@aws-sdk/client-detective 3.451.0 → 3.458.0

package/dist-es/commands/ListInvestigationsCommand.js

@@ -0,0 +1,47 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { de_ListInvestigationsCommand, se_ListInvestigationsCommand } from "../protocols/Aws_restJson1";
+export { $Command };
+export class ListInvestigationsCommand extends $Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use(getEndpointPlugin(configuration, ListInvestigationsCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "DetectiveClient";
+        const commandName = "ListInvestigationsCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: (_) => _,
+            [SMITHY_CONTEXT_KEY]: {
+                service: "AmazonDetective",
+                operation: "ListInvestigations",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return se_ListInvestigationsCommand(input, context);
+    }
+    deserialize(output, context) {
+        return de_ListInvestigationsCommand(output, context);
+    }
+}

package/dist-es/commands/StartInvestigationCommand.js

@@ -0,0 +1,47 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { de_StartInvestigationCommand, se_StartInvestigationCommand } from "../protocols/Aws_restJson1";
+export { $Command };
+export class StartInvestigationCommand extends $Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use(getEndpointPlugin(configuration, StartInvestigationCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "DetectiveClient";
+        const commandName = "StartInvestigationCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: (_) => _,
+            [SMITHY_CONTEXT_KEY]: {
+                service: "AmazonDetective",
+                operation: "StartInvestigation",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return se_StartInvestigationCommand(input, context);
+    }
+    deserialize(output, context) {
+        return de_StartInvestigationCommand(output, context);
+    }
+}

package/dist-es/commands/UpdateInvestigationStateCommand.js

@@ -0,0 +1,47 @@
+import { getEndpointPlugin } from "@smithy/middleware-endpoint";
+import { getSerdePlugin } from "@smithy/middleware-serde";
+import { Command as $Command } from "@smithy/smithy-client";
+import { SMITHY_CONTEXT_KEY, } from "@smithy/types";
+import { de_UpdateInvestigationStateCommand, se_UpdateInvestigationStateCommand } from "../protocols/Aws_restJson1";
+export { $Command };
+export class UpdateInvestigationStateCommand extends $Command {
+    static getEndpointParameterInstructions() {
+        return {
+            UseFIPS: { type: "builtInParams", name: "useFipsEndpoint" },
+            Endpoint: { type: "builtInParams", name: "endpoint" },
+            Region: { type: "builtInParams", name: "region" },
+            UseDualStack: { type: "builtInParams", name: "useDualstackEndpoint" },
+        };
+    }
+    constructor(input) {
+        super();
+        this.input = input;
+    }
+    resolveMiddleware(clientStack, configuration, options) {
+        this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+        this.middlewareStack.use(getEndpointPlugin(configuration, UpdateInvestigationStateCommand.getEndpointParameterInstructions()));
+        const stack = clientStack.concat(this.middlewareStack);
+        const { logger } = configuration;
+        const clientName = "DetectiveClient";
+        const commandName = "UpdateInvestigationStateCommand";
+        const handlerExecutionContext = {
+            logger,
+            clientName,
+            commandName,
+            inputFilterSensitiveLog: (_) => _,
+            outputFilterSensitiveLog: (_) => _,
+            [SMITHY_CONTEXT_KEY]: {
+                service: "AmazonDetective",
+                operation: "UpdateInvestigationState",
+            },
+        };
+        const { requestHandler } = configuration;
+        return stack.resolve((request) => requestHandler.handle(request.request, options || {}), handlerExecutionContext);
+    }
+    serialize(input, context) {
+        return se_UpdateInvestigationStateCommand(input, context);
+    }
+    deserialize(output, context) {
+        return de_UpdateInvestigationStateCommand(output, context);
+    }
+}

package/dist-es/commands/index.js

@@ -9,16 +9,21 @@ export * from "./DescribeOrganizationConfigurationCommand";
 export * from "./DisableOrganizationAdminAccountCommand";
 export * from "./DisassociateMembershipCommand";
 export * from "./EnableOrganizationAdminAccountCommand";
+export * from "./GetInvestigationCommand";
 export * from "./GetMembersCommand";
 export * from "./ListDatasourcePackagesCommand";
 export * from "./ListGraphsCommand";
+export * from "./ListIndicatorsCommand";
+export * from "./ListInvestigationsCommand";
 export * from "./ListInvitationsCommand";
 export * from "./ListMembersCommand";
 export * from "./ListOrganizationAdminAccountsCommand";
 export * from "./ListTagsForResourceCommand";
 export * from "./RejectInvitationCommand";
+export * from "./StartInvestigationCommand";
 export * from "./StartMonitoringMemberCommand";
 export * from "./TagResourceCommand";
 export * from "./UntagResourceCommand";
 export * from "./UpdateDatasourcePackagesCommand";
+export * from "./UpdateInvestigationStateCommand";
 export * from "./UpdateOrganizationConfigurationCommand";

package/dist-es/models/models_0.js

@@ -128,6 +128,48 @@ export class TooManyRequestsException extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export const EntityType = {
+    IAM_ROLE: "IAM_ROLE",
+    IAM_USER: "IAM_USER",
+};
+export const Severity = {
+    CRITICAL: "CRITICAL",
+    HIGH: "HIGH",
+    INFORMATIONAL: "INFORMATIONAL",
+    LOW: "LOW",
+    MEDIUM: "MEDIUM",
+};
+export const State = {
+    ACTIVE: "ACTIVE",
+    ARCHIVED: "ARCHIVED",
+};
+export const Status = {
+    FAILED: "FAILED",
+    RUNNING: "RUNNING",
+    SUCCESSFUL: "SUCCESSFUL",
+};
+export const IndicatorType = {
+    FLAGGED_IP_ADDRESS: "FLAGGED_IP_ADDRESS",
+    IMPOSSIBLE_TRAVEL: "IMPOSSIBLE_TRAVEL",
+    NEW_ASO: "NEW_ASO",
+    NEW_GEOLOCATION: "NEW_GEOLOCATION",
+    NEW_USER_AGENT: "NEW_USER_AGENT",
+    RELATED_FINDING: "RELATED_FINDING",
+    RELATED_FINDING_GROUP: "RELATED_FINDING_GROUP",
+    TTP_OBSERVED: "TTP_OBSERVED",
+};
+export const Reason = {
+    AWS_THREAT_INTELLIGENCE: "AWS_THREAT_INTELLIGENCE",
+};
+export const Field = {
+    CREATED_TIME: "CREATED_TIME",
+    SEVERITY: "SEVERITY",
+    STATUS: "STATUS",
+};
+export const SortOrder = {
+    ASC: "ASC",
+    DESC: "DESC",
+};
 export const AccountFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.EmailAddress && { EmailAddress: SENSITIVE_STRING }),

