@aws-sdk/client-guardduty 3.830.0 → 3.835.0

package/dist-cjs/index.js

@@ -31,6 +31,7 @@ __export(index_exports, {
   AutoEnableMembers: () => AutoEnableMembers,
   AwsApiCallActionFilterSensitiveLog: () => AwsApiCallActionFilterSensitiveLog,
   BadRequestException: () => BadRequestException,
+  ClusterStatus: () => ClusterStatus,
   ConflictException: () => ConflictException,
   CoverageFilterCriterionKey: () => CoverageFilterCriterionKey,
   CoverageSortKey: () => CoverageSortKey,
@@ -111,6 +112,7 @@ __export(index_exports, {
   IpSetFormat: () => IpSetFormat,
   IpSetStatus: () => IpSetStatus,
   KubernetesApiCallActionFilterSensitiveLog: () => KubernetesApiCallActionFilterSensitiveLog,
+  KubernetesResourcesTypes: () => KubernetesResourcesTypes,
   ListCoverageCommand: () => ListCoverageCommand,
   ListDetectorsCommand: () => ListDetectorsCommand,
   ListFiltersCommand: () => ListFiltersCommand,
@@ -498,6 +500,14 @@ var DataSourceStatus = {
   DISABLED: "DISABLED",
   ENABLED: "ENABLED"
 };
+var ClusterStatus = {
+  ACTIVE: "ACTIVE",
+  CREATING: "CREATING",
+  DELETING: "DELETING",
+  FAILED: "FAILED",
+  PENDING: "PENDING",
+  UPDATING: "UPDATING"
+};
 var ConflictException = class _ConflictException extends GuardDutyServiceException {
   static {
     __name(this, "ConflictException");
@@ -714,6 +724,16 @@ var NetworkDirection = {
   INBOUND: "INBOUND",
   OUTBOUND: "OUTBOUND"
 };
+var KubernetesResourcesTypes = {
+  CRONJOBS: "CRONJOBS",
+  DAEMONSETS: "DAEMONSETS",
+  DEPLOYMENTS: "DEPLOYMENTS",
+  JOBS: "JOBS",
+  PODS: "PODS",
+  REPLICASETS: "REPLICASETS",
+  REPLICATIONCONTROLLERS: "REPLICATIONCONTROLLERS",
+  STATEFULSETS: "STATEFULSETS"
+};
 var PublicAccessStatus = {
   ALLOWED: "ALLOWED",
   BLOCKED: "BLOCKED"
@@ -728,17 +748,26 @@ var PublicBucketRestrictBehavior = {
 };
 var FindingResourceType = {
   ACCESS_KEY: "ACCESS_KEY",
+  CONTAINER: "CONTAINER",
   EC2_INSTANCE: "EC2_INSTANCE",
