@aws-sdk/client-guardduty 3.47.2 → 3.51.0

package/dist-types/models/models_0.d.ts

@@ -173,7 +173,7 @@ export declare namespace AccountLevelPermissions {
  */
 export interface DomainDetails {
     /**
-     * <p>The domain information for the AWS API call.</p>
+     * <p>The domain information for the Amazon Web Services API call.</p>
      */
     Domain?: string;
 }
@@ -183,6 +183,25 @@ export declare namespace DomainDetails {
      */
     const filterSensitiveLog: (obj: DomainDetails) => any;
 }
+/**
+ * <p>Contains details about the remote Amazon Web Services account that made the API call.</p>
+ */
+export interface RemoteAccountDetails {
+    /**
+     * <p>The Amazon Web Services account ID of the remote API caller.</p>
+     */
+    AccountId?: string;
+    /**
+     * <p>Details on whether the Amazon Web Services account of the remote API caller is related to your GuardDuty environment.  If this value is <code>True</code> the API caller is affiliated to your account in some way. If it is <code>False</code> the API caller is from outside your environment.</p>
+     */
+    Affiliated?: boolean;
+}
+export declare namespace RemoteAccountDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: RemoteAccountDetails) => any;
+}
 /**
  * <p>Contains information about the city associated with the IP address.</p>
  */
@@ -300,29 +319,34 @@ export declare namespace RemoteIpDetails {
  */
 export interface AwsApiCallAction {
     /**
-     * <p>The AWS API name.</p>
+     * <p>The Amazon Web Services API name.</p>
      */
     Api?: string;
     /**
-     * <p>The AWS API caller type.</p>
+     * <p>The Amazon Web Services API caller type.</p>
      */
     CallerType?: string;
     /**
-     * <p>The domain information for the AWS API call.</p>
+     * <p>The domain information for the Amazon Web Services API call.</p>
      */
     DomainDetails?: DomainDetails;
     /**
-     * <p>The error code of the failed AWS API action.</p>
+     * <p>The error code of the failed Amazon Web Services API action.</p>
      */
     ErrorCode?: string;
+    UserAgent?: string;
     /**
-     * <p>The remote IP information of the connection that initiated the AWS API call.</p>
+     * <p>The remote IP information of the connection that initiated the Amazon Web Services API call.</p>
      */
     RemoteIpDetails?: RemoteIpDetails;
     /**
-     * <p>The AWS service name whose API was invoked.</p>
+     * <p>The Amazon Web Services service name whose API was invoked.</p>
      */
     ServiceName?: string;
+    /**
+     * <p>The details of the Amazon Web Services account that made the API call. This field appears if the call was made from outside your account.</p>
+     */
+    RemoteAccountDetails?: RemoteAccountDetails;
 }
 export declare namespace AwsApiCallAction {
     /**
@@ -345,6 +369,45 @@ export declare namespace DnsRequestAction {
      */
     const filterSensitiveLog: (obj: DnsRequestAction) => any;
 }
+/**
+ * <p>Information about the Kubernetes API call action described in this finding.</p>
+ */
+export interface KubernetesApiCallAction {
+    /**
+     * <p>The Kubernetes API request URI.</p>
+     */
+    RequestUri?: string;
+    /**
+     * <p>The Kubernetes API request HTTP verb.</p>
+     */
+    Verb?: string;
+    /**
+     * <p>The IP of the  Kubernetes API caller and the IPs of any proxies or load balancers between the caller and the API endpoint.</p>
+     */
+    SourceIps?: string[];
+    /**
+     * <p>The user agent of the caller of the Kubernetes API.</p>
+     */
+    UserAgent?: string;
+    /**
+     * <p>Contains information about the remote IP address of the connection.</p>
+     */
+    RemoteIpDetails?: RemoteIpDetails;
+    /**
+     * <p>The resulting HTTP response code of the Kubernetes API call action.</p>
+     */
+    StatusCode?: number;
+    /**
+     * <p>Parameters related to the Kubernetes API call action.</p>
+     */
+    Parameters?: string;
+}
+export declare namespace KubernetesApiCallAction {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesApiCallAction) => any;
+}
 /**
  * <p>Contains information about the local IP address of the connection.</p>
  */
@@ -503,6 +566,10 @@ export interface Action {
      * <p>Information about the PORT_PROBE action described in this finding.</p>
      */
     PortProbeAction?: PortProbeAction;
+    /**
+     * <p>Information about the Kubernetes API call action described in this finding.</p>
+     */
