1265
|
#
|
1299
|
-
# @return [Types::
|
1266
|
+
# @return [Types::ListDataLakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1300
1267
|
#
|
1301
|
-
# * {Types::
|
1302
|
-
# * {Types::
|
1268
|
+
# * {Types::ListDataLakeExceptionsResponse#exceptions #exceptions} => Array<Types::DataLakeException>
|
1269
|
+
# * {Types::ListDataLakeExceptionsResponse#next_token #next_token} => String
|
1303
1270
|
#
|
1304
1271
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1305
1272
|
#
|
1306
1273
|
# @example Request syntax with placeholder values
|
1307
1274
|
#
|
1308
|
-
# resp = client.
|
1309
|
-
#
|
1310
|
-
# next_token: "
|
1311
|
-
#
|
1275
|
+
# resp = client.list_data_lake_exceptions({
|
1276
|
+
# max_results: 1,
|
1277
|
+
# next_token: "NextToken",
|
1278
|
+
# regions: ["Region"],
|
1312
1279
|
# })
|
1313
1280
|
#
|
1314
1281
|
# @example Response structure
|
1315
1282
|
#
|
1283
|
+
# resp.exceptions #=> Array
|
1284
|
+
# resp.exceptions[0].exception #=> String
|
1285
|
+
# resp.exceptions[0].region #=> String
|
1286
|
+
# resp.exceptions[0].remediation #=> String
|
1287
|
+
# resp.exceptions[0].timestamp #=> Time
|
1316
1288
|
# resp.next_token #=> String
|
1317
|
-
# resp.non_retryable_failures #=> Array
|
1318
|
-
# resp.non_retryable_failures[0].failures #=> Array
|
1319
|
-
# resp.non_retryable_failures[0].failures[0].exception_message #=> String
|
1320
|
-
# resp.non_retryable_failures[0].failures[0].remediation #=> String
|
1321
|
-
# resp.non_retryable_failures[0].failures[0].timestamp #=> Time
|
1322
|
-
# resp.non_retryable_failures[0].region #=> String
|
1323
1289
|
#
|
1324
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1290
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakeExceptions AWS API Documentation
|
1325
1291
|
#
|
1326
|
-
# @overload
|
1292
|
+
# @overload list_data_lake_exceptions(params = {})
|
1327
1293
|
# @param [Hash] params ({})
|
1328
|
-
def
|
1329
|
-
req = build_request(:
|
1294
|
+
def list_data_lake_exceptions(params = {}, options = {})
|
1295
|
+
req = build_request(:list_data_lake_exceptions, params)
|
1330
1296
|
req.send_request(options)
