@aws-sdk/client-guardduty 3.529.1 → 3.530.0

package/dist-cjs/index.js

@@ -664,6 +664,8 @@ var UsageFeature = {
   FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING",
   FLOW_LOGS: "FLOW_LOGS",
   LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS",
+  RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED",
+  RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS",
   RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS",
   S3_DATA_EVENTS: "S3_DATA_EVENTS"
 };

package/dist-es/models/models_0.js

@@ -295,6 +295,8 @@ export const UsageFeature = {
     FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING",
     FLOW_LOGS: "FLOW_LOGS",
     LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS",
+    RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED",
+    RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS",
     RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS",
     S3_DATA_EVENTS: "S3_DATA_EVENTS",
 };

package/dist-types/commands/CreateDetectorCommand.d.ts

@@ -26,10 +26,26 @@ declare const CreateDetectorCommand_base: {
 };
 /**
  * @public
- * <p>Creates a single Amazon GuardDuty detector. A detector is a resource that represents the
+ * <p>Creates a single GuardDuty detector. A detector is a resource that represents the
  *       GuardDuty service. To start using GuardDuty, you must create a detector in each Region where
  *       you enable the service. You can have only one detector per account per Region. All data
  *       sources are enabled in a new detector by default.</p>
+ *          <ul>
+ *             <li>
+ *                <p>When you don't specify any <code>features</code>, with an
+ *           exception to <code>RUNTIME_MONITORING</code>, all the optional features are
+ *           enabled by default.</p>
+ *             </li>
+ *             <li>
+ *                <p>When you specify some of the <code>features</code>, any feature that is not specified in the
+ *           API call gets enabled by default, with an exception to <code>RUNTIME_MONITORING</code>. </p>
+ *             </li>
+ *          </ul>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  *          <p>There might be regional differences because some data sources might not be
  *       available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more
  *       information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and endpoints</a>.</p>

package/dist-types/commands/GetOrganizationStatisticsCommand.d.ts

@@ -26,10 +26,9 @@ declare const GetOrganizationStatisticsCommand_base: {
 };
 /**
  * @public
- * <p>Retrieves how many active member accounts
- *       in your Amazon Web Services organization have
+ * <p>Retrieves how many active member accounts have
  *       each feature enabled within GuardDuty. Only a delegated GuardDuty administrator of an organization can run this API.</p>
- *          <p>When you create a new Amazon Web Services organization, it might take up to 24
+ *          <p>When you create a new organization, it might take up to 24
  *       hours to generate the statistics for the entire organization.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/GetUsageStatisticsCommand.d.ts

@@ -50,7 +50,7 @@ declare const GetUsageStatisticsCommand_base: {
  *       "STRING_VALUE",
  *     ],
  *     Features: [ // UsageFeatureList
- *       "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING",
+ *       "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING" || "RDS_DBI_PROTECTION_PROVISIONED" || "RDS_DBI_PROTECTION_SERVERLESS",
  *     ],
  *   },
  *   Unit: "STRING_VALUE",
@@ -72,7 +72,7 @@ declare const GetUsageStatisticsCommand_base: {
  * //     ],
  * //     TopAccountsByFeature: [ // UsageTopAccountsResultList
  * //       { // UsageTopAccountsResult
- * //         Feature: "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING",
+ * //         Feature: "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING" || "RDS_DBI_PROTECTION_PROVISIONED" || "RDS_DBI_PROTECTION_SERVERLESS",
  * //         Accounts: [ // UsageTopAccountsByFeatureList
  * //           { // UsageTopAccountResult
  * //             AccountId: "STRING_VALUE",
@@ -113,7 +113,7 @@ declare const GetUsageStatisticsCommand_base: {
  * //     ],
  * //     SumByFeature: [ // UsageFeatureResultList
  * //       { // UsageFeatureResult
- * //         Feature: "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING",
+ * //         Feature: "FLOW_LOGS" || "CLOUD_TRAIL" || "DNS_LOGS" || "S3_DATA_EVENTS" || "EKS_AUDIT_LOGS" || "EBS_MALWARE_PROTECTION" || "RDS_LOGIN_EVENTS" || "LAMBDA_NETWORK_LOGS" || "EKS_RUNTIME_MONITORING" || "FARGATE_RUNTIME_MONITORING" || "EC2_RUNTIME_MONITORING" || "RDS_DBI_PROTECTION_PROVISIONED" || "RDS_DBI_PROTECTION_SERVERLESS",
  * //         Total: "<Total>",
  * //       },
  * //     ],

package/dist-types/commands/StartMalwareScanCommand.d.ts

@@ -26,8 +26,10 @@ declare const StartMalwareScanCommand_base: {
 };
 /**
  * @public
- * <p>Initiates the malware scan. Invoking this API will automatically create the <a href="https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html">Service-linked role </a> in
+ * <p>Initiates the malware scan. Invoking this API will automatically create the <a href="https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html">Service-linked role</a> in
  *       the corresponding account.</p>
+ *          <p>When the malware scan starts, you can use the associated scan ID to track the status of the scan. For more information,
+ *       see <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html">DescribeMalwareScans</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UpdateDetectorCommand.d.ts