   EC2_NETWORK_INTERFACE: "EC2_NETWORK_INTERFACE",
+  EKS_CLUSTER: "EKS_CLUSTER",
+  KUBERNETES_WORKLOAD: "KUBERNETES_WORKLOAD",
   S3_BUCKET: "S3_BUCKET",
   S3_OBJECT: "S3_OBJECT"
 };
 var IndicatorType = {
   ATTACK_TACTIC: "ATTACK_TACTIC",
   ATTACK_TECHNIQUE: "ATTACK_TECHNIQUE",
+  CRYPTOMINING_DOMAIN: "CRYPTOMINING_DOMAIN",
+  CRYPTOMINING_IP: "CRYPTOMINING_IP",
+  CRYPTOMINING_PROCESS: "CRYPTOMINING_PROCESS",
   HIGH_RISK_API: "HIGH_RISK_API",
+  MALICIOUS_DOMAIN: "MALICIOUS_DOMAIN",
   MALICIOUS_IP: "MALICIOUS_IP",
+  MALICIOUS_PROCESS: "MALICIOUS_PROCESS",
   SUSPICIOUS_NETWORK: "SUSPICIOUS_NETWORK",
+  SUSPICIOUS_PROCESS: "SUSPICIOUS_PROCESS",
   SUSPICIOUS_USER_AGENT: "SUSPICIOUS_USER_AGENT",
   TOR_IP: "TOR_IP",
   UNUSUAL_API_FOR_ACCOUNT: "UNUSUAL_API_FOR_ACCOUNT",
@@ -747,7 +776,11 @@ var IndicatorType = {
 };
 var SignalType = {
   CLOUD_TRAIL: "CLOUD_TRAIL",
+  DNS_LOGS: "DNS_LOGS",
+  EKS_AUDIT_LOGS: "EKS_AUDIT_LOGS",
   FINDING: "FINDING",
+  FLOW_LOGS: "FLOW_LOGS",
+  RUNTIME_MONITORING: "RUNTIME_MONITORING",
   S3_DATA_EVENTS: "S3_DATA_EVENTS"
 };
 var DetectorFeatureResult = {
@@ -777,13 +810,6 @@ var Feedback = {
 var FindingStatisticType = {
   COUNT_BY_SEVERITY: "COUNT_BY_SEVERITY"
 };
-var GroupByType = {
-  ACCOUNT: "ACCOUNT",
-  DATE: "DATE",
-  FINDING_TYPE: "FINDING_TYPE",
-  RESOURCE: "RESOURCE",
-  SEVERITY: "SEVERITY"
-};
 var AccountDetailFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.Email && { Email: import_smithy_client.SENSITIVE_STRING }
@@ -896,10 +922,6 @@ var FindingFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.Service && { Service: ServiceFilterSensitiveLog(obj.Service) }
 }), "FindingFilterSensitiveLog");
-var GetFindingsResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
-  ...obj,
-  ...obj.Findings && { Findings: obj.Findings.map((item) => FindingFilterSensitiveLog(item)) }
-}), "GetFindingsResponseFilterSensitiveLog");
 