|
1331
1297
|
end
|
1332
1298
|
|
1333
|
-
# Retrieves the
|
1299
|
+
# Retrieves the Amazon Security Lake configuration object for the
|
1300
|
+
# specified Amazon Web Services account ID. You can use the
|
1301
|
+
# `ListDataLakes` API to know whether Security Lake is enabled for any
|
1302
|
+
# region.
|
1303
|
+
#
|
1304
|
+
# @option params [Array<String>] :regions
|
1305
|
+
# The list of regions where Security Lake is enabled.
|
1334
1306
|
#
|
1335
|
-
# @
|
1336
|
-
# Lists the log sources in input order, namely Region, source type, and
|
1337
|
-
# member account.
|
1307
|
+
# @return [Types::ListDataLakesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1338
1308
|
#
|
1339
|
-
#
|
1340
|
-
# List the view of log sources for enabled Amazon Security Lake accounts
|
1341
|
-
# for specific Amazon Web Services sources from specific accounts and
|
1342
|
-
# specific Regions.
|
1309
|
+
# * {Types::ListDataLakesResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1343
1310
|
#
|
1344
|
-
# @
|
1345
|
-
#
|
1346
|
-
#
|
1347
|
-
#
|
1311
|
+
# @example Request syntax with placeholder values
|
1312
|
+
#
|
1313
|
+
# resp = client.list_data_lakes({
|
1314
|
+
# regions: ["Region"],
|
1315
|
+
# })
|
1316
|
+
#
|
1317
|
+
# @example Response structure
|
1318
|
+
#
|
1319
|
+
# resp.data_lakes #=> Array
|
1320
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1321
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1322
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1323
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1324
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1325
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1326
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1327
|
+
# resp.data_lakes[0].region #=> String
|
1328
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1329
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1330
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1331
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1332
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1333
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1334
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1335
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1336
|
+
#
|
1337
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakes AWS API Documentation
|
1338
|
+
#
|
1339
|
+
# @overload list_data_lakes(params = {})
|
1340
|
+
# @param [Hash] params ({})
|
1341
|
+
def list_data_lakes(params = {}, options = {})
|
1342
|
+
req = build_request(:list_data_lakes, params)
|
1343
|
+
req.send_request(options)