+    KubernetesApiCallAction?: KubernetesApiCallAction;
 }
 export declare namespace Action {
     /**
@@ -520,7 +587,7 @@ export declare enum AdminStatus {
  */
 export interface AdminAccount {
     /**
-     * <p>The AWS account ID for the account.</p>
+     * <p>The Amazon Web Services account ID for the account.</p>
      */
     AdminAccountId?: string;
     /**
@@ -708,6 +775,109 @@ export declare namespace Condition {
      */
     const filterSensitiveLog: (obj: Condition) => any;
 }
+/**
+ * <p>Container security context.</p>
+ */
+export interface SecurityContext {
+    /**
+     * <p>Whether the container is privileged.</p>
+     */
+    Privileged?: boolean;
+}
+export declare namespace SecurityContext {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: SecurityContext) => any;
+}
+/**
+ * <p>Container volume mount.</p>
+ */
+export interface VolumeMount {
+    /**
+     * <p>Volume mount name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>Volume mount path.</p>
+     */
+    MountPath?: string;
+}
+export declare namespace VolumeMount {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: VolumeMount) => any;
+}
+/**
+ * <p>Details of a container.</p>
+ */
+export interface Container {
+    /**
+     * <p>The container runtime (such as, Docker or containerd) used to run the container.</p>
+     */
+    ContainerRuntime?: string;
+    /**
+     * <p>Container ID.</p>
+     */
+    Id?: string;
+    /**
+     * <p>Container name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>Container image.</p>
+     */
+    Image?: string;
+    /**
+     * <p>Part of the image name before the last slash. For example, imagePrefix for public.ecr.aws/amazonlinux/amazonlinux:latest would be public.ecr.aws/amazonlinux. If the image name is relative and does not have a slash, this field is empty.</p>
+     */
+    ImagePrefix?: string;
+    /**
+     * <p>Container volume mounts.</p>
+     */
+    VolumeMounts?: VolumeMount[];
+    /**
+     * <p>Container security context.</p>
+     */
+    SecurityContext?: SecurityContext;
+}
+export declare namespace Container {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Container) => any;
+}
+/**
+ * <p>Describes whether Kubernetes audit logs are enabled as a data source.</p>
+ */
+export interface KubernetesAuditLogsConfiguration {
+    /**
+     * <p>The status of Kubernetes audit logs as a data source.</p>
+     */
+    Enable: boolean | undefined;
+}
+export declare namespace KubernetesAuditLogsConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesAuditLogsConfiguration) => any;
+}
+/**
+ * <p>Describes whether any Kubernetes data sources are enabled.</p>
+ */
+export interface KubernetesConfiguration {
+    /**
+     * <p>The status of Kubernetes audit logs as a data source.</p>
+     */
+    AuditLogs: KubernetesAuditLogsConfiguration | undefined;
+}
+export declare namespace KubernetesConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesConfiguration) => any;
+}
 /**
  * <p>Describes whether S3 data event logs will be enabled as a data source.</p>
  */
@@ -731,6 +901,10 @@ export interface DataSourceConfigurations {
      * <p>Describes whether S3 data event logs are enabled as a data source.</p>
      */
     S3Logs?: S3LogsConfiguration;
+    /**
+     * <p>Describes whether any Kubernetes logs are enabled as data sources.</p>
+     */
+    Kubernetes?: KubernetesConfiguration;
 }
 export declare namespace DataSourceConfigurations {
     /**
@@ -973,6 +1147,21 @@ export interface CreateFilterRequest {
      *                <p>service.additionalInfo.threatListName</p>
      *             </li>
      *             <li>
+     *                <p>resource.s3BucketDetails.publicAccess.effectivePermissions</p>
+     *             </li>
+     *             <li>
+     *                <p>resource.s3BucketDetails.name</p>
+     *             </li>
+     *             <li>
+     *                <p>resource.s3BucketDetails.tags.key</p>
+     *             </li>
+     *             <li>
+     *                <p>resource.s3BucketDetails.tags.value</p>
+     *             </li>
+     *             <li>
+     *                <p>resource.s3BucketDetails.type</p>
+     *             </li>
+     *             <li>
      *                <p>service.archived</p>
      *                <p>When this attribute is set to TRUE, only archived findings are listed. When it's set
      *           to FALSE, only unarchived findings are listed. When this attribute is not set, all
