@aws-sdk/client-guardduty 3.540.0 → 3.544.0

package/dist-cjs/index.js

@@ -507,6 +507,7 @@ var CoverageStatisticsType = {
   COUNT_BY_RESOURCE_TYPE: "COUNT_BY_RESOURCE_TYPE"
 };
 var FeatureAdditionalConfiguration = {
+  EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT",
   ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT",
   EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT"
 };
@@ -588,6 +589,7 @@ var OrgFeatureStatus = {
   NONE: "NONE"
 };
 var OrgFeatureAdditionalConfiguration = {
+  EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT",
   ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT",
   EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT"
 };
@@ -4227,6 +4229,7 @@ var de_ResourceDetails = /* @__PURE__ */ __name((output, context) => {
 var de_RuntimeContext = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     AddressFamily: [, import_smithy_client.expectString, `addressFamily`],
+    CommandLineExample: [, import_smithy_client.expectString, `commandLineExample`],
     FileSystemType: [, import_smithy_client.expectString, `fileSystemType`],
     Flags: [, import_smithy_client._json, `flags`],
     IanaProtocolNumber: [, import_smithy_client.expectInt32, `ianaProtocolNumber`],
@@ -4243,9 +4246,13 @@ var de_RuntimeContext = /* @__PURE__ */ __name((output, context) => {
     ReleaseAgentPath: [, import_smithy_client.expectString, `releaseAgentPath`],
     RuncBinaryPath: [, import_smithy_client.expectString, `runcBinaryPath`],
     ScriptPath: [, import_smithy_client.expectString, `scriptPath`],
+    ServiceName: [, import_smithy_client.expectString, `serviceName`],
     ShellHistoryFilePath: [, import_smithy_client.expectString, `shellHistoryFilePath`],
     SocketPath: [, import_smithy_client.expectString, `socketPath`],
-    TargetProcess: [, (_) => de_ProcessDetails(_, context), `targetProcess`]
+    TargetProcess: [, (_) => de_ProcessDetails(_, context), `targetProcess`],
+    ThreatFilePath: [, import_smithy_client.expectString, `threatFilePath`],
+    ToolCategory: [, import_smithy_client.expectString, `toolCategory`],
+    ToolName: [, import_smithy_client.expectString, `toolName`]
   });
 }, "de_RuntimeContext");
 var de_RuntimeDetails = /* @__PURE__ */ __name((output, context) => {
@@ -4451,6 +4458,7 @@ var de_ThreatDetectedByName = /* @__PURE__ */ __name((output, context) => {
 }, "de_ThreatDetectedByName");
 var de_ThreatIntelligenceDetail = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
+    ThreatFileSha256: [, import_smithy_client.expectString, `threatFileSha256`],
     ThreatListName: [, import_smithy_client.expectString, `threatListName`],
     ThreatNames: [, import_smithy_client._json, `threatNames`]
   });

package/dist-es/models/models_0.js

@@ -138,6 +138,7 @@ export const CoverageStatisticsType = {
     COUNT_BY_RESOURCE_TYPE: "COUNT_BY_RESOURCE_TYPE",
 };
 export const FeatureAdditionalConfiguration = {
+    EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT",
     ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT",
     EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT",
 };
@@ -219,6 +220,7 @@ export const OrgFeatureStatus = {
     NONE: "NONE",
 };
 export const OrgFeatureAdditionalConfiguration = {
+    EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT",
     ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT",
     EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT",
 };

package/dist-es/protocols/Aws_restJson1.js

@@ -3437,6 +3437,7 @@ const de_ResourceDetails = (output, context) => {
 const de_RuntimeContext = (output, context) => {
     return take(output, {
         AddressFamily: [, __expectString, `addressFamily`],
+        CommandLineExample: [, __expectString, `commandLineExample`],
         FileSystemType: [, __expectString, `fileSystemType`],
         Flags: [, _json, `flags`],
         IanaProtocolNumber: [, __expectInt32, `ianaProtocolNumber`],
@@ -3453,9 +3454,13 @@ const de_RuntimeContext = (output, context) => {
         ReleaseAgentPath: [, __expectString, `releaseAgentPath`],
         RuncBinaryPath: [, __expectString, `runcBinaryPath`],
         ScriptPath: [, __expectString, `scriptPath`],
+        ServiceName: [, __expectString, `serviceName`],
         ShellHistoryFilePath: [, __expectString, `shellHistoryFilePath`],
         SocketPath: [, __expectString, `socketPath`],
         TargetProcess: [, (_) => de_ProcessDetails(_, context), `targetProcess`],
+        ThreatFilePath: [, __expectString, `threatFilePath`],
+        ToolCategory: [, __expectString, `toolCategory`],
+        ToolName: [, __expectString, `toolName`],
     });
 };
 const de_RuntimeDetails = (output, context) => {
@@ -3668,6 +3673,7 @@ const de_ThreatDetectedByName = (output, context) => {
 };
 const de_ThreatIntelligenceDetail = (output, context) => {
     return take(output, {
+        ThreatFileSha256: [, __expectString, `threatFileSha256`],
         ThreatListName: [, __expectString, `threatListName`],
         ThreatNames: [, _json, `threatNames`],
     });