 // src/protocols/Aws_restJson1.ts
 var se_AcceptAdministratorInvitationCommand = /* @__PURE__ */ __name(async (input, context) => {
@@ -3467,10 +3489,18 @@ var de_Action = /* @__PURE__ */ __name((output, context) => {
 var de_Actor = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     Id: [, import_smithy_client.expectString, `id`],
+    Process: [, (_) => de_ActorProcess(_, context), `process`],
     Session: [, (_) => de_Session(_, context), `session`],
     User: [, (_) => de_User(_, context), `user`]
   });
 }, "de_Actor");
+var de_ActorProcess = /* @__PURE__ */ __name((output, context) => {
+  return (0, import_smithy_client.take)(output, {
+    Name: [, import_smithy_client.expectString, `name`],
+    Path: [, import_smithy_client.expectString, `path`],
+    Sha256: [, import_smithy_client.expectString, `sha256`]
+  });
+}, "de_ActorProcess");
 var de_Actors = /* @__PURE__ */ __name((output, context) => {
   const retVal = (output || []).filter((e) => e != null).map((entry) => {
     return de_Actor(entry, context);
@@ -3651,6 +3681,12 @@ var de_Container = /* @__PURE__ */ __name((output, context) => {
     VolumeMounts: [, (_) => de_VolumeMounts(_, context), `volumeMounts`]
   });
 }, "de_Container");
+var de_ContainerFindingResource = /* @__PURE__ */ __name((output, context) => {
+  return (0, import_smithy_client.take)(output, {
+    Image: [, import_smithy_client.expectString, `image`],
+    ImageUid: [, import_smithy_client.expectString, `imageUid`]
+  });
+}, "de_ContainerFindingResource");
 var de_ContainerInstanceDetails = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     CompatibleContainerInstances: [, import_smithy_client.expectLong, `compatibleContainerInstances`],
@@ -3931,6 +3967,15 @@ var de_EcsTaskDetails = /* @__PURE__ */ __name((output, context) => {
     Volumes: [, (_) => de_Volumes(_, context), `volumes`]
   });
 }, "de_EcsTaskDetails");
+var de_EksCluster = /* @__PURE__ */ __name((output, context) => {
+  return (0, import_smithy_client.take)(output, {
+    Arn: [, import_smithy_client.expectString, `arn`],
+    CreatedAt: [, (_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))), `createdAt`],
+    Ec2InstanceUids: [, import_smithy_client._json, `ec2InstanceUids`],
+    Status: [, import_smithy_client.expectString, `status`],
+    VpcId: [, import_smithy_client.expectString, `vpcId`]
+  });
+}, "de_EksCluster");
 var de_EksClusterDetails = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     Arn: [, import_smithy_client.expectString, `arn`],
@@ -4208,6 +4253,13 @@ var de_KubernetesUserDetails = /* @__PURE__ */ __name((output, context) => {
     Username: [, import_smithy_client.expectString, `username`]
   });
 }, "de_KubernetesUserDetails");
+var de_KubernetesWorkload = /* @__PURE__ */ __name((output, context) => {
+  return (0, import_smithy_client.take)(output, {
+    ContainerUids: [, import_smithy_client._json, `containerUids`],
+    KubernetesResourcesTypes: [, import_smithy_client.expectString, `kubernetesResourcesTypes`],
+    Namespace: [, import_smithy_client.expectString, `namespace`]
+  });
+}, "de_KubernetesWorkload");
 var de_KubernetesWorkloadDetails = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     Containers: [, (_) => de_Containers(_, context), `containers`],
@@ -4765,8 +4817,11 @@ var de_Resource = /* @__PURE__ */ __name((output, context) => {
 var de_ResourceData = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     AccessKey: [, (_) => de_AccessKey(_, context), `accessKey`],
+    Container: [, (_) => de_ContainerFindingResource(_, context), `container`],
     Ec2Instance: [, (_) => de_Ec2Instance(_, context), `ec2Instance`],
     Ec2NetworkInterface: [, (_) => de_Ec2NetworkInterface(_, context), `ec2NetworkInterface`],
+    EksCluster: [, (_) => de_EksCluster(_, context), `eksCluster`],
+    KubernetesWorkload: [, (_) => de_KubernetesWorkload(_, context), `kubernetesWorkload`],
     S3Bucket: [, (_) => de_S3Bucket(_, context), `s3Bucket`],
     S3Object: [, (_) => de_S3Object(_, context), `s3Object`]
   });
@@ -5029,6 +5084,7 @@ var de_SecurityGroups = /* @__PURE__ */ __name((output, context) => {
 var de_Sequence = /* @__PURE__ */ __name((output, context) => {
   return (0, import_smithy_client.take)(output, {
     Actors: [, (_) => de_Actors(_, context), `actors`],
+    AdditionalSequenceTypes: [, import_smithy_client._json, `additionalSequenceTypes`],
     Description: [, import_smithy_client.expectString, `description`],
     Endpoints: [, (_) => de_NetworkEndpoints(_, context), `endpoints`],
     Resources: [, (_) => de_Resources(_, context), `resources`],
@@ -5817,6 +5873,83 @@ var GetFilterCommand = class extends import_smithy_client.Command.classBuilder()
 