@@ -26,7 +26,12 @@ declare const UpdateDetectorCommand_base: {
 };
 /**
  * @public
- * <p>Updates the GuardDuty detector specified by the detectorId.</p>
+ * <p>Updates the GuardDuty detector specified by the detector ID.</p>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  *          <p>There might be regional differences because some data sources might not be
  *       available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more
  *       information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and endpoints</a>.</p>

package/dist-types/commands/UpdateMemberDetectorsCommand.d.ts

@@ -27,6 +27,11 @@ declare const UpdateMemberDetectorsCommand_base: {
 /**
  * @public
  * <p>Contains information on member accounts to be updated.</p>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  *          <p>There might be regional differences because some data sources might not be
  *       available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more
  *       information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and endpoints</a>.</p>

package/dist-types/commands/UpdateOrganizationConfigurationCommand.d.ts

@@ -28,6 +28,11 @@ declare const UpdateOrganizationConfigurationCommand_base: {
  * @public
  * <p>Configures the delegated administrator account with the provided values. You must provide
  *       a value for either <code>autoEnableOrganizationMembers</code> or <code>autoEnable</code>, but not both. </p>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  *          <p>There might be regional differences because some data sources might not be
  *       available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more
  *       information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and endpoints</a>.</p>

package/dist-types/models/models_0.d.ts

@@ -1949,6 +1949,11 @@ export type DetectorFeature = (typeof DetectorFeature)[keyof typeof DetectorFeat
 /**
  * @public
  * <p>Contains information about a GuardDuty feature.</p>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  */
 export interface DetectorFeatureConfiguration {
     /**
@@ -3683,26 +3688,31 @@ export interface DescribeOrganizationConfigurationResponse {
     NextToken?: string;
     /**
      * @public
-     * <p>Indicates the auto-enablement configuration of GuardDuty for the member accounts in the
+     * <p>Indicates the auto-enablement configuration of GuardDuty or any of the corresponding protection plans for the member accounts in the
      *       organization.</p>
      *          <ul>
      *             <li>
      *                <p>
      *                   <code>NEW</code>: Indicates that when a new account joins the organization, they will
-     *           have GuardDuty enabled automatically. </p>
+     *           have GuardDuty or any of the corresponding protection plans enabled automatically. </p>
      *             </li>
      *             <li>
      *                <p>
-     *                   <code>ALL</code>: Indicates that all accounts in the organization have GuardDuty
-     *           enabled automatically. This includes <code>NEW</code> accounts that join the organization
+     *                   <code>ALL</code>: Indicates that all accounts in the organization have GuardDuty and any of the corresponding
+     *           protection plans enabled automatically. This includes <code>NEW</code> accounts that join the organization
      *           and accounts that may have been suspended or removed from the organization in
      *           GuardDuty.</p>
      *             </li>
      *             <li>
      *                <p>
-     *                   <code>NONE</code>: Indicates that GuardDuty will not be automatically enabled for any
+     *                   <code>NONE</code>: Indicates that GuardDuty or any of the corresponding protection plans
+     *           will not be automatically enabled for any
      *           account in the organization. The administrator must manage GuardDuty for each account in
      *           the organization individually.</p>
+     *                <p>When you update the auto-enable setting from <code>ALL</code> or <code>NEW</code> to
+     *         <code>NONE</code>, this action doesn't disable the corresponding option for your existing accounts. This
+     *         configuration will apply to the new accounts that join the organization. After you update the auto-enable settings,
+     *         no new account will have the corresponding option as enabled.</p>
      *             </li>
      *          </ul>
      */
@@ -3851,6 +3861,11 @@ export type DetectorFeatureResult = (typeof DetectorFeatureResult)[keyof typeof
 /**
  * @public
  * <p>Contains information about a GuardDuty feature.</p>
+ *          <p>Specifying both EKS Runtime Monitoring (<code>EKS_RUNTIME_MONITORING</code>)
+ *       and Runtime Monitoring (<code>RUNTIME_MONITORING</code>) will cause an error.
+ *       You can add only one of these two features because Runtime Monitoring already includes the
+ *       threat detection for Amazon EKS resources. For more information, see
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html">Runtime Monitoring</a>.</p>
  */
 export interface DetectorFeatureConfigurationResult {
     /**
@@ -6344,6 +6359,8 @@ export declare const UsageFeature: {
     readonly FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING";
     readonly FLOW_LOGS: "FLOW_LOGS";
     readonly LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS";
+    readonly RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED";
+    readonly RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS";
     readonly RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS";
     readonly S3_DATA_EVENTS: "S3_DATA_EVENTS";
 };

package/dist-types/models/models_1.d.ts

@@ -1202,6 +1202,10 @@ export interface UpdateOrganizationConfigurationRequest {
      *                <p>
      *                   <code>NONE</code>: Indicates that GuardDuty will not be automatically enabled for any
      *           account in the organization. The administrator must manage GuardDuty for each account in the organization individually.</p>
+     *                <p>When you update the auto-enable setting from <code>ALL</code> or <code>NEW</code> to
+     *           <code>NONE</code>, this action doesn't disable the corresponding option for your existing accounts. This
+     *           configuration will apply to the new accounts that join the organization. After you update the auto-enable settings,
+     *           no new account will have the corresponding option as enabled.</p>
      *             </li>
      *          </ul>
      */

package/dist-types/ts3.4/models/models_0.d.ts

@@ -1532,6 +1532,8 @@ export declare const UsageFeature: {
   readonly FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING";
   readonly FLOW_LOGS: "FLOW_LOGS";
   readonly LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS";
+  readonly RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED";
+  readonly RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS";
   readonly RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS";
   readonly S3_DATA_EVENTS: "S3_DATA_EVENTS";
 };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-guardduty",
   "description": "AWS SDK for JavaScript Guardduty Client for Node.js, Browser and React Native",
-  "version": "3.529.1",
+  "version": "3.530.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-guardduty",