@aws-sdk/client-guardduty 3.445.0 → 3.449.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/models/models_0.js +10 -1
- package/dist-cjs/protocols/Aws_restJson1.js +123 -0
- package/dist-es/models/models_0.js +9 -0
- package/dist-es/protocols/Aws_restJson1.js +123 -0
- package/dist-types/commands/GetFindingsCommand.d.ts +68 -0
- package/dist-types/commands/ListMembersCommand.d.ts +2 -1
- package/dist-types/commands/ListOrganizationAdminAccountsCommand.d.ts +1 -1
- package/dist-types/commands/ListPublishingDestinationsCommand.d.ts +1 -1
- package/dist-types/commands/ListTagsForResourceCommand.d.ts +1 -1
- package/dist-types/commands/ListThreatIntelSetsCommand.d.ts +1 -1
- package/dist-types/commands/StartMalwareScanCommand.d.ts +1 -1
- package/dist-types/models/models_0.d.ts +271 -173
- package/dist-types/models/models_1.d.ts +178 -1
- package/dist-types/ts3.4/commands/ListMembersCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/ListOrganizationAdminAccountsCommand.d.ts +1 -1
- package/dist-types/ts3.4/commands/ListPublishingDestinationsCommand.d.ts +1 -1
- package/dist-types/ts3.4/commands/ListTagsForResourceCommand.d.ts +1 -1
- package/dist-types/ts3.4/commands/ListThreatIntelSetsCommand.d.ts +1 -1
- package/dist-types/ts3.4/commands/StartMalwareScanCommand.d.ts +1 -1
- package/dist-types/ts3.4/models/models_0.d.ts +65 -42
- package/dist-types/ts3.4/models/models_1.d.ts +45 -0
- package/package.json +12 -12
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.UsageStatisticType = exports.UsageFeature = exports.ThreatIntelSetStatus = exports.ScanCriterionKey = exports.IpSetStatus = exports.FindingStatisticType = exports.Feedback = exports.EbsSnapshotPreservation = exports.DetectorStatus = exports.DetectorFeatureResult = exports.PublishingStatus = exports.OrgFeature = exports.OrgFeatureAdditionalConfiguration = exports.OrgFeatureStatus = exports.ScanType = exports.ScanStatus = exports.ScanResult = exports.DataSource = exports.CriterionKey = exports.ThreatIntelSetFormat = exports.DestinationType = exports.IpSetFormat = exports.FilterAction = exports.FindingPublishingFrequency = exports.DetectorFeature = exports.FeatureStatus = exports.FeatureAdditionalConfiguration = exports.CoverageStatisticsType = exports.OrderBy = exports.CoverageSortKey = exports.CoverageFilterCriterionKey = exports.ManagementType = exports.ResourceType = exports.CoverageStatus = exports.ConflictException = exports.DataSourceStatus = exports.AutoEnableMembers = exports.AdminStatus = exports.FreeTrialFeatureResult = exports.AccessDeniedException = exports.InternalServerErrorException = exports.BadRequestException = void 0;
|
|
3
|
+
exports.UsageStatisticType = exports.UsageFeature = exports.ThreatIntelSetStatus = exports.ScanCriterionKey = exports.IpSetStatus = exports.FindingStatisticType = exports.Feedback = exports.EbsSnapshotPreservation = exports.DetectorStatus = exports.DetectorFeatureResult = exports.PublishingStatus = exports.OrgFeature = exports.OrgFeatureAdditionalConfiguration = exports.OrgFeatureStatus = exports.ScanType = exports.ScanStatus = exports.ScanResult = exports.DataSource = exports.CriterionKey = exports.ThreatIntelSetFormat = exports.DestinationType = exports.IpSetFormat = exports.FilterAction = exports.FindingPublishingFrequency = exports.DetectorFeature = exports.FeatureStatus = exports.FeatureAdditionalConfiguration = exports.CoverageStatisticsType = exports.OrderBy = exports.CoverageSortKey = exports.CoverageFilterCriterionKey = exports.ManagementType = exports.ResourceType = exports.CoverageStatus = exports.ConflictException = exports.DataSourceStatus = exports.AutoEnableMembers = exports.ProfileType = exports.ProfileSubtype = exports.AdminStatus = exports.FreeTrialFeatureResult = exports.AccessDeniedException = exports.InternalServerErrorException = exports.BadRequestException = void 0;
|
|
4
4
|
const GuardDutyServiceException_1 = require("./GuardDutyServiceException");
|
|
5
5
|
class BadRequestException extends GuardDutyServiceException_1.GuardDutyServiceException {
|
|
6
6
|
constructor(opts) {
|
|
@@ -62,6 +62,15 @@ exports.AdminStatus = {
|
|
|
62
62
|
DISABLE_IN_PROGRESS: "DISABLE_IN_PROGRESS",
|
|
63
63
|
ENABLED: "ENABLED",
|
|
64
64
|
};
|
|