 
 
+
+// src/models/models_1.ts
+
+var GroupByType = {
+  ACCOUNT: "ACCOUNT",
+  DATE: "DATE",
+  FINDING_TYPE: "FINDING_TYPE",
+  RESOURCE: "RESOURCE",
+  SEVERITY: "SEVERITY"
+};
+var IpSetStatus = {
+  ACTIVATING: "ACTIVATING",
+  ACTIVE: "ACTIVE",
+  DEACTIVATING: "DEACTIVATING",
+  DELETED: "DELETED",
+  DELETE_PENDING: "DELETE_PENDING",
+  ERROR: "ERROR",
+  INACTIVE: "INACTIVE"
+};
+var MalwareProtectionPlanStatus = {
+  ACTIVE: "ACTIVE",
+  ERROR: "ERROR",
+  WARNING: "WARNING"
+};
+var ScanCriterionKey = {
+  EC2_INSTANCE_TAG: "EC2_INSTANCE_TAG"
+};
+var ThreatIntelSetStatus = {
+  ACTIVATING: "ACTIVATING",
+  ACTIVE: "ACTIVE",
+  DEACTIVATING: "DEACTIVATING",
+  DELETED: "DELETED",
+  DELETE_PENDING: "DELETE_PENDING",
+  ERROR: "ERROR",
+  INACTIVE: "INACTIVE"
+};
+var UsageFeature = {
+  CLOUD_TRAIL: "CLOUD_TRAIL",
+  DNS_LOGS: "DNS_LOGS",
+  EBS_MALWARE_PROTECTION: "EBS_MALWARE_PROTECTION",
+  EC2_RUNTIME_MONITORING: "EC2_RUNTIME_MONITORING",
+  EKS_AUDIT_LOGS: "EKS_AUDIT_LOGS",
+  EKS_RUNTIME_MONITORING: "EKS_RUNTIME_MONITORING",
+  FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING",
+  FLOW_LOGS: "FLOW_LOGS",
+  LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS",
+  RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED",
+  RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS",
+  RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS",
+  S3_DATA_EVENTS: "S3_DATA_EVENTS"
+};
+var UsageStatisticType = {
+  SUM_BY_ACCOUNT: "SUM_BY_ACCOUNT",
+  SUM_BY_DATA_SOURCE: "SUM_BY_DATA_SOURCE",
+  SUM_BY_FEATURES: "SUM_BY_FEATURES",
+  SUM_BY_RESOURCE: "SUM_BY_RESOURCE",
+  TOP_ACCOUNTS_BY_FEATURE: "TOP_ACCOUNTS_BY_FEATURE",
+  TOP_RESOURCES: "TOP_RESOURCES"
+};
+var GetFindingsResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.Findings && { Findings: obj.Findings.map((item) => FindingFilterSensitiveLog(item)) }
+}), "GetFindingsResponseFilterSensitiveLog");
+var MemberFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.Email && { Email: import_smithy_client.SENSITIVE_STRING }
+}), "MemberFilterSensitiveLog");
+var GetMembersResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.Members && { Members: obj.Members.map((item) => MemberFilterSensitiveLog(item)) }
+}), "GetMembersResponseFilterSensitiveLog");
+var ListMembersResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
+  ...obj,
+  ...obj.Members && { Members: obj.Members.map((item) => MemberFilterSensitiveLog(item)) }
+}), "ListMembersResponseFilterSensitiveLog");
+
+// src/commands/GetFindingsCommand.ts
 var GetFindingsCommand = class extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
   return [
     (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
@@ -5937,72 +6070,6 @@ var GetMemberDetectorsCommand = class extends import_smithy_client.Command.class
 
 
 
