Creates a new Malware Protection plan for the protected resource.
+ *When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware + * Protection apply. For more information, see Amazon Web Services service terms for GuardDuty Malware Protection.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GuardDutyClient, CreateMalwareProtectionPlanCommand } from "@aws-sdk/client-guardduty"; // ES Modules import + * // const { GuardDutyClient, CreateMalwareProtectionPlanCommand } = require("@aws-sdk/client-guardduty"); // CommonJS import + * const client = new GuardDutyClient(config); + * const input = { // CreateMalwareProtectionPlanRequest + * ClientToken: "STRING_VALUE", + * Role: "STRING_VALUE", // required + * ProtectedResource: { // CreateProtectedResource + * S3Bucket: { // CreateS3BucketResource + * BucketName: "STRING_VALUE", + * ObjectPrefixes: [ // MalwareProtectionPlanObjectPrefixesList + * "STRING_VALUE", + * ], + * }, + * }, + * Actions: { // MalwareProtectionPlanActions + * Tagging: { // MalwareProtectionPlanTaggingAction + * Status: "ENABLED" || "DISABLED", + * }, + * }, + * Tags: { // TagMap + * "An access denied exception object.
+ * + * @throws {@link BadRequestException} (client fault) + *A bad request exception object.
+ * + * @throws {@link ConflictException} (client fault) + *A request conflict exception object.
+ * + * @throws {@link InternalServerErrorException} (server fault) + *An internal server error exception object.
+ * + * @throws {@link GuardDutyServiceException} + *Base exception class for all service exceptions from GuardDuty service.
+ * + * @public + */ +export class CreateMalwareProtectionPlanCommand extends $Command + .classBuilder< + CreateMalwareProtectionPlanCommandInput, + CreateMalwareProtectionPlanCommandOutput, + GuardDutyClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: GuardDutyClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("GuardDutyAPIService", "CreateMalwareProtectionPlan", {}) + .n("GuardDutyClient", "CreateMalwareProtectionPlanCommand") + .f(void 0, void 0) + .ser(se_CreateMalwareProtectionPlanCommand) + .de(de_CreateMalwareProtectionPlanCommand) + .build() {} diff --git a/clients/client-guardduty/src/commands/DeleteMalwareProtectionPlanCommand.ts b/clients/client-guardduty/src/commands/DeleteMalwareProtectionPlanCommand.ts new file mode 100644 index 000000000000..2af4f737fa4c --- /dev/null +++ b/clients/client-guardduty/src/commands/DeleteMalwareProtectionPlanCommand.ts @@ -0,0 +1,97 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { commonParams } from "../endpoint/EndpointParameters"; +import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; +import { DeleteMalwareProtectionPlanRequest } from "../models/models_0"; +import { + de_DeleteMalwareProtectionPlanCommand, + se_DeleteMalwareProtectionPlanCommand, +} from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link DeleteMalwareProtectionPlanCommand}. + */ +export interface DeleteMalwareProtectionPlanCommandInput extends DeleteMalwareProtectionPlanRequest {} +/** + * @public + * + * The output of {@link DeleteMalwareProtectionPlanCommand}. + */ +export interface DeleteMalwareProtectionPlanCommandOutput extends __MetadataBearer {} + +/** + *Deletes the Malware Protection plan ID associated with the Malware Protection plan resource. + * Use this API only when you no longer want to protect the resource associated with this + * Malware Protection plan ID.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GuardDutyClient, DeleteMalwareProtectionPlanCommand } from "@aws-sdk/client-guardduty"; // ES Modules import + * // const { GuardDutyClient, DeleteMalwareProtectionPlanCommand } = require("@aws-sdk/client-guardduty"); // CommonJS import + * const client = new GuardDutyClient(config); + * const input = { // DeleteMalwareProtectionPlanRequest + * MalwareProtectionPlanId: "STRING_VALUE", // required + * }; + * const command = new DeleteMalwareProtectionPlanCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param DeleteMalwareProtectionPlanCommandInput - {@link DeleteMalwareProtectionPlanCommandInput} + * @returns {@link DeleteMalwareProtectionPlanCommandOutput} + * @see {@link DeleteMalwareProtectionPlanCommandInput} for command's `input` shape. + * @see {@link DeleteMalwareProtectionPlanCommandOutput} for command's `response` shape. + * @see {@link GuardDutyClientResolvedConfig | config} for GuardDutyClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *An access denied exception object.
+ * + * @throws {@link BadRequestException} (client fault) + *A bad request exception object.