65
|
+
exports.ProfileSubtype = {
|
|
66
|
+
FREQUENT: "FREQUENT",
|
|
67
|
+
INFREQUENT: "INFREQUENT",
|
|
68
|
+
RARE: "RARE",
|
|
69
|
+
UNSEEN: "UNSEEN",
|
|
70
|
+
};
|
|
71
|
+
exports.ProfileType = {
|
|
72
|
+
FREQUENCY: "FREQUENCY",
|
|
73
|
+
};
|
|
65
74
|
exports.AutoEnableMembers = {
|
|
66
75
|
ALL: "ALL",
|
|
67
76
|
NEW: "NEW",
|
|
@@ -4393,6 +4393,17 @@ const de_Action = (output, context) => {
|
|
|
4393
4393
|
AwsApiCallAction: [, (_) => de_AwsApiCallAction(_, context), `awsApiCallAction`],
|
|
4394
4394
|
DnsRequestAction: [, (_) => de_DnsRequestAction(_, context), `dnsRequestAction`],
|
|
4395
4395
|
KubernetesApiCallAction: [, (_) => de_KubernetesApiCallAction(_, context), `kubernetesApiCallAction`],
|
|
4396
|
+
KubernetesPermissionCheckedDetails: [
|
|
4397
|
+
,
|
|
4398
|
+
(_) => de_KubernetesPermissionCheckedDetails(_, context),
|
|
4399
|
+
`kubernetesPermissionCheckedDetails`,
|
|
4400
|
+
],
|
|
4401
|
+
KubernetesRoleBindingDetails: [
|
|
4402
|
+
,
|
|
4403
|
+
(_) => de_KubernetesRoleBindingDetails(_, context),
|
|
4404
|
+
`kubernetesRoleBindingDetails`,
|
|
4405
|
+
],
|
|
4406
|
+
KubernetesRoleDetails: [, (_) => de_KubernetesRoleDetails(_, context), `kubernetesRoleDetails`],
|
|
4396
4407
|
NetworkConnectionAction: [, (_) => de_NetworkConnectionAction(_, context), `networkConnectionAction`],
|
|
4397
4408
|
PortProbeAction: [, (_) => de_PortProbeAction(_, context), `portProbeAction`],
|
|
4398
4409
|
RdsLoginAttemptAction: [, (_) => de_RdsLoginAttemptAction(_, context), `rdsLoginAttemptAction`],
|
|
@@ -4426,6 +4437,59 @@ const de_Administrator = (output, context) => {
|
|
|
4426
4437
|
RelationshipStatus: [, smithy_client_1.expectString, `relationshipStatus`],
|
|
4427
4438
|
});
|
|
4428
4439
|
};
|
|
4440
|
+
const de_Anomaly = (output, context) => {
|
|
4441
|
+
return (0, smithy_client_1.take)(output, {
|
|
4442
|
+
Profiles: [, (_) => de_AnomalyProfiles(_, context), `profiles`],
|
|
4443
|
+
Unusual: [, (_) => de_AnomalyUnusual(_, context), `unusual`],
|
|
4444
|
+
});
|
|
4445
|
+
};
|
|
4446
|
+
const de_AnomalyObject = (output, context) => {
|
|
4447
|
+
return (0, smithy_client_1.take)(output, {
|
|
4448
|
+
Observations: [, (_) => de_Observations(_, context), `observations`],
|
|
4449
|
+
ProfileSubtype: [, smithy_client_1.expectString, `profileSubtype`],
|
|
4450
|
+
ProfileType: [, smithy_client_1.expectString, `profileType`],
|
|
4451
|
+
});
|
|
4452
|
+
};
|
|
4453
|
+
const de_AnomalyProfileFeatureObjects = (output, context) => {
|
|
4454
|
+
const retVal = (output || [])
|
|
4455
|
+
.filter((e) => e != null)
|
|
4456
|
+
.map((entry) => {
|
|
4457
|
+
return de_AnomalyObject(entry, context);
|
|
4458
|
+
});
|
|
4459
|
+
return retVal;
|
|
4460
|
+
};
|
|
4461
|
+
const de_AnomalyProfileFeatures = (output, context) => {
|
|
4462
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4463
|
+
if (value === null) {
|
|
4464
|
+
return acc;
|
|
4465
|
+
}
|
|
4466
|
+
acc[key] = de_AnomalyProfileFeatureObjects(value, context);
|
|
4467
|
+
return acc;
|
|
4468
|
+
}, {});
|
|
4469
|
+
};
|
|
4470
|
+
const de_AnomalyProfiles = (output, context) => {
|
|
4471
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4472
|
+
if (value === null) {
|
|
4473
|
+
return acc;
|
|
4474
|
+
}
|
|
4475
|
+
acc[key] = de_AnomalyProfileFeatures(value, context);
|
|
4476
|
+
return acc;
|
|
4477
|
+
}, {});
|
|
4478
|
+
};
|
|
4479
|
+
const de_AnomalyUnusual = (output, context) => {
|
|
4480
|
+
return (0, smithy_client_1.take)(output, {
|
|
4481
|
+
Behavior: [, (_) => de_Behavior(_, context), `behavior`],
|
|
4482
|
+
});
|
|
4483
|
+
};
|
|
4484
|
+
const de_AnomalyUnusualBehaviorFeature = (output, context) => {
|
|
4485
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4486
|
+
if (value === null) {
|
|
4487
|
+
return acc;
|
|
4488
|
+
}
|
|
4489
|
+
acc[key] = de_AnomalyObject(value, context);
|
|
4490
|
+
return acc;
|
|
4491
|
+
}, {});
|
|
4492
|
+
};
|
|
4429
4493
|
const de_AwsApiCallAction = (output, context) => {
|
|
4430
4494
|
return (0, smithy_client_1.take)(output, {
|
|
4431
4495
|
AffectedResources: [, smithy_client_1._json, `affectedResources`],
|
|
@@ -4439,6 +4503,15 @@ const de_AwsApiCallAction = (output, context) => {