-
-// src/models/models_1.ts
-
-var IpSetStatus = {
-  ACTIVATING: "ACTIVATING",
-  ACTIVE: "ACTIVE",
-  DEACTIVATING: "DEACTIVATING",
-  DELETED: "DELETED",
-  DELETE_PENDING: "DELETE_PENDING",
-  ERROR: "ERROR",
-  INACTIVE: "INACTIVE"
-};
-var MalwareProtectionPlanStatus = {
-  ACTIVE: "ACTIVE",
-  ERROR: "ERROR",
-  WARNING: "WARNING"
-};
-var ScanCriterionKey = {
-  EC2_INSTANCE_TAG: "EC2_INSTANCE_TAG"
-};
-var ThreatIntelSetStatus = {
-  ACTIVATING: "ACTIVATING",
-  ACTIVE: "ACTIVE",
-  DEACTIVATING: "DEACTIVATING",
-  DELETED: "DELETED",
-  DELETE_PENDING: "DELETE_PENDING",
-  ERROR: "ERROR",
-  INACTIVE: "INACTIVE"
-};
-var UsageFeature = {
-  CLOUD_TRAIL: "CLOUD_TRAIL",
-  DNS_LOGS: "DNS_LOGS",
-  EBS_MALWARE_PROTECTION: "EBS_MALWARE_PROTECTION",
-  EC2_RUNTIME_MONITORING: "EC2_RUNTIME_MONITORING",
-  EKS_AUDIT_LOGS: "EKS_AUDIT_LOGS",
-  EKS_RUNTIME_MONITORING: "EKS_RUNTIME_MONITORING",
-  FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING",
-  FLOW_LOGS: "FLOW_LOGS",
-  LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS",
-  RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED",
-  RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS",
-  RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS",
-  S3_DATA_EVENTS: "S3_DATA_EVENTS"
-};
-var UsageStatisticType = {
-  SUM_BY_ACCOUNT: "SUM_BY_ACCOUNT",
-  SUM_BY_DATA_SOURCE: "SUM_BY_DATA_SOURCE",
-  SUM_BY_FEATURES: "SUM_BY_FEATURES",
-  SUM_BY_RESOURCE: "SUM_BY_RESOURCE",
-  TOP_ACCOUNTS_BY_FEATURE: "TOP_ACCOUNTS_BY_FEATURE",
-  TOP_RESOURCES: "TOP_RESOURCES"
-};
-var MemberFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
-  ...obj,
-  ...obj.Email && { Email: import_smithy_client.SENSITIVE_STRING }
-}), "MemberFilterSensitiveLog");
-var GetMembersResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
-  ...obj,
-  ...obj.Members && { Members: obj.Members.map((item) => MemberFilterSensitiveLog(item)) }
-}), "GetMembersResponseFilterSensitiveLog");
-var ListMembersResponseFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
-  ...obj,
-  ...obj.Members && { Members: obj.Members.map((item) => MemberFilterSensitiveLog(item)) }
-}), "ListMembersResponseFilterSensitiveLog");
-
-// src/commands/GetMembersCommand.ts
 var GetMembersCommand = class extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
   return [
     (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
@@ -6749,6 +6816,7 @@ var paginateListThreatIntelSets = (0, import_core.createPaginator)(GuardDutyClie
   ProfileType,
   AutoEnableMembers,
   DataSourceStatus,
+  ClusterStatus,
   ConflictException,
   CoverageStatus,
   ResourceType,
@@ -6777,6 +6845,7 @@ var paginateListThreatIntelSets = (0, import_core.createPaginator)(GuardDutyClie
   OrgFeature,
   PublishingStatus,
   NetworkDirection,
+  KubernetesResourcesTypes,
   PublicAccessStatus,
   PublicAclIgnoreBehavior,
   PublicBucketRestrictBehavior,
@@ -6788,7 +6857,6 @@ var paginateListThreatIntelSets = (0, import_core.createPaginator)(GuardDutyClie
   EbsSnapshotPreservation,
   Feedback,
   FindingStatisticType,
-  GroupByType,
   AccountDetailFilterSensitiveLog,
   RemoteIpDetailsFilterSensitiveLog,
   AwsApiCallActionFilterSensitiveLog,
@@ -6811,13 +6879,14 @@ var paginateListThreatIntelSets = (0, import_core.createPaginator)(GuardDutyClie
   ResourceFilterSensitiveLog,
   ServiceFilterSensitiveLog,
   FindingFilterSensitiveLog,
-  GetFindingsResponseFilterSensitiveLog,
+  GroupByType,
   IpSetStatus,
   MalwareProtectionPlanStatus,
   ScanCriterionKey,
   ThreatIntelSetStatus,
   UsageFeature,
   UsageStatisticType,
+  GetFindingsResponseFilterSensitiveLog,
   MemberFilterSensitiveLog,
   GetMembersResponseFilterSensitiveLog,
   ListMembersResponseFilterSensitiveLog