package/dist-es/protocols/Aws_restJson1.js

@@ -225,6 +225,27 @@ export const se_EnableOrganizationAdminAccountCommand = async (input, context) =
         body,
     });
 };
+export const se_GetInvestigationCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/investigations/getInvestigation";
+    let body;
+    body = JSON.stringify(take(input, {
+        GraphArn: [],
+        InvestigationId: [],
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
 export const se_GetMembersCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -289,6 +310,54 @@ export const se_ListGraphsCommand = async (input, context) => {
         body,
     });
 };
+export const se_ListIndicatorsCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/investigations/listIndicators";
+    let body;
+    body = JSON.stringify(take(input, {
+        GraphArn: [],
+        IndicatorType: [],
+        InvestigationId: [],
+        MaxResults: [],
+        NextToken: [],
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
+export const se_ListInvestigationsCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/investigations/listInvestigations";
+    let body;
+    body = JSON.stringify(take(input, {
+        FilterCriteria: (_) => se_FilterCriteria(_, context),
+        GraphArn: [],
+        MaxResults: [],
+        NextToken: [],
+        SortCriteria: (_) => _json(_),
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
 export const se_ListInvitationsCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -389,6 +458,29 @@ export const se_RejectInvitationCommand = async (input, context) => {
         body,
     });
 };
+export const se_StartInvestigationCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/investigations/startInvestigation";
+    let body;
+    body = JSON.stringify(take(input, {
+        EntityArn: [],
+        GraphArn: [],
+        ScopeEndTime: (_) => _.toISOString().split(".")[0] + "Z",
+        ScopeStartTime: (_) => _.toISOString().split(".")[0] + "Z",
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
 export const se_StartMonitoringMemberCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -475,6 +567,28 @@ export const se_UpdateDatasourcePackagesCommand = async (input, context) => {
         body,
     });
 };
+export const se_UpdateInvestigationStateCommand = async (input, context) => {
+    const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
+    const headers = {
+        "content-type": "application/json",
+    };
+    const resolvedPath = `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + "/investigations/updateInvestigationState";
+    let body;
+    body = JSON.stringify(take(input, {
+        GraphArn: [],
+        InvestigationId: [],
+        State: [],
+    }));
+    return new __HttpRequest({
+        protocol,
+        hostname,
+        port,
+        method: "POST",
+        headers,
+        path: resolvedPath,
+        body,
+    });
+};
 export const se_UpdateOrganizationConfigurationCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
     const headers = {
@@ -954,6 +1068,60 @@ const de_EnableOrganizationAdminAccountCommandError = async (output, context) =>
             });
     }
 };
+export const de_GetInvestigationCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_GetInvestigationCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
+    const doc = take(data, {
+        CreatedTime: (_) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)),
+        EntityArn: __expectString,
+        EntityType: __expectString,
+        GraphArn: __expectString,
+        InvestigationId: __expectString,
+        ScopeEndTime: (_) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)),
+        ScopeStartTime: (_) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)),
+        Severity: __expectString,
+        State: __expectString,
+        Status: __expectString,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+const de_GetInvestigationCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.detective#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.detective#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.detective#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.detective#TooManyRequestsException":
+            throw await de_TooManyRequestsExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.detective#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_GetMembersCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_GetMembersCommandError(output, context);
@@ -1080,6 +1248,100 @@ const de_ListGraphsCommandError = async (output, context) => {
             });
     }
 };
+export const de_ListIndicatorsCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_ListIndicatorsCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
+    const doc = take(data, {
+        GraphArn: __expectString,
+        Indicators: _json,
+        InvestigationId: __expectString,
+        NextToken: __expectString,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+const de_ListIndicatorsCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.detective#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.detective#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.detective#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.detective#TooManyRequestsException":
+            throw await de_TooManyRequestsExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.detective#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
+export const de_ListInvestigationsCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_ListInvestigationsCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
+    const doc = take(data, {
+        InvestigationDetails: (_) => de_InvestigationDetails(_, context),
+        NextToken: __expectString,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+const de_ListInvestigationsCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.detective#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.detective#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.detective#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.detective#TooManyRequestsException":
+            throw await de_TooManyRequestsExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.detective#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_ListInvitationsCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_ListInvitationsCommandError(output, context);
@@ -1289,6 +1551,51 @@ const de_RejectInvitationCommandError = async (output, context) => {
             });
     }
 };
+export const de_StartInvestigationCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_StartInvestigationCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    const data = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body");
+    const doc = take(data, {
+        InvestigationId: __expectString,
+    });
+    Object.assign(contents, doc);
+    return contents;
+};
+const de_StartInvestigationCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.detective#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.detective#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.detective#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.detective#TooManyRequestsException":
+            throw await de_TooManyRequestsExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.detective#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_StartMonitoringMemberCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_StartMonitoringMemberCommandError(output, context);
@@ -1450,6 +1757,47 @@ const de_UpdateDatasourcePackagesCommandError = async (output, context) => {
             });
     }
 };
+export const de_UpdateInvestigationStateCommand = async (output, context) => {
+    if (output.statusCode !== 200 && output.statusCode >= 300) {
+        return de_UpdateInvestigationStateCommandError(output, context);
+    }
+    const contents = map({
+        $metadata: deserializeMetadata(output),
+    });
+    await collectBody(output.body, context);
+    return contents;
+};
+const de_UpdateInvestigationStateCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AccessDeniedException":
+        case "com.amazonaws.detective#AccessDeniedException":
+            throw await de_AccessDeniedExceptionRes(parsedOutput, context);
+        case "InternalServerException":
+        case "com.amazonaws.detective#InternalServerException":
+            throw await de_InternalServerExceptionRes(parsedOutput, context);
+        case "ResourceNotFoundException":
+        case "com.amazonaws.detective#ResourceNotFoundException":
+            throw await de_ResourceNotFoundExceptionRes(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.detective#TooManyRequestsException":
+            throw await de_TooManyRequestsExceptionRes(parsedOutput, context);
+        case "ValidationException":
+        case "com.amazonaws.detective#ValidationException":
+            throw await de_ValidationExceptionRes(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            return throwDefaultError({
+                output,
+                parsedBody,
+                errorCode,
+            });
+    }
+};
 export const de_UpdateOrganizationConfigurationCommand = async (output, context) => {
     if (output.statusCode !== 200 && output.statusCode >= 300) {
         return de_UpdateOrganizationConfigurationCommandError(output, context);
@@ -1587,6 +1935,21 @@ const de_ValidationExceptionRes = async (parsedOutput, context) => {
     });
     return __decorateServiceException(exception, parsedOutput.body);
 };
+const se_DateFilter = (input, context) => {
+    return take(input, {
+        EndInclusive: (_) => _.toISOString().split(".")[0] + "Z",
+        StartInclusive: (_) => _.toISOString().split(".")[0] + "Z",
+    });
+};
+const se_FilterCriteria = (input, context) => {
+    return take(input, {
+        CreatedTime: (_) => se_DateFilter(_, context),
+        EntityArn: _json,
+        Severity: _json,
+        State: _json,
+        Status: _json,
+    });
+};
 const de_Administrator = (output, context) => {
     return take(output, {
         AccountId: __expectString,
@@ -1646,6 +2009,25 @@ const de_GraphList = (output, context) => {
     });
     return retVal;
 };
+const de_InvestigationDetail = (output, context) => {
+    return take(output, {
+        CreatedTime: (_) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)),
+        EntityArn: __expectString,
+        EntityType: __expectString,
+        InvestigationId: __expectString,
+        Severity: __expectString,
+        State: __expectString,
+        Status: __expectString,
+    });
+};
+const de_InvestigationDetails = (output, context) => {
+    const retVal = (output || [])
+        .filter((e) => e != null)
+        .map((entry) => {
+        return de_InvestigationDetail(entry, context);
+    });
+    return retVal;
+};
 const de_LastIngestStateChangeDates = (output, context) => {
     return Object.entries(output).reduce((acc, [key, value]) => {
         if (value === null) {