cdk-lambda-subminute 2.0.236 → 2.0.238
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +3 -3
- package/lib/cdk-lambda-subminute.js +3 -3
- package/node_modules/aws-sdk/CHANGELOG.md +13 -1
- package/node_modules/aws-sdk/README.md +1 -1
- package/node_modules/aws-sdk/apis/appstream-2016-12-01.min.json +28 -5
- package/node_modules/aws-sdk/apis/appstream-2016-12-01.waiters2.json +6 -6
- package/node_modules/aws-sdk/apis/drs-2020-02-26.min.json +276 -79
- package/node_modules/aws-sdk/apis/drs-2020-02-26.paginators.json +6 -0
- package/node_modules/aws-sdk/apis/entityresolution-2018-05-10.min.json +4 -0
- package/node_modules/aws-sdk/apis/firehose-2015-08-04.min.json +101 -74
- package/node_modules/aws-sdk/apis/guardduty-2017-11-28.min.json +3 -0
- package/node_modules/aws-sdk/apis/lookoutequipment-2020-12-15.examples.json +214 -0
- package/node_modules/aws-sdk/apis/lookoutequipment-2020-12-15.min.json +248 -24
- package/node_modules/aws-sdk/apis/lookoutequipment-2020-12-15.paginators.json +5 -0
- package/node_modules/aws-sdk/apis/xray-2016-04-12.min.json +3 -0
- package/node_modules/aws-sdk/clients/appstream.d.ts +46 -6
- package/node_modules/aws-sdk/clients/cloud9.d.ts +1 -1
- package/node_modules/aws-sdk/clients/cloudformation.d.ts +6 -6
- package/node_modules/aws-sdk/clients/drs.d.ts +215 -0
- package/node_modules/aws-sdk/clients/entityresolution.d.ts +29 -29
- package/node_modules/aws-sdk/clients/firehose.d.ts +38 -7
- package/node_modules/aws-sdk/clients/guardduty.d.ts +29 -24
- package/node_modules/aws-sdk/clients/lookoutequipment.d.ts +435 -58
- package/node_modules/aws-sdk/clients/xray.d.ts +4 -0
- package/node_modules/aws-sdk/dist/aws-sdk-core-react-native.js +1 -1
- package/node_modules/aws-sdk/dist/aws-sdk-react-native.js +11 -11
- package/node_modules/aws-sdk/dist/aws-sdk.js +107 -77
- package/node_modules/aws-sdk/dist/aws-sdk.min.js +53 -53
- package/node_modules/aws-sdk/lib/core.js +1 -1
- package/node_modules/aws-sdk/package.json +1 -1
- package/package.json +4 -4
|
@@ -84,27 +84,27 @@ declare class EntityResolution extends Service {
|
|
|
84
84
|
*/
|
|
85
85
|
listMatchingJobs(callback?: (err: AWSError, data: EntityResolution.Types.ListMatchingJobsOutput) => void): Request<EntityResolution.Types.ListMatchingJobsOutput, AWSError>;
|
|
86
86
|
/**
|
|
87
|
-
* Returns a list of all the MatchingWorkflows that have been created for an
|
|
87
|
+
* Returns a list of all the MatchingWorkflows that have been created for an Amazon Web Services account.
|
|
88
88
|
*/
|
|
89
89
|
listMatchingWorkflows(params: EntityResolution.Types.ListMatchingWorkflowsInput, callback?: (err: AWSError, data: EntityResolution.Types.ListMatchingWorkflowsOutput) => void): Request<EntityResolution.Types.ListMatchingWorkflowsOutput, AWSError>;
|
|
90
90
|
/**
|
|
91
|
-
* Returns a list of all the MatchingWorkflows that have been created for an
|
|
91
|
+
* Returns a list of all the MatchingWorkflows that have been created for an Amazon Web Services account.
|
|
92
92
|
*/
|
|
93
93
|
listMatchingWorkflows(callback?: (err: AWSError, data: EntityResolution.Types.ListMatchingWorkflowsOutput) => void): Request<EntityResolution.Types.ListMatchingWorkflowsOutput, AWSError>;
|
|
94
94
|
/**
|
|
95
|
-
* Returns a list of all the SchemaMappings that have been created for an
|
|
95
|
+
* Returns a list of all the SchemaMappings that have been created for an Amazon Web Services account.
|
|
96
96
|
*/
|
|
97
97
|
listSchemaMappings(params: EntityResolution.Types.ListSchemaMappingsInput, callback?: (err: AWSError, data: EntityResolution.Types.ListSchemaMappingsOutput) => void): Request<EntityResolution.Types.ListSchemaMappingsOutput, AWSError>;
|
|
98
98
|
/**
|
|
99
|
-
* Returns a list of all the SchemaMappings that have been created for an
|
|
99
|
+
* Returns a list of all the SchemaMappings that have been created for an Amazon Web Services account.
|
|
100
100
|
*/
|
|
101
101
|
listSchemaMappings(callback?: (err: AWSError, data: EntityResolution.Types.ListSchemaMappingsOutput) => void): Request<EntityResolution.Types.ListSchemaMappingsOutput, AWSError>;
|
|
102
102
|
/**
|
|
103
|
-
* Displays the tags associated with an
|
|
103
|
+
* Displays the tags associated with an Entity Resolution resource. In Entity Resolution, SchemaMapping, and MatchingWorkflow can be tagged.
|
|
104
104
|
*/
|
|
105
105
|
listTagsForResource(params: EntityResolution.Types.ListTagsForResourceInput, callback?: (err: AWSError, data: EntityResolution.Types.ListTagsForResourceOutput) => void): Request<EntityResolution.Types.ListTagsForResourceOutput, AWSError>;
|
|
106
106
|
/**
|
|
107
|
-
* Displays the tags associated with an
|
|
107
|
+
* Displays the tags associated with an Entity Resolution resource. In Entity Resolution, SchemaMapping, and MatchingWorkflow can be tagged.
|
|
108
108
|
*/
|
|
109
109
|
listTagsForResource(callback?: (err: AWSError, data: EntityResolution.Types.ListTagsForResourceOutput) => void): Request<EntityResolution.Types.ListTagsForResourceOutput, AWSError>;
|
|
110
110
|
/**
|
|
@@ -116,19 +116,19 @@ declare class EntityResolution extends Service {
|
|
|
116
116
|
*/
|
|
117
117
|
startMatchingJob(callback?: (err: AWSError, data: EntityResolution.Types.StartMatchingJobOutput) => void): Request<EntityResolution.Types.StartMatchingJobOutput, AWSError>;
|
|
118
118
|
/**
|
|
119
|
-
* Assigns one or more tags (key-value pairs) to the specified
|
|
119
|
+
* Assigns one or more tags (key-value pairs) to the specified Entity Resolution resource. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. In Entity Resolution, SchemaMapping and MatchingWorkflow can be tagged. Tags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters. You can use the TagResource action with a resource that already has tags. If you specify a new tag key, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag.
|
|
120
120
|
*/
|
|
121
121
|
tagResource(params: EntityResolution.Types.TagResourceInput, callback?: (err: AWSError, data: EntityResolution.Types.TagResourceOutput) => void): Request<EntityResolution.Types.TagResourceOutput, AWSError>;
|
|
122
122
|
/**
|
|
123
|
-
* Assigns one or more tags (key-value pairs) to the specified
|
|
123
|
+
* Assigns one or more tags (key-value pairs) to the specified Entity Resolution resource. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. In Entity Resolution, SchemaMapping and MatchingWorkflow can be tagged. Tags don't have any semantic meaning to Amazon Web Services and are interpreted strictly as strings of characters. You can use the TagResource action with a resource that already has tags. If you specify a new tag key, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag.
|
|
124
124
|
*/
|
|
125
125
|
tagResource(callback?: (err: AWSError, data: EntityResolution.Types.TagResourceOutput) => void): Request<EntityResolution.Types.TagResourceOutput, AWSError>;
|
|
126
126
|
/**
|
|
127
|
-
* Removes one or more tags from the specified
|
|
127
|
+
* Removes one or more tags from the specified Entity Resolution resource. In Entity Resolution, SchemaMapping, and MatchingWorkflow can be tagged.
|
|
128
128
|
*/
|
|
129
129
|
untagResource(params: EntityResolution.Types.UntagResourceInput, callback?: (err: AWSError, data: EntityResolution.Types.UntagResourceOutput) => void): Request<EntityResolution.Types.UntagResourceOutput, AWSError>;
|
|
130
130
|
/**
|
|
131
|
-
* Removes one or more tags from the specified
|
|
131
|
+
* Removes one or more tags from the specified Entity Resolution resource. In Entity Resolution, SchemaMapping, and MatchingWorkflow can be tagged.
|
|
132
132
|
*/
|
|
133
133
|
untagResource(callback?: (err: AWSError, data: EntityResolution.Types.UntagResourceOutput) => void): Request<EntityResolution.Types.UntagResourceOutput, AWSError>;
|
|
134
134
|
/**
|
|
@@ -162,11 +162,11 @@ declare namespace EntityResolution {
|
|
|
162
162
|
*/
|
|
163
163
|
outputSourceConfig: OutputSourceConfig;
|
|
164
164
|
/**
|
|
165
|
-
* An object which defines the resolutionType and the ruleBasedProperties
|
|
165
|
+
* An object which defines the resolutionType and the ruleBasedProperties.
|
|
166
166
|
*/
|
|
167
167
|
resolutionTechniques: ResolutionTechniques;
|
|
168
168
|
/**
|
|
169
|
-
* The Amazon Resource Name (ARN) of the IAM role.
|
|
169
|
+
* The Amazon Resource Name (ARN) of the IAM role. Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.
|
|
170
170
|
*/
|
|
171
171
|
roleArn: String;
|
|
172
172
|
/**
|
|
@@ -196,11 +196,11 @@ declare namespace EntityResolution {
|
|
|
196
196
|
*/
|
|
197
197
|
outputSourceConfig: OutputSourceConfig;
|
|
198
198
|
/**
|
|
199
|
-
* An object which defines the resolutionType and the ruleBasedProperties
|
|
199
|
+
* An object which defines the resolutionType and the ruleBasedProperties.
|
|
200
200
|
*/
|
|
201
201
|
resolutionTechniques: ResolutionTechniques;
|
|
202
202
|
/**
|
|
203
|
-
* The Amazon Resource Name (ARN) of the IAM role.
|
|
203
|
+
* The Amazon Resource Name (ARN) of the IAM role. Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.
|
|
204
204
|
*/
|
|
205
205
|
roleArn: String;
|
|
206
206
|
/**
|
|
@@ -220,7 +220,7 @@ declare namespace EntityResolution {
|
|
|
220
220
|
/**
|
|
221
221
|
* A list of MappedInputFields. Each MappedInputField corresponds to a column the source data table, and contains column name plus additional information that Entity Resolution uses for matching.
|
|
222
222
|
*/
|
|
223
|
-
mappedInputFields
|
|
223
|
+
mappedInputFields: SchemaInputAttributes;
|
|
224
224
|
/**
|
|
225
225
|
* The name of the schema. There cannot be multiple SchemaMappings with the same name.
|
|
226
226
|
*/
|
|
@@ -329,7 +329,7 @@ declare namespace EntityResolution {
|
|
|
329
329
|
*/
|
|
330
330
|
startTime: Timestamp;
|
|
331
331
|
/**
|
|
332
|
-
* The current status of the job.
|
|
332
|
+
* The current status of the job.
|
|
333
333
|
*/
|
|
334
334
|
status: JobStatus;
|
|
335
335
|
}
|
|
@@ -361,11 +361,11 @@ declare namespace EntityResolution {
|
|
|
361
361
|
*/
|
|
362
362
|
outputSourceConfig: OutputSourceConfig;
|
|
363
363
|
/**
|
|
364
|
-
* An object which defines the resolutionType and the ruleBasedProperties
|
|
364
|
+
* An object which defines the resolutionType and the ruleBasedProperties.
|
|
365
365
|
*/
|
|
366
366
|
resolutionTechniques: ResolutionTechniques;
|
|
367
367
|
/**
|
|
368
|
-
* The Amazon Resource Name (ARN) of the IAM role.
|
|
368
|
+
* The Amazon Resource Name (ARN) of the IAM role. Entity Resolution assumes this role to access resources on your behalf.
|
|
369
369
|
*/
|
|
370
370
|
roleArn: String;
|
|
371
371
|
/**
|
|
@@ -457,7 +457,7 @@ declare namespace EntityResolution {
|
|
|
457
457
|
*/
|
|
458
458
|
matchIDs?: Integer;
|
|
459
459
|
/**
|
|
460
|
-
* The total number of records that did not get processed
|
|
460
|
+
* The total number of records that did not get processed.
|
|
461
461
|
*/
|
|
462
462
|
recordsNotProcessed?: Integer;
|
|
463
463
|
/**
|
|
@@ -480,7 +480,7 @@ declare namespace EntityResolution {
|
|
|
480
480
|
*/
|
|
481
481
|
startTime: Timestamp;
|
|
482
482
|
/**
|
|
483
|
-
* The current status of the job.
|
|
483
|
+
* The current status of the job.
|
|
484
484
|
*/
|
|
485
485
|
status: JobStatus;
|
|
486
486
|
}
|
|
@@ -611,19 +611,18 @@ declare namespace EntityResolution {
|
|
|
611
611
|
/**
|
|
612
612
|
* The S3 path to which Entity Resolution will write the output table.
|
|
613
613
|
*/
|
|
614
|
-
outputS3Path:
|
|
614
|
+
outputS3Path: S3Path;
|
|
615
615
|
}
|
|
616
616
|
export type OutputSourceConfig = OutputSource[];
|
|
617
617
|
export type OutputSourceOutputList = OutputAttribute[];
|
|
618
|
-
export type OutputSourceOutputS3PathString = string;
|
|
619
618
|
export type RecordAttributeMap = {[key: string]: RecordAttributeMapValueString};
|
|
620
619
|
export type RecordAttributeMapKeyString = string;
|
|
621
620
|
export type RecordAttributeMapValueString = string;
|
|
622
621
|
export interface ResolutionTechniques {
|
|
623
622
|
/**
|
|
624
|
-
* There are two types of matching
|
|
623
|
+
* The type of matching. There are two types of matching: RULE_MATCHING and ML_MATCHING.
|
|
625
624
|
*/
|
|
626
|
-
resolutionType
|
|
625
|
+
resolutionType: ResolutionType;
|
|
627
626
|
/**
|
|
628
627
|
* An object which defines the list of matching rules to run and has a field Rules, which is a list of rule objects.