|
1344
|
+
end
|
1345
|
+
|
1346
|
+
# Retrieves the log sources in the current Amazon Web Services Region.
|
1348
1347
|
#
|
1349
|
-
# @option params [
|
1350
|
-
#
|
1351
|
-
#
|
1352
|
-
# specific Regions.
|
1348
|
+
# @option params [Array<String>] :accounts
|
1349
|
+
# The list of Amazon Web Services accounts for which log sources are
|
1350
|
+
# displayed.
|
1353
1351
|
#
|
1354
1352
|
# @option params [Integer] :max_results
|
1355
1353
|
# The maximum number of accounts for which the log sources are
|
@@ -1359,38 +1357,65 @@ module Aws::SecurityLake
|
|
1359
1357
|
# If nextToken is returned, there are more results available. You can
|
1360
1358
|
# repeat the call using the returned token to retrieve the next page.
|
1361
1359
|
#
|
1360
|
+
# @option params [Array<String>] :regions
|
1361
|
+
# The list of regions for which log sources are displayed.
|
1362
|
+
#
|
1363
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1364
|
+
# The list of sources for which log sources are displayed.
|
1365
|
+
#
|
1362
1366
|
# @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1363
1367
|
#
|
1364
1368
|
# * {Types::ListLogSourcesResponse#next_token #next_token} => String
|
1365
|
-
# * {Types::ListLogSourcesResponse#
|
1369
|
+
# * {Types::ListLogSourcesResponse#sources #sources} => Array<Types::LogSource>
|
1366
1370
|
#
|
1367
1371
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1368
1372
|
#
|
1369
1373
|
# @example Request syntax with placeholder values
|
1370
1374
|
#
|
1371
1375
|
# resp = client.list_log_sources({
|
1372
|
-
#
|
1373
|
-
# list_all_dimensions: {
|
1374
|
-
# "String" => {
|
1375
|
-
# "String" => ["String"],
|
1376
|
-
# },
|
1377
|
-
# },
|
1378
|
-
# list_single_dimension: ["SafeString"],
|
1379
|
-
# list_two_dimensions: {
|
1380
|
-
# "String" => ["String"],
|
1381
|
-
# },
|
1376
|
+
# accounts: ["AwsAccountId"],
|
1382
1377
|
# max_results: 1,
|
1383
|
-
# next_token: "
|
1378
|
+
# next_token: "NextToken",
|
1379
|
+
# regions: ["Region"],
|
1380
|
+
# sources: [
|
1381
|
+
# {
|
1382
|
+
# aws_log_source: {
|
1383
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1384
|
+
# source_version: "AwsLogSourceVersion",
|
1385
|
+
# },
|
1386
|
+
# custom_log_source: {
|
1387
|
+
# attributes: {
|
1388
|
+
# crawler_arn: "AmazonResourceName",
|
1389
|
+
# database_arn: "AmazonResourceName",
|
1390
|
+
# table_arn: "AmazonResourceName",
|
1391
|
+
# },
|
1392
|
+
# provider: {
|
1393
|
+
# location: "S3URI",
|
1394
|
+
# role_arn: "RoleArn",
|
1395
|
+
# },
|
1396
|
+
# source_name: "CustomLogSourceName",
|
1397
|
+
# source_version: "CustomLogSourceVersion",
|
1398
|
+
# },
|
1399
|
+
# },
|
1400
|
+
# ],
|
1384
1401
|
# })
|
1385
1402
|
#
|
1386
1403
|
# @example Response structure
|
1387
1404
|
#
|
1388
1405
|
# resp.next_token #=> String
|
1389
|
-
# resp.
|
1390
|
-
# resp.
|
1391
|
-
# resp.
|
1392
|
-
# resp.
|
1393
|
-
# resp.
|
1406
|
+
# resp.sources #=> Array
|
1407
|
+
# resp.sources[0].account #=> String
|
1408
|
+
# resp.sources[0].region #=> String
|
1409
|
+
# resp.sources[0].sources #=> Array
|
1410
|
+
# resp.sources[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1411
|
+
# resp.sources[0].sources[0].aws_log_source.source_version #=> String
|
1412
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1413
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1414
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1415
|
+
# resp.sources[0].sources[0].custom_log_source.provider.location #=> String
|
1416
|
+
# resp.sources[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1417
|
+
# resp.sources[0].sources[0].custom_log_source.source_name #=> String
|
1418
|
+
# resp.sources[0].sources[0].custom_log_source.source_version #=> String
|
1394
1419
|
#
|
1395
1420
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
|
1396
1421
|
#
|
@@ -1424,7 +1449,7 @@ module Aws::SecurityLake
|
|
1424
1449
|
#
|
1425
1450
|
# resp = client.list_subscribers({
|
1426
1451
|
# max_results: 1,
|
1427
|
-
# next_token: "
|
1452
|
+
# next_token: "NextToken",
|
1428
1453
|
# })
|
1429
1454
|
#
|
1430
1455
|
# @example Response structure
|
@@ -1433,23 +1458,29 @@ module Aws::SecurityLake
|
|
1433
1458
|
# resp.subscribers #=> Array
|
1434
1459
|
# resp.subscribers[0].access_types #=> Array
|
1435
1460
|
# resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1436
|
-
# resp.subscribers[0].account_id #=> String
|
1437
1461
|
# resp.subscribers[0].created_at #=> Time
|
1438
|
-
# resp.subscribers[0].external_id #=> String
|
1439
1462
|
# resp.subscribers[0].resource_share_arn #=> String
|
1440
1463
|
# resp.subscribers[0].resource_share_name #=> String
|
1441
1464
|
# resp.subscribers[0].role_arn #=> String
|
1442
1465
|
# resp.subscribers[0].s3_bucket_arn #=> String
|
1443
|
-
# resp.subscribers[0].
|
1444
|
-
# resp.subscribers[0].
|
1445
|
-
# resp.subscribers[0].
|
1446
|
-
# resp.subscribers[0].
|
1466
|
+
# resp.subscribers[0].sources #=> Array
|
1467
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1468
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_version #=> String
|
1469
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1470
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1471
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1472
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.location #=> String
|
1473
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1474
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_name #=> String
|
1475
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_version #=> String
|
1476
|
+
# resp.subscribers[0].subscriber_arn #=> String
|
1447
1477
|
# resp.subscribers[0].subscriber_description #=> String
|
1478
|
+
# resp.subscribers[0].subscriber_endpoint #=> String
|
1479
|
+
# resp.subscribers[0].subscriber_id #=> String
|
1480
|
+
# resp.subscribers[0].subscriber_identity.external_id #=> String
|
1481
|
+
# resp.subscribers[0].subscriber_identity.principal #=> String
|
1448
1482
|
# resp.subscribers[0].subscriber_name #=> String
|
1449
|
-
# resp.subscribers[0].
|
1450
|
-
# resp.subscribers[0].subscription_id #=> String
|
1451
|
-
# resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1452
|
-
# resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1483
|
+
# resp.subscribers[0].subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1453
1484
|
# resp.subscribers[0].updated_at #=> Time
|
1454
1485
|
#
|
1455
1486
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
|
@@ -1461,74 +1492,107 @@ module Aws::SecurityLake
|
|
1461
1492
|
req.send_request(options)