package/dist-types/commands/CreateDetectorCommand.d.ts

@@ -83,7 +83,7 @@ declare const CreateDetectorCommand_base: {
  *       Status: "ENABLED" || "DISABLED",
  *       AdditionalConfiguration: [ // DetectorAdditionalConfigurations
  *         { // DetectorAdditionalConfiguration
- *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  *           Status: "ENABLED" || "DISABLED",
  *         },
  *       ],

package/dist-types/commands/CreateMembersCommand.d.ts

@@ -38,14 +38,14 @@ declare const CreateMembersCommand_base: {
  *       accounts in this request, irrespective of the accounts being new or existing members. For
  *       more information about the existing auto-enable settings for your organization, see
  *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html">DescribeOrganizationConfiguration</a>.</p>
- *          <p>If you are adding accounts by invitation, before using <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html">InviteMembers</a>, use
- *       <code>CreateMembers</code> after GuardDuty has been enabled in potential member accounts.</p>
- *          <p>If you disassociate a member from a GuardDuty
- *       delegated administrator, the member account details
+ *          <p>If you disassociate a member account that was added by invitation, the member account details
  *       obtained from this API, including the associated email addresses, will be retained.
  *       This is done so that the delegated administrator can invoke the <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html">InviteMembers</a> API without the need to invoke the CreateMembers API again. To
  *       remove the details associated with a member account, the delegated administrator must invoke the
  *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html">DeleteMembers</a> API. </p>
+ *          <p>When the member accounts added through Organizations are later disassociated, you (administrator)
+ *       can't invite them by calling the InviteMembers API. You can create an association with these
+ *       member accounts again only by calling the CreateMembers API.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DescribeOrganizationConfigurationCommand.d.ts

@@ -70,7 +70,7 @@ declare const DescribeOrganizationConfigurationCommand_base: {
  * //       AutoEnable: "NEW" || "NONE" || "ALL",
  * //       AdditionalConfiguration: [ // OrganizationAdditionalConfigurationResults
  * //         { // OrganizationAdditionalConfigurationResult
- * //           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ * //           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  * //           AutoEnable: "NEW" || "NONE" || "ALL",
  * //         },
  * //       ],

package/dist-types/commands/DisassociateMembersCommand.d.ts

@@ -37,6 +37,14 @@ declare const DisassociateMembersCommand_base: {
  *          <p>With <code>autoEnableOrganizationMembers</code> configuration for your organization set to
  *         <code>ALL</code>, you'll receive an error if you attempt to disassociate a member account
  *       before removing them from your organization.</p>
+ *          <p>If you disassociate a member account that was added by invitation, the member account details
+ *       obtained from this API, including the associated email addresses, will be retained.
+ *       This is done so that the delegated administrator can invoke the <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html">InviteMembers</a> API without the need to invoke the CreateMembers API again. To
+ *       remove the details associated with a member account, the delegated administrator must invoke the
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html">DeleteMembers</a> API. </p>
+ *          <p>When the member accounts added through Organizations are later disassociated, you (administrator)
+ *       can't invite them by calling the InviteMembers API. You can create an association with these
+ *       member accounts again only by calling the CreateMembers API.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/GetDetectorCommand.d.ts

@@ -85,7 +85,7 @@ declare const GetDetectorCommand_base: {
  * //       UpdatedAt: new Date("TIMESTAMP"),
  * //       AdditionalConfiguration: [ // DetectorAdditionalConfigurationResults
  * //         { // DetectorAdditionalConfigurationResult
- * //           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ * //           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  * //           Status: "ENABLED" || "DISABLED",
  * //           UpdatedAt: new Date("TIMESTAMP"),
  * //         },

package/dist-types/commands/GetFindingsCommand.d.ts

@@ -577,6 +577,7 @@ declare const GetFindingsCommand_base: {
  * //               ThreatNames: [ // ThreatNames
  * //                 "STRING_VALUE",
  * //               ],
+ * //               ThreatFileSha256: "STRING_VALUE",
  * //             },
  * //           ],
  * //         },
@@ -743,6 +744,11 @@ declare const GetFindingsCommand_base: {
  * //             MemoryRegions: [ // MemoryRegionsList
  * //               "STRING_VALUE",
  * //             ],
+ * //             ToolName: "STRING_VALUE",
+ * //             ToolCategory: "STRING_VALUE",
+ * //             ServiceName: "STRING_VALUE",
+ * //             CommandLineExample: "STRING_VALUE",
+ * //             ThreatFilePath: "STRING_VALUE",
  * //           },
  * //         },
  * //         Detection: { // Detection

package/dist-types/commands/GetMemberDetectorsCommand.d.ts

@@ -83,7 +83,7 @@ declare const GetMemberDetectorsCommand_base: {
  * //           UpdatedAt: new Date("TIMESTAMP"),
  * //           AdditionalConfiguration: [ // MemberAdditionalConfigurationResults
  * //             { // MemberAdditionalConfigurationResult
- * //               Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ * //               Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  * //               Status: "ENABLED" || "DISABLED",
  * //               UpdatedAt: new Date("TIMESTAMP"),
  * //             },

package/dist-types/commands/GetOrganizationStatisticsCommand.d.ts

@@ -53,7 +53,7 @@ declare const GetOrganizationStatisticsCommand_base: {
  * //           EnabledAccountsCount: Number("int"),
  * //           AdditionalConfiguration: [ // OrganizationFeatureStatisticsAdditionalConfigurations
  * //             { // OrganizationFeatureStatisticsAdditionalConfiguration
- * //               Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ * //               Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  * //               EnabledAccountsCount: Number("int"),
  * //             },
  * //           ],

package/dist-types/commands/InviteMembersCommand.d.ts

@@ -44,6 +44,14 @@ declare const InviteMembersCommand_base: {
  *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html">CreateMembers</a> again. To
  *       remove the details associated with a member account, you must also invoke
  *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html">DeleteMembers</a>. </p>
+ *          <p>If you disassociate a member account that was added by invitation, the member account details
+ *       obtained from this API, including the associated email addresses, will be retained.
+ *       This is done so that the delegated administrator can invoke the <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html">InviteMembers</a> API without the need to invoke the CreateMembers API again. To
+ *       remove the details associated with a member account, the delegated administrator must invoke the
+ *       <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html">DeleteMembers</a> API. </p>
+ *          <p>When the member accounts added through Organizations are later disassociated, you (administrator)
+ *       can't invite them by calling the InviteMembers API. You can create an association with these
+ *       member accounts again only by calling the CreateMembers API.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UpdateDetectorCommand.d.ts

@@ -66,7 +66,7 @@ declare const UpdateDetectorCommand_base: {
  *       Status: "ENABLED" || "DISABLED",
  *       AdditionalConfiguration: [ // DetectorAdditionalConfigurations
  *         { // DetectorAdditionalConfiguration
- *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  *           Status: "ENABLED" || "DISABLED",
  *         },
  *       ],

package/dist-types/commands/UpdateMemberDetectorsCommand.d.ts

@@ -67,7 +67,7 @@ declare const UpdateMemberDetectorsCommand_base: {
  *       Status: "ENABLED" || "DISABLED",
  *       AdditionalConfiguration: [ // MemberAdditionalConfigurations
  *         { // MemberAdditionalConfiguration
- *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  *           Status: "ENABLED" || "DISABLED",
  *         },
  *       ],

package/dist-types/commands/UpdateOrganizationConfigurationCommand.d.ts

@@ -68,7 +68,7 @@ declare const UpdateOrganizationConfigurationCommand_base: {
  *       AutoEnable: "NEW" || "NONE" || "ALL",
  *       AdditionalConfiguration: [ // OrganizationAdditionalConfigurations
  *         { // OrganizationAdditionalConfiguration
- *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT",
+ *           Name: "EKS_ADDON_MANAGEMENT" || "ECS_FARGATE_AGENT_MANAGEMENT" || "EC2_AGENT_MANAGEMENT",
  *           AutoEnable: "NEW" || "NONE" || "ALL",
  *         },
  *       ],