|
|
|
4439
4503
|
UserAgent: [, smithy_client_1.expectString, `userAgent`],
|
|
4440
4504
|
});
|
|
4441
4505
|
};
|
|
4506
|
+
const de_Behavior = (output, context) => {
|
|
4507
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4508
|
+
if (value === null) {
|
|
4509
|
+
return acc;
|
|
4510
|
+
}
|
|
4511
|
+
acc[key] = de_AnomalyUnusualBehaviorFeature(value, context);
|
|
4512
|
+
return acc;
|
|
4513
|
+
}, {});
|
|
4514
|
+
};
|
|
4442
4515
|
const de_BlockPublicAccess = (output, context) => {
|
|
4443
4516
|
return (0, smithy_client_1.take)(output, {
|
|
4444
4517
|
BlockPublicAcls: [, smithy_client_1.expectBoolean, `blockPublicAcls`],
|
|
@@ -4612,6 +4685,11 @@ const de_Destinations = (output, context) => {
|
|
|
4612
4685
|
});
|
|
4613
4686
|
return retVal;
|
|
4614
4687
|
};
|
|
4688
|
+
const de_Detection = (output, context) => {
|
|
4689
|
+
return (0, smithy_client_1.take)(output, {
|
|
4690
|
+
Anomaly: [, (_) => de_Anomaly(_, context), `anomaly`],
|
|
4691
|
+
});
|
|
4692
|
+
};
|
|
4615
4693
|
const de_DetectorAdditionalConfigurationResult = (output, context) => {
|
|
4616
4694
|
return (0, smithy_client_1.take)(output, {
|
|
4617
4695
|
Name: [, smithy_client_1.expectString, `name`],
|
|
@@ -4817,6 +4895,12 @@ const de_IamInstanceProfile = (output, context) => {
|
|
|
4817
4895
|
Id: [, smithy_client_1.expectString, `id`],
|
|
4818
4896
|
});
|
|
4819
4897
|
};
|
|
4898
|
+
const de_ImpersonatedUser = (output, context) => {
|
|
4899
|
+
return (0, smithy_client_1.take)(output, {
|
|
4900
|
+
Groups: [, smithy_client_1._json, `groups`],
|
|
4901
|
+
Username: [, smithy_client_1.expectString, `username`],
|
|
4902
|
+
});
|
|
4903
|
+
};
|
|
4820
4904
|
const de_InstanceDetails = (output, context) => {
|
|
4821
4905
|
return (0, smithy_client_1.take)(output, {
|
|
4822
4906
|
AvailabilityZone: [, smithy_client_1.expectString, `availabilityZone`],
|
|
@@ -4852,11 +4936,15 @@ const de_Invitations = (output, context) => {
|
|
|
4852
4936
|
};
|
|
4853
4937
|
const de_KubernetesApiCallAction = (output, context) => {
|
|
4854
4938
|
return (0, smithy_client_1.take)(output, {
|
|
4939
|
+
Namespace: [, smithy_client_1.expectString, `namespace`],
|
|
4855
4940
|
Parameters: [, smithy_client_1.expectString, `parameters`],
|
|
4856
4941
|
RemoteIpDetails: [, (_) => de_RemoteIpDetails(_, context), `remoteIpDetails`],
|
|
4857
4942
|
RequestUri: [, smithy_client_1.expectString, `requestUri`],
|
|
4943
|
+
Resource: [, smithy_client_1.expectString, `resource`],
|
|
4944
|
+
ResourceName: [, smithy_client_1.expectString, `resourceName`],
|
|
4858
4945
|
SourceIps: [, smithy_client_1._json, `sourceIps`],
|
|
4859
4946
|
StatusCode: [, smithy_client_1.expectInt32, `statusCode`],
|
|
4947
|
+
Subresource: [, smithy_client_1.expectString, `subresource`],
|
|
4860
4948
|
UserAgent: [, smithy_client_1.expectString, `userAgent`],
|
|
4861
4949
|
Verb: [, smithy_client_1.expectString, `verb`],
|
|
4862
4950
|
});
|
|
@@ -4882,9 +4970,34 @@ const de_KubernetesDetails = (output, context) => {
|
|
|
4882
4970
|
KubernetesWorkloadDetails: [, (_) => de_KubernetesWorkloadDetails(_, context), `kubernetesWorkloadDetails`],
|
|
4883
4971
|
});
|
|
4884
4972
|
};
|
|
4973
|
+
const de_KubernetesPermissionCheckedDetails = (output, context) => {
|
|
4974
|
+
return (0, smithy_client_1.take)(output, {
|
|
4975
|
+
Allowed: [, smithy_client_1.expectBoolean, `allowed`],
|
|
4976
|
+
Namespace: [, smithy_client_1.expectString, `namespace`],
|
|
4977
|
+
Resource: [, smithy_client_1.expectString, `resource`],
|
|
4978
|
+
Verb: [, smithy_client_1.expectString, `verb`],
|
|
4979
|
+
});
|
|
4980
|
+
};
|
|
4981
|
+
const de_KubernetesRoleBindingDetails = (output, context) => {
|
|
4982
|
+
return (0, smithy_client_1.take)(output, {
|
|
4983
|
+
Kind: [, smithy_client_1.expectString, `kind`],
|
|
4984
|
+
Name: [, smithy_client_1.expectString, `name`],
|
|
4985
|
+
RoleRefKind: [, smithy_client_1.expectString, `roleRefKind`],
|
|
4986
|
+
RoleRefName: [, smithy_client_1.expectString, `roleRefName`],
|
|
4987
|
+
Uid: [, smithy_client_1.expectString, `uid`],
|
|
4988
|
+
});
|
|
4989
|
+
};
|
|
4990
|
+
const de_KubernetesRoleDetails = (output, context) => {
|