@@ -1048,8 +1237,7 @@ export interface CreateIPSetRequest {
      */
     Format: IpSetFormat | string | undefined;
     /**
-     * <p>The URI of the file that contains the IPSet. For example:
-     *       https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.</p>
+     * <p>The URI of the file that contains the IPSet. </p>
      */
     Location: string | undefined;
     /**
@@ -1109,7 +1297,7 @@ export declare namespace CreateMembersRequest {
  */
 export interface UnprocessedAccount {
     /**
-     * <p>The AWS account ID.</p>
+     * <p>The Amazon Web Services account ID.</p>
      */
     AccountId: string | undefined;
     /**
@@ -1143,6 +1331,9 @@ export declare namespace CreateMembersResponse {
 export interface DestinationProperties {
     /**
      * <p>The ARN of the resource to publish to.</p>
+     *          <p>To specify an S3 bucket folder use the following format:
+     *         <code>arn:aws:s3:::DOC-EXAMPLE-BUCKET/myFolder/</code>
+     *          </p>
      */
     DestinationArn?: string;
     /**
@@ -1245,8 +1436,7 @@ export interface CreateThreatIntelSetRequest {
      */
     Format: ThreatIntelSetFormat | string | undefined;
     /**
-     * <p>The URI of the file that contains the ThreatIntelSet. For example:
-     *       https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.</p>
+     * <p>The URI of the file that contains the ThreatIntelSet. </p>
      */
     Location: string | undefined;
     /**
@@ -1287,6 +1477,7 @@ export declare enum DataSource {
     CLOUD_TRAIL = "CLOUD_TRAIL",
     DNS_LOGS = "DNS_LOGS",
     FLOW_LOGS = "FLOW_LOGS",
+    KUBERNETES_AUDIT_LOGS = "KUBERNETES_AUDIT_LOGS",
     S3_LOGS = "S3_LOGS"
 }
 /**
@@ -1319,6 +1510,36 @@ export declare namespace FlowLogsConfigurationResult {
      */
     const filterSensitiveLog: (obj: FlowLogsConfigurationResult) => any;
 }
+/**
+ * <p>Describes whether Kubernetes audit logs are enabled as a data source.</p>
+ */
+export interface KubernetesAuditLogsConfigurationResult {
+    /**
+     * <p>A value that describes whether Kubernetes audit logs are enabled as a data source.</p>
+     */
+    Status: DataSourceStatus | string | undefined;
+}
+export declare namespace KubernetesAuditLogsConfigurationResult {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesAuditLogsConfigurationResult) => any;
+}
+/**
+ * <p>Describes whether any Kubernetes logs will be enabled as a data source.</p>
+ */
+export interface KubernetesConfigurationResult {
+    /**
+     * <p>Describes whether Kubernetes audit logs are enabled as a data source.</p>
+     */
+    AuditLogs: KubernetesAuditLogsConfigurationResult | undefined;
+}
+export declare namespace KubernetesConfigurationResult {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesConfigurationResult) => any;
+}
 /**
  * <p>Describes whether S3 data event logs will be enabled as a data source.</p>
  */
@@ -1357,6 +1578,10 @@ export interface DataSourceConfigurationsResult {
      *       source.</p>
      */
     S3Logs: S3LogsConfigurationResult | undefined;
+    /**
+     * <p>An object that contains information on the status of all Kubernetes data sources.</p>
+     */
+    Kubernetes?: KubernetesConfigurationResult;
 }
 export declare namespace DataSourceConfigurationsResult {
     /**
@@ -1366,7 +1591,7 @@ export declare namespace DataSourceConfigurationsResult {
 }
 export interface DeclineInvitationsRequest {
     /**
-     * <p>A list of account IDs of the AWS accounts that sent invitations to the current member
+     * <p>A list of account IDs of the Amazon Web Services accounts that sent invitations to the current member
      *       account that you want to decline invitations from.</p>
      */
     AccountIds: string[] | undefined;
@@ -1458,7 +1683,7 @@ export declare namespace DeleteFilterResponse {
 }
 export interface DeleteInvitationsRequest {
     /**
-     * <p>A list of account IDs of the AWS accounts that sent invitations to the current member
+     * <p>A list of account IDs of the Amazon Web Services accounts that sent invitations to the current member
      *       account that you want to delete invitations from.</p>
      */
     AccountIds: string[] | undefined;
@@ -1596,6 +1821,36 @@ export declare namespace DescribeOrganizationConfigurationRequest {
      */
     const filterSensitiveLog: (obj: DescribeOrganizationConfigurationRequest) => any;
 }
+/**
+ * <p>The current configuration of Kubernetes audit logs as a data source for the organization.</p>
+ */
+export interface OrganizationKubernetesAuditLogsConfigurationResult {
+    /**
+     * <p>Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.</p>
+     */
+    AutoEnable: boolean | undefined;
+}
+export declare namespace OrganizationKubernetesAuditLogsConfigurationResult {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationKubernetesAuditLogsConfigurationResult) => any;
+}
+/**
+ * <p>The current configuration of all Kubernetes data sources for the organization.</p>
+ */
+export interface OrganizationKubernetesConfigurationResult {
+    /**
+     * <p>The current configuration of Kubernetes audit logs as a data source for the organization.</p>
+     */
+    AuditLogs: OrganizationKubernetesAuditLogsConfigurationResult | undefined;
+}
+export declare namespace OrganizationKubernetesConfigurationResult {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationKubernetesConfigurationResult) => any;
+}
 /**
  * <p>The current configuration of S3 data event logs as a data source for the
  *       organization.</p>
@@ -1622,6 +1877,10 @@ export interface OrganizationDataSourceConfigurationsResult {
      * <p>Describes whether S3 data event logs are enabled as a data source.</p>
      */
     S3Logs: OrganizationS3LogsConfigurationResult | undefined;
+    /**
+     * <p>Describes the configuration of Kubernetes data sources.</p>
+     */
+    Kubernetes?: OrganizationKubernetesConfigurationResult;
 }
 export declare namespace OrganizationDataSourceConfigurationsResult {
     /**
@@ -1737,7 +1996,7 @@ export declare enum DetectorStatus {
 }
 export interface DisableOrganizationAdminAccountRequest {
     /**
-     * <p>The AWS Account ID for the organizations account to be disabled as a GuardDuty delegated
+     * <p>The Amazon Web Services Account ID for the organizations account to be disabled as a GuardDuty delegated
      *       administrator.</p>
      */
     AdminAccountId: string | undefined;
@@ -1807,9 +2066,63 @@ export declare namespace DisassociateMembersResponse {
      */
     const filterSensitiveLog: (obj: DisassociateMembersResponse) => any;
 }
+/**
+ * <p>Contains information about a tag associated with the EC2 instance.</p>
+ */
+export interface Tag {
+    /**
+     * <p>The EC2 instance tag key.</p>
+     */
+    Key?: string;
+    /**
+     * <p>The EC2 instance tag value.</p>
+     */
+    Value?: string;
+}
+export declare namespace Tag {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Tag) => any;
+}
+/**
+ * <p>Details about the EKS cluster involved in a Kubernetes finding.</p>
+ */
+export interface EksClusterDetails {
+    /**
+     * <p>EKS cluster name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>EKS cluster ARN.</p>
+     */
+    Arn?: string;
+    /**
+     * <p>The VPC ID to which the EKS cluster is attached.</p>
+     */
+    VpcId?: string;
+    /**
+     * <p>The EKS cluster status.</p>
+     */
+    Status?: string;
+    /**
+     * <p>The EKS cluster tags.</p>
+     */
+    Tags?: Tag[];
+    /**
+     * <p>The timestamp when the EKS cluster was created.</p>
+     */
+    CreatedAt?: Date;
+}
+export declare namespace EksClusterDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: EksClusterDetails) => any;
+}
 export interface EnableOrganizationAdminAccountRequest {
     /**
-     * <p>The AWS Account ID for the organization account to be enabled as a GuardDuty delegated
+     * <p>The Amazon Web Services Account ID for the organization account to be enabled as a GuardDuty delegated
      *       administrator.</p>
      */
     AdminAccountId: string | undefined;
@@ -1995,25 +2308,6 @@ export declare namespace ProductCode {
      */
     const filterSensitiveLog: (obj: ProductCode) => any;
 }
-/**
- * <p>Contains information about a tag associated with the EC2 instance.</p>
- */
-export interface Tag {
-    /**
-     * <p>The EC2 instance tag key.</p>
-     */
-    Key?: string;
-    /**
-     * <p>The EC2 instance tag value.</p>
-     */
-    Value?: string;
-}
-export declare namespace Tag {
-    /**
-     * @internal
-     */
-    const filterSensitiveLog: (obj: Tag) => any;
-}
 /**
  * <p>Contains information about the details of an instance.</p>
  */
@@ -2047,7 +2341,7 @@ export interface InstanceDetails {
      */
     InstanceType?: string;
     /**
-     * <p>The Amazon Resource Name (ARN) of the AWS Outpost. Only applicable to AWS Outposts
+     * <p>The Amazon Resource Name (ARN) of the Amazon Web Services Outpost. Only applicable to Amazon Web Services Outposts
      *       instances.</p>
      */
     OutpostArn?: string;
@@ -2078,6 +2372,121 @@ export declare namespace InstanceDetails {
      */
     const filterSensitiveLog: (obj: InstanceDetails) => any;
 }
+/**
+ * <p>Details about the Kubernetes user involved in a Kubernetes finding.</p>
+ */
+export interface KubernetesUserDetails {
+    /**
+     * <p>The username of the user who called the Kubernetes API.</p>
+     */
+    Username?: string;
+    /**
+     * <p>The user ID of the user who called the Kubernetes API.</p>
+     */
+    Uid?: string;
+    /**
+     * <p>The groups that include the user who called the Kubernetes API.</p>
+     */
+    Groups?: string[];
+}
+export declare namespace KubernetesUserDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesUserDetails) => any;
+}
+/**
+ * <p>Represents a pre-existing file or directory on the host machine that the volume maps to.</p>
+ */
+export interface HostPath {
+    /**
+     * <p>Path of the file or directory on the host that the volume maps to.</p>
+     */
+    Path?: string;
+}
+export declare namespace HostPath {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: HostPath) => any;
+}
+/**
+ * <p>Volume used by the Kubernetes workload.</p>
+ */
+export interface Volume {
+    /**
+     * <p>Volume name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>Represents a pre-existing file or directory on the host machine that the volume maps to.</p>
+     */
+    HostPath?: HostPath;
+}
+export declare namespace Volume {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: Volume) => any;
+}
+/**
+ * <p>Details about the Kubernetes workload involved in a Kubernetes finding.</p>
+ */
+export interface KubernetesWorkloadDetails {
+    /**
+     * <p>Kubernetes workload name.</p>
+     */
+    Name?: string;
+    /**
+     * <p>Kubernetes workload type (e.g. Pod, Deployment, etc.).</p>
+     */
+    Type?: string;
+    /**
+     * <p>Kubernetes workload ID.</p>
+     */
+    Uid?: string;
+    /**
+     * <p>Kubernetes namespace that the workload is part of.</p>
+     */
+    Namespace?: string;
+    /**
+     * <p>Whether the hostNetwork flag is enabled for the pods included in the workload.</p>
+     */
+    HostNetwork?: boolean;
+    /**
+     * <p>Containers running as part of the Kubernetes workload.</p>
+     */
+    Containers?: Container[];
+    /**
+     * <p>Volumes used by the Kubernetes workload.</p>
+     */
+    Volumes?: Volume[];
+}
+export declare namespace KubernetesWorkloadDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesWorkloadDetails) => any;
+}
+/**
+ * <p>Details about Kubernetes resources such as a Kubernetes user or workload resource involved in a Kubernetes finding.</p>
+ */
+export interface KubernetesDetails {
+    /**
+     * <p>Details about the Kubernetes user involved in a Kubernetes finding.</p>
+     */
+    KubernetesUserDetails?: KubernetesUserDetails;
+    /**
+     * <p>Details about the Kubernetes workload involved in a Kubernetes finding.</p>
+     */
+    KubernetesWorkloadDetails?: KubernetesWorkloadDetails;
+}
+export declare namespace KubernetesDetails {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: KubernetesDetails) => any;
+}
 /**
  * <p>Contains information on the owner of the bucket.</p>
  */
@@ -2179,7 +2588,7 @@ export declare namespace S3BucketDetail {
     const filterSensitiveLog: (obj: S3BucketDetail) => any;
 }
 /**
- * <p>Contains information about the AWS resource associated with the activity that prompted
+ * <p>Contains information about the Amazon Web Services resource associated with the activity that prompted
  *       GuardDuty to generate a finding.</p>
  */
 export interface Resource {
@@ -2198,7 +2607,15 @@ export interface Resource {
      */
     InstanceDetails?: InstanceDetails;
     /**
-     * <p>The type of AWS resource.</p>
+     * <p>Details about the EKS cluster involved in a Kubernetes finding.</p>
+     */
+    EksClusterDetails?: EksClusterDetails;
+    /**
+     * <p>Details about the Kubernetes user and workload involved in a Kubernetes finding.</p>
+     */
+    KubernetesDetails?: KubernetesDetails;
+    /**
+     * <p>The type of Amazon Web Services resource.</p>
      */
     ResourceType?: string;
 }
@@ -2247,7 +2664,7 @@ export interface Service {
      */
     ResourceRole?: string;
     /**
-     * <p>The name of the AWS service (GuardDuty) that generated a finding.</p>
+     * <p>The name of the Amazon Web Services service (GuardDuty) that generated a finding.</p>
      */
     ServiceName?: string;
     /**
@@ -2299,7 +2716,7 @@ export interface Finding {
      */
     Region: string | undefined;
     /**
-     * <p>Contains information about the AWS resource associated with the activity that prompted
+     * <p>Contains information about the Amazon Web Services resource associated with the activity that prompted
      *       GuardDuty to generate a finding.</p>
      */
     Resource: Resource | undefined;
@@ -2599,8 +3016,7 @@ export interface GetIPSetResponse {
      */
     Format: IpSetFormat | string | undefined;
     /**
-     * <p>The URI of the file that contains the IPSet. For example:
-     *       https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.</p>
+     * <p>The URI of the file that contains the IPSet.</p>
      */
     Location: string | undefined;
     /**
@@ -2832,8 +3248,7 @@ export interface GetThreatIntelSetResponse {
      */
     Format: ThreatIntelSetFormat | string | undefined;
     /**
-     * <p>The URI of the file that contains the ThreatIntelSet. For example:
-     *       https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.</p>
+     * <p>The URI of the file that contains the ThreatIntelSet. </p>
      */
     Location: string | undefined;
     /**
@@ -2978,11 +3393,11 @@ export declare namespace UsageDataSourceResult {
     const filterSensitiveLog: (obj: UsageDataSourceResult) => any;
 }
 /**
- * <p>Contains information on the sum of usage based on an AWS resource.</p>
+ * <p>Contains information on the sum of usage based on an Amazon Web Services resource.</p>
  */
 export interface UsageResourceResult {
     /**
-     * <p>The AWS resource that generated usage.</p>
+     * <p>The Amazon Web Services resource that generated usage.</p>
      */
     Resource?: string;
     /**
@@ -3282,9 +3697,6 @@ export interface ListFindingsRequest {
      *                <p>service.action.networkConnectionAction.protocol</p>
      *             </li>
      *             <li>
-     *                <p>service.action.networkConnectionAction.remoteIpDetails.city.cityName</p>
-     *             </li>
-     *             <li>
      *                <p>service.action.networkConnectionAction.remoteIpDetails.country.countryName</p>
      *             </li>
      *             <li>
@@ -3922,8 +4334,7 @@ export interface UpdateIPSetRequest {
      */
     Name?: string;
     /**
-     * <p>The updated URI of the file that contains the IPSet. For example:
-     *       https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.</p>
+     * <p>The updated URI of the file that contains the IPSet. </p>
      */
     Location?: string;
     /**
@@ -3978,6 +4389,37 @@ export declare namespace UpdateMemberDetectorsResponse {
      */
     const filterSensitiveLog: (obj: UpdateMemberDetectorsResponse) => any;
 }
+/**
+ * <p>Organization-wide Kubernetes audit logs configuration.</p>
+ */
+export interface OrganizationKubernetesAuditLogsConfiguration {
+    /**
+     * <p>A value that contains information on whether Kubernetes audit logs should be enabled
+     *       automatically as a data source for the organization.</p>
+     */
+    AutoEnable: boolean | undefined;
+}
+export declare namespace OrganizationKubernetesAuditLogsConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationKubernetesAuditLogsConfiguration) => any;
+}
+/**
+ * <p>Organization-wide Kubernetes data sources configurations.</p>
+ */
+export interface OrganizationKubernetesConfiguration {
+    /**
+     * <p>Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.</p>
+     */
+    AuditLogs: OrganizationKubernetesAuditLogsConfiguration | undefined;
+}
+export declare namespace OrganizationKubernetesConfiguration {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: OrganizationKubernetesConfiguration) => any;
+}
 /**
  * <p>Describes whether S3 data event logs will be automatically enabled for new members of the
  *       organization.</p>
@@ -4005,6 +4447,10 @@ export interface OrganizationDataSourceConfigurations {
      *       organization.</p>
      */
     S3Logs?: OrganizationS3LogsConfiguration;
+    /**
+     * <p>Describes the configuration of Kubernetes data sources for new members of the organization.</p>
+     */
+    Kubernetes?: OrganizationKubernetesConfiguration;
 }
 export declare namespace OrganizationDataSourceConfigurations {
     /**