package/dist-es/commands/GetFindingsCommand.js

@@ -2,7 +2,7 @@ import { getEndpointPlugin } from "@smithy/middleware-endpoint";
 import { getSerdePlugin } from "@smithy/middleware-serde";
 import { Command as $Command } from "@smithy/smithy-client";
 import { commonParams } from "../endpoint/EndpointParameters";
-import { GetFindingsResponseFilterSensitiveLog } from "../models/models_0";
+import { GetFindingsResponseFilterSensitiveLog } from "../models/models_1";
 import { de_GetFindingsCommand, se_GetFindingsCommand } from "../protocols/Aws_restJson1";
 export { $Command };
 export class GetFindingsCommand extends $Command

package/dist-es/models/models_0.js

@@ -87,6 +87,14 @@ export const DataSourceStatus = {
     DISABLED: "DISABLED",
     ENABLED: "ENABLED",
 };
+export const ClusterStatus = {
+    ACTIVE: "ACTIVE",
+    CREATING: "CREATING",
+    DELETING: "DELETING",
+    FAILED: "FAILED",
+    PENDING: "PENDING",
+    UPDATING: "UPDATING",
+};
 export class ConflictException extends __BaseException {
     name = "ConflictException";
     $fault = "client";
@@ -275,6 +283,16 @@ export const NetworkDirection = {
     INBOUND: "INBOUND",
     OUTBOUND: "OUTBOUND",
 };
+export const KubernetesResourcesTypes = {
+    CRONJOBS: "CRONJOBS",
+    DAEMONSETS: "DAEMONSETS",
+    DEPLOYMENTS: "DEPLOYMENTS",
+    JOBS: "JOBS",
+    PODS: "PODS",
+    REPLICASETS: "REPLICASETS",
+    REPLICATIONCONTROLLERS: "REPLICATIONCONTROLLERS",
+    STATEFULSETS: "STATEFULSETS",
+};
 export const PublicAccessStatus = {
     ALLOWED: "ALLOWED",
     BLOCKED: "BLOCKED",
@@ -289,17 +307,26 @@ export const PublicBucketRestrictBehavior = {
 };
 export const FindingResourceType = {
     ACCESS_KEY: "ACCESS_KEY",
+    CONTAINER: "CONTAINER",
     EC2_INSTANCE: "EC2_INSTANCE",
     EC2_NETWORK_INTERFACE: "EC2_NETWORK_INTERFACE",
+    EKS_CLUSTER: "EKS_CLUSTER",
+    KUBERNETES_WORKLOAD: "KUBERNETES_WORKLOAD",
     S3_BUCKET: "S3_BUCKET",
     S3_OBJECT: "S3_OBJECT",
 };
 export const IndicatorType = {
     ATTACK_TACTIC: "ATTACK_TACTIC",
     ATTACK_TECHNIQUE: "ATTACK_TECHNIQUE",
+    CRYPTOMINING_DOMAIN: "CRYPTOMINING_DOMAIN",
+    CRYPTOMINING_IP: "CRYPTOMINING_IP",
+    CRYPTOMINING_PROCESS: "CRYPTOMINING_PROCESS",
     HIGH_RISK_API: "HIGH_RISK_API",
+    MALICIOUS_DOMAIN: "MALICIOUS_DOMAIN",
     MALICIOUS_IP: "MALICIOUS_IP",
+    MALICIOUS_PROCESS: "MALICIOUS_PROCESS",
     SUSPICIOUS_NETWORK: "SUSPICIOUS_NETWORK",
+    SUSPICIOUS_PROCESS: "SUSPICIOUS_PROCESS",
     SUSPICIOUS_USER_AGENT: "SUSPICIOUS_USER_AGENT",
     TOR_IP: "TOR_IP",
     UNUSUAL_API_FOR_ACCOUNT: "UNUSUAL_API_FOR_ACCOUNT",
@@ -308,7 +335,11 @@ export const IndicatorType = {
 };
 export const SignalType = {
     CLOUD_TRAIL: "CLOUD_TRAIL",
+    DNS_LOGS: "DNS_LOGS",
+    EKS_AUDIT_LOGS: "EKS_AUDIT_LOGS",
     FINDING: "FINDING",
+    FLOW_LOGS: "FLOW_LOGS",
+    RUNTIME_MONITORING: "RUNTIME_MONITORING",
     S3_DATA_EVENTS: "S3_DATA_EVENTS",
 };
 export const DetectorFeatureResult = {
@@ -338,13 +369,6 @@ export const Feedback = {
 export const FindingStatisticType = {
     COUNT_BY_SEVERITY: "COUNT_BY_SEVERITY",
 };
-export const GroupByType = {
-    ACCOUNT: "ACCOUNT",
-    DATE: "DATE",
-    FINDING_TYPE: "FINDING_TYPE",
-    RESOURCE: "RESOURCE",
-    SEVERITY: "SEVERITY",
-};
 export const AccountDetailFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.Email && { Email: SENSITIVE_STRING }),
@@ -457,7 +481,3 @@ export const FindingFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.Service && { Service: ServiceFilterSensitiveLog(obj.Service) }),
 });
-export const GetFindingsResponseFilterSensitiveLog = (obj) => ({
-    ...obj,
-    ...(obj.Findings && { Findings: obj.Findings.map((item) => FindingFilterSensitiveLog(item)) }),
-});