|
1462
1493
|
end
|
1463
1494
|
|
1464
|
-
#
|
1465
|
-
#
|
1466
|
-
#
|
1495
|
+
# Designates the Amazon Security Lake delegated administrator account
|
1496
|
+
# for the organization. This API can only be called by the organization
|
1497
|
+
# management account. The organization management account cannot be the
|
1498
|
+
# delegated administrator account.
|
1467
1499
|
#
|
1468
|
-
# @option params [required,
|
1469
|
-
#
|
1470
|
-
#
|
1500
|
+
# @option params [required, String] :account_id
|
1501
|
+
# The Amazon Web Services account ID of the Security Lake delegated
|
1502
|
+
# administrator.
|
1471
1503
|
#
|
1472
1504
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1473
1505
|
#
|
1474
1506
|
# @example Request syntax with placeholder values
|
1475
1507
|
#
|
1476
|
-
# resp = client.
|
1477
|
-
#
|
1478
|
-
# "us-east-1" => {
|
1479
|
-
# encryption_key: "String",
|
1480
|
-
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1481
|
-
# replication_role_arn: "RoleArn",
|
1482
|
-
# retention_settings: [
|
1483
|
-
# {
|
1484
|
-
# retention_period: 1,
|
1485
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
1486
|
-
# },
|
1487
|
-
# ],
|
1488
|
-
# tags_map: {
|
1489
|
-
# "String" => "String",
|
1490
|
-
# },
|
1491
|
-
# },
|
1492
|
-
# },
|
1508
|
+
# resp = client.register_data_lake_delegated_administrator({
|
1509
|
+
# account_id: "SafeString", # required
|
1493
1510
|
# })
|
1494
1511
|
#
|
1495
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1512
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RegisterDataLakeDelegatedAdministrator AWS API Documentation
|
1496
1513
|
#
|
1497
|
-
# @overload
|
1514
|
+
# @overload register_data_lake_delegated_administrator(params = {})
|
1498
1515
|
# @param [Hash] params ({})
|
1499
|
-
def
|
1500
|
-
req = build_request(:
|
1516
|
+
def register_data_lake_delegated_administrator(params = {}, options = {})
|
1517
|
+
req = build_request(:register_data_lake_delegated_administrator, params)
|
1501
1518
|
req.send_request(options)
|
1502
1519
|
end
|
1503
1520
|
|
1504
|
-
#
|
1505
|
-
#
|
1506
|
-
#
|
1507
|
-
# when a record was created in Amazon Security Lake.
|
1521
|
+
# Specifies where to store your security data and for how long. You can
|
1522
|
+
# add a rollup Region to consolidate data from multiple Amazon Web
|
1523
|
+
# Services Regions.
|
1508
1524
|
#
|
1509
|
-
# @option params [required,
|
1510
|
-
#
|
1525
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
1526
|
+
# Specify the Region or Regions that will contribute data to the rollup
|
1527
|
+
# region.
|
1511
1528
|
#
|
1512
|
-
# @return [
|
1529
|
+
# @return [Types::UpdateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1530
|
+
#
|
1531
|
+
# * {Types::UpdateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1513
1532
|
#
|
1514
1533
|
# @example Request syntax with placeholder values
|
1515
1534
|
#
|
1516
|
-
# resp = client.
|
1517
|
-
#
|
1535
|
+
# resp = client.update_data_lake({
|
1536
|
+
# configurations: [ # required
|
1537
|
+
# {
|
1538
|
+
# encryption_configuration: {
|
1539
|
+
# kms_key_id: "String",
|
1540
|
+
# },
|
1541
|
+
# lifecycle_configuration: {
|
1542
|
+
# expiration: {
|
1543
|
+
# days: 1,
|
1544
|
+
# },
|
1545
|
+
# transitions: [
|
1546
|
+
# {
|
1547
|
+
# days: 1,
|
1548
|
+
# storage_class: "DataLakeStorageClass",
|
1549
|
+
# },
|
1550
|
+
# ],
|
1551
|
+
# },
|
1552
|
+
# region: "Region", # required
|
1553
|
+
# replication_configuration: {
|
1554
|
+
# regions: ["Region"],
|
1555
|
+
# role_arn: "RoleArn",
|
1556
|
+
# },
|
1557
|
+
# },
|
1558
|
+
# ],
|
1518
1559
|
# })
|
1519
1560
|
#
|
1520
|
-
# @
|
1561
|
+
# @example Response structure
|
1521
1562
|
#
|
1522
|
-
#
|
1563
|
+
# resp.data_lakes #=> Array
|
1564
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1565
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1566
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1567
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1568
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1569
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1570
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1571
|
+
# resp.data_lakes[0].region #=> String
|
1572
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1573
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1574
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1575
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1576
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1577
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1578
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1579
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1580
|
+
#
|
1581
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLake AWS API Documentation
|
1582
|
+
#
|
1583
|
+
# @overload update_data_lake(params = {})
|
1523
1584
|
# @param [Hash] params ({})
|
1524
|
-
def
|
1525
|
-
req = build_request(:
|
1585
|
+
def update_data_lake(params = {}, options = {})
|
1586
|
+
req = build_request(:update_data_lake, params)
|
1526
1587
|
req.send_request(options)
|
1527
1588
|
end
|
1528
1589
|
|
1529
1590
|
# Updates the specified notification subscription in Amazon Security
|
1530
1591
|
# Lake for the organization you specify.
|
1531
1592
|
#
|
1593
|
+
# @option params [Integer] :exception_time_to_live
|
1594
|
+
# The time-to-live (TTL) for the exception message to remain.
|
1595
|
+
#
|
1532
1596
|
# @option params [required, String] :notification_endpoint
|
1533
1597
|
# The account that is subscribed to receive exception notifications.
|
1534
1598
|
#
|
@@ -1539,17 +1603,18 @@ module Aws::SecurityLake
|
|
1539
1603
|
#
|
1540
1604
|
# @example Request syntax with placeholder values
|
1541
1605
|
#
|
1542
|
-
# resp = client.
|
1606
|
+
# resp = client.update_data_lake_exception_subscription({
|
1607
|
+
# exception_time_to_live: 1,
|
1543
1608
|
# notification_endpoint: "SafeString", # required
|
1544
|
-
# subscription_protocol: "
|
1609
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
1545
1610
|
# })
|
1546
1611
|
#
|
1547
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1612
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeExceptionSubscription AWS API Documentation
|
1548
1613
|
#
|
1549
|
-
# @overload
|
1614
|
+
# @overload update_data_lake_exception_subscription(params = {})
|
1550
1615
|
# @param [Hash] params ({})
|
1551
|
-
def
|
1552
|
-
req = build_request(:
|
1616
|
+
def update_data_lake_exception_subscription(params = {}, options = {})
|
1617
|
+
req = build_request(:update_data_lake_exception_subscription, params)
|
1553
1618
|
req.send_request(options)
|
1554
1619
|
end
|
1555
1620
|
|
@@ -1557,14 +1622,7 @@ module Aws::SecurityLake
|
|
1557
1622
|
# account ID. You can update a subscriber by changing the sources that
|
1558
1623
|
# the subscriber consumes data from.
|
1559
1624
|
#
|
1560
|
-
# @option params [
|
1561
|
-
# The external ID of the Security Lake account.
|
1562
|
-
#
|
1563
|
-
# @option params [required, String] :id
|
1564
|
-
# A value created by Security Lake that uniquely identifies your
|
1565
|
-
# subscription.
|
1566
|
-
#
|
1567
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
1625
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1568
1626
|
# The supported Amazon Web Services from which logs and events are
|
1569
1627
|
# collected. For the list of supported Amazon Web Services, see the
|
1570
1628
|
# [Amazon Security Lake User Guide][1].
|
@@ -1576,6 +1634,13 @@ module Aws::SecurityLake
|
|
1576
1634
|
# @option params [String] :subscriber_description
|
1577
1635
|
# The description of the Security Lake account subscriber.
|
1578
1636
|
#
|
1637
|
+
# @option params [required, String] :subscriber_id
|
1638
|
+
# A value created by Security Lake that uniquely identifies your
|
1639
|
+
# subscription.
|
1640
|
+
#
|
1641
|
+
# @option params [Types::AwsIdentity] :subscriber_identity
|
1642
|
+
# The AWS identity used to access your data.
|
1643
|
+
#
|
1579
1644
|
# @option params [String] :subscriber_name
|
1580
1645
|
# The name of the Security Lake account subscriber.
|
1581
1646
|
#
|
@@ -1586,15 +1651,33 @@ module Aws::SecurityLake
|
|
1586
1651
|
# @example Request syntax with placeholder values
|
1587
1652
|
#
|
1588
1653
|
# resp = client.update_subscriber({
|
1589
|
-
#
|
1590
|
-
# id: "String", # required
|
1591
|
-
# source_types: [ # required
|
1654
|
+
# sources: [
|
1592
1655
|
# {
|
1593
|
-
#
|
1594
|
-
#
|
1656
|
+
# aws_log_source: {
|
1657
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1658
|
+
# source_version: "AwsLogSourceVersion",
|
1659
|
+
# },
|
1660
|
+
# custom_log_source: {
|
1661
|
+
# attributes: {
|
1662
|
+
# crawler_arn: "AmazonResourceName",
|
1663
|
+
# database_arn: "AmazonResourceName",
|
1664
|
+
# table_arn: "AmazonResourceName",
|
1665
|
+
# },
|
1666
|
+
# provider: {
|
1667
|
+
# location: "S3URI",
|
1668
|
+
# role_arn: "RoleArn",
|
1669
|
+
# },
|
1670
|
+
# source_name: "CustomLogSourceName",
|
1671
|
+
# source_version: "CustomLogSourceVersion",
|
1672
|
+
# },
|
1595
1673
|
# },
|
1596
1674
|
# ],
|
1597
1675
|
# subscriber_description: "DescriptionString",
|
1676
|
+
# subscriber_id: "UUID", # required
|
1677
|
+
# subscriber_identity: {
|
1678
|
+
# external_id: "ExternalId", # required
|
1679
|
+
# principal: "AwsPrincipal", # required
|
1680
|
+
# },
|
1598
1681
|
# subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
|
1599
1682
|
# })
|
1600
1683
|
#
|
@@ -1602,23 +1685,29 @@ module Aws::SecurityLake
|
|
1602
1685
|
#
|
1603
1686
|
# resp.subscriber.access_types #=> Array
|
1604
1687
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1605
|
-
# resp.subscriber.account_id #=> String
|
1606
1688
|
# resp.subscriber.created_at #=> Time
|
1607
|
-
# resp.subscriber.external_id #=> String
|
1608
1689
|
# resp.subscriber.resource_share_arn #=> String
|
1609
1690
|
# resp.subscriber.resource_share_name #=> String
|
1610
1691
|
# resp.subscriber.role_arn #=> String
|
1611
1692
|
# resp.subscriber.s3_bucket_arn #=> String
|
1612
|
-
# resp.subscriber.
|
1613
|
-
# resp.subscriber.
|
1614
|
-
# resp.subscriber.
|
1615
|
-
# resp.subscriber.
|
1693
|
+
# resp.subscriber.sources #=> Array
|
1694
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1695
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1696
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1697
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1698
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1699
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1700
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1701
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1702
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1703
|
+
# resp.subscriber.subscriber_arn #=> String
|
1616
1704
|
# resp.subscriber.subscriber_description #=> String
|
1705
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1706
|
+
# resp.subscriber.subscriber_id #=> String
|
1707