|
|
629
628
|
*/
|
|
@@ -642,7 +641,7 @@ declare namespace EntityResolution {
|
|
|
642
641
|
}
|
|
643
642
|
export interface RuleBasedProperties {
|
|
644
643
|
/**
|
|
645
|
-
* You can either choose ONE_TO_ONE or MANY_TO_MANY as the AttributeMatchingModel. When choosing MANY_TO_MANY, the system can match
|
|
644
|
+
* The comparison type. You can either choose ONE_TO_ONE or MANY_TO_MANY as the AttributeMatchingModel. When choosing MANY_TO_MANY, the system can match attributes across the sub-types of an attribute type. For example, if the value of the Email field of Profile A and the value of BusinessEmail field of Profile B matches, the two profiles are matched on the Email type. When choosing ONE_TO_ONE ,the system can only match if the sub-types are exact matches. For example, only when the value of the Email field of Profile A and the value of the Email field of Profile B matches, the two profiles are matched on the Email type.
|
|
646
645
|
*/
|
|
647
646
|
attributeMatchingModel: AttributeMatchingModel;
|
|
648
647
|
/**
|
|
@@ -653,6 +652,7 @@ declare namespace EntityResolution {
|
|
|
653
652
|
export type RuleBasedPropertiesRulesList = Rule[];
|
|
654
653
|
export type RuleMatchingKeysList = AttributeName[];
|
|
655
654
|
export type RuleRuleNameString = string;
|
|
655
|
+
export type S3Path = string;
|
|
656
656
|
export type SchemaAttributeType = "NAME"|"NAME_FIRST"|"NAME_MIDDLE"|"NAME_LAST"|"ADDRESS"|"ADDRESS_STREET1"|"ADDRESS_STREET2"|"ADDRESS_STREET3"|"ADDRESS_CITY"|"ADDRESS_STATE"|"ADDRESS_COUNTRY"|"ADDRESS_POSTALCODE"|"PHONE"|"PHONE_NUMBER"|"PHONE_COUNTRYCODE"|"EMAIL_ADDRESS"|"UNIQUE_ID"|"DATE"|"STRING"|string;
|
|
657
657
|
export interface SchemaInputAttribute {
|
|
658
658
|
/**
|
|
@@ -664,7 +664,7 @@ declare namespace EntityResolution {
|
|
|
664
664
|
*/
|
|
665
665
|
groupName?: AttributeName;
|
|
666
666
|
/**
|
|
667
|
-
* A key that allows grouping of multiple input attributes into a unified matching group. For example, let's consider a scenario where the source table contains various addresses, such as business_address and shipping_address. By assigning the MatchKey Address
|
|
667
|
+
* A key that allows grouping of multiple input attributes into a unified matching group. For example, let's consider a scenario where the source table contains various addresses, such as business_address and shipping_address. By assigning the MatchKey Address to both attributes, Entity Resolution will match records across these fields to create a consolidated matching group. If no MatchKey is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.
|
|
668
668
|
*/
|
|
669
669
|
matchKey?: AttributeName;
|
|
670
670
|
/**
|
|
@@ -753,11 +753,11 @@ declare namespace EntityResolution {
|
|
|
753
753
|
*/
|
|
754
754
|
outputSourceConfig: OutputSourceConfig;
|
|
755
755
|
/**
|
|
756
|
-
* An object which defines the resolutionType and the ruleBasedProperties
|
|
756
|
+
* An object which defines the resolutionType and the ruleBasedProperties.
|
|
757
757
|
*/
|
|
758
758
|
resolutionTechniques: ResolutionTechniques;
|
|
759
759
|
/**
|
|
760
|
-
* The Amazon Resource Name (ARN) of the IAM role.
|
|
760
|
+
* The Amazon Resource Name (ARN) of the IAM role. Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.
|
|
761
761
|
*/
|
|
762
762
|
roleArn: String;
|
|
763
763
|
/**
|
|
@@ -787,7 +787,7 @@ declare namespace EntityResolution {
|
|
|
787
787
|
*/
|
|
788
788
|
resolutionTechniques: ResolutionTechniques;
|
|
789
789
|
/**
|
|
790
|
-
* The Amazon Resource Name (ARN) of the IAM role.
|
|
790
|
+
* The Amazon Resource Name (ARN) of the IAM role. Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.
|
|
791
791
|
*/
|
|
792
792
|
roleArn: String;
|
|
793
793
|
/**
|
|
@@ -12,11 +12,11 @@ declare class Firehose extends Service {
|
|
|
12
12
|
constructor(options?: Firehose.Types.ClientConfiguration)
|
|
13
13
|
config: Config & Firehose.Types.ClientConfiguration;
|
|
14
14
|
/**
|
|
15
|
-
* Creates a Kinesis Data Firehose delivery stream. By default, you can create up to 50 delivery streams per Amazon Web Services Region. This is an asynchronous operation that immediately returns. The initial status of the delivery stream is CREATING. After the delivery stream is created, its status is ACTIVE and it now accepts data. If the delivery stream creation fails, the status transitions to CREATING_FAILED. Attempts to send data to a delivery stream that is not in the ACTIVE state cause an exception. To check the state of a delivery stream, use DescribeDeliveryStream. If the status of a delivery stream is CREATING_FAILED, this status doesn't change, and you can't invoke CreateDeliveryStream again on it. However, you can invoke the DeleteDeliveryStream operation to delete it. A Kinesis Data Firehose delivery stream can be configured to receive records directly from providers using PutRecord or PutRecordBatch, or it can be configured to use an existing Kinesis stream as its source. To specify a Kinesis data stream as input, set the DeliveryStreamType parameter to KinesisStreamAsSource, and provide the Kinesis stream Amazon Resource Name (ARN) and role ARN in the KinesisStreamSourceConfiguration parameter. To create a delivery stream with server-side encryption (SSE) enabled, include DeliveryStreamEncryptionConfigurationInput in your request. This is optional. You can also invoke StartDeliveryStreamEncryption to turn on SSE for an existing delivery stream that doesn't have SSE enabled. A delivery stream is configured with a single destination
|
|
15
|
+
* Creates a Kinesis Data Firehose delivery stream. By default, you can create up to 50 delivery streams per Amazon Web Services Region. This is an asynchronous operation that immediately returns. The initial status of the delivery stream is CREATING. After the delivery stream is created, its status is ACTIVE and it now accepts data. If the delivery stream creation fails, the status transitions to CREATING_FAILED. Attempts to send data to a delivery stream that is not in the ACTIVE state cause an exception. To check the state of a delivery stream, use DescribeDeliveryStream. If the status of a delivery stream is CREATING_FAILED, this status doesn't change, and you can't invoke CreateDeliveryStream again on it. However, you can invoke the DeleteDeliveryStream operation to delete it. A Kinesis Data Firehose delivery stream can be configured to receive records directly from providers using PutRecord or PutRecordBatch, or it can be configured to use an existing Kinesis stream as its source. To specify a Kinesis data stream as input, set the DeliveryStreamType parameter to KinesisStreamAsSource, and provide the Kinesis stream Amazon Resource Name (ARN) and role ARN in the KinesisStreamSourceConfiguration parameter. To create a delivery stream with server-side encryption (SSE) enabled, include DeliveryStreamEncryptionConfigurationInput in your request. This is optional. You can also invoke StartDeliveryStreamEncryption to turn on SSE for an existing delivery stream that doesn't have SSE enabled. A delivery stream is configured with a single destination, such as Amazon Simple Storage Service (Amazon S3), Amazon Redshift, Amazon OpenSearch Service, Amazon OpenSearch Serverless, Splunk, and any custom HTTP endpoint or HTTP endpoints owned by or supported by third-party service providers, including Datadog, Dynatrace, LogicMonitor, MongoDB, New Relic, and Sumo Logic. You must specify only one of the following destination configuration parameters: ExtendedS3DestinationConfiguration, S3DestinationConfiguration, ElasticsearchDestinationConfiguration, RedshiftDestinationConfiguration, or SplunkDestinationConfiguration. When you specify S3DestinationConfiguration, you can also provide the following optional values: BufferingHints, EncryptionConfiguration, and CompressionFormat. By default, if no BufferingHints value is provided, Kinesis Data Firehose buffers data up to 5 MB or for 5 minutes, whichever condition is satisfied first. BufferingHints is a hint, so there are some cases where the service cannot adhere to these conditions strictly. For example, record boundaries might be such that the size is a little over or under the configured buffering size. By default, no encryption is performed. We strongly recommend that you enable encryption to ensure secure data storage in Amazon S3. A few notes about Amazon Redshift as a destination: An Amazon Redshift destination requires an S3 bucket as intermediate location. Kinesis Data Firehose first delivers data to Amazon S3 and then uses COPY syntax to load data into an Amazon Redshift table. This is specified in the RedshiftDestinationConfiguration.S3Configuration parameter. The compression formats SNAPPY or ZIP cannot be specified in RedshiftDestinationConfiguration.S3Configuration because the Amazon Redshift COPY operation that reads from the S3 bucket doesn't support these compression formats. We strongly recommend that you use the user name and password you provide exclusively with Kinesis Data Firehose, and that the permissions for the account are restricted for Amazon Redshift INSERT permissions. Kinesis Data Firehose assumes the IAM role that is configured as part of the destination. The role should allow the Kinesis Data Firehose principal to assume the role, and the role should have permissions that allow the service to deliver the data. For more information, see Grant Kinesis Data Firehose Access to an Amazon S3 Destination in the Amazon Kinesis Data Firehose Developer Guide.
|
|
16
16
|
*/
|
|
17
17
|
createDeliveryStream(params: Firehose.Types.CreateDeliveryStreamInput, callback?: (err: AWSError, data: Firehose.Types.CreateDeliveryStreamOutput) => void): Request<Firehose.Types.CreateDeliveryStreamOutput, AWSError>;
|
|
18
18
|
/**
|
|
19
|
-
* Creates a Kinesis Data Firehose delivery stream. By default, you can create up to 50 delivery streams per Amazon Web Services Region. This is an asynchronous operation that immediately returns. The initial status of the delivery stream is CREATING. After the delivery stream is created, its status is ACTIVE and it now accepts data. If the delivery stream creation fails, the status transitions to CREATING_FAILED. Attempts to send data to a delivery stream that is not in the ACTIVE state cause an exception. To check the state of a delivery stream, use DescribeDeliveryStream. If the status of a delivery stream is CREATING_FAILED, this status doesn't change, and you can't invoke CreateDeliveryStream again on it. However, you can invoke the DeleteDeliveryStream operation to delete it. A Kinesis Data Firehose delivery stream can be configured to receive records directly from providers using PutRecord or PutRecordBatch, or it can be configured to use an existing Kinesis stream as its source. To specify a Kinesis data stream as input, set the DeliveryStreamType parameter to KinesisStreamAsSource, and provide the Kinesis stream Amazon Resource Name (ARN) and role ARN in the KinesisStreamSourceConfiguration parameter. To create a delivery stream with server-side encryption (SSE) enabled, include DeliveryStreamEncryptionConfigurationInput in your request. This is optional. You can also invoke StartDeliveryStreamEncryption to turn on SSE for an existing delivery stream that doesn't have SSE enabled. A delivery stream is configured with a single destination
|
|
19
|
+
* Creates a Kinesis Data Firehose delivery stream. By default, you can create up to 50 delivery streams per Amazon Web Services Region. This is an asynchronous operation that immediately returns. The initial status of the delivery stream is CREATING. After the delivery stream is created, its status is ACTIVE and it now accepts data. If the delivery stream creation fails, the status transitions to CREATING_FAILED. Attempts to send data to a delivery stream that is not in the ACTIVE state cause an exception. To check the state of a delivery stream, use DescribeDeliveryStream. If the status of a delivery stream is CREATING_FAILED, this status doesn't change, and you can't invoke CreateDeliveryStream again on it. However, you can invoke the DeleteDeliveryStream operation to delete it. A Kinesis Data Firehose delivery stream can be configured to receive records directly from providers using PutRecord or PutRecordBatch, or it can be configured to use an existing Kinesis stream as its source. To specify a Kinesis data stream as input, set the DeliveryStreamType parameter to KinesisStreamAsSource, and provide the Kinesis stream Amazon Resource Name (ARN) and role ARN in the KinesisStreamSourceConfiguration parameter. To create a delivery stream with server-side encryption (SSE) enabled, include DeliveryStreamEncryptionConfigurationInput in your request. This is optional. You can also invoke StartDeliveryStreamEncryption to turn on SSE for an existing delivery stream that doesn't have SSE enabled. A delivery stream is configured with a single destination, such as Amazon Simple Storage Service (Amazon S3), Amazon Redshift, Amazon OpenSearch Service, Amazon OpenSearch Serverless, Splunk, and any custom HTTP endpoint or HTTP endpoints owned by or supported by third-party service providers, including Datadog, Dynatrace, LogicMonitor, MongoDB, New Relic, and Sumo Logic. You must specify only one of the following destination configuration parameters: ExtendedS3DestinationConfiguration, S3DestinationConfiguration, ElasticsearchDestinationConfiguration, RedshiftDestinationConfiguration, or SplunkDestinationConfiguration. When you specify S3DestinationConfiguration, you can also provide the following optional values: BufferingHints, EncryptionConfiguration, and CompressionFormat. By default, if no BufferingHints value is provided, Kinesis Data Firehose buffers data up to 5 MB or for 5 minutes, whichever condition is satisfied first. BufferingHints is a hint, so there are some cases where the service cannot adhere to these conditions strictly. For example, record boundaries might be such that the size is a little over or under the configured buffering size. By default, no encryption is performed. We strongly recommend that you enable encryption to ensure secure data storage in Amazon S3. A few notes about Amazon Redshift as a destination: An Amazon Redshift destination requires an S3 bucket as intermediate location. Kinesis Data Firehose first delivers data to Amazon S3 and then uses COPY syntax to load data into an Amazon Redshift table. This is specified in the RedshiftDestinationConfiguration.S3Configuration parameter. The compression formats SNAPPY or ZIP cannot be specified in RedshiftDestinationConfiguration.S3Configuration because the Amazon Redshift COPY operation that reads from the S3 bucket doesn't support these compression formats. We strongly recommend that you use the user name and password you provide exclusively with Kinesis Data Firehose, and that the permissions for the account are restricted for Amazon Redshift INSERT permissions. Kinesis Data Firehose assumes the IAM role that is configured as part of the destination. The role should allow the Kinesis Data Firehose principal to assume the role, and the role should have permissions that allow the service to deliver the data. For more information, see Grant Kinesis Data Firehose Access to an Amazon S3 Destination in the Amazon Kinesis Data Firehose Developer Guide.
|
|
20
20
|
*/
|
|
21
21
|
createDeliveryStream(callback?: (err: AWSError, data: Firehose.Types.CreateDeliveryStreamOutput) => void): Request<Firehose.Types.CreateDeliveryStreamOutput, AWSError>;
|
|
22
22
|
/**
|
|
@@ -100,11 +100,11 @@ declare class Firehose extends Service {
|
|
|
100
100
|
*/
|
|
101
101
|
untagDeliveryStream(callback?: (err: AWSError, data: Firehose.Types.UntagDeliveryStreamOutput) => void): Request<Firehose.Types.UntagDeliveryStreamOutput, AWSError>;
|
|
102
102
|
/**
|
|
103
|
-
* Updates the specified destination of the specified delivery stream. Use this operation to change the destination type (for example, to replace the Amazon S3 destination with Amazon Redshift) or change the parameters associated with a destination (for example, to change the bucket name of the Amazon S3 destination). The update might not occur immediately. The target delivery stream remains active while the configurations are updated, so data writes to the delivery stream can continue during this process. The updated configurations are usually effective within a few minutes. Switching between Amazon
|
|
103
|
+
* Updates the specified destination of the specified delivery stream. Use this operation to change the destination type (for example, to replace the Amazon S3 destination with Amazon Redshift) or change the parameters associated with a destination (for example, to change the bucket name of the Amazon S3 destination). The update might not occur immediately. The target delivery stream remains active while the configurations are updated, so data writes to the delivery stream can continue during this process. The updated configurations are usually effective within a few minutes. Switching between Amazon OpenSearch Service and other services is not supported. For an Amazon OpenSearch Service destination, you can only update to another Amazon OpenSearch Service destination. If the destination type is the same, Kinesis Data Firehose merges the configuration parameters specified with the destination configuration that already exists on the delivery stream. If any of the parameters are not specified in the call, the existing values are retained. For example, in the Amazon S3 destination, if EncryptionConfiguration is not specified, then the existing EncryptionConfiguration is maintained on the destination. If the destination type is not the same, for example, changing the destination from Amazon S3 to Amazon Redshift, Kinesis Data Firehose does not merge any parameters. In this case, all parameters must be specified. Kinesis Data Firehose uses CurrentDeliveryStreamVersionId to avoid race conditions and conflicting merges. This is a required field, and the service updates the configuration only if the existing configuration has a version ID that matches. After the update is applied successfully, the version ID is updated, and can be retrieved using DescribeDeliveryStream. Use the new version ID to set CurrentDeliveryStreamVersionId in the next call.
|
|
104
104
|
*/
|
|
105
105
|
updateDestination(params: Firehose.Types.UpdateDestinationInput, callback?: (err: AWSError, data: Firehose.Types.UpdateDestinationOutput) => void): Request<Firehose.Types.UpdateDestinationOutput, AWSError>;
|
|
106
106
|
/**
|
|
107
|
-
* Updates the specified destination of the specified delivery stream. Use this operation to change the destination type (for example, to replace the Amazon S3 destination with Amazon Redshift) or change the parameters associated with a destination (for example, to change the bucket name of the Amazon S3 destination). The update might not occur immediately. The target delivery stream remains active while the configurations are updated, so data writes to the delivery stream can continue during this process. The updated configurations are usually effective within a few minutes. Switching between Amazon
|
|
107
|
+
* Updates the specified destination of the specified delivery stream. Use this operation to change the destination type (for example, to replace the Amazon S3 destination with Amazon Redshift) or change the parameters associated with a destination (for example, to change the bucket name of the Amazon S3 destination). The update might not occur immediately. The target delivery stream remains active while the configurations are updated, so data writes to the delivery stream can continue during this process. The updated configurations are usually effective within a few minutes. Switching between Amazon OpenSearch Service and other services is not supported. For an Amazon OpenSearch Service destination, you can only update to another Amazon OpenSearch Service destination. If the destination type is the same, Kinesis Data Firehose merges the configuration parameters specified with the destination configuration that already exists on the delivery stream. If any of the parameters are not specified in the call, the existing values are retained. For example, in the Amazon S3 destination, if EncryptionConfiguration is not specified, then the existing EncryptionConfiguration is maintained on the destination. If the destination type is not the same, for example, changing the destination from Amazon S3 to Amazon Redshift, Kinesis Data Firehose does not merge any parameters. In this case, all parameters must be specified. Kinesis Data Firehose uses CurrentDeliveryStreamVersionId to avoid race conditions and conflicting merges. This is a required field, and the service updates the configuration only if the existing configuration has a version ID that matches. After the update is applied successfully, the version ID is updated, and can be retrieved using DescribeDeliveryStream. Use the new version ID to set CurrentDeliveryStreamVersionId in the next call.
|
|
108
108
|
*/
|
|
109
109
|
updateDestination(callback?: (err: AWSError, data: Firehose.Types.UpdateDestinationOutput) => void): Request<Firehose.Types.UpdateDestinationOutput, AWSError>;
|
|
110
110
|
}
|
|
@@ -155,7 +155,7 @@ declare namespace Firehose {
|
|
|
155
155
|
}
|
|
156
156
|
export interface AmazonOpenSearchServerlessDestinationDescription {
|
|
157
157
|
/**
|
|
158
|
-
* The Amazon Resource Name (ARN) of the
|
|
158
|
+
* The Amazon Resource Name (ARN) of the Amazon Web Services credentials.
|
|
159
159
|
*/
|
|
160
160
|
RoleARN?: RoleARN;
|
|
161
161
|
/**
|
|
@@ -271,6 +271,10 @@ declare namespace Firehose {
|
|
|
271
271
|
ProcessingConfiguration?: ProcessingConfiguration;
|
|
272
272
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
273
273
|
VpcConfiguration?: VpcConfiguration;
|
|
274
|
+
/**
|
|
275
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
276
|
+
*/
|
|
277
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
274
278
|
}
|
|
275
279
|
export interface AmazonopensearchserviceDestinationDescription {
|
|
276
280
|
/**
|
|
@@ -313,6 +317,10 @@ declare namespace Firehose {
|
|
|
313
317
|
ProcessingConfiguration?: ProcessingConfiguration;
|
|
314
318
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
315
319
|
VpcConfigurationDescription?: VpcConfigurationDescription;
|
|
320
|
+
/**
|
|
321
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
322
|
+
*/
|
|
323
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
316
324
|
}
|
|
317
325
|
export interface AmazonopensearchserviceDestinationUpdate {
|
|
318
326
|
/**
|
|
@@ -350,6 +358,10 @@ declare namespace Firehose {
|
|
|
350
358
|
S3Update?: S3DestinationUpdate;
|
|
351
359
|
ProcessingConfiguration?: ProcessingConfiguration;
|
|
352
360
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
361
|
+
/**
|
|
362
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
363
|
+
*/
|
|
364
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
353
365
|
}
|
|
354
366
|
export type AmazonopensearchserviceDomainARN = string;
|
|
355
367
|
export type AmazonopensearchserviceIndexName = string;
|
|
@@ -490,6 +502,7 @@ declare namespace Firehose {
|
|
|
490
502
|
}
|
|
491
503
|
export type DataTableColumns = string;
|
|
492
504
|
export type DataTableName = string;
|
|
505
|
+
export type DefaultDocumentIdFormat = "FIREHOSE_DEFAULT"|"NO_DOCUMENT_ID"|string;
|
|
493
506
|
export interface DeleteDeliveryStreamInput {
|
|
494
507
|
/**
|
|
495
508
|
* The name of the delivery stream.
|
|
@@ -660,6 +673,12 @@ declare namespace Firehose {
|
|
|
660
673
|
}
|
|
661
674
|
export type DestinationDescriptionList = DestinationDescription[];
|
|
662
675
|
export type DestinationId = string;
|
|
676
|
+
export interface DocumentIdOptions {
|
|
677
|
+
/**
|
|
678
|
+
* When the FIREHOSE_DEFAULT option is chosen, Kinesis Data Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs. When the NO_DOCUMENT_ID option is chosen, Kinesis Data Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.
|
|
679
|
+
*/
|
|
680
|
+
DefaultDocumentIdFormat: DefaultDocumentIdFormat;
|
|
681
|
+
}
|
|
663
682
|
export interface DynamicPartitioningConfiguration {
|
|
664
683
|
/**
|
|
665
684
|
* The retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.
|
|
@@ -733,9 +752,13 @@ declare namespace Firehose {
|
|
|
733
752
|
*/
|
|
734
753
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
735
754
|
/**
|
|
736
|
-
* The details of the VPC of the Amazon
|
|
755
|
+
* The details of the VPC of the Amazon destination.
|
|
737
756
|
*/
|
|
738
757
|
VpcConfiguration?: VpcConfiguration;
|
|
758
|
+
/**
|
|
759
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
760
|
+
*/
|
|
761
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
739
762
|
}
|
|
740
763
|
export interface ElasticsearchDestinationDescription {
|
|
741
764
|
/**
|
|
@@ -787,9 +810,13 @@ declare namespace Firehose {
|
|
|
787
810
|
*/
|
|
788
811
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
789
812
|
/**
|
|
790
|
-
* The details of the VPC of the Amazon
|
|
813
|
+
* The details of the VPC of the Amazon OpenSearch or the Amazon OpenSearch Serverless destination.
|
|
791
814
|
*/
|
|
792
815
|
VpcConfigurationDescription?: VpcConfigurationDescription;
|
|
816
|
+
/**
|
|
817
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
818
|
+
*/
|
|
819
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
793
820
|
}
|
|
794
821
|
export interface ElasticsearchDestinationUpdate {
|
|
795
822
|
/**
|
|
@@ -836,6 +863,10 @@ declare namespace Firehose {
|
|
|
836
863
|
* The CloudWatch logging options for your delivery stream.
|
|
837
864
|
*/
|
|
838
865
|
CloudWatchLoggingOptions?: CloudWatchLoggingOptions;
|
|
866
|
+
/**
|
|
867
|
+
* Indicates the method for setting up document ID. The supported methods are Kinesis Data Firehose generated document ID and OpenSearch Service generated document ID.
|
|
868
|
+
*/
|
|
869
|
+
DocumentIdOptions?: DocumentIdOptions;
|
|
839
870
|
}
|
|
840
871
|
export type ElasticsearchDomainARN = string;
|
|
841
872
|
export type ElasticsearchIndexName = string;
|
|
@@ -180,11 +180,11 @@ declare class GuardDuty extends Service {
|
|
|
180
180
|
*/
|
|
181
181
|
describePublishingDestination(callback?: (err: AWSError, data: GuardDuty.Types.DescribePublishingDestinationResponse) => void): Request<GuardDuty.Types.DescribePublishingDestinationResponse, AWSError>;
|
|
182
182
|
/**
|
|
183
|
-
*
|
|
183
|
+
* Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation.
|
|
184
184
|
*/
|
|
185
185
|
disableOrganizationAdminAccount(params: GuardDuty.Types.DisableOrganizationAdminAccountRequest, callback?: (err: AWSError, data: GuardDuty.Types.DisableOrganizationAdminAccountResponse) => void): Request<GuardDuty.Types.DisableOrganizationAdminAccountResponse, AWSError>;
|
|
186
186
|
/**
|
|
187
|
-
*
|
|
187
|
+
* Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation.
|
|
188
188
|
*/
|
|
189
189
|
disableOrganizationAdminAccount(callback?: (err: AWSError, data: GuardDuty.Types.DisableOrganizationAdminAccountResponse) => void): Request<GuardDuty.Types.DisableOrganizationAdminAccountResponse, AWSError>;
|
|
190
190
|
/**
|
|
@@ -204,27 +204,27 @@ declare class GuardDuty extends Service {
|
|
|
204
204
|
*/
|
|
205
205
|
disassociateFromMasterAccount(callback?: (err: AWSError, data: GuardDuty.Types.DisassociateFromMasterAccountResponse) => void): Request<GuardDuty.Types.DisassociateFromMasterAccountResponse, AWSError>;
|
|
206
206
|
/**
|
|
207
|
-
* Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API. With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your
|
|
207
|
+
* Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API. With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your organization.
|
|
208
208
|
*/
|
|
209
209
|
disassociateMembers(params: GuardDuty.Types.DisassociateMembersRequest, callback?: (err: AWSError, data: GuardDuty.Types.DisassociateMembersResponse) => void): Request<GuardDuty.Types.DisassociateMembersResponse, AWSError>;
|
|
210
210
|
/**
|
|
211
|
-
* Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API. With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your
|
|
211
|
+
* Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API. With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your organization.
|
|
212
212
|
*/
|
|
213
213
|
disassociateMembers(callback?: (err: AWSError, data: GuardDuty.Types.DisassociateMembersResponse) => void): Request<GuardDuty.Types.DisassociateMembersResponse, AWSError>;
|
|
214
214
|
/**
|
|
215
|
-
*
|
|
215
|
+
* Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation.
|
|
216
216
|
*/
|
|
217
217
|
enableOrganizationAdminAccount(params: GuardDuty.Types.EnableOrganizationAdminAccountRequest, callback?: (err: AWSError, data: GuardDuty.Types.EnableOrganizationAdminAccountResponse) => void): Request<GuardDuty.Types.EnableOrganizationAdminAccountResponse, AWSError>;
|
|
218
218
|
/**
|
|
219
|
-
*
|
|
219
|
+
* Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation.
|
|
220
220
|
*/
|
|
221
221
|
enableOrganizationAdminAccount(callback?: (err: AWSError, data: GuardDuty.Types.EnableOrganizationAdminAccountResponse) => void): Request<GuardDuty.Types.EnableOrganizationAdminAccountResponse, AWSError>;
|
|
222
222
|
/**
|
|
223
|
-
* Provides the details
|
|
223
|
+
* Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account. If the organization's management account or a delegated administrator runs this API, it will return success (HTTP 200) but no content.
|
|
224
224
|
*/
|
|
225
225
|
getAdministratorAccount(params: GuardDuty.Types.GetAdministratorAccountRequest, callback?: (err: AWSError, data: GuardDuty.Types.GetAdministratorAccountResponse) => void): Request<GuardDuty.Types.GetAdministratorAccountResponse, AWSError>;
|
|
226
226
|
/**
|
|
227
|
-
* Provides the details
|
|
227
|
+
* Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account. If the organization's management account or a delegated administrator runs this API, it will return success (HTTP 200) but no content.
|
|
228
228
|
*/
|
|
229
229
|
getAdministratorAccount(callback?: (err: AWSError, data: GuardDuty.Types.GetAdministratorAccountResponse) => void): Request<GuardDuty.Types.GetAdministratorAccountResponse, AWSError>;
|
|
230
230
|
/**
|
|
@@ -340,11 +340,11 @@ declare class GuardDuty extends Service {
|
|
|
340
340
|
*/
|
|
341
341
|
getUsageStatistics(callback?: (err: AWSError, data: GuardDuty.Types.GetUsageStatisticsResponse) => void): Request<GuardDuty.Types.GetUsageStatisticsResponse, AWSError>;
|
|
342
342
|
/**
|
|
343
|
-
* Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using
|
|
343
|
+
* Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using organizations to manager your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations. To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation. After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers, including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers again. To remove the details associated with a member account, you must also invoke DeleteMembers.
|
|
344
344
|
*/
|
|
345
345
|
inviteMembers(params: GuardDuty.Types.InviteMembersRequest, callback?: (err: AWSError, data: GuardDuty.Types.InviteMembersResponse) => void): Request<GuardDuty.Types.InviteMembersResponse, AWSError>;
|
|
346
346
|
/**
|
|
347
|
-
* Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using
|
|
347
|
+
* Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using organizations to manager your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations. To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation. After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers, including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers again. To remove the details associated with a member account, you must also invoke DeleteMembers.
|
|
348
348
|
*/
|
|
349
349
|
inviteMembers(callback?: (err: AWSError, data: GuardDuty.Types.InviteMembersResponse) => void): Request<GuardDuty.Types.InviteMembersResponse, AWSError>;
|
|
350
350
|
/**
|
|
@@ -404,11 +404,11 @@ declare class GuardDuty extends Service {
|
|
|
404
404
|
*/
|
|
405
405
|
listMembers(callback?: (err: AWSError, data: GuardDuty.Types.ListMembersResponse) => void): Request<GuardDuty.Types.ListMembersResponse, AWSError>;
|
|
406
406
|
/**
|
|
407
|
-
* Lists the accounts configured as GuardDuty delegated administrators.
|
|
407
|
+
* Lists the accounts configured as GuardDuty delegated administrators. Only the organization's management account can run this API operation.
|
|
408
408
|
*/
|
|
409
409
|
listOrganizationAdminAccounts(params: GuardDuty.Types.ListOrganizationAdminAccountsRequest, callback?: (err: AWSError, data: GuardDuty.Types.ListOrganizationAdminAccountsResponse) => void): Request<GuardDuty.Types.ListOrganizationAdminAccountsResponse, AWSError>;
|
|
410
410
|
/**
|
|
411
|
-
* Lists the accounts configured as GuardDuty delegated administrators.
|
|
411
|
+
* Lists the accounts configured as GuardDuty delegated administrators. Only the organization's management account can run this API operation.
|
|
412
412
|
*/
|
|
413
413
|
listOrganizationAdminAccounts(callback?: (err: AWSError, data: GuardDuty.Types.ListOrganizationAdminAccountsResponse) => void): Request<GuardDuty.Types.ListOrganizationAdminAccountsResponse, AWSError>;
|
|
414
414
|
/**
|
|
@@ -420,11 +420,11 @@ declare class GuardDuty extends Service {
|
|
|
420
420
|
*/
|
|
421
421
|
listPublishingDestinations(callback?: (err: AWSError, data: GuardDuty.Types.ListPublishingDestinationsResponse) => void): Request<GuardDuty.Types.ListPublishingDestinationsResponse, AWSError>;
|
|
422
422
|
/**
|
|
423
|
-
* Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per
|
|
423
|
+
* Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.
|
|
424
424
|
*/
|
|
425
425
|
listTagsForResource(params: GuardDuty.Types.ListTagsForResourceRequest, callback?: (err: AWSError, data: GuardDuty.Types.ListTagsForResourceResponse) => void): Request<GuardDuty.Types.ListTagsForResourceResponse, AWSError>;
|
|
426
426
|
/**
|
|
427
|
-
* Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per
|
|
427
|
+
* Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.
|
|
428
428
|
*/
|
|
429
429
|
listTagsForResource(callback?: (err: AWSError, data: GuardDuty.Types.ListTagsForResourceResponse) => void): Request<GuardDuty.Types.ListTagsForResourceResponse, AWSError>;
|
|
430
430
|
/**
|
|
@@ -532,11 +532,11 @@ declare class GuardDuty extends Service {
|
|
|
532
532
|
*/
|
|
533
533
|
updateMemberDetectors(callback?: (err: AWSError, data: GuardDuty.Types.UpdateMemberDetectorsResponse) => void): Request<GuardDuty.Types.UpdateMemberDetectorsResponse, AWSError>;
|
|
534
534
|
/**
|
|
535
|
-
* Configures the delegated administrator account with the provided values. You must provide
|
|
535
|
+
* Configures the delegated administrator account with the provided values. You must provide a value for either autoEnableOrganizationMembers or autoEnable, but not both. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
|
|
536
536
|
*/
|
|
537
537
|
updateOrganizationConfiguration(params: GuardDuty.Types.UpdateOrganizationConfigurationRequest, callback?: (err: AWSError, data: GuardDuty.Types.UpdateOrganizationConfigurationResponse) => void): Request<GuardDuty.Types.UpdateOrganizationConfigurationResponse, AWSError>;
|
|
538
538
|
/**
|
|
539
|
-
* Configures the delegated administrator account with the provided values. You must provide
|
|
539
|
+
* Configures the delegated administrator account with the provided values. You must provide a value for either autoEnableOrganizationMembers or autoEnable, but not both. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
|
|
540
540
|
*/
|
|
541
541
|
updateOrganizationConfiguration(callback?: (err: AWSError, data: GuardDuty.Types.UpdateOrganizationConfigurationResponse) => void): Request<GuardDuty.Types.UpdateOrganizationConfigurationResponse, AWSError>;
|
|
542
542
|
/**
|
|
@@ -940,6 +940,10 @@ declare namespace GuardDuty {
|
|
|
940
940
|
* Information about the installed EKS add-on.
|
|
941
941
|
*/
|
|
942
942
|
AddonDetails?: AddonDetails;
|
|
943
|
+
/**
|
|
944
|
+
* Indicates how the Amazon EKS add-on GuardDuty agent is managed for this EKS cluster. AUTO_MANAGED indicates GuardDuty deploys and manages updates for this resource. MANUAL indicates that you are responsible to deploy, update, and manage the Amazon EKS add-on GuardDuty agent for this resource.
|
|
945
|
+
*/
|
|
946
|
+
ManagementType?: ManagementType;
|
|
943
947
|
}
|
|
944
948
|
export interface CoverageFilterCondition {
|
|
945
949
|
/**
|
|
@@ -967,7 +971,7 @@ declare namespace GuardDuty {
|
|
|
967
971
|
*/
|
|
968
972
|
FilterCondition?: CoverageFilterCondition;
|
|
969
973
|
}
|
|
970
|
-
export type CoverageFilterCriterionKey = "ACCOUNT_ID"|"CLUSTER_NAME"|"RESOURCE_TYPE"|"COVERAGE_STATUS"|"ADDON_VERSION"|string;
|
|
974
|
+
export type CoverageFilterCriterionKey = "ACCOUNT_ID"|"CLUSTER_NAME"|"RESOURCE_TYPE"|"COVERAGE_STATUS"|"ADDON_VERSION"|"MANAGEMENT_TYPE"|string;
|
|
971
975
|
export type CoverageFilterCriterionList = CoverageFilterCriterion[];
|
|
972
976
|
export interface CoverageResource {
|
|
973
977
|
/**
|
|
@@ -1491,7 +1495,7 @@ declare namespace GuardDuty {
|
|
|
1491
1495
|
*/
|
|
1492
1496
|
NextToken?: String;
|
|
1493
1497
|
/**
|
|
1494
|
-
* Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. NEW: Indicates that when a new account joins the organization, they will have GuardDuty enabled automatically. ALL: Indicates that all accounts in the
|
|
1498
|
+
* Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. NEW: Indicates that when a new account joins the organization, they will have GuardDuty enabled automatically. ALL: Indicates that all accounts in the organization have GuardDuty enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. NONE: Indicates that GuardDuty will not be automatically enabled for any account in the organization. The administrator must manage GuardDuty for each account in the organization individually.
|
|
1495
1499
|
*/
|
|
1496
1500
|
AutoEnableOrganizationMembers?: AutoEnableMembers;
|
|
1497
1501
|
}
|
|
@@ -2986,6 +2990,7 @@ declare namespace GuardDuty {
|
|
|
2986
2990
|
*/
|
|
2987
2991
|
ScanEc2InstanceWithFindings?: DataSourceFreeTrial;
|
|
2988
2992
|
}
|
|
2993
|
+
export type ManagementType = "AUTO_MANAGED"|"MANUAL"|string;
|
|
2989
2994
|
export type MapEquals = ScanConditionPair[];
|
|
2990
2995
|
export interface Master {
|
|
2991
2996
|
/**
|
|
@@ -3222,7 +3227,7 @@ declare namespace GuardDuty {
|
|
|
3222
3227
|
*/
|
|
3223
3228
|
Name?: OrgFeatureAdditionalConfiguration;
|
|
3224
3229
|
/**
|
|
3225
|
-
* The status of the additional configuration that will be configured for the organization.
|
|
3230
|
+
* The status of the additional configuration that will be configured for the organization. Use one of the following values to configure the feature status for the entire organization: NEW: Indicates that when a new account joins the organization, they will have the additional configuration enabled automatically. ALL: Indicates that all accounts in the organization have the additional configuration enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. It may take up to 24 hours to update the configuration for all the member accounts. NONE: Indicates that the additional configuration will not be automatically enabled for any account in the organization. The administrator must manage the additional configuration for each account individually.
|
|
3226
3231
|
*/
|
|
3227
3232
|
AutoEnable?: OrgFeatureStatus;
|
|
3228
3233
|
}
|
|
@@ -3232,7 +3237,7 @@ declare namespace GuardDuty {
|
|
|
3232
3237
|
*/
|
|
3233
3238
|
Name?: OrgFeatureAdditionalConfiguration;
|
|
3234
3239
|
/**
|
|
3235
|
-
* Describes
|
|
3240
|
+
* Describes the status of the additional configuration that is configured for the member accounts within the organization. One of the following values is the status for the entire organization: NEW: Indicates that when a new account joins the organization, they will have the additional configuration enabled automatically. ALL: Indicates that all accounts in the organization have the additional configuration enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. It may take up to 24 hours to update the configuration for all the member accounts. NONE: Indicates that the additional configuration will not be automatically enabled for any account in the organization. The administrator must manage the additional configuration for each account individually.
|
|
3236
3241
|
*/
|
|
3237
3242
|
AutoEnable?: OrgFeatureStatus;
|
|
3238
3243
|
}
|
|
@@ -3284,7 +3289,7 @@ declare namespace GuardDuty {
|
|
|
3284
3289
|
*/
|
|
3285
3290
|
Name?: OrgFeature;
|
|
3286
3291
|
/**
|
|
3287
|
-
* The status of the feature that will be configured for the organization.
|
|
3292
|
+
* The status of the feature that will be configured for the organization. Use one of the following values to configure the feature status for the entire organization: NEW: Indicates that when a new account joins the organization, they will have the feature enabled automatically. ALL: Indicates that all accounts in the organization have the feature enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. It may take up to 24 hours to update the configuration for all the member accounts. NONE: Indicates that the feature will not be automatically enabled for any account in the organization. The administrator must manage the feature for each account individually.
|
|
3288
3293
|
*/
|
|
3289
3294
|
AutoEnable?: OrgFeatureStatus;
|
|
3290
3295
|
/**
|
|
@@ -3298,7 +3303,7 @@ declare namespace GuardDuty {
|
|
|
3298
3303
|
*/
|
|
3299
3304
|
Name?: OrgFeature;
|
|
3300
3305
|
/**
|
|
3301
|
-
* Describes
|
|
3306
|
+
* Describes the status of the feature that is configured for the member accounts within the organization. NEW: Indicates that when a new account joins the organization, they will have the feature enabled automatically. ALL: Indicates that all accounts in the organization have the feature enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. NONE: Indicates that the feature will not be automatically enabled for any account in the organization. In this case, each account will be managed individually by the administrator.
|
|
3302
3307
|
*/
|
|
3303
3308
|
AutoEnable?: OrgFeatureStatus;
|
|
3304
3309
|
/**
|
|
@@ -4385,7 +4390,7 @@ declare namespace GuardDuty {
|
|
|
4385
4390
|
*/
|
|
4386
4391
|
DetectorId: DetectorId;
|
|
4387
4392
|
/**
|
|
4388
|
-
* Indicates whether to automatically enable member accounts in the organization. Even though this is still supported, we recommend using AutoEnableOrganizationMembers to achieve the similar results.
|
|
4393
|
+
* Indicates whether to automatically enable member accounts in the organization. Even though this is still supported, we recommend using AutoEnableOrganizationMembers to achieve the similar results. You must provide the value for either autoEnableOrganizationMembers or autoEnable.
|
|
4389
4394
|
*/
|
|
4390
4395
|
AutoEnable?: Boolean;
|
|
4391
4396
|
/**
|
|
@@ -4397,7 +4402,7 @@ declare namespace GuardDuty {
|
|
|
4397
4402
|
*/
|
|
4398
4403
|
Features?: OrganizationFeaturesConfigurations;
|
|
4399
4404
|
/**
|
|
4400
|
-
* Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization.
|
|
4405
|
+
* Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. You must provide a value for either autoEnableOrganizationMembers or autoEnable. Use one of the following configuration values for autoEnableOrganizationMembers: NEW: Indicates that when a new account joins the organization, they will have GuardDuty enabled automatically. ALL: Indicates that all accounts in the organization have GuardDuty enabled automatically. This includes NEW accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. It may take up to 24 hours to update the configuration for all the member accounts. NONE: Indicates that GuardDuty will not be automatically enabled for any account in the organization. The administrator must manage GuardDuty for each account in the organization individually.
|
|
4401
4406
|
*/
|
|
4402
4407
|
AutoEnableOrganizationMembers?: AutoEnableMembers;
|
|
4403
4408
|
}
|