|
4991
|
+
return (0, smithy_client_1.take)(output, {
|
|
4992
|
+
Kind: [, smithy_client_1.expectString, `kind`],
|
|
4993
|
+
Name: [, smithy_client_1.expectString, `name`],
|
|
4994
|
+
Uid: [, smithy_client_1.expectString, `uid`],
|
|
4995
|
+
});
|
|
4996
|
+
};
|
|
4885
4997
|
const de_KubernetesUserDetails = (output, context) => {
|
|
4886
4998
|
return (0, smithy_client_1.take)(output, {
|
|
4887
4999
|
Groups: [, smithy_client_1._json, `groups`],
|
|
5000
|
+
ImpersonatedUser: [, (_) => de_ImpersonatedUser(_, context), `impersonatedUser`],
|
|
4888
5001
|
SessionName: [, smithy_client_1._json, `sessionName`],
|
|
4889
5002
|
Uid: [, smithy_client_1.expectString, `uid`],
|
|
4890
5003
|
Username: [, smithy_client_1.expectString, `username`],
|
|
@@ -4893,9 +5006,12 @@ const de_KubernetesUserDetails = (output, context) => {
|
|
|
4893
5006
|
const de_KubernetesWorkloadDetails = (output, context) => {
|
|
4894
5007
|
return (0, smithy_client_1.take)(output, {
|
|
4895
5008
|
Containers: [, (_) => de_Containers(_, context), `containers`],
|
|
5009
|
+
HostIPC: [, smithy_client_1.expectBoolean, `hostIPC`],
|
|
4896
5010
|
HostNetwork: [, smithy_client_1.expectBoolean, `hostNetwork`],
|
|
5011
|
+
HostPID: [, smithy_client_1.expectBoolean, `hostPID`],
|
|
4897
5012
|
Name: [, smithy_client_1.expectString, `name`],
|
|
4898
5013
|
Namespace: [, smithy_client_1.expectString, `namespace`],
|
|
5014
|
+
ServiceAccountName: [, smithy_client_1.expectString, `serviceAccountName`],
|
|
4899
5015
|
Type: [, smithy_client_1.expectString, `type`],
|
|
4900
5016
|
Uid: [, smithy_client_1.expectString, `uid`],
|
|
4901
5017
|
Volumes: [, (_) => de_Volumes(_, context), `volumes`],
|
|
@@ -5096,6 +5212,11 @@ const de_NetworkInterfaces = (output, context) => {
|
|
|
5096
5212
|
});
|
|
5097
5213
|
return retVal;
|
|
5098
5214
|
};
|
|
5215
|
+
const de_Observations = (output, context) => {
|
|
5216
|
+
return (0, smithy_client_1.take)(output, {
|
|
5217
|
+
Text: [, smithy_client_1._json, `text`],
|
|
5218
|
+
});
|
|
5219
|
+
};
|
|
5099
5220
|
const de_Organization = (output, context) => {
|
|
5100
5221
|
return (0, smithy_client_1.take)(output, {
|
|
5101
5222
|
Asn: [, smithy_client_1.expectString, `asn`],
|
|
@@ -5499,6 +5620,7 @@ const de_ScanThreatNames = (output, context) => {
|
|
|
5499
5620
|
};
|
|
5500
5621
|
const de_SecurityContext = (output, context) => {
|
|
5501
5622
|
return (0, smithy_client_1.take)(output, {
|
|
5623
|
+
AllowPrivilegeEscalation: [, smithy_client_1.expectBoolean, `allowPrivilegeEscalation`],
|
|
5502
5624
|
Privileged: [, smithy_client_1.expectBoolean, `privileged`],
|
|
5503
5625
|
});
|
|
5504
5626
|
};
|
|
@@ -5522,6 +5644,7 @@ const de_Service = (output, context) => {
|
|
|
5522
5644
|
AdditionalInfo: [, (_) => de_ServiceAdditionalInfo(_, context), `additionalInfo`],
|
|
5523
5645
|
Archived: [, smithy_client_1.expectBoolean, `archived`],
|
|
5524
5646
|
Count: [, smithy_client_1.expectInt32, `count`],
|
|
5647
|
+
Detection: [, (_) => de_Detection(_, context), `detection`],
|
|
5525
5648
|
DetectorId: [, smithy_client_1.expectString, `detectorId`],
|
|
5526
5649
|
EbsVolumeScanDetails: [, (_) => de_EbsVolumeScanDetails(_, context), `ebsVolumeScanDetails`],
|
|
5527
5650
|
EventFirstSeen: [, smithy_client_1.expectString, `eventFirstSeen`],
|
|
@@ -56,6 +56,15 @@ export const AdminStatus = {
|
|
|
56
56
|
DISABLE_IN_PROGRESS: "DISABLE_IN_PROGRESS",
|
|
57
57
|
ENABLED: "ENABLED",
|
|
58
58
|
};
|
|
59
|
+
export const ProfileSubtype = {
|
|
60
|
+
FREQUENT: "FREQUENT",
|
|
61
|
+
INFREQUENT: "INFREQUENT",
|
|
62
|
+
RARE: "RARE",
|
|
63
|
+
UNSEEN: "UNSEEN",
|
|
64
|
+
};
|
|
65
|
+
export const ProfileType = {
|
|
66
|
+
FREQUENCY: "FREQUENCY",
|
|
67
|
+
};
|
|
59
68
|
export const AutoEnableMembers = {
|
|
60
69
|
ALL: "ALL",
|
|
61
70
|
NEW: "NEW",
|
|
@@ -4252,6 +4252,17 @@ const de_Action = (output, context) => {
|
|
|
4252
4252
|
AwsApiCallAction: [, (_) => de_AwsApiCallAction(_, context), `awsApiCallAction`],
|
|
4253
4253
|
DnsRequestAction: [, (_) => de_DnsRequestAction(_, context), `dnsRequestAction`],
|
|
4254
4254
|
KubernetesApiCallAction: [, (_) => de_KubernetesApiCallAction(_, context), `kubernetesApiCallAction`],
|