package/dist-es/models/models_1.js

@@ -1,4 +1,12 @@
 import { SENSITIVE_STRING } from "@smithy/smithy-client";
+import { FindingFilterSensitiveLog, } from "./models_0";
+export const GroupByType = {
+    ACCOUNT: "ACCOUNT",
+    DATE: "DATE",
+    FINDING_TYPE: "FINDING_TYPE",
+    RESOURCE: "RESOURCE",
+    SEVERITY: "SEVERITY",
+};
 export const IpSetStatus = {
     ACTIVATING: "ACTIVATING",
     ACTIVE: "ACTIVE",
@@ -48,6 +56,10 @@ export const UsageStatisticType = {
     TOP_ACCOUNTS_BY_FEATURE: "TOP_ACCOUNTS_BY_FEATURE",
     TOP_RESOURCES: "TOP_RESOURCES",
 };
+export const GetFindingsResponseFilterSensitiveLog = (obj) => ({
+    ...obj,
+    ...(obj.Findings && { Findings: obj.Findings.map((item) => FindingFilterSensitiveLog(item)) }),
+});
 export const MemberFilterSensitiveLog = (obj) => ({
     ...obj,
     ...(obj.Email && { Email: SENSITIVE_STRING }),

package/dist-es/protocols/Aws_restJson1.js

@@ -2505,10 +2505,18 @@ const de_Action = (output, context) => {
 const de_Actor = (output, context) => {
     return take(output, {
         Id: [, __expectString, `id`],
+        Process: [, (_) => de_ActorProcess(_, context), `process`],
         Session: [, (_) => de_Session(_, context), `session`],
         User: [, (_) => de_User(_, context), `user`],
     });
 };
+const de_ActorProcess = (output, context) => {
+    return take(output, {
+        Name: [, __expectString, `name`],
+        Path: [, __expectString, `path`],
+        Sha256: [, __expectString, `sha256`],
+    });
+};
 const de_Actors = (output, context) => {
     const retVal = (output || [])
         .filter((e) => e != null)
@@ -2689,6 +2697,12 @@ const de_Container = (output, context) => {
         VolumeMounts: [, (_) => de_VolumeMounts(_, context), `volumeMounts`],
     });
 };
+const de_ContainerFindingResource = (output, context) => {
+    return take(output, {
+        Image: [, __expectString, `image`],
+        ImageUid: [, __expectString, `imageUid`],
+    });
+};
 const de_ContainerInstanceDetails = (output, context) => {
     return take(output, {
         CompatibleContainerInstances: [, __expectLong, `compatibleContainerInstances`],
@@ -2979,6 +2993,15 @@ const de_EcsTaskDetails = (output, context) => {
         Volumes: [, (_) => de_Volumes(_, context), `volumes`],
     });
 };
+const de_EksCluster = (output, context) => {
+    return take(output, {
+        Arn: [, __expectString, `arn`],
+        CreatedAt: [, (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `createdAt`],
+        Ec2InstanceUids: [, _json, `ec2InstanceUids`],
+        Status: [, __expectString, `status`],
+        VpcId: [, __expectString, `vpcId`],
+    });
+};
 const de_EksClusterDetails = (output, context) => {
     return take(output, {
         Arn: [, __expectString, `arn`],
@@ -3278,6 +3301,13 @@ const de_KubernetesUserDetails = (output, context) => {
         Username: [, __expectString, `username`],
     });
 };
+const de_KubernetesWorkload = (output, context) => {