package/dist-types/models/models_0.d.ts

@@ -559,7 +559,8 @@ export interface DnsRequestAction {
     Blocked?: boolean;
     /**
      * <p>The second and top level domain involved in the
-     *       activity that prompted GuardDuty to generate this finding.</p>
+     *       activity that potentially prompted GuardDuty to generate this finding.
+     *       For a list of top-level and second-level domains, see <a href="https://publicsuffix.org/">public suffix list</a>.</p>
      * @public
      */
     DomainWithSuffix?: string;
@@ -1440,13 +1441,7 @@ export declare const ManagementType: {
  */
 export type ManagementType = (typeof ManagementType)[keyof typeof ManagementType];
 /**
- * <note>
- *             <p>This API is also used when you use GuardDuty Runtime Monitoring
- *       for your Amazon EC2 instances (currently in preview
- *       release) and is subject to change. The use of this API is subject to Section 2 of the
- *       <a href="http://aws.amazon.com/service-terms/">Amazon Web Services Service Terms</a> ("Betas and Previews").</p>
- *          </note>
- *          <p>Contains information about the Amazon EC2 instance runtime
+ * <p>Contains information about the Amazon EC2 instance runtime
  *     coverage details.</p>
  * @public
  */
@@ -1678,13 +1673,7 @@ export interface CoverageResourceDetails {
      */
     EcsClusterDetails?: CoverageEcsClusterDetails;
     /**
-     * <note>
-     *             <p>This API is also used when you use GuardDuty Runtime Monitoring
-     *       for your Amazon EC2 instances (currently in preview
-     *       release) and is subject to change. The use of this API is subject to Section 2 of the
-     *       <a href="http://aws.amazon.com/service-terms/">Amazon Web Services Service Terms</a> ("Betas and Previews").</p>
-     *          </note>
-     *          <p>Information about the Amazon EC2 instance assessed
+     * <p>Information about the Amazon EC2 instance assessed
      *       for runtime coverage.</p>
      * @public
      */
@@ -1894,6 +1883,7 @@ export interface DataSourceConfigurations {
  * @enum
  */
 export declare const FeatureAdditionalConfiguration: {
+    readonly EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT";
     readonly ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT";
     readonly EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT";
 };
@@ -3537,6 +3527,7 @@ export type OrgFeatureStatus = (typeof OrgFeatureStatus)[keyof typeof OrgFeature
  * @enum
  */
 export declare const OrgFeatureAdditionalConfiguration: {
+    readonly EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT";
     readonly ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT";
     readonly EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT";
 };
@@ -4421,6 +4412,11 @@ export interface ThreatIntelligenceDetail {
      * @public
      */
     ThreatNames?: string[];
+    /**
+     * <p>SHA256 of the file that generated the finding.</p>
+     * @public
+     */
+    ThreatFileSha256?: string;
 }
 /**
  * <p>Contains information about the reason that the finding was generated.</p>
@@ -5319,6 +5315,32 @@ export interface RuntimeContext {
      * @public
      */
     MemoryRegions?: string[];
+    /**
+     * <p>Name of the potentially suspicious tool.</p>
+     * @public
+     */
+    ToolName?: string;
+    /**
+     * <p>Category that the tool belongs to. Some of the examples
+     *     are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.</p>
+     * @public
+     */
+    ToolCategory?: string;
+    /**
+     * <p>Name of the security service that has been potentially disabled.</p>
+     * @public
+     */
+    ServiceName?: string;
+    /**
+     * <p>Example of the command line involved in the suspicious activity.</p>
+     * @public
+     */
+    CommandLineExample?: string;
+    /**
+     * <p>The suspicious file path for which the threat intelligence details were found.</p>
+     * @public
+     */
+    ThreatFilePath?: string;
 }
 /**
  * <p>Information about the process and any required context values for a specific

package/dist-types/ts3.4/models/models_0.d.ts

@@ -490,6 +490,7 @@ export interface DataSourceConfigurations {
   MalwareProtection?: MalwareProtectionConfiguration;
 }
 export declare const FeatureAdditionalConfiguration: {
+  readonly EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT";
   readonly ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT";
   readonly EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT";
 };
@@ -856,6 +857,7 @@ export declare const OrgFeatureStatus: {
 export type OrgFeatureStatus =
   (typeof OrgFeatureStatus)[keyof typeof OrgFeatureStatus];
 export declare const OrgFeatureAdditionalConfiguration: {
+  readonly EC2_AGENT_MANAGEMENT: "EC2_AGENT_MANAGEMENT";
   readonly ECS_FARGATE_AGENT_MANAGEMENT: "ECS_FARGATE_AGENT_MANAGEMENT";
   readonly EKS_ADDON_MANAGEMENT: "EKS_ADDON_MANAGEMENT";
 };
@@ -1069,6 +1071,7 @@ export interface EnableOrganizationAdminAccountResponse {}
 export interface ThreatIntelligenceDetail {
   ThreatListName?: string;
   ThreatNames?: string[];
+  ThreatFileSha256?: string;
 }
 export interface Evidence {
   ThreatIntelligenceDetails?: ThreatIntelligenceDetail[];
@@ -1265,6 +1268,11 @@ export interface RuntimeContext {
   AddressFamily?: string;
   IanaProtocolNumber?: number;
   MemoryRegions?: string[];
+  ToolName?: string;
+  ToolCategory?: string;
+  ServiceName?: string;
+  CommandLineExample?: string;
+  ThreatFilePath?: string;
 }
 export interface RuntimeDetails {
   Process?: ProcessDetails;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-guardduty",
   "description": "AWS SDK for JavaScript Guardduty Client for Node.js, Browser and React Native",
-  "version": "3.540.0",
+  "version": "3.544.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-guardduty",