|
4255
|
+
KubernetesPermissionCheckedDetails: [
|
|
4256
|
+
,
|
|
4257
|
+
(_) => de_KubernetesPermissionCheckedDetails(_, context),
|
|
4258
|
+
`kubernetesPermissionCheckedDetails`,
|
|
4259
|
+
],
|
|
4260
|
+
KubernetesRoleBindingDetails: [
|
|
4261
|
+
,
|
|
4262
|
+
(_) => de_KubernetesRoleBindingDetails(_, context),
|
|
4263
|
+
`kubernetesRoleBindingDetails`,
|
|
4264
|
+
],
|
|
4265
|
+
KubernetesRoleDetails: [, (_) => de_KubernetesRoleDetails(_, context), `kubernetesRoleDetails`],
|
|
4255
4266
|
NetworkConnectionAction: [, (_) => de_NetworkConnectionAction(_, context), `networkConnectionAction`],
|
|
4256
4267
|
PortProbeAction: [, (_) => de_PortProbeAction(_, context), `portProbeAction`],
|
|
4257
4268
|
RdsLoginAttemptAction: [, (_) => de_RdsLoginAttemptAction(_, context), `rdsLoginAttemptAction`],
|
|
@@ -4285,6 +4296,59 @@ const de_Administrator = (output, context) => {
|
|
|
4285
4296
|
RelationshipStatus: [, __expectString, `relationshipStatus`],
|
|
4286
4297
|
});
|
|
4287
4298
|
};
|
|
4299
|
+
const de_Anomaly = (output, context) => {
|
|
4300
|
+
return take(output, {
|
|
4301
|
+
Profiles: [, (_) => de_AnomalyProfiles(_, context), `profiles`],
|
|
4302
|
+
Unusual: [, (_) => de_AnomalyUnusual(_, context), `unusual`],
|
|
4303
|
+
});
|
|
4304
|
+
};
|
|
4305
|
+
const de_AnomalyObject = (output, context) => {
|
|
4306
|
+
return take(output, {
|
|
4307
|
+
Observations: [, (_) => de_Observations(_, context), `observations`],
|
|
4308
|
+
ProfileSubtype: [, __expectString, `profileSubtype`],
|
|
4309
|
+
ProfileType: [, __expectString, `profileType`],
|
|
4310
|
+
});
|
|
4311
|
+
};
|
|
4312
|
+
const de_AnomalyProfileFeatureObjects = (output, context) => {
|
|
4313
|
+
const retVal = (output || [])
|
|
4314
|
+
.filter((e) => e != null)
|
|
4315
|
+
.map((entry) => {
|
|
4316
|
+
return de_AnomalyObject(entry, context);
|
|
4317
|
+
});
|
|
4318
|
+
return retVal;
|
|
4319
|
+
};
|
|
4320
|
+
const de_AnomalyProfileFeatures = (output, context) => {
|
|
4321
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4322
|
+
if (value === null) {
|
|
4323
|
+
return acc;
|
|
4324
|
+
}
|
|
4325
|
+
acc[key] = de_AnomalyProfileFeatureObjects(value, context);
|
|
4326
|
+
return acc;
|
|
4327
|
+
}, {});
|
|
4328
|
+
};
|
|
4329
|
+
const de_AnomalyProfiles = (output, context) => {
|
|
4330
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4331
|
+
if (value === null) {
|
|
4332
|
+
return acc;
|
|
4333
|
+
}
|
|
4334
|
+
acc[key] = de_AnomalyProfileFeatures(value, context);
|
|
4335
|
+
return acc;
|
|
4336
|
+
}, {});
|
|
4337
|
+
};
|
|
4338
|
+
const de_AnomalyUnusual = (output, context) => {
|
|
4339
|
+
return take(output, {
|
|
4340
|
+
Behavior: [, (_) => de_Behavior(_, context), `behavior`],
|
|
4341
|
+
});
|
|
4342
|
+
};
|
|
4343
|
+
const de_AnomalyUnusualBehaviorFeature = (output, context) => {
|
|
4344
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4345
|
+
if (value === null) {
|
|
4346
|
+
return acc;
|
|
4347
|
+
}
|
|
4348
|
+
acc[key] = de_AnomalyObject(value, context);
|
|
4349
|
+
return acc;
|
|
4350
|
+
}, {});
|
|
4351
|
+
};
|
|
4288
4352
|
const de_AwsApiCallAction = (output, context) => {
|
|
4289
4353
|
return take(output, {
|
|
4290
4354
|
AffectedResources: [, _json, `affectedResources`],
|
|
@@ -4298,6 +4362,15 @@ const de_AwsApiCallAction = (output, context) => {
|
|
|
4298
4362
|
UserAgent: [, __expectString, `userAgent`],
|
|
4299
4363
|
});
|
|
4300
4364
|
};
|
|
4365
|
+
const de_Behavior = (output, context) => {
|
|
4366
|
+
return Object.entries(output).reduce((acc, [key, value]) => {
|
|
4367
|
+
if (value === null) {
|
|
4368
|
+
return acc;
|
|
4369
|
+
}
|
|
4370
|
+
acc[key] = de_AnomalyUnusualBehaviorFeature(value, context);
|
|
4371
|
+
return acc;
|
|
4372
|
+
}, {});
|
|
4373
|
+
};
|
|
4301
4374
|
const de_BlockPublicAccess = (output, context) => {
|
|
4302
4375
|
return take(output, {
|
|
4303
4376
|
BlockPublicAcls: [, __expectBoolean, `blockPublicAcls`],
|
|
@@ -4471,6 +4544,11 @@ const de_Destinations = (output, context) => {
|
|
|
4471
4544
|
});
|
|
4472
4545
|
return retVal;
|
|
4473
4546
|
};
|
|
4547
|
+
const de_Detection = (output, context) => {
|
|
4548
|
+
return take(output, {