+ * + * @throws {@link InternalServerErrorException} (server fault) + *An internal server error exception object.
+ * + * @throws {@link ResourceNotFoundException} (client fault) + *The requested resource can't be found.
+ * + * @throws {@link GuardDutyServiceException} + *Base exception class for all service exceptions from GuardDuty service.
+ * + * @public + */ +export class DeleteMalwareProtectionPlanCommand extends $Command + .classBuilder< + DeleteMalwareProtectionPlanCommandInput, + DeleteMalwareProtectionPlanCommandOutput, + GuardDutyClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: GuardDutyClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("GuardDutyAPIService", "DeleteMalwareProtectionPlan", {}) + .n("GuardDutyClient", "DeleteMalwareProtectionPlanCommand") + .f(void 0, void 0) + .ser(se_DeleteMalwareProtectionPlanCommand) + .de(de_DeleteMalwareProtectionPlanCommand) + .build() {} diff --git a/clients/client-guardduty/src/commands/GetFindingsCommand.ts b/clients/client-guardduty/src/commands/GetFindingsCommand.ts index 233e98f460c6..803f5dfffabe 100644 --- a/clients/client-guardduty/src/commands/GetFindingsCommand.ts +++ b/clients/client-guardduty/src/commands/GetFindingsCommand.ts @@ -113,6 +113,15 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat * // }, * // EffectivePermission: "STRING_VALUE", * // }, + * // S3ObjectDetails: [ // S3ObjectDetails + * // { // S3ObjectDetail + * // ObjectArn: "STRING_VALUE", + * // Key: "STRING_VALUE", + * // ETag: "STRING_VALUE", + * // Hash: "STRING_VALUE", + * // VersionId: "STRING_VALUE", + * // }, + * // ], * // }, * // ], * // InstanceDetails: { // InstanceDetails @@ -794,6 +803,20 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat * // }, * // }, * // }, + * // MalwareScanDetails: { // MalwareScanDetails + * // Threats: [ // Threats + * // { // Threat + * // Name: "STRING_VALUE", + * // Source: "STRING_VALUE", + * // ItemPaths: [ // ItemPaths + * // { // ItemPath + * // NestedItemPath: "STRING_VALUE", + * // Hash: "STRING_VALUE", + * // }, + * // ], + * // }, + * // ], + * // }, * // }, * // Severity: Number("double"), // required * // Title: "STRING_VALUE", diff --git a/clients/client-guardduty/src/commands/GetMalwareProtectionPlanCommand.ts b/clients/client-guardduty/src/commands/GetMalwareProtectionPlanCommand.ts new file mode 100644 index 000000000000..29cdf99211ae --- /dev/null +++ b/clients/client-guardduty/src/commands/GetMalwareProtectionPlanCommand.ts @@ -0,0 +1,120 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { commonParams } from "../endpoint/EndpointParameters"; +import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; +import { GetMalwareProtectionPlanRequest, GetMalwareProtectionPlanResponse } from "../models/models_0"; +import { de_GetMalwareProtectionPlanCommand, se_GetMalwareProtectionPlanCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link GetMalwareProtectionPlanCommand}. + */ +export interface GetMalwareProtectionPlanCommandInput extends GetMalwareProtectionPlanRequest {} +/** + * @public + * + * The output of {@link GetMalwareProtectionPlanCommand}. + */ +export interface GetMalwareProtectionPlanCommandOutput extends GetMalwareProtectionPlanResponse, __MetadataBearer {} + +/** + *Retrieves the Malware Protection plan details associated with a Malware Protection + * plan ID.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GuardDutyClient, GetMalwareProtectionPlanCommand } from "@aws-sdk/client-guardduty"; // ES Modules import + * // const { GuardDutyClient, GetMalwareProtectionPlanCommand } = require("@aws-sdk/client-guardduty"); // CommonJS import + * const client = new GuardDutyClient(config); + * const input = { // GetMalwareProtectionPlanRequest + * MalwareProtectionPlanId: "STRING_VALUE", // required + * }; + * const command = new GetMalwareProtectionPlanCommand(input); + * const response = await client.send(command); + * // { // GetMalwareProtectionPlanResponse + * // Arn: "STRING_VALUE", + * // Role: "STRING_VALUE", + * // ProtectedResource: { // CreateProtectedResource + * // S3Bucket: { // CreateS3BucketResource + * // BucketName: "STRING_VALUE", + * // ObjectPrefixes: [ // MalwareProtectionPlanObjectPrefixesList + * // "STRING_VALUE", + * // ], + * // }, + * // }, + * // Actions: { // MalwareProtectionPlanActions + * // Tagging: { // MalwareProtectionPlanTaggingAction + * // Status: "ENABLED" || "DISABLED", + * // }, + * // }, + * // CreatedAt: new Date("TIMESTAMP"), + * // Status: "ACTIVE" || "WARNING" || "ERROR", + * // StatusReasons: [ // MalwareProtectionPlanStatusReasonsList + * // { // MalwareProtectionPlanStatusReason + * // Code: "STRING_VALUE", + * // Message: "STRING_VALUE", + * // }, + * // ], + * // Tags: { // TagMap + * // "An access denied exception object.