+    return take(output, {
+        ContainerUids: [, _json, `containerUids`],
+        KubernetesResourcesTypes: [, __expectString, `kubernetesResourcesTypes`],
+        Namespace: [, __expectString, `namespace`],
+    });
+};
 const de_KubernetesWorkloadDetails = (output, context) => {
     return take(output, {
         Containers: [, (_) => de_Containers(_, context), `containers`],
@@ -3871,8 +3901,11 @@ const de_Resource = (output, context) => {
 const de_ResourceData = (output, context) => {
     return take(output, {
         AccessKey: [, (_) => de_AccessKey(_, context), `accessKey`],
+        Container: [, (_) => de_ContainerFindingResource(_, context), `container`],
         Ec2Instance: [, (_) => de_Ec2Instance(_, context), `ec2Instance`],
         Ec2NetworkInterface: [, (_) => de_Ec2NetworkInterface(_, context), `ec2NetworkInterface`],
+        EksCluster: [, (_) => de_EksCluster(_, context), `eksCluster`],
+        KubernetesWorkload: [, (_) => de_KubernetesWorkload(_, context), `kubernetesWorkload`],
         S3Bucket: [, (_) => de_S3Bucket(_, context), `s3Bucket`],
         S3Object: [, (_) => de_S3Object(_, context), `s3Object`],
     });
@@ -4144,6 +4177,7 @@ const de_SecurityGroups = (output, context) => {
 const de_Sequence = (output, context) => {
     return take(output, {
         Actors: [, (_) => de_Actors(_, context), `actors`],
+        AdditionalSequenceTypes: [, _json, `additionalSequenceTypes`],
         Description: [, __expectString, `description`],
         Endpoints: [, (_) => de_NetworkEndpoints(_, context), `endpoints`],
         Resources: [, (_) => de_Resources(_, context), `resources`],

package/dist-types/commands/GetAdministratorAccountCommand.d.ts

@@ -29,10 +29,20 @@ declare const GetAdministratorAccountCommand_base: {
 /**
  * <p>Provides the details of the GuardDuty administrator account associated with the current
  *       GuardDuty member account.</p>
- *          <note>
- *             <p>If the organization's management account or a delegated administrator runs this API,
- *     it will return success (<code>HTTP 200</code>) but no content.</p>
- *          </note>
+ *          <p>Based on the type of account that runs this API, the following list shows how the API behavior varies:</p>
+ *          <ul>
+ *             <li>
+ *                <p>When the GuardDuty administrator account runs this API, it will return success (<code>HTTP 200</code>) but no content.</p>
+ *             </li>
+ *             <li>
+ *                <p>When a member account runs this API, it will return the details of the GuardDuty administrator account that is associated
+ *         with this calling member account.</p>
+ *             </li>
+ *             <li>
+ *                <p>When an individual account (not associated with an organization) runs this API, it will return success (<code>HTTP 200</code>)
+ *         but no content.</p>
+ *             </li>
+ *          </ul>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript