aws-sdk-securitylake 1.3.0 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securitylake/client.rb +735 -665
- data/lib/aws-sdk-securitylake/client_api.rb +577 -614
- data/lib/aws-sdk-securitylake/endpoints.rb +19 -47
- data/lib/aws-sdk-securitylake/errors.rb +7 -190
- data/lib/aws-sdk-securitylake/plugins/endpoints.rb +36 -40
- data/lib/aws-sdk-securitylake/types.rb +1046 -1018
- data/lib/aws-sdk-securitylake.rb +1 -1
- metadata +4 -4
@@ -275,6 +275,11 @@ module Aws::SecurityLake
|
|
275
275
|
# in the future.
|
276
276
|
#
|
277
277
|
#
|
278
|
+
# @option options [String] :sdk_ua_app_id
|
279
|
+
# A unique and opaque application ID that is appended to the
|
280
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
281
|
+
# maximum length of 50.
|
282
|
+
#
|
278
283
|
# @option options [String] :secret_access_key
|
279
284
|
#
|
280
285
|
# @option options [String] :session_token
|
@@ -372,64 +377,39 @@ module Aws::SecurityLake
|
|
372
377
|
# Lake source. Enables source types for member accounts in required
|
373
378
|
# Amazon Web Services Regions, based on the parameters you specify. You
|
374
379
|
# can choose any source type in any Region for either accounts that are
|
375
|
-
# part of a trusted organization or standalone accounts.
|
376
|
-
#
|
377
|
-
#
|
378
|
-
#
|
379
|
-
# By default, a dimension refers to the entire set. When you don't
|
380
|
-
# provide a dimension, Security Lake assumes that the missing dimension
|
381
|
-
# refers to the entire set. This is overridden when you supply any one
|
382
|
-
# of the inputs. For instance, when you do not specify members, the API
|
383
|
-
# enables all Security Lake member accounts for all sources. Similarly,
|
384
|
-
# when you do not specify Regions, Security Lake is enabled for all the
|
385
|
-
# Regions where Security Lake is available as a service.
|
380
|
+
# part of a trusted organization or standalone accounts. Once you add an
|
381
|
+
# Amazon Web Service as a source, Security Lake starts collecting logs
|
382
|
+
# and events from it,
|
386
383
|
#
|
387
384
|
# You can use this API only to enable natively supported Amazon Web
|
388
385
|
# Services as a source. Use `CreateCustomLogSource` to enable data
|
389
386
|
# collection from a custom source.
|
390
387
|
#
|
391
|
-
# @option params [
|
392
|
-
#
|
393
|
-
#
|
394
|
-
#
|
395
|
-
# @option params [Array<String>] :enable_single_dimension
|
396
|
-
# Enables data collection from all Amazon Web Services sources in
|
397
|
-
# specific accounts or Regions.
|
398
|
-
#
|
399
|
-
# @option params [Hash<String,Array>] :enable_two_dimensions
|
400
|
-
# Enables data collection from specific Amazon Web Services sources in
|
401
|
-
# specific accounts or Regions.
|
402
|
-
#
|
403
|
-
# @option params [required, Array<String>] :input_order
|
404
|
-
# Specifies the input order to enable dimensions in Security Lake,
|
405
|
-
# namely Region, source type, and member account.
|
388
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
389
|
+
# Specify the natively-supported Amazon Web Services service to add as a
|
390
|
+
# source in Security Lake.
|
406
391
|
#
|
407
392
|
# @return [Types::CreateAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
408
393
|
#
|
409
394
|
# * {Types::CreateAwsLogSourceResponse#failed #failed} => Array<String>
|
410
|
-
# * {Types::CreateAwsLogSourceResponse#processing #processing} => Array<String>
|
411
395
|
#
|
412
396
|
# @example Request syntax with placeholder values
|
413
397
|
#
|
414
398
|
# resp = client.create_aws_log_source({
|
415
|
-
#
|
416
|
-
#
|
417
|
-
#
|
399
|
+
# sources: [ # required
|
400
|
+
# {
|
401
|
+
# accounts: ["AwsAccountId"],
|
402
|
+
# regions: ["Region"], # required
|
403
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
404
|
+
# source_version: "AwsLogSourceVersion",
|
418
405
|
# },
|
419
|
-
#
|
420
|
-
# enable_single_dimension: ["SafeString"],
|
421
|
-
# enable_two_dimensions: {
|
422
|
-
# "String" => ["String"],
|
423
|
-
# },
|
424
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
406
|
+
# ],
|
425
407
|
# })
|
426
408
|
#
|
427
409
|
# @example Response structure
|
428
410
|
#
|
429
411
|
# resp.failed #=> Array
|
430
412
|
# resp.failed[0] #=> String
|
431
|
-
# resp.processing #=> Array
|
432
|
-
# resp.processing[0] #=> String
|
433
413
|
#
|
434
414
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateAwsLogSource AWS API Documentation
|
435
415
|
#
|
@@ -447,54 +427,113 @@ module Aws::SecurityLake
|
|
447
427
|
# crawler, use this API to add a custom source name in Security Lake.
|
448
428
|
# This operation creates a partition in the Amazon S3 bucket for
|
449
429
|
# Security Lake as the target location for log files from the custom
|
450
|
-
# source
|
430
|
+
# source. In addition, this operation also creates an associated Glue
|
431
|
+
# table and an Glue crawler.
|
451
432
|
#
|
452
|
-
# @option params [
|
453
|
-
# The
|
454
|
-
# unique value.
|
433
|
+
# @option params [Types::CustomLogSourceConfiguration] :configuration
|
434
|
+
# The configuration for the third-party custom source.
|
455
435
|
#
|
456
|
-
# @option params [
|
457
|
-
# The Open Cybersecurity Schema Framework (OCSF) event
|
436
|
+
# @option params [Array<String>] :event_classes
|
437
|
+
# The Open Cybersecurity Schema Framework (OCSF) event classes which
|
458
438
|
# describes the type of data that the custom source will send to
|
459
|
-
# Security Lake.
|
439
|
+
# Security Lake. The supported event classes are:
|
440
|
+
#
|
441
|
+
# * `ACCESS_ACTIVITY`
|
442
|
+
#
|
443
|
+
# * `FILE_ACTIVITY`
|
444
|
+
#
|
445
|
+
# * `KERNEL_ACTIVITY`
|
446
|
+
#
|
447
|
+
# * `KERNEL_EXTENSION`
|
448
|
+
#
|
449
|
+
# * `MEMORY_ACTIVITY`
|
450
|
+
#
|
451
|
+
# * `MODULE_ACTIVITY`
|
452
|
+
#
|
453
|
+
# * `PROCESS_ACTIVITY`
|
454
|
+
#
|
455
|
+
# * `REGISTRY_KEY_ACTIVITY`
|
456
|
+
#
|
457
|
+
# * `REGISTRY_VALUE_ACTIVITY`
|
458
|
+
#
|
459
|
+
# * `RESOURCE_ACTIVITY`
|
460
|
+
#
|
461
|
+
# * `SCHEDULED_JOB_ACTIVITY`
|
460
462
|
#
|
461
|
-
#
|
462
|
-
# The Amazon Resource Name (ARN) of the Identity and Access Management
|
463
|
-
# (IAM) role to be used by the Glue crawler. The recommended IAM
|
464
|
-
# policies are:
|
463
|
+
# * `SECURITY_FINDING`
|
465
464
|
#
|
466
|
-
# *
|
465
|
+
# * `ACCOUNT_CHANGE`
|
467
466
|
#
|
468
|
-
# *
|
467
|
+
# * `AUTHENTICATION`
|
469
468
|
#
|
470
|
-
#
|
471
|
-
#
|
472
|
-
#
|
469
|
+
# * `AUTHORIZATION`
|
470
|
+
#
|
471
|
+
# * `ENTITY_MANAGEMENT_AUDIT`
|
472
|
+
#
|
473
|
+
# * `DHCP_ACTIVITY`
|
474
|
+
#
|
475
|
+
# * `NETWORK_ACTIVITY`
|
476
|
+
#
|
477
|
+
# * `DNS_ACTIVITY`
|
478
|
+
#
|
479
|
+
# * `FTP_ACTIVITY`
|
480
|
+
#
|
481
|
+
# * `HTTP_ACTIVITY`
|
482
|
+
#
|
483
|
+
# * `RDP_ACTIVITY`
|
484
|
+
#
|
485
|
+
# * `SMB_ACTIVITY`
|
486
|
+
#
|
487
|
+
# * `SSH_ACTIVITY`
|
488
|
+
#
|
489
|
+
# * `CONFIG_STATE`
|
490
|
+
#
|
491
|
+
# * `INVENTORY_INFO`
|
492
|
+
#
|
493
|
+
# * `EMAIL_ACTIVITY`
|
494
|
+
#
|
495
|
+
# * `API_ACTIVITY`
|
496
|
+
#
|
497
|
+
# * `CLOUD_API`
|
498
|
+
#
|
499
|
+
# @option params [required, String] :source_name
|
500
|
+
# Specify the name for a third-party custom source. This must be a
|
501
|
+
# Regionally unique value.
|
502
|
+
#
|
503
|
+
# @option params [String] :source_version
|
504
|
+
# Specify the source version for the third-party custom source, to limit
|
505
|
+
# log collection to a specific version of custom data source.
|
473
506
|
#
|
474
507
|
# @return [Types::CreateCustomLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
475
508
|
#
|
476
|
-
# * {Types::CreateCustomLogSourceResponse#
|
477
|
-
# * {Types::CreateCustomLogSourceResponse#glue_crawler_name #glue_crawler_name} => String
|
478
|
-
# * {Types::CreateCustomLogSourceResponse#glue_database_name #glue_database_name} => String
|
479
|
-
# * {Types::CreateCustomLogSourceResponse#glue_table_name #glue_table_name} => String
|
480
|
-
# * {Types::CreateCustomLogSourceResponse#log_provider_access_role_arn #log_provider_access_role_arn} => String
|
509
|
+
# * {Types::CreateCustomLogSourceResponse#source #source} => Types::CustomLogSourceResource
|
481
510
|
#
|
482
511
|
# @example Request syntax with placeholder values
|
483
512
|
#
|
484
513
|
# resp = client.create_custom_log_source({
|
485
|
-
#
|
486
|
-
#
|
487
|
-
#
|
488
|
-
#
|
514
|
+
# configuration: {
|
515
|
+
# crawler_configuration: { # required
|
516
|
+
# role_arn: "RoleArn", # required
|
517
|
+
# },
|
518
|
+
# provider_identity: { # required
|
519
|
+
# external_id: "ExternalId", # required
|
520
|
+
# principal: "AwsPrincipal", # required
|
521
|
+
# },
|
522
|
+
# },
|
523
|
+
# event_classes: ["OcsfEventClass"],
|
524
|
+
# source_name: "CustomLogSourceName", # required
|
525
|
+
# source_version: "CustomLogSourceVersion",
|
489
526
|
# })
|
490
527
|
#
|
491
528
|
# @example Response structure
|
492
529
|
#
|
493
|
-
# resp.
|
494
|
-
# resp.
|
495
|
-
# resp.
|
496
|
-
# resp.
|
497
|
-
# resp.
|
530
|
+
# resp.source.attributes.crawler_arn #=> String
|
531
|
+
# resp.source.attributes.database_arn #=> String
|
532
|
+
# resp.source.attributes.table_arn #=> String
|
533
|
+
# resp.source.provider.location #=> String
|
534
|
+
# resp.source.provider.role_arn #=> String
|
535
|
+
# resp.source.source_name #=> String
|
536
|
+
# resp.source.source_version #=> String
|
498
537
|
#
|
499
538
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateCustomLogSource AWS API Documentation
|
500
539
|
#
|
@@ -508,15 +547,14 @@ module Aws::SecurityLake
|
|
508
547
|
# Initializes an Amazon Security Lake instance with the provided (or
|
509
548
|
# default) configuration. You can enable Security Lake in Amazon Web
|
510
549
|
# Services Regions with customized settings before enabling log
|
511
|
-
# collection in Regions.
|
512
|
-
#
|
513
|
-
#
|
514
|
-
#
|
515
|
-
#
|
516
|
-
#
|
517
|
-
#
|
518
|
-
#
|
519
|
-
# data lake in the Region with the specified configurations.
|
550
|
+
# collection in Regions. By default, the `CreateDataLake` Security Lake
|
551
|
+
# in all Regions. To specify particular Regions, configure these Regions
|
552
|
+
# using the `configurations` parameter. If you have already enabled
|
553
|
+
# Security Lake in a Region when you call this command, the command will
|
554
|
+
# update the Region if you provide new configuration parameters. If you
|
555
|
+
# have not already enabled Security Lake in the Region when you call
|
556
|
+
# this API, it will set up the data lake in the Region with the
|
557
|
+
# specified configurations.
|
520
558
|
#
|
521
559
|
# When you enable Security Lake, it starts ingesting security data after
|
522
560
|
# the `CreateAwsLogSource` call. This includes ingesting security data
|
@@ -530,145 +568,141 @@ module Aws::SecurityLake
|
|
530
568
|
#
|
531
569
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html
|
532
570
|
#
|
533
|
-
# @option params [
|
571
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
534
572
|
# Specify the Region or Regions that will contribute data to the rollup
|
535
573
|
# region.
|
536
574
|
#
|
537
|
-
# @option params [
|
538
|
-
# Enable Security Lake in all Regions.
|
539
|
-
#
|
540
|
-
# @option params [String] :meta_store_manager_role_arn
|
575
|
+
# @option params [required, String] :meta_store_manager_role_arn
|
541
576
|
# The Amazon Resource Name (ARN) used to create and update the Glue
|
542
577
|
# table. This table contains partitions generated by the ingestion and
|
543
578
|
# normalization of Amazon Web Services log sources and custom sources.
|
544
579
|
#
|
545
|
-
# @
|
546
|
-
# Enable Security Lake in the specified Regions. To enable Security Lake
|
547
|
-
# in specific Amazon Web Services Regions, such as us-east-1 or
|
548
|
-
# ap-northeast-3, provide the Region codes. For a list of Region codes,
|
549
|
-
# see [Amazon Security Lake endpoints][1] in the Amazon Web Services
|
550
|
-
# General Reference.
|
551
|
-
#
|
552
|
-
#
|
553
|
-
#
|
554
|
-
# [1]: https://docs.aws.amazon.com/general/latest/gr/securitylake.html
|
580
|
+
# @return [Types::CreateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
555
581
|
#
|
556
|
-
#
|
582
|
+
# * {Types::CreateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
557
583
|
#
|
558
584
|
# @example Request syntax with placeholder values
|
559
585
|
#
|
560
|
-
# resp = client.
|
561
|
-
# configurations:
|
562
|
-
#
|
563
|
-
#
|
564
|
-
#
|
565
|
-
#
|
566
|
-
#
|
567
|
-
# {
|
568
|
-
#
|
569
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
586
|
+
# resp = client.create_data_lake({
|
587
|
+
# configurations: [ # required
|
588
|
+
# {
|
589
|
+
# encryption_configuration: {
|
590
|
+
# kms_key_id: "String",
|
591
|
+
# },
|
592
|
+
# lifecycle_configuration: {
|
593
|
+
# expiration: {
|
594
|
+
# days: 1,
|
570
595
|
# },
|
571
|
-
#
|
572
|
-
#
|
573
|
-
#
|
596
|
+
# transitions: [
|
597
|
+
# {
|
598
|
+
# days: 1,
|
599
|
+
# storage_class: "DataLakeStorageClass",
|
600
|
+
# },
|
601
|
+
# ],
|
602
|
+
# },
|
603
|
+
# region: "Region", # required
|
604
|
+
# replication_configuration: {
|
605
|
+
# regions: ["Region"],
|
606
|
+
# role_arn: "RoleArn",
|
574
607
|
# },
|
575
608
|
# },
|
576
|
-
#
|
577
|
-
#
|
578
|
-
# meta_store_manager_role_arn: "RoleArn",
|
579
|
-
# regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
609
|
+
# ],
|
610
|
+
# meta_store_manager_role_arn: "RoleArn", # required
|
580
611
|
# })
|
581
612
|
#
|
582
|
-
# @
|
613
|
+
# @example Response structure
|
583
614
|
#
|
584
|
-
#
|
615
|
+
# resp.data_lakes #=> Array
|
616
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
617
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
618
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
619
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
620
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
621
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
622
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
623
|
+
# resp.data_lakes[0].region #=> String
|
624
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
625
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
626
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
627
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
628
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
629
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
630
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
631
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
632
|
+
#
|
633
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLake AWS API Documentation
|
634
|
+
#
|
635
|
+
# @overload create_data_lake(params = {})
|
585
636
|
# @param [Hash] params ({})
|
586
|
-
def
|
587
|
-
req = build_request(:
|
637
|
+
def create_data_lake(params = {}, options = {})
|
638
|
+
req = build_request(:create_data_lake, params)
|
588
639
|
req.send_request(options)
|
589
640
|
end
|
590
641
|
|
591
|
-
#
|
592
|
-
#
|
593
|
-
# existing member accounts in your organization.
|
594
|
-
#
|
595
|
-
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :configuration_for_new_accounts
|
596
|
-
# Enable Security Lake with the specified configuration settings to
|
597
|
-
# begin collecting security data for new accounts in your organization.
|
598
|
-
#
|
599
|
-
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
600
|
-
#
|
601
|
-
# @example Request syntax with placeholder values
|
602
|
-
#
|
603
|
-
# resp = client.create_datalake_auto_enable({
|
604
|
-
# configuration_for_new_accounts: [ # required
|
605
|
-
# {
|
606
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
607
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
608
|
-
# },
|
609
|
-
# ],
|
610
|
-
# })
|
642
|
+
# Creates the specified notification subscription in Amazon Security
|
643
|
+
# Lake for the organization you specify.
|
611
644
|
#
|
612
|
-
# @
|
645
|
+
# @option params [Integer] :exception_time_to_live
|
646
|
+
# The expiration period and time-to-live (TTL).
|
613
647
|
#
|
614
|
-
# @
|
615
|
-
#
|
616
|
-
|
617
|
-
req = build_request(:create_datalake_auto_enable, params)
|
618
|
-
req.send_request(options)
|
619
|
-
end
|
620
|
-
|
621
|
-
# Designates the Amazon Security Lake delegated administrator account
|
622
|
-
# for the organization. This API can only be called by the organization
|
623
|
-
# management account. The organization management account cannot be the
|
624
|
-
# delegated administrator account.
|
648
|
+
# @option params [required, String] :notification_endpoint
|
649
|
+
# The Amazon Web Services account where you want to receive exception
|
650
|
+
# notifications.
|
625
651
|
#
|
626
|
-
# @option params [required, String] :
|
627
|
-
# The
|
628
|
-
# administrator.
|
652
|
+
# @option params [required, String] :subscription_protocol
|
653
|
+
# The subscription protocol to which exception notifications are posted.
|
629
654
|
#
|
630
655
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
631
656
|
#
|
632
657
|
# @example Request syntax with placeholder values
|
633
658
|
#
|
634
|
-
# resp = client.
|
635
|
-
#
|
659
|
+
# resp = client.create_data_lake_exception_subscription({
|
660
|
+
# exception_time_to_live: 1,
|
661
|
+
# notification_endpoint: "SafeString", # required
|
662
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
636
663
|
# })
|
637
664
|
#
|
638
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
665
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeExceptionSubscription AWS API Documentation
|
639
666
|
#
|
640
|
-
# @overload
|
667
|
+
# @overload create_data_lake_exception_subscription(params = {})
|
641
668
|
# @param [Hash] params ({})
|
642
|
-
def
|
643
|
-
req = build_request(:
|
669
|
+
def create_data_lake_exception_subscription(params = {}, options = {})
|
670
|
+
req = build_request(:create_data_lake_exception_subscription, params)
|
644
671
|
req.send_request(options)
|
645
672
|
end
|
646
673
|
|
647
|
-
#
|
648
|
-
# Lake
|
649
|
-
#
|
650
|
-
# @option params [required, String] :notification_endpoint
|
651
|
-
# The Amazon Web Services account where you want to receive exception
|
652
|
-
# notifications.
|
674
|
+
# Automatically enables Amazon Security Lake for new member accounts in
|
675
|
+
# your organization. Security Lake is not automatically enabled for any
|
676
|
+
# existing member accounts in your organization.
|
653
677
|
#
|
654
|
-
# @option params [required,
|
655
|
-
#
|
678
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
679
|
+
# Enable Security Lake with the specified configuration settings, to
|
680
|
+
# begin collecting security data for new accounts in your organization.
|
656
681
|
#
|
657
682
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
658
683
|
#
|
659
684
|
# @example Request syntax with placeholder values
|
660
685
|
#
|
661
|
-
# resp = client.
|
662
|
-
#
|
663
|
-
#
|
686
|
+
# resp = client.create_data_lake_organization_configuration({
|
687
|
+
# auto_enable_new_account: [ # required
|
688
|
+
# {
|
689
|
+
# region: "Region", # required
|
690
|
+
# sources: [ # required
|
691
|
+
# {
|
692
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
693
|
+
# source_version: "AwsLogSourceVersion",
|
694
|
+
# },
|
695
|
+
# ],
|
696
|
+
# },
|
697
|
+
# ],
|
664
698
|
# })
|
665
699
|
#
|
666
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
700
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateDataLakeOrganizationConfiguration AWS API Documentation
|
667
701
|
#
|
668
|
-
# @overload
|
702
|
+
# @overload create_data_lake_organization_configuration(params = {})
|
669
703
|
# @param [Hash] params ({})
|
670
|
-
def
|
671
|
-
req = build_request(:
|
704
|
+
def create_data_lake_organization_configuration(params = {}, options = {})
|
705
|
+
req = build_request(:create_data_lake_organization_configuration, params)
|
672
706
|
req.send_request(options)
|
673
707
|
end
|
674
708
|
|
@@ -679,16 +713,7 @@ module Aws::SecurityLake
|
|
679
713
|
# @option params [Array<String>] :access_types
|
680
714
|
# The Amazon S3 or Lake Formation access type.
|
681
715
|
#
|
682
|
-
# @option params [required,
|
683
|
-
# The Amazon Web Services account ID used to access your data.
|
684
|
-
#
|
685
|
-
# @option params [required, String] :external_id
|
686
|
-
# The external ID of the subscriber. This lets the user that is assuming
|
687
|
-
# the role assert the circumstances in which they are operating. It also
|
688
|
-
# provides a way for the account owner to permit the role to be assumed
|
689
|
-
# only under specific circumstances.
|
690
|
-
#
|
691
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
716
|
+
# @option params [required, Array<Types::LogSourceResource>] :sources
|
692
717
|
# The supported Amazon Web Services from which logs and events are
|
693
718
|
# collected. Security Lake supports log and event collection for
|
694
719
|
# natively supported Amazon Web Services.
|
@@ -696,42 +721,77 @@ module Aws::SecurityLake
|
|
696
721
|
# @option params [String] :subscriber_description
|
697
722
|
# The description for your subscriber account in Security Lake.
|
698
723
|
#
|
724
|
+
# @option params [required, Types::AwsIdentity] :subscriber_identity
|
725
|
+
# The AWS identity used to access your data.
|
726
|
+
#
|
699
727
|
# @option params [required, String] :subscriber_name
|
700
728
|
# The name of your Security Lake subscriber account.
|
701
729
|
#
|
702
730
|
# @return [Types::CreateSubscriberResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
703
731
|
#
|
704
|
-
# * {Types::CreateSubscriberResponse#
|
705
|
-
# * {Types::CreateSubscriberResponse#resource_share_name #resource_share_name} => String
|
706
|
-
# * {Types::CreateSubscriberResponse#role_arn #role_arn} => String
|
707
|
-
# * {Types::CreateSubscriberResponse#s3_bucket_arn #s3_bucket_arn} => String
|
708
|
-
# * {Types::CreateSubscriberResponse#sns_arn #sns_arn} => String
|
709
|
-
# * {Types::CreateSubscriberResponse#subscription_id #subscription_id} => String
|
732
|
+
# * {Types::CreateSubscriberResponse#subscriber #subscriber} => Types::SubscriberResource
|
710
733
|
#
|
711
734
|
# @example Request syntax with placeholder values
|
712
735
|
#
|
713
736
|
# resp = client.create_subscriber({
|
714
737
|
# access_types: ["LAKEFORMATION"], # accepts LAKEFORMATION, S3
|
715
|
-
#
|
716
|
-
# external_id: "SafeString", # required
|
717
|
-
# source_types: [ # required
|
738
|
+
# sources: [ # required
|
718
739
|
# {
|
719
|
-
#
|
720
|
-
#
|
740
|
+
# aws_log_source: {
|
741
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
742
|
+
# source_version: "AwsLogSourceVersion",
|
743
|
+
# },
|
744
|
+
# custom_log_source: {
|
745
|
+
# attributes: {
|
746
|
+
# crawler_arn: "AmazonResourceName",
|
747
|
+
# database_arn: "AmazonResourceName",
|
748
|
+
# table_arn: "AmazonResourceName",
|
749
|
+
# },
|
750
|
+
# provider: {
|
751
|
+
# location: "S3URI",
|
752
|
+
# role_arn: "RoleArn",
|
753
|
+
# },
|
754
|
+
# source_name: "CustomLogSourceName",
|
755
|
+
# source_version: "CustomLogSourceVersion",
|
756
|
+
# },
|
721
757
|
# },
|
722
758
|
# ],
|
723
759
|
# subscriber_description: "DescriptionString",
|
760
|
+
# subscriber_identity: { # required
|
761
|
+
# external_id: "ExternalId", # required
|
762
|
+
# principal: "AwsPrincipal", # required
|
763
|
+
# },
|
724
764
|
# subscriber_name: "CreateSubscriberRequestSubscriberNameString", # required
|
725
765
|
# })
|
726
766
|
#
|
727
767
|
# @example Response structure
|
728
768
|
#
|
729
|
-
# resp.
|
730
|
-
# resp.
|
731
|
-
# resp.
|
732
|
-
# resp.
|
733
|
-
# resp.
|
734
|
-
# resp.
|
769
|
+
# resp.subscriber.access_types #=> Array
|
770
|
+
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
771
|
+
# resp.subscriber.created_at #=> Time
|
772
|
+
# resp.subscriber.resource_share_arn #=> String
|
773
|
+
# resp.subscriber.resource_share_name #=> String
|
774
|
+
# resp.subscriber.role_arn #=> String
|
775
|
+
# resp.subscriber.s3_bucket_arn #=> String
|
776
|
+
# resp.subscriber.sources #=> Array
|
777
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
778
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
779
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
780
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
781
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
782
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
783
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
784
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
785
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
786
|
+
# resp.subscriber.subscriber_arn #=> String
|
787
|
+
# resp.subscriber.subscriber_description #=> String
|
788
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
789
|
+
# resp.subscriber.subscriber_id #=> String
|
790
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
791
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
792
|
+
# resp.subscriber.subscriber_name #=> String
|
793
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
794
|
+
# resp.subscriber.updated_at #=> Time
|
735
795
|
#
|
736
796
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriber AWS API Documentation
|
737
797
|
#
|
@@ -746,133 +806,84 @@ module Aws::SecurityLake
|
|
746
806
|
# the sources that the subscriber consumes in Security Lake. You can
|
747
807
|
# create only one subscriber notification per subscriber.
|
748
808
|
#
|
749
|
-
# @option params [
|
750
|
-
#
|
751
|
-
#
|
752
|
-
# @option params [String] :https_api_key_name
|
753
|
-
# The key name for the notification subscription.
|
754
|
-
#
|
755
|
-
# @option params [String] :https_api_key_value
|
756
|
-
# The key value for the notification subscription.
|
809
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
810
|
+
# Specify the configuration using which you want to create the
|
811
|
+
# subscriber notification.
|
757
812
|
#
|
758
|
-
# @option params [String] :
|
759
|
-
# The
|
813
|
+
# @option params [required, String] :subscriber_id
|
814
|
+
# The subscriber ID for the notification subscription.
|
760
815
|
#
|
761
|
-
# @
|
762
|
-
# The Amazon Resource Name (ARN) of the EventBridge API destinations IAM
|
763
|
-
# role that you created. For more information about ARNs and how to use
|
764
|
-
# them in policies, see [Managing data access][1] and [Amazon Web
|
765
|
-
# Services Managed Policies][2] in the Amazon Security Lake User Guide.
|
816
|
+
# @return [Types::CreateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
766
817
|
#
|
767
|
-
#
|
768
|
-
#
|
769
|
-
# [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
|
770
|
-
# [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
|
771
|
-
#
|
772
|
-
# @option params [String] :subscription_endpoint
|
773
|
-
# The subscription endpoint in Security Lake. If you prefer notification
|
774
|
-
# with an HTTPs endpoint, populate this field.
|
775
|
-
#
|
776
|
-
# @option params [required, String] :subscription_id
|
777
|
-
# The subscription ID for the notification subscription.
|
778
|
-
#
|
779
|
-
# @return [Types::CreateSubscriptionNotificationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
780
|
-
#
|
781
|
-
# * {Types::CreateSubscriptionNotificationConfigurationResponse#queue_arn #queue_arn} => String
|
818
|
+
# * {Types::CreateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
782
819
|
#
|
783
820
|
# @example Request syntax with placeholder values
|
784
821
|
#
|
785
|
-
# resp = client.
|
786
|
-
#
|
787
|
-
#
|
788
|
-
#
|
789
|
-
#
|
790
|
-
#
|
791
|
-
#
|
792
|
-
#
|
822
|
+
# resp = client.create_subscriber_notification({
|
823
|
+
# configuration: { # required
|
824
|
+
# https_notification_configuration: {
|
825
|
+
# authorization_api_key_name: "String",
|
826
|
+
# authorization_api_key_value: "String",
|
827
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
828
|
+
# http_method: "POST", # accepts POST, PUT
|
829
|
+
# target_role_arn: "RoleArn", # required
|
830
|
+
# },
|
831
|
+
# sqs_notification_configuration: {
|
832
|
+
# },
|
833
|
+
# },
|
834
|
+
# subscriber_id: "UUID", # required
|
793
835
|
# })
|
794
836
|
#
|
795
837
|
# @example Response structure
|
796
838
|
#
|
797
|
-
# resp.
|
839
|
+
# resp.subscriber_endpoint #=> String
|
798
840
|
#
|
799
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
841
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/CreateSubscriberNotification AWS API Documentation
|
800
842
|
#
|
801
|
-
# @overload
|
843
|
+
# @overload create_subscriber_notification(params = {})
|
802
844
|
# @param [Hash] params ({})
|
803
|
-
def
|
804
|
-
req = build_request(:
|
845
|
+
def create_subscriber_notification(params = {}, options = {})
|
846
|
+
req = build_request(:create_subscriber_notification, params)
|
805
847
|
req.send_request(options)
|
806
848
|
end
|
807
849
|
|
808
850
|
# Removes a natively supported Amazon Web Service as an Amazon Security
|
809
|
-
# Lake source.
|
810
|
-
#
|
811
|
-
#
|
812
|
-
#
|
851
|
+
# Lake source. You can remove a source for one or more Regions. When you
|
852
|
+
# remove the source, Security Lake stops collecting data from that
|
853
|
+
# source in the specified Regions and accounts, and subscribers can no
|
854
|
+
# longer consume new data from the source. However, subscribers can
|
855
|
+
# still consume data that Security Lake collected from the source before
|
856
|
+
# removal.
|
813
857
|
#
|
814
858
|
# You can choose any source type in any Amazon Web Services Region for
|
815
859
|
# either accounts that are part of a trusted organization or standalone
|
816
|
-
# accounts.
|
817
|
-
#
|
818
|
-
#
|
819
|
-
#
|
820
|
-
#
|
821
|
-
# when you supply any one of the inputs. For instance, when you do not
|
822
|
-
# specify members, the API disables all Security Lake member accounts
|
823
|
-
# for sources. Similarly, when you do not specify Regions, Security Lake
|
824
|
-
# is disabled for all the Regions where Security Lake is available as a
|
825
|
-
# service.
|
826
|
-
#
|
827
|
-
# When you don't provide a dimension, Security Lake assumes that the
|
828
|
-
# missing dimension refers to the entire set. For example, if you don't
|
829
|
-
# provide specific accounts, the API applies to the entire set of
|
830
|
-
# accounts in your organization.
|
831
|
-
#
|
832
|
-
# @option params [Hash<String,Hash>] :disable_all_dimensions
|
833
|
-
# Removes the specific Amazon Web Services sources from specific
|
834
|
-
# accounts and specific Regions.
|
835
|
-
#
|
836
|
-
# @option params [Array<String>] :disable_single_dimension
|
837
|
-
# Removes all Amazon Web Services sources from specific accounts or
|
838
|
-
# Regions.
|
839
|
-
#
|
840
|
-
# @option params [Hash<String,Array>] :disable_two_dimensions
|
841
|
-
# Remove a specific Amazon Web Services source from specific accounts or
|
842
|
-
# Regions.
|
843
|
-
#
|
844
|
-
# @option params [required, Array<String>] :input_order
|
845
|
-
# This is a mandatory input. Specify the input order to disable
|
846
|
-
# dimensions in Security Lake, namely Region (Amazon Web Services Region
|
847
|
-
# code, source type, and member (account ID of a specific Amazon Web
|
848
|
-
# Services account).
|
860
|
+
# accounts.
|
861
|
+
#
|
862
|
+
# @option params [required, Array<Types::AwsLogSourceConfiguration>] :sources
|
863
|
+
# Specify the natively-supported Amazon Web Services service to remove
|
864
|
+
# as a source in Security Lake.
|
849
865
|
#
|
850
866
|
# @return [Types::DeleteAwsLogSourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
851
867
|
#
|
852
868
|
# * {Types::DeleteAwsLogSourceResponse#failed #failed} => Array<String>
|
853
|
-
# * {Types::DeleteAwsLogSourceResponse#processing #processing} => Array<String>
|
854
869
|
#
|
855
870
|
# @example Request syntax with placeholder values
|
856
871
|
#
|
857
872
|
# resp = client.delete_aws_log_source({
|
858
|
-
#
|
859
|
-
#
|
860
|
-
#
|
873
|
+
# sources: [ # required
|
874
|
+
# {
|
875
|
+
# accounts: ["AwsAccountId"],
|
876
|
+
# regions: ["Region"], # required
|
877
|
+
# source_name: "ROUTE53", # required, accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
878
|
+
# source_version: "AwsLogSourceVersion",
|
861
879
|
# },
|
862
|
-
#
|
863
|
-
# disable_single_dimension: ["SafeString"],
|
864
|
-
# disable_two_dimensions: {
|
865
|
-
# "String" => ["String"],
|
866
|
-
# },
|
867
|
-
# input_order: ["REGION"], # required, accepts REGION, SOURCE_TYPE, MEMBER
|
880
|
+
# ],
|
868
881
|
# })
|
869
882
|
#
|
870
883
|
# @example Response structure
|
871
884
|
#
|
872
885
|
# resp.failed #=> Array
|
873
886
|
# resp.failed[0] #=> String
|
874
|
-
# resp.processing #=> Array
|
875
|
-
# resp.processing[0] #=> String
|
876
887
|
#
|
877
888
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteAwsLogSource AWS API Documentation
|
878
889
|
#
|
@@ -883,25 +894,25 @@ module Aws::SecurityLake
|
|
883
894
|
req.send_request(options)
|
884
895
|
end
|
885
896
|
|
886
|
-
# Removes a custom log source from Amazon Security Lake
|
897
|
+
# Removes a custom log source from Amazon Security Lake, to stop sending
|
898
|
+
# data from the custom source to Security Lake.
|
887
899
|
#
|
888
|
-
# @option params [required, String] :
|
889
|
-
# The
|
900
|
+
# @option params [required, String] :source_name
|
901
|
+
# The source name of custom log source that you want to delete.
|
890
902
|
#
|
891
|
-
# @
|
903
|
+
# @option params [String] :source_version
|
904
|
+
# The source version for the third-party custom source. You can limit
|
905
|
+
# the custom source removal to the specified source version.
|
892
906
|
#
|
893
|
-
#
|
907
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
894
908
|
#
|
895
909
|
# @example Request syntax with placeholder values
|
896
910
|
#
|
897
911
|
# resp = client.delete_custom_log_source({
|
898
|
-
#
|
912
|
+
# source_name: "CustomLogSourceName", # required
|
913
|
+
# source_version: "CustomLogSourceVersion",
|
899
914
|
# })
|
900
915
|
#
|
901
|
-
# @example Response structure
|
902
|
-
#
|
903
|
-
# resp.custom_data_location #=> String
|
904
|
-
#
|
905
916
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteCustomLogSource AWS API Documentation
|
906
917
|
#
|
907
918
|
# @overload delete_custom_log_source(params = {})
|
@@ -911,117 +922,103 @@ module Aws::SecurityLake
|
|
911
922
|
req.send_request(options)
|
912
923
|
end
|
913
924
|
|
914
|
-
# When you
|
915
|
-
# is disabled in all Amazon Web Services Regions
|
916
|
-
#
|
925
|
+
# When you disable Amazon Security Lake from your account, Security Lake
|
926
|
+
# is disabled in all Amazon Web Services Regions and it stops collecting
|
927
|
+
# data from your sources. Also, this API automatically takes steps to
|
928
|
+
# remove the account from Security Lake. However, Security Lake retains
|
929
|
+
# all of your existing settings and the resources that it created in
|
930
|
+
# your Amazon Web Services account in the current Amazon Web Services
|
931
|
+
# Region.
|
917
932
|
#
|
918
|
-
#
|
919
|
-
#
|
920
|
-
#
|
921
|
-
#
|
922
|
-
# current Region, including security log and event data. The
|
923
|
-
# `DeleteDatalake` operation does not delete the Amazon S3 bucket, which
|
924
|
-
# is owned by your Amazon Web Services account. For more information,
|
925
|
-
# see the [Amazon Security Lake User Guide][1].
|
933
|
+
# The `DeleteDataLake` operation does not delete the data that is stored
|
934
|
+
# in your Amazon S3 bucket, which is owned by your Amazon Web Services
|
935
|
+
# account. For more information, see the [Amazon Security Lake User
|
936
|
+
# Guide][1].
|
926
937
|
#
|
927
938
|
#
|
928
939
|
#
|
929
940
|
# [1]: https://docs.aws.amazon.com/security-lake/latest/userguide/disable-security-lake.html
|
930
941
|
#
|
931
|
-
# @
|
932
|
-
#
|
933
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalake AWS API Documentation
|
934
|
-
#
|
935
|
-
# @overload delete_datalake(params = {})
|
936
|
-
# @param [Hash] params ({})
|
937
|
-
def delete_datalake(params = {}, options = {})
|
938
|
-
req = build_request(:delete_datalake, params)
|
939
|
-
req.send_request(options)
|
940
|
-
end
|
941
|
-
|
942
|
-
# `DeleteDatalakeAutoEnable` removes automatic enablement of
|
943
|
-
# configuration settings for new member accounts (but keeps settings for
|
944
|
-
# the delegated administrator) from Amazon Security Lake. You must run
|
945
|
-
# this API using credentials of the delegated administrator. When you
|
946
|
-
# run this API, new member accounts that are added after the
|
947
|
-
# organization enables Security Lake won't contribute to the data lake.
|
948
|
-
#
|
949
|
-
# @option params [required, Array<Types::AutoEnableNewRegionConfiguration>] :remove_from_configuration_for_new_accounts
|
950
|
-
# Remove automatic enablement of configuration settings for new member
|
951
|
-
# accounts in Security Lake.
|
942
|
+
# @option params [required, Array<String>] :regions
|
943
|
+
# The list of Regions where Security Lake is enabled.
|
952
944
|
#
|
953
945
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
954
946
|
#
|
955
947
|
# @example Request syntax with placeholder values
|
956
948
|
#
|
957
|
-
# resp = client.
|
958
|
-
#
|
959
|
-
# {
|
960
|
-
# region: "us-east-1", # required, accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
961
|
-
# sources: ["ROUTE53"], # required, accepts ROUTE53, VPC_FLOW, CLOUD_TRAIL, SH_FINDINGS
|
962
|
-
# },
|
963
|
-
# ],
|
949
|
+
# resp = client.delete_data_lake({
|
950
|
+
# regions: ["Region"], # required
|
964
951
|
# })
|
965
952
|
#
|
966
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
953
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLake AWS API Documentation
|
967
954
|
#
|
968
|
-
# @overload
|
955
|
+
# @overload delete_data_lake(params = {})
|
969
956
|
# @param [Hash] params ({})
|
970
|
-
def
|
971
|
-
req = build_request(:
|
957
|
+
def delete_data_lake(params = {}, options = {})
|
958
|
+
req = build_request(:delete_data_lake, params)
|
972
959
|
req.send_request(options)
|
973
960
|
end
|
974
961
|
|
975
|
-
# Deletes the
|
976
|
-
# the organization
|
977
|
-
# management account. The organization management account cannot be the
|
978
|
-
# delegated administrator account.
|
979
|
-
#
|
980
|
-
# @option params [required, String] :account
|
981
|
-
# The account ID the Security Lake delegated administrator.
|
962
|
+
# Deletes the specified notification subscription in Amazon Security
|
963
|
+
# Lake for the organization you specify.
|
982
964
|
#
|
983
965
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
984
966
|
#
|
985
|
-
# @
|
967
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeExceptionSubscription AWS API Documentation
|
986
968
|
#
|
987
|
-
#
|
988
|
-
# account: "SafeString", # required
|
989
|
-
# })
|
990
|
-
#
|
991
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDatalakeDelegatedAdmin AWS API Documentation
|
992
|
-
#
|
993
|
-
# @overload delete_datalake_delegated_admin(params = {})
|
969
|
+
# @overload delete_data_lake_exception_subscription(params = {})
|
994
970
|
# @param [Hash] params ({})
|
995
|
-
def
|
996
|
-
req = build_request(:
|
971
|
+
def delete_data_lake_exception_subscription(params = {}, options = {})
|
972
|
+
req = build_request(:delete_data_lake_exception_subscription, params)
|
997
973
|
req.send_request(options)
|
998
974
|
end
|
999
975
|
|
1000
|
-
#
|
1001
|
-
#
|
976
|
+
# Removes automatic the enablement of configuration settings for new
|
977
|
+
# member accounts (but retains the settings for the delegated
|
978
|
+
# administrator) from Amazon Security Lake. You must run this API using
|
979
|
+
# the credentials of the delegated administrator. When you run this API,
|
980
|
+
# new member accounts that are added after the organization enables
|
981
|
+
# Security Lake won't contribute to the data lake.
|
1002
982
|
#
|
1003
|
-
# @
|
983
|
+
# @option params [required, Array<Types::DataLakeAutoEnableNewAccountConfiguration>] :auto_enable_new_account
|
984
|
+
# Removes the automatic enablement of configuration settings for new
|
985
|
+
# member accounts in Security Lake.
|
1004
986
|
#
|
1005
|
-
#
|
987
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1006
988
|
#
|
1007
|
-
# @example
|
989
|
+
# @example Request syntax with placeholder values
|
1008
990
|
#
|
1009
|
-
# resp
|
991
|
+
# resp = client.delete_data_lake_organization_configuration({
|
992
|
+
# auto_enable_new_account: [ # required
|
993
|
+
# {
|
994
|
+
# region: "Region", # required
|
995
|
+
# sources: [ # required
|
996
|
+
# {
|
997
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
998
|
+
# source_version: "AwsLogSourceVersion",
|
999
|
+
# },
|
1000
|
+
# ],
|
1001
|
+
# },
|
1002
|
+
# ],
|
1003
|
+
# })
|
1010
1004
|
#
|
1011
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1005
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteDataLakeOrganizationConfiguration AWS API Documentation
|
1012
1006
|
#
|
1013
|
-
# @overload
|
1007
|
+
# @overload delete_data_lake_organization_configuration(params = {})
|
1014
1008
|
# @param [Hash] params ({})
|
1015
|
-
def
|
1016
|
-
req = build_request(:
|
1009
|
+
def delete_data_lake_organization_configuration(params = {}, options = {})
|
1010
|
+
req = build_request(:delete_data_lake_organization_configuration, params)
|
1017
1011
|
req.send_request(options)
|
1018
1012
|
end
|
1019
1013
|
|
1020
|
-
# Deletes the subscription permission
|
1021
|
-
# enabled in Amazon Security Lake.
|
1022
|
-
#
|
1023
|
-
#
|
1024
|
-
#
|
1014
|
+
# Deletes the subscription permission and all notification settings for
|
1015
|
+
# accounts that are already enabled in Amazon Security Lake. When you
|
1016
|
+
# run `DeleteSubscriber`, the subscriber will no longer consume data
|
1017
|
+
# from Security Lake and the subscriber is removed. This operation
|
1018
|
+
# deletes the subscriber and removes access to data in the current
|
1019
|
+
# Amazon Web Services Region.
|
1020
|
+
#
|
1021
|
+
# @option params [required, String] :subscriber_id
|
1025
1022
|
# A value created by Security Lake that uniquely identifies your
|
1026
1023
|
# `DeleteSubscriber` API request.
|
1027
1024
|
#
|
@@ -1030,7 +1027,7 @@ module Aws::SecurityLake
|
|
1030
1027
|
# @example Request syntax with placeholder values
|
1031
1028
|
#
|
1032
1029
|
# resp = client.delete_subscriber({
|
1033
|
-
#
|
1030
|
+
# subscriber_id: "UUID", # required
|
1034
1031
|
# })
|
1035
1032
|
#
|
1036
1033
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriber AWS API Documentation
|
@@ -1045,128 +1042,89 @@ module Aws::SecurityLake
|
|
1045
1042
|
# Deletes the specified notification subscription in Amazon Security
|
1046
1043
|
# Lake for the organization you specify.
|
1047
1044
|
#
|
1048
|
-
# @option params [required, String] :
|
1045
|
+
# @option params [required, String] :subscriber_id
|
1049
1046
|
# The ID of the Security Lake subscriber account.
|
1050
1047
|
#
|
1051
1048
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1052
1049
|
#
|
1053
1050
|
# @example Request syntax with placeholder values
|
1054
1051
|
#
|
1055
|
-
# resp = client.
|
1056
|
-
#
|
1052
|
+
# resp = client.delete_subscriber_notification({
|
1053
|
+
# subscriber_id: "UUID", # required
|
1057
1054
|
# })
|
1058
1055
|
#
|
1059
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1056
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeleteSubscriberNotification AWS API Documentation
|
1060
1057
|
#
|
1061
|
-
# @overload
|
1058
|
+
# @overload delete_subscriber_notification(params = {})
|
1062
1059
|
# @param [Hash] params ({})
|
1063
|
-
def
|
1064
|
-
req = build_request(:
|
1060
|
+
def delete_subscriber_notification(params = {}, options = {})
|
1061
|
+
req = build_request(:delete_subscriber_notification, params)
|
1065
1062
|
req.send_request(options)
|
1066
1063
|
end
|
1067
1064
|
|
1068
|
-
#
|
1069
|
-
#
|
1070
|
-
#
|
1071
|
-
#
|
1072
|
-
#
|
1073
|
-
# @return [Types::GetDatalakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1074
|
-
#
|
1075
|
-
# * {Types::GetDatalakeResponse#configurations #configurations} => Hash<String,Types::LakeConfigurationResponse>
|
1076
|
-
#
|
1077
|
-
# @example Response structure
|
1078
|
-
#
|
1079
|
-
# resp.configurations #=> Hash
|
1080
|
-
# resp.configurations["Region"].encryption_key #=> String
|
1081
|
-
# resp.configurations["Region"].replication_destination_regions #=> Array
|
1082
|
-
# resp.configurations["Region"].replication_destination_regions[0] #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1083
|
-
# resp.configurations["Region"].replication_role_arn #=> String
|
1084
|
-
# resp.configurations["Region"].retention_settings #=> Array
|
1085
|
-
# resp.configurations["Region"].retention_settings[0].retention_period #=> Integer
|
1086
|
-
# resp.configurations["Region"].retention_settings[0].storage_class #=> String, one of "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER_IR", "GLACIER", "DEEP_ARCHIVE", "EXPIRE"
|
1087
|
-
# resp.configurations["Region"].s3_bucket_arn #=> String
|
1088
|
-
# resp.configurations["Region"].status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1089
|
-
# resp.configurations["Region"].tags_map #=> Hash
|
1090
|
-
# resp.configurations["Region"].tags_map["String"] #=> String
|
1091
|
-
# resp.configurations["Region"].update_status.last_update_failure.code #=> String
|
1092
|
-
# resp.configurations["Region"].update_status.last_update_failure.reason #=> String
|
1093
|
-
# resp.configurations["Region"].update_status.last_update_request_id #=> String
|
1094
|
-
# resp.configurations["Region"].update_status.last_update_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1095
|
-
#
|
1096
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDatalake AWS API Documentation
|
1097
|
-
#
|
1098
|
-
# @overload get_datalake(params = {})
|
1099
|
-
# @param [Hash] params ({})
|
1100
|
-
def get_datalake(params = {}, options = {})
|
1101
|
-
req = build_request(:get_datalake, params)
|
1102
|
-
req.send_request(options)
|
1103
|
-
end
|
1104
|
-
|
1105
|
-
# Retrieves the configuration that will be automatically set up for
|
1106
|
-
# accounts added to the organization after the organization has
|
1107
|
-
# onboarded to Amazon Security Lake. This API does not take input
|
1108
|
-
# parameters.
|
1109
|
-
#
|
1110
|
-
# @return [Types::GetDatalakeAutoEnableResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1111
|
-
#
|
1112
|
-
# * {Types::GetDatalakeAutoEnableResponse#auto_enable_new_accounts #auto_enable_new_accounts} => Array<Types::AutoEnableNewRegionConfiguration>
|
1113
|
-
#
|
1114
|
-
# @example Response structure
|
1065
|
+
# Deletes the Amazon Security Lake delegated administrator account for
|
1066
|
+
# the organization. This API can only be called by the organization
|
1067
|
+
# management account. The organization management account cannot be the
|
1068
|
+
# delegated administrator account.
|
1115
1069
|
#
|
1116
|
-
#
|
1117
|
-
# resp.auto_enable_new_accounts[0].region #=> String, one of "us-east-1", "us-west-2", "eu-central-1", "us-east-2", "eu-west-1", "ap-northeast-1", "ap-southeast-2"
|
1118
|
-
# resp.auto_enable_new_accounts[0].sources #=> Array
|
1119
|
-
# resp.auto_enable_new_accounts[0].sources[0] #=> String, one of "ROUTE53", "VPC_FLOW", "CLOUD_TRAIL", "SH_FINDINGS"
|
1070
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1120
1071
|
#
|
1121
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1072
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/DeregisterDataLakeDelegatedAdministrator AWS API Documentation
|
1122
1073
|
#
|
1123
|
-
# @overload
|
1074
|
+
# @overload deregister_data_lake_delegated_administrator(params = {})
|
1124
1075
|
# @param [Hash] params ({})
|
1125
|
-
def
|
1126
|
-
req = build_request(:
|
1076
|
+
def deregister_data_lake_delegated_administrator(params = {}, options = {})
|
1077
|
+
req = build_request(:deregister_data_lake_delegated_administrator, params)
|
1127
1078
|
req.send_request(options)
|
1128
1079
|
end
|
1129
1080
|
|
1130
|
-
# Retrieves the
|
1131
|
-
#
|
1132
|
-
# weeks from when a record was created in Amazon Security Lake. This API
|
1133
|
-
# does not take input parameters.
|
1081
|
+
# Retrieves the details of exception notifications for the account in
|
1082
|
+
# Amazon Security Lake.
|
1134
1083
|
#
|
1135
|
-
# @return [Types::
|
1084
|
+
# @return [Types::GetDataLakeExceptionSubscriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1136
1085
|
#
|
1137
|
-
# * {Types::
|
1086
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#exception_time_to_live #exception_time_to_live} => Integer
|
1087
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#notification_endpoint #notification_endpoint} => String
|
1088
|
+
# * {Types::GetDataLakeExceptionSubscriptionResponse#subscription_protocol #subscription_protocol} => String
|
1138
1089
|
#
|
1139
1090
|
# @example Response structure
|
1140
1091
|
#
|
1141
|
-
# resp.
|
1092
|
+
# resp.exception_time_to_live #=> Integer
|
1093
|
+
# resp.notification_endpoint #=> String
|
1094
|
+
# resp.subscription_protocol #=> String
|
1142
1095
|
#
|
1143
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1096
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeExceptionSubscription AWS API Documentation
|
1144
1097
|
#
|
1145
|
-
# @overload
|
1098
|
+
# @overload get_data_lake_exception_subscription(params = {})
|
1146
1099
|
# @param [Hash] params ({})
|
1147
|
-
def
|
1148
|
-
req = build_request(:
|
1100
|
+
def get_data_lake_exception_subscription(params = {}, options = {})
|
1101
|
+
req = build_request(:get_data_lake_exception_subscription, params)
|
1149
1102
|
req.send_request(options)
|
1150
1103
|
end
|
1151
1104
|
|
1152
|
-
# Retrieves the
|
1153
|
-
#
|
1105
|
+
# Retrieves the configuration that will be automatically set up for
|
1106
|
+
# accounts added to the organization after the organization has
|
1107
|
+
# onboarded to Amazon Security Lake. This API does not take input
|
1108
|
+
# parameters.
|
1154
1109
|
#
|
1155
|
-
# @return [Types::
|
1110
|
+
# @return [Types::GetDataLakeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1156
1111
|
#
|
1157
|
-
# * {Types::
|
1112
|
+
# * {Types::GetDataLakeOrganizationConfigurationResponse#auto_enable_new_account #auto_enable_new_account} => Array<Types::DataLakeAutoEnableNewAccountConfiguration>
|
1158
1113
|
#
|
1159
1114
|
# @example Response structure
|
1160
1115
|
#
|
1161
|
-
# resp.
|
1162
|
-
# resp.
|
1116
|
+
# resp.auto_enable_new_account #=> Array
|
1117
|
+
# resp.auto_enable_new_account[0].region #=> String
|
1118
|
+
# resp.auto_enable_new_account[0].sources #=> Array
|
1119
|
+
# resp.auto_enable_new_account[0].sources[0].source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1120
|
+
# resp.auto_enable_new_account[0].sources[0].source_version #=> String
|
1163
1121
|
#
|
1164
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1122
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeOrganizationConfiguration AWS API Documentation
|
1165
1123
|
#
|
1166
|
-
# @overload
|
1124
|
+
# @overload get_data_lake_organization_configuration(params = {})
|
1167
1125
|
# @param [Hash] params ({})
|
1168
|
-
def
|
1169
|
-
req = build_request(:
|
1126
|
+
def get_data_lake_organization_configuration(params = {}, options = {})
|
1127
|
+
req = build_request(:get_data_lake_organization_configuration, params)
|
1170
1128
|
req.send_request(options)
|
1171
1129
|
end
|
1172
1130
|
|
@@ -1174,12 +1132,12 @@ module Aws::SecurityLake
|
|
1174
1132
|
# Security Lake is enabled for those accounts and which sources Security
|
1175
1133
|
# Lake is collecting data from.
|
1176
1134
|
#
|
1177
|
-
# @option params [Array<String>] :
|
1135
|
+
# @option params [Array<String>] :accounts
|
1178
1136
|
# The Amazon Web Services account ID for which a static snapshot of the
|
1179
1137
|
# current Amazon Web Services Region, including enabled accounts and log
|
1180
1138
|
# sources, is retrieved.
|
1181
1139
|
#
|
1182
|
-
# @option params [Integer] :
|
1140
|
+
# @option params [Integer] :max_results
|
1183
1141
|
# The maximum limit of accounts for which the static snapshot of the
|
1184
1142
|
# current Region, including enabled accounts and log sources, is
|
1185
1143
|
# retrieved.
|
@@ -1193,45 +1151,48 @@ module Aws::SecurityLake
|
|
1193
1151
|
# Each pagination token expires after 24 hours. Using an expired
|
1194
1152
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1195
1153
|
#
|
1196
|
-
# @return [Types::
|
1154
|
+
# @return [Types::GetDataLakeSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1197
1155
|
#
|
1198
|
-
# * {Types::
|
1199
|
-
# * {Types::
|
1156
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_arn #data_lake_arn} => String
|
1157
|
+
# * {Types::GetDataLakeSourcesResponse#data_lake_sources #data_lake_sources} => Array<Types::DataLakeSource>
|
1158
|
+
# * {Types::GetDataLakeSourcesResponse#next_token #next_token} => String
|
1200
1159
|
#
|
1201
1160
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1202
1161
|
#
|
1203
1162
|
# @example Request syntax with placeholder values
|
1204
1163
|
#
|
1205
|
-
# resp = client.
|
1206
|
-
#
|
1207
|
-
#
|
1208
|
-
# next_token: "
|
1164
|
+
# resp = client.get_data_lake_sources({
|
1165
|
+
# accounts: ["AwsAccountId"],
|
1166
|
+
# max_results: 1,
|
1167
|
+
# next_token: "NextToken",
|
1209
1168
|
# })
|
1210
1169
|
#
|
1211
1170
|
# @example Response structure
|
1212
1171
|
#
|
1213
|
-
# resp.
|
1214
|
-
# resp.
|
1215
|
-
# resp.
|
1216
|
-
# resp.
|
1217
|
-
# resp.
|
1218
|
-
# resp.
|
1219
|
-
# resp.
|
1172
|
+
# resp.data_lake_arn #=> String
|
1173
|
+
# resp.data_lake_sources #=> Array
|
1174
|
+
# resp.data_lake_sources[0].account #=> String
|
1175
|
+
# resp.data_lake_sources[0].event_classes #=> Array
|
1176
|
+
# resp.data_lake_sources[0].event_classes[0] #=> String
|
1177
|
+
# resp.data_lake_sources[0].source_name #=> String
|
1178
|
+
# resp.data_lake_sources[0].source_statuses #=> Array
|
1179
|
+
# resp.data_lake_sources[0].source_statuses[0].resource #=> String
|
1180
|
+
# resp.data_lake_sources[0].source_statuses[0].status #=> String, one of "COLLECTING", "MISCONFIGURED", "NOT_COLLECTING"
|
1220
1181
|
# resp.next_token #=> String
|
1221
1182
|
#
|
1222
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1183
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetDataLakeSources AWS API Documentation
|
1223
1184
|
#
|
1224
|
-
# @overload
|
1185
|
+
# @overload get_data_lake_sources(params = {})
|
1225
1186
|
# @param [Hash] params ({})
|
1226
|
-
def
|
1227
|
-
req = build_request(:
|
1187
|
+
def get_data_lake_sources(params = {}, options = {})
|
1188
|
+
req = build_request(:get_data_lake_sources, params)
|
1228
1189
|
req.send_request(options)
|
1229
1190
|
end
|
1230
1191
|
|
1231
1192
|
# Retrieves the subscription information for the specified subscription
|
1232
1193
|
# ID. You can get information about a specific subscriber.
|
1233
1194
|
#
|
1234
|
-
# @option params [required, String] :
|
1195
|
+
# @option params [required, String] :subscriber_id
|
1235
1196
|
# A value created by Amazon Security Lake that uniquely identifies your
|
1236
1197
|
# `GetSubscriber` API request.
|
1237
1198
|
#
|
@@ -1242,30 +1203,36 @@ module Aws::SecurityLake
|
|
1242
1203
|
# @example Request syntax with placeholder values
|
1243
1204
|
#
|
1244
1205
|
# resp = client.get_subscriber({
|
1245
|
-
#
|
1206
|
+
# subscriber_id: "UUID", # required
|
1246
1207
|
# })
|
1247
1208
|
#
|
1248
1209
|
# @example Response structure
|
1249
1210
|
#
|
1250
1211
|
# resp.subscriber.access_types #=> Array
|
1251
1212
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1252
|
-
# resp.subscriber.account_id #=> String
|
1253
1213
|
# resp.subscriber.created_at #=> Time
|
1254
|
-
# resp.subscriber.external_id #=> String
|
1255
1214
|
# resp.subscriber.resource_share_arn #=> String
|
1256
1215
|
# resp.subscriber.resource_share_name #=> String
|
1257
1216
|
# resp.subscriber.role_arn #=> String
|
1258
1217
|
# resp.subscriber.s3_bucket_arn #=> String
|
1259
|
-
# resp.subscriber.
|
1260
|
-
# resp.subscriber.
|
1261
|
-
# resp.subscriber.
|
1262
|
-
# resp.subscriber.
|
1218
|
+
# resp.subscriber.sources #=> Array
|
1219
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1220
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1221
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1222
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1223
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1224
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1225
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1226
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1227
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1228
|
+
# resp.subscriber.subscriber_arn #=> String
|
1263
1229
|
# resp.subscriber.subscriber_description #=> String
|
1230
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1231
|
+
# resp.subscriber.subscriber_id #=> String
|
1232
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1233
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1264
1234
|
# resp.subscriber.subscriber_name #=> String
|
1265
|
-
# resp.subscriber.
|
1266
|
-
# resp.subscriber.subscription_id #=> String
|
1267
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1268
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1235
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1269
1236
|
# resp.subscriber.updated_at #=> Time
|
1270
1237
|
#
|
1271
1238
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/GetSubscriber AWS API Documentation
|
@@ -1280,7 +1247,7 @@ module Aws::SecurityLake
|
|
1280
1247
|
# Lists the Amazon Security Lake exceptions that you can use to find the
|
1281
1248
|
# source of problems and fix them.
|
1282
1249
|
#
|
1283
|
-
# @option params [Integer] :
|
1250
|
+
# @option params [Integer] :max_results
|
1284
1251
|
# List the maximum number of failures in Security Lake.
|
1285
1252
|
#
|
1286
1253
|
# @option params [String] :next_token
|
@@ -1292,64 +1259,95 @@ module Aws::SecurityLake
|
|
1292
1259
|
# Each pagination token expires after 24 hours. Using an expired
|
1293
1260
|
# pagination token will return an HTTP 400 InvalidToken error.
|
1294
1261
|
#
|
1295
|
-
# @option params [Array<String>] :
|
1262
|
+
# @option params [Array<String>] :regions
|
1296
1263
|
# List the Amazon Web Services Regions from which exceptions are
|
1297
1264
|
# retrieved.
|
1298
1265
|
#
|
1299
|
-
# @return [Types::
|
1266
|
+
# @return [Types::ListDataLakeExceptionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1300
1267
|
#
|
1301
|
-
# * {Types::
|
1302
|
-
# * {Types::
|
1268
|
+
# * {Types::ListDataLakeExceptionsResponse#exceptions #exceptions} => Array<Types::DataLakeException>
|
1269
|
+
# * {Types::ListDataLakeExceptionsResponse#next_token #next_token} => String
|
1303
1270
|
#
|
1304
1271
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1305
1272
|
#
|
1306
1273
|
# @example Request syntax with placeholder values
|
1307
1274
|
#
|
1308
|
-
# resp = client.
|
1309
|
-
#
|
1310
|
-
# next_token: "
|
1311
|
-
#
|
1275
|
+
# resp = client.list_data_lake_exceptions({
|
1276
|
+
# max_results: 1,
|
1277
|
+
# next_token: "NextToken",
|
1278
|
+
# regions: ["Region"],
|
1312
1279
|
# })
|
1313
1280
|
#
|
1314
1281
|
# @example Response structure
|
1315
1282
|
#
|
1283
|
+
# resp.exceptions #=> Array
|
1284
|
+
# resp.exceptions[0].exception #=> String
|
1285
|
+
# resp.exceptions[0].region #=> String
|
1286
|
+
# resp.exceptions[0].remediation #=> String
|
1287
|
+
# resp.exceptions[0].timestamp #=> Time
|
1316
1288
|
# resp.next_token #=> String
|
1317
|
-
# resp.non_retryable_failures #=> Array
|
1318
|
-
# resp.non_retryable_failures[0].failures #=> Array
|
1319
|
-
# resp.non_retryable_failures[0].failures[0].exception_message #=> String
|
1320
|
-
# resp.non_retryable_failures[0].failures[0].remediation #=> String
|
1321
|
-
# resp.non_retryable_failures[0].failures[0].timestamp #=> Time
|
1322
|
-
# resp.non_retryable_failures[0].region #=> String
|
1323
1289
|
#
|
1324
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1290
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakeExceptions AWS API Documentation
|
1325
1291
|
#
|
1326
|
-
# @overload
|
1292
|
+
# @overload list_data_lake_exceptions(params = {})
|
1327
1293
|
# @param [Hash] params ({})
|
1328
|
-
def
|
1329
|
-
req = build_request(:
|
1294
|
+
def list_data_lake_exceptions(params = {}, options = {})
|
1295
|
+
req = build_request(:list_data_lake_exceptions, params)
|
1330
1296
|
req.send_request(options)
|
1331
1297
|
end
|
1332
1298
|
|
1333
|
-
# Retrieves the
|
1299
|
+
# Retrieves the Amazon Security Lake configuration object for the
|
1300
|
+
# specified Amazon Web Services account ID. You can use the
|
1301
|
+
# `ListDataLakes` API to know whether Security Lake is enabled for any
|
1302
|
+
# region.
|
1303
|
+
#
|
1304
|
+
# @option params [Array<String>] :regions
|
1305
|
+
# The list of regions where Security Lake is enabled.
|
1334
1306
|
#
|
1335
|
-
# @
|
1336
|
-
# Lists the log sources in input order, namely Region, source type, and
|
1337
|
-
# member account.
|
1307
|
+
# @return [Types::ListDataLakesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1338
1308
|
#
|
1339
|
-
#
|
1340
|
-
# List the view of log sources for enabled Amazon Security Lake accounts
|
1341
|
-
# for specific Amazon Web Services sources from specific accounts and
|
1342
|
-
# specific Regions.
|
1309
|
+
# * {Types::ListDataLakesResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1343
1310
|
#
|
1344
|
-
# @
|
1345
|
-
#
|
1346
|
-
#
|
1347
|
-
#
|
1311
|
+
# @example Request syntax with placeholder values
|
1312
|
+
#
|
1313
|
+
# resp = client.list_data_lakes({
|
1314
|
+
# regions: ["Region"],
|
1315
|
+
# })
|
1316
|
+
#
|
1317
|
+
# @example Response structure
|
1318
|
+
#
|
1319
|
+
# resp.data_lakes #=> Array
|
1320
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1321
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1322
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1323
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1324
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1325
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1326
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1327
|
+
# resp.data_lakes[0].region #=> String
|
1328
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1329
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1330
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1331
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1332
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1333
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1334
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1335
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1336
|
+
#
|
1337
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListDataLakes AWS API Documentation
|
1338
|
+
#
|
1339
|
+
# @overload list_data_lakes(params = {})
|
1340
|
+
# @param [Hash] params ({})
|
1341
|
+
def list_data_lakes(params = {}, options = {})
|
1342
|
+
req = build_request(:list_data_lakes, params)
|
1343
|
+
req.send_request(options)
|
1344
|
+
end
|
1345
|
+
|
1346
|
+
# Retrieves the log sources in the current Amazon Web Services Region.
|
1348
1347
|
#
|
1349
|
-
# @option params [
|
1350
|
-
#
|
1351
|
-
#
|
1352
|
-
# specific Regions.
|
1348
|
+
# @option params [Array<String>] :accounts
|
1349
|
+
# The list of Amazon Web Services accounts for which log sources are
|
1350
|
+
# displayed.
|
1353
1351
|
#
|
1354
1352
|
# @option params [Integer] :max_results
|
1355
1353
|
# The maximum number of accounts for which the log sources are
|
@@ -1359,38 +1357,65 @@ module Aws::SecurityLake
|
|
1359
1357
|
# If nextToken is returned, there are more results available. You can
|
1360
1358
|
# repeat the call using the returned token to retrieve the next page.
|
1361
1359
|
#
|
1360
|
+
# @option params [Array<String>] :regions
|
1361
|
+
# The list of regions for which log sources are displayed.
|
1362
|
+
#
|
1363
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1364
|
+
# The list of sources for which log sources are displayed.
|
1365
|
+
#
|
1362
1366
|
# @return [Types::ListLogSourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1363
1367
|
#
|
1364
1368
|
# * {Types::ListLogSourcesResponse#next_token #next_token} => String
|
1365
|
-
# * {Types::ListLogSourcesResponse#
|
1369
|
+
# * {Types::ListLogSourcesResponse#sources #sources} => Array<Types::LogSource>
|
1366
1370
|
#
|
1367
1371
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
1368
1372
|
#
|
1369
1373
|
# @example Request syntax with placeholder values
|
1370
1374
|
#
|
1371
1375
|
# resp = client.list_log_sources({
|
1372
|
-
#
|
1373
|
-
# list_all_dimensions: {
|
1374
|
-
# "String" => {
|
1375
|
-
# "String" => ["String"],
|
1376
|
-
# },
|
1377
|
-
# },
|
1378
|
-
# list_single_dimension: ["SafeString"],
|
1379
|
-
# list_two_dimensions: {
|
1380
|
-
# "String" => ["String"],
|
1381
|
-
# },
|
1376
|
+
# accounts: ["AwsAccountId"],
|
1382
1377
|
# max_results: 1,
|
1383
|
-
# next_token: "
|
1378
|
+
# next_token: "NextToken",
|
1379
|
+
# regions: ["Region"],
|
1380
|
+
# sources: [
|
1381
|
+
# {
|
1382
|
+
# aws_log_source: {
|
1383
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1384
|
+
# source_version: "AwsLogSourceVersion",
|
1385
|
+
# },
|
1386
|
+
# custom_log_source: {
|
1387
|
+
# attributes: {
|
1388
|
+
# crawler_arn: "AmazonResourceName",
|
1389
|
+
# database_arn: "AmazonResourceName",
|
1390
|
+
# table_arn: "AmazonResourceName",
|
1391
|
+
# },
|
1392
|
+
# provider: {
|
1393
|
+
# location: "S3URI",
|
1394
|
+
# role_arn: "RoleArn",
|
1395
|
+
# },
|
1396
|
+
# source_name: "CustomLogSourceName",
|
1397
|
+
# source_version: "CustomLogSourceVersion",
|
1398
|
+
# },
|
1399
|
+
# },
|
1400
|
+
# ],
|
1384
1401
|
# })
|
1385
1402
|
#
|
1386
1403
|
# @example Response structure
|
1387
1404
|
#
|
1388
1405
|
# resp.next_token #=> String
|
1389
|
-
# resp.
|
1390
|
-
# resp.
|
1391
|
-
# resp.
|
1392
|
-
# resp.
|
1393
|
-
# resp.
|
1406
|
+
# resp.sources #=> Array
|
1407
|
+
# resp.sources[0].account #=> String
|
1408
|
+
# resp.sources[0].region #=> String
|
1409
|
+
# resp.sources[0].sources #=> Array
|
1410
|
+
# resp.sources[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1411
|
+
# resp.sources[0].sources[0].aws_log_source.source_version #=> String
|
1412
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1413
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1414
|
+
# resp.sources[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1415
|
+
# resp.sources[0].sources[0].custom_log_source.provider.location #=> String
|
1416
|
+
# resp.sources[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1417
|
+
# resp.sources[0].sources[0].custom_log_source.source_name #=> String
|
1418
|
+
# resp.sources[0].sources[0].custom_log_source.source_version #=> String
|
1394
1419
|
#
|
1395
1420
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListLogSources AWS API Documentation
|
1396
1421
|
#
|
@@ -1424,7 +1449,7 @@ module Aws::SecurityLake
|
|
1424
1449
|
#
|
1425
1450
|
# resp = client.list_subscribers({
|
1426
1451
|
# max_results: 1,
|
1427
|
-
# next_token: "
|
1452
|
+
# next_token: "NextToken",
|
1428
1453
|
# })
|
1429
1454
|
#
|
1430
1455
|
# @example Response structure
|
@@ -1433,23 +1458,29 @@ module Aws::SecurityLake
|
|
1433
1458
|
# resp.subscribers #=> Array
|
1434
1459
|
# resp.subscribers[0].access_types #=> Array
|
1435
1460
|
# resp.subscribers[0].access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1436
|
-
# resp.subscribers[0].account_id #=> String
|
1437
1461
|
# resp.subscribers[0].created_at #=> Time
|
1438
|
-
# resp.subscribers[0].external_id #=> String
|
1439
1462
|
# resp.subscribers[0].resource_share_arn #=> String
|
1440
1463
|
# resp.subscribers[0].resource_share_name #=> String
|
1441
1464
|
# resp.subscribers[0].role_arn #=> String
|
1442
1465
|
# resp.subscribers[0].s3_bucket_arn #=> String
|
1443
|
-
# resp.subscribers[0].
|
1444
|
-
# resp.subscribers[0].
|
1445
|
-
# resp.subscribers[0].
|
1446
|
-
# resp.subscribers[0].
|
1466
|
+
# resp.subscribers[0].sources #=> Array
|
1467
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1468
|
+
# resp.subscribers[0].sources[0].aws_log_source.source_version #=> String
|
1469
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1470
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.database_arn #=> String
|
1471
|
+
# resp.subscribers[0].sources[0].custom_log_source.attributes.table_arn #=> String
|
1472
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.location #=> String
|
1473
|
+
# resp.subscribers[0].sources[0].custom_log_source.provider.role_arn #=> String
|
1474
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_name #=> String
|
1475
|
+
# resp.subscribers[0].sources[0].custom_log_source.source_version #=> String
|
1476
|
+
# resp.subscribers[0].subscriber_arn #=> String
|
1447
1477
|
# resp.subscribers[0].subscriber_description #=> String
|
1478
|
+
# resp.subscribers[0].subscriber_endpoint #=> String
|
1479
|
+
# resp.subscribers[0].subscriber_id #=> String
|
1480
|
+
# resp.subscribers[0].subscriber_identity.external_id #=> String
|
1481
|
+
# resp.subscribers[0].subscriber_identity.principal #=> String
|
1448
1482
|
# resp.subscribers[0].subscriber_name #=> String
|
1449
|
-
# resp.subscribers[0].
|
1450
|
-
# resp.subscribers[0].subscription_id #=> String
|
1451
|
-
# resp.subscribers[0].subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1452
|
-
# resp.subscribers[0].subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1483
|
+
# resp.subscribers[0].subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1453
1484
|
# resp.subscribers[0].updated_at #=> Time
|
1454
1485
|
#
|
1455
1486
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/ListSubscribers AWS API Documentation
|
@@ -1461,74 +1492,107 @@ module Aws::SecurityLake
|
|
1461
1492
|
req.send_request(options)
|
1462
1493
|
end
|
1463
1494
|
|
1464
|
-
#
|
1465
|
-
#
|
1466
|
-
#
|
1495
|
+
# Designates the Amazon Security Lake delegated administrator account
|
1496
|
+
# for the organization. This API can only be called by the organization
|
1497
|
+
# management account. The organization management account cannot be the
|
1498
|
+
# delegated administrator account.
|
1467
1499
|
#
|
1468
|
-
# @option params [required,
|
1469
|
-
#
|
1470
|
-
#
|
1500
|
+
# @option params [required, String] :account_id
|
1501
|
+
# The Amazon Web Services account ID of the Security Lake delegated
|
1502
|
+
# administrator.
|
1471
1503
|
#
|
1472
1504
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1473
1505
|
#
|
1474
1506
|
# @example Request syntax with placeholder values
|
1475
1507
|
#
|
1476
|
-
# resp = client.
|
1477
|
-
#
|
1478
|
-
# "us-east-1" => {
|
1479
|
-
# encryption_key: "String",
|
1480
|
-
# replication_destination_regions: ["us-east-1"], # accepts us-east-1, us-west-2, eu-central-1, us-east-2, eu-west-1, ap-northeast-1, ap-southeast-2
|
1481
|
-
# replication_role_arn: "RoleArn",
|
1482
|
-
# retention_settings: [
|
1483
|
-
# {
|
1484
|
-
# retention_period: 1,
|
1485
|
-
# storage_class: "STANDARD_IA", # accepts STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, GLACIER, DEEP_ARCHIVE, EXPIRE
|
1486
|
-
# },
|
1487
|
-
# ],
|
1488
|
-
# tags_map: {
|
1489
|
-
# "String" => "String",
|
1490
|
-
# },
|
1491
|
-
# },
|
1492
|
-
# },
|
1508
|
+
# resp = client.register_data_lake_delegated_administrator({
|
1509
|
+
# account_id: "SafeString", # required
|
1493
1510
|
# })
|
1494
1511
|
#
|
1495
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1512
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/RegisterDataLakeDelegatedAdministrator AWS API Documentation
|
1496
1513
|
#
|
1497
|
-
# @overload
|
1514
|
+
# @overload register_data_lake_delegated_administrator(params = {})
|
1498
1515
|
# @param [Hash] params ({})
|
1499
|
-
def
|
1500
|
-
req = build_request(:
|
1516
|
+
def register_data_lake_delegated_administrator(params = {}, options = {})
|
1517
|
+
req = build_request(:register_data_lake_delegated_administrator, params)
|
1501
1518
|
req.send_request(options)
|
1502
1519
|
end
|
1503
1520
|
|
1504
|
-
#
|
1505
|
-
#
|
1506
|
-
#
|
1507
|
-
# when a record was created in Amazon Security Lake.
|
1521
|
+
# Specifies where to store your security data and for how long. You can
|
1522
|
+
# add a rollup Region to consolidate data from multiple Amazon Web
|
1523
|
+
# Services Regions.
|
1508
1524
|
#
|
1509
|
-
# @option params [required,
|
1510
|
-
#
|
1525
|
+
# @option params [required, Array<Types::DataLakeConfiguration>] :configurations
|
1526
|
+
# Specify the Region or Regions that will contribute data to the rollup
|
1527
|
+
# region.
|
1511
1528
|
#
|
1512
|
-
# @return [
|
1529
|
+
# @return [Types::UpdateDataLakeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1530
|
+
#
|
1531
|
+
# * {Types::UpdateDataLakeResponse#data_lakes #data_lakes} => Array<Types::DataLakeResource>
|
1513
1532
|
#
|
1514
1533
|
# @example Request syntax with placeholder values
|
1515
1534
|
#
|
1516
|
-
# resp = client.
|
1517
|
-
#
|
1535
|
+
# resp = client.update_data_lake({
|
1536
|
+
# configurations: [ # required
|
1537
|
+
# {
|
1538
|
+
# encryption_configuration: {
|
1539
|
+
# kms_key_id: "String",
|
1540
|
+
# },
|
1541
|
+
# lifecycle_configuration: {
|
1542
|
+
# expiration: {
|
1543
|
+
# days: 1,
|
1544
|
+
# },
|
1545
|
+
# transitions: [
|
1546
|
+
# {
|
1547
|
+
# days: 1,
|
1548
|
+
# storage_class: "DataLakeStorageClass",
|
1549
|
+
# },
|
1550
|
+
# ],
|
1551
|
+
# },
|
1552
|
+
# region: "Region", # required
|
1553
|
+
# replication_configuration: {
|
1554
|
+
# regions: ["Region"],
|
1555
|
+
# role_arn: "RoleArn",
|
1556
|
+
# },
|
1557
|
+
# },
|
1558
|
+
# ],
|
1518
1559
|
# })
|
1519
1560
|
#
|
1520
|
-
# @
|
1561
|
+
# @example Response structure
|
1521
1562
|
#
|
1522
|
-
#
|
1563
|
+
# resp.data_lakes #=> Array
|
1564
|
+
# resp.data_lakes[0].create_status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1565
|
+
# resp.data_lakes[0].data_lake_arn #=> String
|
1566
|
+
# resp.data_lakes[0].encryption_configuration.kms_key_id #=> String
|
1567
|
+
# resp.data_lakes[0].lifecycle_configuration.expiration.days #=> Integer
|
1568
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions #=> Array
|
1569
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].days #=> Integer
|
1570
|
+
# resp.data_lakes[0].lifecycle_configuration.transitions[0].storage_class #=> String
|
1571
|
+
# resp.data_lakes[0].region #=> String
|
1572
|
+
# resp.data_lakes[0].replication_configuration.regions #=> Array
|
1573
|
+
# resp.data_lakes[0].replication_configuration.regions[0] #=> String
|
1574
|
+
# resp.data_lakes[0].replication_configuration.role_arn #=> String
|
1575
|
+
# resp.data_lakes[0].s3_bucket_arn #=> String
|
1576
|
+
# resp.data_lakes[0].update_status.exception.code #=> String
|
1577
|
+
# resp.data_lakes[0].update_status.exception.reason #=> String
|
1578
|
+
# resp.data_lakes[0].update_status.request_id #=> String
|
1579
|
+
# resp.data_lakes[0].update_status.status #=> String, one of "INITIALIZED", "PENDING", "COMPLETED", "FAILED"
|
1580
|
+
#
|
1581
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLake AWS API Documentation
|
1582
|
+
#
|
1583
|
+
# @overload update_data_lake(params = {})
|
1523
1584
|
# @param [Hash] params ({})
|
1524
|
-
def
|
1525
|
-
req = build_request(:
|
1585
|
+
def update_data_lake(params = {}, options = {})
|
1586
|
+
req = build_request(:update_data_lake, params)
|
1526
1587
|
req.send_request(options)
|
1527
1588
|
end
|
1528
1589
|
|
1529
1590
|
# Updates the specified notification subscription in Amazon Security
|
1530
1591
|
# Lake for the organization you specify.
|
1531
1592
|
#
|
1593
|
+
# @option params [Integer] :exception_time_to_live
|
1594
|
+
# The time-to-live (TTL) for the exception message to remain.
|
1595
|
+
#
|
1532
1596
|
# @option params [required, String] :notification_endpoint
|
1533
1597
|
# The account that is subscribed to receive exception notifications.
|
1534
1598
|
#
|
@@ -1539,17 +1603,18 @@ module Aws::SecurityLake
|
|
1539
1603
|
#
|
1540
1604
|
# @example Request syntax with placeholder values
|
1541
1605
|
#
|
1542
|
-
# resp = client.
|
1606
|
+
# resp = client.update_data_lake_exception_subscription({
|
1607
|
+
# exception_time_to_live: 1,
|
1543
1608
|
# notification_endpoint: "SafeString", # required
|
1544
|
-
# subscription_protocol: "
|
1609
|
+
# subscription_protocol: "SubscriptionProtocol", # required
|
1545
1610
|
# })
|
1546
1611
|
#
|
1547
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1612
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateDataLakeExceptionSubscription AWS API Documentation
|
1548
1613
|
#
|
1549
|
-
# @overload
|
1614
|
+
# @overload update_data_lake_exception_subscription(params = {})
|
1550
1615
|
# @param [Hash] params ({})
|
1551
|
-
def
|
1552
|
-
req = build_request(:
|
1616
|
+
def update_data_lake_exception_subscription(params = {}, options = {})
|
1617
|
+
req = build_request(:update_data_lake_exception_subscription, params)
|
1553
1618
|
req.send_request(options)
|
1554
1619
|
end
|
1555
1620
|
|
@@ -1557,14 +1622,7 @@ module Aws::SecurityLake
|
|
1557
1622
|
# account ID. You can update a subscriber by changing the sources that
|
1558
1623
|
# the subscriber consumes data from.
|
1559
1624
|
#
|
1560
|
-
# @option params [
|
1561
|
-
# The external ID of the Security Lake account.
|
1562
|
-
#
|
1563
|
-
# @option params [required, String] :id
|
1564
|
-
# A value created by Security Lake that uniquely identifies your
|
1565
|
-
# subscription.
|
1566
|
-
#
|
1567
|
-
# @option params [required, Array<Types::SourceType>] :source_types
|
1625
|
+
# @option params [Array<Types::LogSourceResource>] :sources
|
1568
1626
|
# The supported Amazon Web Services from which logs and events are
|
1569
1627
|
# collected. For the list of supported Amazon Web Services, see the
|
1570
1628
|
# [Amazon Security Lake User Guide][1].
|
@@ -1576,6 +1634,13 @@ module Aws::SecurityLake
|
|
1576
1634
|
# @option params [String] :subscriber_description
|
1577
1635
|
# The description of the Security Lake account subscriber.
|
1578
1636
|
#
|
1637
|
+
# @option params [required, String] :subscriber_id
|
1638
|
+
# A value created by Security Lake that uniquely identifies your
|
1639
|
+
# subscription.
|
1640
|
+
#
|
1641
|
+
# @option params [Types::AwsIdentity] :subscriber_identity
|
1642
|
+
# The AWS identity used to access your data.
|
1643
|
+
#
|
1579
1644
|
# @option params [String] :subscriber_name
|
1580
1645
|
# The name of the Security Lake account subscriber.
|
1581
1646
|
#
|
@@ -1586,15 +1651,33 @@ module Aws::SecurityLake
|
|
1586
1651
|
# @example Request syntax with placeholder values
|
1587
1652
|
#
|
1588
1653
|
# resp = client.update_subscriber({
|
1589
|
-
#
|
1590
|
-
# id: "String", # required
|
1591
|
-
# source_types: [ # required
|
1654
|
+
# sources: [
|
1592
1655
|
# {
|
1593
|
-
#
|
1594
|
-
#
|
1656
|
+
# aws_log_source: {
|
1657
|
+
# source_name: "ROUTE53", # accepts ROUTE53, VPC_FLOW, SH_FINDINGS, CLOUD_TRAIL_MGMT, LAMBDA_EXECUTION, S3_DATA
|
1658
|
+
# source_version: "AwsLogSourceVersion",
|
1659
|
+
# },
|
1660
|
+
# custom_log_source: {
|
1661
|
+
# attributes: {
|
1662
|
+
# crawler_arn: "AmazonResourceName",
|
1663
|
+
# database_arn: "AmazonResourceName",
|
1664
|
+
# table_arn: "AmazonResourceName",
|
1665
|
+
# },
|
1666
|
+
# provider: {
|
1667
|
+
# location: "S3URI",
|
1668
|
+
# role_arn: "RoleArn",
|
1669
|
+
# },
|
1670
|
+
# source_name: "CustomLogSourceName",
|
1671
|
+
# source_version: "CustomLogSourceVersion",
|
1672
|
+
# },
|
1595
1673
|
# },
|
1596
1674
|
# ],
|
1597
1675
|
# subscriber_description: "DescriptionString",
|
1676
|
+
# subscriber_id: "UUID", # required
|
1677
|
+
# subscriber_identity: {
|
1678
|
+
# external_id: "ExternalId", # required
|
1679
|
+
# principal: "AwsPrincipal", # required
|
1680
|
+
# },
|
1598
1681
|
# subscriber_name: "UpdateSubscriberRequestSubscriberNameString",
|
1599
1682
|
# })
|
1600
1683
|
#
|
@@ -1602,23 +1685,29 @@ module Aws::SecurityLake
|
|
1602
1685
|
#
|
1603
1686
|
# resp.subscriber.access_types #=> Array
|
1604
1687
|
# resp.subscriber.access_types[0] #=> String, one of "LAKEFORMATION", "S3"
|
1605
|
-
# resp.subscriber.account_id #=> String
|
1606
1688
|
# resp.subscriber.created_at #=> Time
|
1607
|
-
# resp.subscriber.external_id #=> String
|
1608
1689
|
# resp.subscriber.resource_share_arn #=> String
|
1609
1690
|
# resp.subscriber.resource_share_name #=> String
|
1610
1691
|
# resp.subscriber.role_arn #=> String
|
1611
1692
|
# resp.subscriber.s3_bucket_arn #=> String
|
1612
|
-
# resp.subscriber.
|
1613
|
-
# resp.subscriber.
|
1614
|
-
# resp.subscriber.
|
1615
|
-
# resp.subscriber.
|
1693
|
+
# resp.subscriber.sources #=> Array
|
1694
|
+
# resp.subscriber.sources[0].aws_log_source.source_name #=> String, one of "ROUTE53", "VPC_FLOW", "SH_FINDINGS", "CLOUD_TRAIL_MGMT", "LAMBDA_EXECUTION", "S3_DATA"
|
1695
|
+
# resp.subscriber.sources[0].aws_log_source.source_version #=> String
|
1696
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.crawler_arn #=> String
|
1697
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.database_arn #=> String
|
1698
|
+
# resp.subscriber.sources[0].custom_log_source.attributes.table_arn #=> String
|
1699
|
+
# resp.subscriber.sources[0].custom_log_source.provider.location #=> String
|
1700
|
+
# resp.subscriber.sources[0].custom_log_source.provider.role_arn #=> String
|
1701
|
+
# resp.subscriber.sources[0].custom_log_source.source_name #=> String
|
1702
|
+
# resp.subscriber.sources[0].custom_log_source.source_version #=> String
|
1703
|
+
# resp.subscriber.subscriber_arn #=> String
|
1616
1704
|
# resp.subscriber.subscriber_description #=> String
|
1705
|
+
# resp.subscriber.subscriber_endpoint #=> String
|
1706
|
+
# resp.subscriber.subscriber_id #=> String
|
1707
|
+
# resp.subscriber.subscriber_identity.external_id #=> String
|
1708
|
+
# resp.subscriber.subscriber_identity.principal #=> String
|
1617
1709
|
# resp.subscriber.subscriber_name #=> String
|
1618
|
-
# resp.subscriber.
|
1619
|
-
# resp.subscriber.subscription_id #=> String
|
1620
|
-
# resp.subscriber.subscription_protocol #=> String, one of "HTTPS", "SQS"
|
1621
|
-
# resp.subscriber.subscription_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1710
|
+
# resp.subscriber.subscriber_status #=> String, one of "ACTIVE", "DEACTIVATED", "PENDING", "READY"
|
1622
1711
|
# resp.subscriber.updated_at #=> Time
|
1623
1712
|
#
|
1624
1713
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriber AWS API Documentation
|
@@ -1634,63 +1723,44 @@ module Aws::SecurityLake
|
|
1634
1723
|
# HTTPs endpoint) or switches the notification subscription endpoint for
|
1635
1724
|
# a subscriber.
|
1636
1725
|
#
|
1637
|
-
# @option params [
|
1638
|
-
#
|
1639
|
-
# ID in Amazon Security Lake.
|
1640
|
-
#
|
1641
|
-
# @option params [String] :https_api_key_name
|
1642
|
-
# The key name for the subscription notification.
|
1643
|
-
#
|
1644
|
-
# @option params [String] :https_api_key_value
|
1645
|
-
# The key value for the subscription notification.
|
1726
|
+
# @option params [required, Types::NotificationConfiguration] :configuration
|
1727
|
+
# The configuration for subscriber notification.
|
1646
1728
|
#
|
1647
|
-
# @option params [String] :
|
1648
|
-
# The HTTPS method used for the subscription notification.
|
1649
|
-
#
|
1650
|
-
# @option params [String] :role_arn
|
1651
|
-
# The Amazon Resource Name (ARN) specifying the role of the subscriber.
|
1652
|
-
# For more information about ARNs and how to use them in policies, see,
|
1653
|
-
# see the [Managing data access][1] and [Amazon Web Services Managed
|
1654
|
-
# Policies][2]in the Amazon Security Lake User Guide.
|
1655
|
-
#
|
1656
|
-
#
|
1657
|
-
#
|
1658
|
-
# [1]: https://docs.aws.amazon.com//security-lake/latest/userguide/subscriber-data-access.html
|
1659
|
-
# [2]: https://docs.aws.amazon.com/security-lake/latest/userguide/security-iam-awsmanpol.html
|
1660
|
-
#
|
1661
|
-
# @option params [String] :subscription_endpoint
|
1662
|
-
# The subscription endpoint in Security Lake.
|
1663
|
-
#
|
1664
|
-
# @option params [required, String] :subscription_id
|
1729
|
+
# @option params [required, String] :subscriber_id
|
1665
1730
|
# The subscription ID for which the subscription notification is
|
1666
1731
|
# specified.
|
1667
1732
|
#
|
1668
|
-
# @return [Types::
|
1733
|
+
# @return [Types::UpdateSubscriberNotificationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1669
1734
|
#
|
1670
|
-
# * {Types::
|
1735
|
+
# * {Types::UpdateSubscriberNotificationResponse#subscriber_endpoint #subscriber_endpoint} => String
|
1671
1736
|
#
|
1672
1737
|
# @example Request syntax with placeholder values
|
1673
1738
|
#
|
1674
|
-
# resp = client.
|
1675
|
-
#
|
1676
|
-
#
|
1677
|
-
#
|
1678
|
-
#
|
1679
|
-
#
|
1680
|
-
#
|
1681
|
-
#
|
1739
|
+
# resp = client.update_subscriber_notification({
|
1740
|
+
# configuration: { # required
|
1741
|
+
# https_notification_configuration: {
|
1742
|
+
# authorization_api_key_name: "String",
|
1743
|
+
# authorization_api_key_value: "String",
|
1744
|
+
# endpoint: "HttpsNotificationConfigurationEndpointString", # required
|
1745
|
+
# http_method: "POST", # accepts POST, PUT
|
1746
|
+
# target_role_arn: "RoleArn", # required
|
1747
|
+
# },
|
1748
|
+
# sqs_notification_configuration: {
|
1749
|
+
# },
|
1750
|
+
# },
|
1751
|
+
# subscriber_id: "UUID", # required
|
1682
1752
|
# })
|
1683
1753
|
#
|
1684
1754
|
# @example Response structure
|
1685
1755
|
#
|
1686
|
-
# resp.
|
1756
|
+
# resp.subscriber_endpoint #=> String
|
1687
1757
|
#
|
1688
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/
|
1758
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securitylake-2018-05-10/UpdateSubscriberNotification AWS API Documentation
|
1689
1759
|
#
|
1690
|
-
# @overload
|
1760
|
+
# @overload update_subscriber_notification(params = {})
|
1691
1761
|
# @param [Hash] params ({})
|
1692
|
-
def
|
1693
|
-
req = build_request(:
|
1762
|
+
def update_subscriber_notification(params = {}, options = {})
|
1763
|
+
req = build_request(:update_subscriber_notification, params)
|
1694
1764
|
req.send_request(options)
|
1695
1765
|
end
|
1696
1766
|
|
@@ -1707,7 +1777,7 @@ module Aws::SecurityLake
|
|
1707
1777
|
params: params,
|
1708
1778
|
config: config)
|
1709
1779
|
context[:gem_name] = 'aws-sdk-securitylake'
|
1710
|
-
context[:gem_version] = '1.
|
1780
|
+
context[:gem_version] = '1.5.0'
|
1711
1781
|
Seahorse::Client::Request.new(handlers, context)
|
1712
1782
|
end
|
1713
1783
|
|