|
|
4549
|
+
Anomaly: [, (_) => de_Anomaly(_, context), `anomaly`],
|
|
4550
|
+
});
|
|
4551
|
+
};
|
|
4474
4552
|
const de_DetectorAdditionalConfigurationResult = (output, context) => {
|
|
4475
4553
|
return take(output, {
|
|
4476
4554
|
Name: [, __expectString, `name`],
|
|
@@ -4676,6 +4754,12 @@ const de_IamInstanceProfile = (output, context) => {
|
|
|
4676
4754
|
Id: [, __expectString, `id`],
|
|
4677
4755
|
});
|
|
4678
4756
|
};
|
|
4757
|
+
const de_ImpersonatedUser = (output, context) => {
|
|
4758
|
+
return take(output, {
|
|
4759
|
+
Groups: [, _json, `groups`],
|
|
4760
|
+
Username: [, __expectString, `username`],
|
|
4761
|
+
});
|
|
4762
|
+
};
|
|
4679
4763
|
const de_InstanceDetails = (output, context) => {
|
|
4680
4764
|
return take(output, {
|
|
4681
4765
|
AvailabilityZone: [, __expectString, `availabilityZone`],
|
|
@@ -4711,11 +4795,15 @@ const de_Invitations = (output, context) => {
|
|
|
4711
4795
|
};
|
|
4712
4796
|
const de_KubernetesApiCallAction = (output, context) => {
|
|
4713
4797
|
return take(output, {
|
|
4798
|
+
Namespace: [, __expectString, `namespace`],
|
|
4714
4799
|
Parameters: [, __expectString, `parameters`],
|
|
4715
4800
|
RemoteIpDetails: [, (_) => de_RemoteIpDetails(_, context), `remoteIpDetails`],
|
|
4716
4801
|
RequestUri: [, __expectString, `requestUri`],
|
|
4802
|
+
Resource: [, __expectString, `resource`],
|
|
4803
|
+
ResourceName: [, __expectString, `resourceName`],
|
|
4717
4804
|
SourceIps: [, _json, `sourceIps`],
|
|
4718
4805
|
StatusCode: [, __expectInt32, `statusCode`],
|
|
4806
|
+
Subresource: [, __expectString, `subresource`],
|
|
4719
4807
|
UserAgent: [, __expectString, `userAgent`],
|
|
4720
4808
|
Verb: [, __expectString, `verb`],
|
|
4721
4809
|
});
|
|
@@ -4741,9 +4829,34 @@ const de_KubernetesDetails = (output, context) => {
|
|
|
4741
4829
|
KubernetesWorkloadDetails: [, (_) => de_KubernetesWorkloadDetails(_, context), `kubernetesWorkloadDetails`],
|
|
4742
4830
|
});
|
|
4743
4831
|
};
|
|
4832
|
+
const de_KubernetesPermissionCheckedDetails = (output, context) => {
|
|
4833
|
+
return take(output, {
|
|
4834
|
+
Allowed: [, __expectBoolean, `allowed`],
|
|
4835
|
+
Namespace: [, __expectString, `namespace`],
|
|
4836
|
+
Resource: [, __expectString, `resource`],
|
|
4837
|
+
Verb: [, __expectString, `verb`],
|
|
4838
|
+
});
|
|
4839
|
+
};
|
|
4840
|
+
const de_KubernetesRoleBindingDetails = (output, context) => {
|
|
4841
|
+
return take(output, {
|
|
4842
|
+
Kind: [, __expectString, `kind`],
|
|
4843
|
+
Name: [, __expectString, `name`],
|
|
4844
|
+
RoleRefKind: [, __expectString, `roleRefKind`],
|
|
4845
|
+
RoleRefName: [, __expectString, `roleRefName`],
|
|
4846
|
+
Uid: [, __expectString, `uid`],
|
|
4847
|
+
});
|
|
4848
|
+
};
|
|
4849
|
+
const de_KubernetesRoleDetails = (output, context) => {
|
|
4850
|
+
return take(output, {
|
|
4851
|
+
Kind: [, __expectString, `kind`],
|
|
4852
|
+
Name: [, __expectString, `name`],
|
|
4853
|
+
Uid: [, __expectString, `uid`],
|
|
4854
|
+
});
|
|
4855
|
+
};
|
|
4744
4856
|
const de_KubernetesUserDetails = (output, context) => {
|
|
4745
4857
|
return take(output, {
|
|
4746
4858
|
Groups: [, _json, `groups`],
|
|
4859
|
+
ImpersonatedUser: [, (_) => de_ImpersonatedUser(_, context), `impersonatedUser`],
|
|
4747
4860
|
SessionName: [, _json, `sessionName`],
|
|
4748
4861
|
Uid: [, __expectString, `uid`],
|
|
4749
4862
|
Username: [, __expectString, `username`],
|
|
@@ -4752,9 +4865,12 @@ const de_KubernetesUserDetails = (output, context) => {
|
|
|
4752
4865
|
const de_KubernetesWorkloadDetails = (output, context) => {
|
|
4753
4866
|
return take(output, {
|
|
4754
4867
|
Containers: [, (_) => de_Containers(_, context), `containers`],
|
|
4868
|
+
HostIPC: [, __expectBoolean, `hostIPC`],
|
|
4755
4869
|
HostNetwork: [, __expectBoolean, `hostNetwork`],
|
|
4870
|
+
HostPID: [, __expectBoolean, `hostPID`],
|
|
4756
4871
|
Name: [, __expectString, `name`],
|
|
4757
4872
|
Namespace: [, __expectString, `namespace`],
|
|
4873
|
+
ServiceAccountName: [, __expectString, `serviceAccountName`],
|
|
4758
4874
|
Type: [, __expectString, `type`],
|
|
4759
4875
|
Uid: [, __expectString, `uid`],
|
|
4760
4876
|
Volumes: [, (_) => de_Volumes(_, context), `volumes`],
|
|
@@ -4955,6 +5071,11 @@ const de_NetworkInterfaces = (output, context) => {
|
|
|
4955
5071
|
});
|
|
4956
5072
|
return retVal;
|
|
4957
5073
|
};
|
|
5074
|
+
const de_Observations = (output, context) => {
|
|
5075
|
+
return take(output, {
|
|
5076
|
+
Text: [, _json, `text`],
|
|
5077
|
+
});
|
|
5078
|
+
};
|
|
4958
5079
|
const de_Organization = (output, context) => {
|
|
4959
5080
|
return take(output, {
|
|
4960
5081
|
Asn: [, __expectString, `asn`],
|
|
@@ -5358,6 +5479,7 @@ const de_ScanThreatNames = (output, context) => {
|
|
|
5358
5479
|
};
|
|
5359
5480
|
const de_SecurityContext = (output, context) => {
|
|
5360
5481
|
return take(output, {
|
|
5482
|
+
AllowPrivilegeEscalation: [, __expectBoolean, `allowPrivilegeEscalation`],
|
|
5361
5483
|
Privileged: [, __expectBoolean, `privileged`],
|
|
5362
5484
|
});
|
|
5363
5485
|
};
|
|
@@ -5381,6 +5503,7 @@ const de_Service = (output, context) => {
|
|
|
5381
5503
|
AdditionalInfo: [, (_) => de_ServiceAdditionalInfo(_, context), `additionalInfo`],
|
|
5382
5504
|
Archived: [, __expectBoolean, `archived`],
|
|
5383
5505
|
Count: [, __expectInt32, `count`],
|
|
5506
|
+
Detection: [, (_) => de_Detection(_, context), `detection`],
|
|
5384
5507
|
DetectorId: [, __expectString, `detectorId`],
|
|
5385
5508
|
EbsVolumeScanDetails: [, (_) => de_EbsVolumeScanDetails(_, context), `ebsVolumeScanDetails`],
|
|
5386
5509
|
EventFirstSeen: [, __expectString, `eventFirstSeen`],
|
|
@@ -186,6 +186,12 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
186
186
|
* // SessionName: [ // SessionNameList
|
|
187
187
|
* // "STRING_VALUE",
|
|
188
188
|
* // ],
|
|
189
|
+
* // ImpersonatedUser: { // ImpersonatedUser
|
|
190
|
+
* // Username: "STRING_VALUE",
|
|
191
|
+
* // Groups: [
|
|
192
|
+
* // "STRING_VALUE",
|
|
193
|
+
* // ],
|
|
194
|
+
* // },
|
|
189
195
|
* // },
|
|
190
196
|
* // KubernetesWorkloadDetails: { // KubernetesWorkloadDetails
|
|
191
197
|
* // Name: "STRING_VALUE",
|
|
@@ -208,6 +214,7 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
208
214
|
* // ],
|
|
209
215
|
* // SecurityContext: { // SecurityContext
|
|
210
216
|
* // Privileged: true || false,
|
|
217
|
+
* // AllowPrivilegeEscalation: true || false,
|
|
211
218
|
* // },
|
|
212
219
|
* // },
|
|
213
220
|
* // ],
|
|
@@ -219,6 +226,9 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
219
226
|
* // },
|
|
220
227
|
* // },
|
|
221
228
|
* // ],
|
|
229
|
+
* // ServiceAccountName: "STRING_VALUE",
|
|
230
|
+
* // HostIPC: true || false,
|
|
231
|
+
* // HostPID: true || false,
|
|
222
232
|
* // },
|
|
223
233
|
* // },
|
|
224
234
|
* // ResourceType: "STRING_VALUE",
|
|
@@ -295,6 +305,7 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
295
305
|
* // ],
|
|
296
306
|
* // SecurityContext: {
|
|
297
307
|
* // Privileged: true || false,
|
|
308
|
+
* // AllowPrivilegeEscalation: true || false,
|
|
298
309
|
* // },
|
|
299
310
|
* // },
|
|
300
311
|
* // ],
|
|
@@ -315,6 +326,7 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
315
326
|
* // ],
|
|
316
327
|
* // SecurityContext: {
|
|
317
328
|
* // Privileged: true || false,
|
|
329
|
+
* // AllowPrivilegeEscalation: true || false,
|
|
318
330
|
* // },
|
|
319
331
|
* // },
|
|
320
332
|
* // RdsDbInstanceDetails: { // RdsDbInstanceDetails
|
|
@@ -501,6 +513,10 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
501
513
|
* // },
|
|
502
514
|
* // StatusCode: Number("int"),
|
|
503
515
|
* // Parameters: "STRING_VALUE",
|
|
516
|
+
* // Resource: "STRING_VALUE",
|
|
517
|
+
* // Subresource: "STRING_VALUE",
|
|
518
|
+
* // Namespace: "STRING_VALUE",
|
|
519
|
+
* // ResourceName: "STRING_VALUE",
|
|
504
520
|
* // },
|
|
505
521
|
* // RdsLoginAttemptAction: { // RdsLoginAttemptAction
|
|
506
522
|
* // RemoteIpDetails: {
|
|
@@ -532,6 +548,24 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
532
548
|
* // },
|
|
533
549
|
* // ],
|
|
534
550
|
* // },
|
|
551
|
+
* // KubernetesPermissionCheckedDetails: { // KubernetesPermissionCheckedDetails
|
|
552
|
+
* // Verb: "STRING_VALUE",
|
|
553
|
+
* // Resource: "STRING_VALUE",
|
|
554
|
+
* // Namespace: "STRING_VALUE",
|
|
555
|
+
* // Allowed: true || false,
|
|
556
|
+
* // },
|
|
557
|
+
* // KubernetesRoleBindingDetails: { // KubernetesRoleBindingDetails
|
|
558
|
+
* // Kind: "STRING_VALUE",
|
|
559
|
+
* // Name: "STRING_VALUE",
|
|
560
|
+
* // Uid: "STRING_VALUE",
|
|
561
|
+
* // RoleRefName: "STRING_VALUE",
|
|
562
|
+
* // RoleRefKind: "STRING_VALUE",
|
|
563
|
+
* // },
|
|
564
|
+
* // KubernetesRoleDetails: { // KubernetesRoleDetails
|
|
565
|
+
* // Kind: "STRING_VALUE",
|
|
566
|
+
* // Name: "STRING_VALUE",
|
|
567
|
+
* // Uid: "STRING_VALUE",
|
|
568
|
+
* // },
|
|
535
569
|
* // },
|
|
536
570
|
* // Evidence: { // Evidence
|
|
537
571
|
* // ThreatIntelligenceDetails: [ // ThreatIntelligenceDetails
|
|
@@ -708,6 +742,40 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
|
|
|
708
742
|
* // ],
|
|
709
743
|
* // },
|
|
710
744
|
* // },
|
|
745
|
+
* // Detection: { // Detection
|
|
746
|
+
* // Anomaly: { // Anomaly
|
|
747
|
+
* // Profiles: { // AnomalyProfiles
|
|
748
|
+
* // "<keys>": { // AnomalyProfileFeatures
|
|
749
|
+
* // "<keys>": [ // AnomalyProfileFeatureObjects
|
|
750
|
+
* // { // AnomalyObject
|
|
751
|
+
* // ProfileType: "FREQUENCY",
|
|
752
|
+
* // ProfileSubtype: "FREQUENT" || "INFREQUENT" || "UNSEEN" || "RARE",
|
|
753
|
+
* // Observations: { // Observations
|
|
754
|
+
* // Text: [ // ObservationTexts
|
|
755
|
+
* // "STRING_VALUE",
|
|
756
|
+
* // ],
|
|
757
|
+
* // },
|
|
758
|
+
* // },
|
|
759
|
+
* // ],
|
|
760
|
+
* // },
|
|
761
|
+
* // },
|
|
762
|
+
* // Unusual: { // AnomalyUnusual
|
|
763
|
+
* // Behavior: { // Behavior
|
|
764
|
+
* // "<keys>": { // AnomalyUnusualBehaviorFeature
|
|
765
|
+
* // "<keys>": {
|
|
766
|
+
* // ProfileType: "FREQUENCY",
|
|
767
|
+
* // ProfileSubtype: "FREQUENT" || "INFREQUENT" || "UNSEEN" || "RARE",
|
|
768
|
+
* // Observations: {
|
|
769
|
+
* // Text: [
|
|
770
|
+
* // "STRING_VALUE",
|
|
771
|
+
* // ],
|
|
772
|
+
* // },
|
|
773
|
+
* // },
|
|
774
|
+
* // },
|
|
775
|
+
* // },
|
|
776
|
+
* // },
|
|
777
|
+
* // },
|
|
778
|
+
* // },
|
|
711
779
|
* // },
|
|
712
780
|
* // Severity: Number("double"), // required
|
|
713
781
|
* // Title: "STRING_VALUE",
|
|
@@ -2,7 +2,8 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { ListMembersRequest
|
|
5
|
+
import { ListMembersRequest } from "../models/models_0";
|
|
6
|
+
import { ListMembersResponse } from "../models/models_1";
|
|
6
7
|
/**
|
|
7
8
|
* @public
|
|
8
9
|
*/
|
|
@@ -2,7 +2,7 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { ListOrganizationAdminAccountsRequest, ListOrganizationAdminAccountsResponse } from "../models/
|
|
5
|
+
import { ListOrganizationAdminAccountsRequest, ListOrganizationAdminAccountsResponse } from "../models/models_1";
|
|
6
6
|
/**
|
|
7
7
|
* @public
|
|
8
8
|
*/
|
|
@@ -2,7 +2,7 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { ListPublishingDestinationsRequest, ListPublishingDestinationsResponse } from "../models/
|
|
5
|
+
import { ListPublishingDestinationsRequest, ListPublishingDestinationsResponse } from "../models/models_1";
|
|
6
6
|
/**
|
|
7
7
|
* @public
|
|
8
8
|
*/
|
|
@@ -2,7 +2,7 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { ListTagsForResourceRequest, ListTagsForResourceResponse } from "../models/
|
|
5
|
+
import { ListTagsForResourceRequest, ListTagsForResourceResponse } from "../models/models_1";
|
|
6
6
|
/**
|
|
7
7
|
* @public
|
|
8
8
|
*/
|
|
@@ -2,7 +2,7 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { ListThreatIntelSetsRequest, ListThreatIntelSetsResponse } from "../models/
|
|
5
|
+
import { ListThreatIntelSetsRequest, ListThreatIntelSetsResponse } from "../models/models_1";
|
|
6
6
|
/**
|
|
7
7
|
* @public
|
|
8
8
|
*/
|
|
@@ -2,7 +2,7 @@ import { EndpointParameterInstructions } from "@smithy/middleware-endpoint";
|
|
|
2
2
|
import { Command as $Command } from "@smithy/smithy-client";
|
|
3
3
|
import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@smithy/types";
|
|
4
4
|
import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient";
|
|
5
|
-
import { StartMalwareScanRequest, StartMalwareScanResponse } from "../models/
|
|
5
|
+
import { StartMalwareScanRequest, StartMalwareScanResponse } from "../models/models_1";
|
|
6
6
|
/**
|
|
7
7
|
* @public
|
|
8
8
|
*/
|