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1708
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1617
1709
|
# resp.subscriber.subscriber_name #=> String
|
1618
|
-
# resp.subscriber.
|
1619
|
-
# resp.subscriber.subscription_id #=> String
|
1620
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1621
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1710
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1622
1711
|
# resp.subscriber.updated_at #=> Time
|
1623
1712
|
#
|
1624
1713
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
|
@@ -1634,63 +1723,44 @@ module Aws::SecurityLake
|
|
1634
1723
|
# HTTPs endpoint) or switches the notification subscription endpoint for
|
1635
1724
|
# a subscriber.
|
1636
1725
|
#
|
1637
|
-
# @option params [
|
1638
|
-
#
|
1639
|
-
# ID in Amazon Security Lake.
|
1640
|
-
#
|
1641
|
-
# @option params [String] :https_api_key_name
|
1642
|
-
# The key name for the subscription notification.
|
1643
|
-
#
|
1644
|
-
# @option params [String] :https_api_key_value
|
1645
|
-
# The key value for the subscription notification.
|
1726
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
1727
|
+
# The configuration for subscriber notification.
|
1646
1728
|
#
|
1647
|
-
# @option params [String] :
|
1648
|
-
# The HTTPS method used for the subscription notification.
|
1649
|
-
#
|
1650
|
-
# @option params [String] :role_arn
|
1651
|
-
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
1652
|
-
# For more information about ARNs and how to use them in policies, see,
|
1653
|
-
# see the [Managing data access][1] and [Amazon Web Services Managed
|
1654
|
-
# Policies][2]in the Amazon Security Lake User Guide.
|
1655
|
-
#
|
1656
|
-
#
|
1657
|
-
#
|
1658
|
-
# [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
|
1659
|
-
# [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
|
1660
|
-
#
|
1661
|
-
# @option params [String] :subscription_endpoint
|
1662
|
-
# The subscription endpoint in Security Lake.
|
1663
|
-
#
|
1664
|
-
# @option params [required, String] :subscription_id
|
1729
|
+
# @option params [required, String] :subscriber_id
|
1665
1730
|
# The subscription ID for which the subscription notification is
|
1666
1731
|
# specified.
|
1667
1732
|
#
|
1668
|
-
# @return [Types::
|
1733
|
+
# @return [Types::UpdateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1669
1734
|
#
|
1670
|
-
# * {Types::
|
1735
|
+
# * {Types::UpdateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
1671
1736
|
#
|
1672
1737
|
# @example Request syntax with placeholder values
|
1673
1738
|
#
|
1674
|
-
# resp = client.
|
1675
|
-
#
|
1676
|
-
#
|
1677
|
-
#
|
1678
|
-
#
|
1679
|
-
#
|
1680
|
-
#
|
1681
|
-
#
|
1739
|
+
# resp = client.update_subscriber_notification({
|
1740
|
+
# configuration: { # required
|
1741
|
+
# https_notification_configuration: {
|
1742
|
+
# authorization_api_key_name: "String",
|
1743
|
+
# authorization_api_key_value: "String",
|
1744
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
1745
|
+
# http_method: "POST", # accepts POST, PUT
|
1746
|
+
# target_role_arn: "RoleArn", # required
|
1747
|
+
# },
|
1748
|
+
# sqs_notification_configuration: {
|
1749
|
+
# },
|
1750
|
+
# },
|
1751
|
+
# subscriber_id: "UUID", # required
|
1682
1752
|
# })
|
1683
1753
|
#
|
1684
1754
|
# @example Response structure
|
1685
1755
|
#
|
1686
|
-
# resp.
|
1756
|
+
# resp.subscriber_endpoint #=> String
|
1687
1757
|
#
|
1688
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1758
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberNotification AWS API Documentation
|
1689
1759
|
#
|
1690
|
-
# @overload
|
1760
|
+
# @overload update_subscriber_notification(params = {})
|
1691
1761
|
# @param [Hash] params ({})
|
1692
|
-
def
|
1693
|
-
req = build_request(:
|
1762
|
+
def update_subscriber_notification(params = {}, options = {})
|
1763
|
+
req = build_request(:update_subscriber_notification, params)
|
1694
1764
|
req.send_request(options)
|
1695
1765
|
end
|
1696
1766
|
|
@@ -1707,7 +1777,7 @@ module Aws::SecurityLake
|
|
1707
1777
|
params: params,
|
1708
1778
|
config: config)
|
1709
1779
|
context[:gem_name] = 'aws-sdk-securitylake'
|
1710
|
-
context[:gem_version] = '1.
|
1780
|
+
context[:gem_version] = '1.5.0'
|
1711
1781
|
Seahorse::Client::Request.new(handlers, context)
|
1712
1782
|
end
|
1713
1783
|
|