+ * + * @throws {@link BadRequestException} (client fault) + *A bad request exception object.
+ * + * @throws {@link InternalServerErrorException} (server fault) + *An internal server error exception object.
+ * + * @throws {@link ResourceNotFoundException} (client fault) + *The requested resource can't be found.
+ * + * @throws {@link GuardDutyServiceException} + *Base exception class for all service exceptions from GuardDuty service.
+ * + * @public + */ +export class GetMalwareProtectionPlanCommand extends $Command + .classBuilder< + GetMalwareProtectionPlanCommandInput, + GetMalwareProtectionPlanCommandOutput, + GuardDutyClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: GuardDutyClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("GuardDutyAPIService", "GetMalwareProtectionPlan", {}) + .n("GuardDutyClient", "GetMalwareProtectionPlanCommand") + .f(void 0, void 0) + .ser(se_GetMalwareProtectionPlanCommand) + .de(de_GetMalwareProtectionPlanCommand) + .build() {} diff --git a/clients/client-guardduty/src/commands/GetUsageStatisticsCommand.ts b/clients/client-guardduty/src/commands/GetUsageStatisticsCommand.ts index e4a747b855f1..e3f816c4cb60 100644 --- a/clients/client-guardduty/src/commands/GetUsageStatisticsCommand.ts +++ b/clients/client-guardduty/src/commands/GetUsageStatisticsCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { GetUsageStatisticsRequest, GetUsageStatisticsResponse } from "../models/models_0"; +import { GetUsageStatisticsRequest, GetUsageStatisticsResponse } from "../models/models_1"; import { de_GetUsageStatisticsCommand, se_GetUsageStatisticsCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/commands/InviteMembersCommand.ts b/clients/client-guardduty/src/commands/InviteMembersCommand.ts index e3b2acadfc51..963cea83a715 100644 --- a/clients/client-guardduty/src/commands/InviteMembersCommand.ts +++ b/clients/client-guardduty/src/commands/InviteMembersCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { InviteMembersRequest, InviteMembersResponse } from "../models/models_0"; +import { InviteMembersRequest, InviteMembersResponse } from "../models/models_1"; import { de_InviteMembersCommand, se_InviteMembersCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/commands/ListCoverageCommand.ts b/clients/client-guardduty/src/commands/ListCoverageCommand.ts index c18d226ed4e1..50e4fd05d9d0 100644 --- a/clients/client-guardduty/src/commands/ListCoverageCommand.ts +++ b/clients/client-guardduty/src/commands/ListCoverageCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { ListCoverageRequest, ListCoverageResponse } from "../models/models_0"; +import { ListCoverageRequest, ListCoverageResponse } from "../models/models_1"; import { de_ListCoverageCommand, se_ListCoverageCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/commands/ListMalwareProtectionPlansCommand.ts b/clients/client-guardduty/src/commands/ListMalwareProtectionPlansCommand.ts new file mode 100644 index 000000000000..efc4272b2de6 --- /dev/null +++ b/clients/client-guardduty/src/commands/ListMalwareProtectionPlansCommand.ts @@ -0,0 +1,97 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { commonParams } from "../endpoint/EndpointParameters"; +import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; +import { ListMalwareProtectionPlansRequest, ListMalwareProtectionPlansResponse } from "../models/models_1"; +import { de_ListMalwareProtectionPlansCommand, se_ListMalwareProtectionPlansCommand } from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link ListMalwareProtectionPlansCommand}. + */ +export interface ListMalwareProtectionPlansCommandInput extends ListMalwareProtectionPlansRequest {} +/** + * @public + * + * The output of {@link ListMalwareProtectionPlansCommand}. + */ +export interface ListMalwareProtectionPlansCommandOutput extends ListMalwareProtectionPlansResponse, __MetadataBearer {} + +/** + *Lists the Malware Protection plan IDs associated with the protected + * resources in your Amazon Web Services account.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GuardDutyClient, ListMalwareProtectionPlansCommand } from "@aws-sdk/client-guardduty"; // ES Modules import + * // const { GuardDutyClient, ListMalwareProtectionPlansCommand } = require("@aws-sdk/client-guardduty"); // CommonJS import + * const client = new GuardDutyClient(config); + * const input = { // ListMalwareProtectionPlansRequest + * NextToken: "STRING_VALUE", + * }; + * const command = new ListMalwareProtectionPlansCommand(input); + * const response = await client.send(command); + * // { // ListMalwareProtectionPlansResponse + * // MalwareProtectionPlans: [ // MalwareProtectionPlansSummary + * // { // MalwareProtectionPlanSummary + * // MalwareProtectionPlanId: "STRING_VALUE", + * // }, + * // ], + * // NextToken: "STRING_VALUE", + * // }; + * + * ``` + * + * @param ListMalwareProtectionPlansCommandInput - {@link ListMalwareProtectionPlansCommandInput} + * @returns {@link ListMalwareProtectionPlansCommandOutput} + * @see {@link ListMalwareProtectionPlansCommandInput} for command's `input` shape. + * @see {@link ListMalwareProtectionPlansCommandOutput} for command's `response` shape. + * @see {@link GuardDutyClientResolvedConfig | config} for GuardDutyClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *An access denied exception object.
+ * + * @throws {@link BadRequestException} (client fault) + *A bad request exception object.
+ * + * @throws {@link InternalServerErrorException} (server fault) + *An internal server error exception object.
+ * + * @throws {@link GuardDutyServiceException} + *Base exception class for all service exceptions from GuardDuty service.
+ * + * @public + */ +export class ListMalwareProtectionPlansCommand extends $Command + .classBuilder< + ListMalwareProtectionPlansCommandInput, + ListMalwareProtectionPlansCommandOutput, + GuardDutyClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: GuardDutyClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("GuardDutyAPIService", "ListMalwareProtectionPlans", {}) + .n("GuardDutyClient", "ListMalwareProtectionPlansCommand") + .f(void 0, void 0) + .ser(se_ListMalwareProtectionPlansCommand) + .de(de_ListMalwareProtectionPlansCommand) + .build() {} diff --git a/clients/client-guardduty/src/commands/UpdateMalwareProtectionPlanCommand.ts b/clients/client-guardduty/src/commands/UpdateMalwareProtectionPlanCommand.ts new file mode 100644 index 000000000000..59b5aa2a09ee --- /dev/null +++ b/clients/client-guardduty/src/commands/UpdateMalwareProtectionPlanCommand.ts @@ -0,0 +1,108 @@ +// smithy-typescript generated code +import { getEndpointPlugin } from "@smithy/middleware-endpoint"; +import { getSerdePlugin } from "@smithy/middleware-serde"; +import { Command as $Command } from "@smithy/smithy-client"; +import { MetadataBearer as __MetadataBearer } from "@smithy/types"; + +import { commonParams } from "../endpoint/EndpointParameters"; +import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; +import { UpdateMalwareProtectionPlanRequest } from "../models/models_1"; +import { + de_UpdateMalwareProtectionPlanCommand, + se_UpdateMalwareProtectionPlanCommand, +} from "../protocols/Aws_restJson1"; + +/** + * @public + */ +export type { __MetadataBearer }; +export { $Command }; +/** + * @public + * + * The input for {@link UpdateMalwareProtectionPlanCommand}. + */ +export interface UpdateMalwareProtectionPlanCommandInput extends UpdateMalwareProtectionPlanRequest {} +/** + * @public + * + * The output of {@link UpdateMalwareProtectionPlanCommand}. + */ +export interface UpdateMalwareProtectionPlanCommandOutput extends __MetadataBearer {} + +/** + *Updates an existing Malware Protection plan resource.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { GuardDutyClient, UpdateMalwareProtectionPlanCommand } from "@aws-sdk/client-guardduty"; // ES Modules import + * // const { GuardDutyClient, UpdateMalwareProtectionPlanCommand } = require("@aws-sdk/client-guardduty"); // CommonJS import + * const client = new GuardDutyClient(config); + * const input = { // UpdateMalwareProtectionPlanRequest + * MalwareProtectionPlanId: "STRING_VALUE", // required + * Role: "STRING_VALUE", + * Actions: { // MalwareProtectionPlanActions + * Tagging: { // MalwareProtectionPlanTaggingAction + * Status: "ENABLED" || "DISABLED", + * }, + * }, + * ProtectedResource: { // UpdateProtectedResource + * S3Bucket: { // UpdateS3BucketResource + * ObjectPrefixes: [ // MalwareProtectionPlanObjectPrefixesList + * "STRING_VALUE", + * ], + * }, + * }, + * }; + * const command = new UpdateMalwareProtectionPlanCommand(input); + * const response = await client.send(command); + * // {}; + * + * ``` + * + * @param UpdateMalwareProtectionPlanCommandInput - {@link UpdateMalwareProtectionPlanCommandInput} + * @returns {@link UpdateMalwareProtectionPlanCommandOutput} + * @see {@link UpdateMalwareProtectionPlanCommandInput} for command's `input` shape. + * @see {@link UpdateMalwareProtectionPlanCommandOutput} for command's `response` shape. + * @see {@link GuardDutyClientResolvedConfig | config} for GuardDutyClient's `config` shape. + * + * @throws {@link AccessDeniedException} (client fault) + *An access denied exception object.
+ * + * @throws {@link BadRequestException} (client fault) + *A bad request exception object.
+ * + * @throws {@link InternalServerErrorException} (server fault) + *An internal server error exception object.
+ * + * @throws {@link ResourceNotFoundException} (client fault) + *The requested resource can't be found.
+ * + * @throws {@link GuardDutyServiceException} + *Base exception class for all service exceptions from GuardDuty service.
+ * + * @public + */ +export class UpdateMalwareProtectionPlanCommand extends $Command + .classBuilder< + UpdateMalwareProtectionPlanCommandInput, + UpdateMalwareProtectionPlanCommandOutput, + GuardDutyClientResolvedConfig, + ServiceInputTypes, + ServiceOutputTypes + >() + .ep({ + ...commonParams, + }) + .m(function (this: any, Command: any, cs: any, config: GuardDutyClientResolvedConfig, o: any) { + return [ + getSerdePlugin(config, this.serialize, this.deserialize), + getEndpointPlugin(config, Command.getEndpointParameterInstructions()), + ]; + }) + .s("GuardDutyAPIService", "UpdateMalwareProtectionPlan", {}) + .n("GuardDutyClient", "UpdateMalwareProtectionPlanCommand") + .f(void 0, void 0) + .ser(se_UpdateMalwareProtectionPlanCommand) + .de(de_UpdateMalwareProtectionPlanCommand) + .build() {} diff --git a/clients/client-guardduty/src/commands/index.ts b/clients/client-guardduty/src/commands/index.ts index 422d49201d29..ae4dfe30e3d6 100644 --- a/clients/client-guardduty/src/commands/index.ts +++ b/clients/client-guardduty/src/commands/index.ts @@ -5,6 +5,7 @@ export * from "./ArchiveFindingsCommand"; export * from "./CreateDetectorCommand"; export * from "./CreateFilterCommand"; export * from "./CreateIPSetCommand"; +export * from "./CreateMalwareProtectionPlanCommand"; export * from "./CreateMembersCommand"; export * from "./CreatePublishingDestinationCommand"; export * from "./CreateSampleFindingsCommand"; @@ -14,6 +15,7 @@ export * from "./DeleteDetectorCommand"; export * from "./DeleteFilterCommand"; export * from "./DeleteIPSetCommand"; export * from "./DeleteInvitationsCommand"; +export * from "./DeleteMalwareProtectionPlanCommand"; export * from "./DeleteMembersCommand"; export * from "./DeletePublishingDestinationCommand"; export * from "./DeleteThreatIntelSetCommand"; @@ -33,6 +35,7 @@ export * from "./GetFindingsCommand"; export * from "./GetFindingsStatisticsCommand"; export * from "./GetIPSetCommand"; export * from "./GetInvitationsCountCommand"; +export * from "./GetMalwareProtectionPlanCommand"; export * from "./GetMalwareScanSettingsCommand"; export * from "./GetMasterAccountCommand"; export * from "./GetMemberDetectorsCommand"; @@ -48,6 +51,7 @@ export * from "./ListFiltersCommand"; export * from "./ListFindingsCommand"; export * from "./ListIPSetsCommand"; export * from "./ListInvitationsCommand"; +export * from "./ListMalwareProtectionPlansCommand"; export * from "./ListMembersCommand"; export * from "./ListOrganizationAdminAccountsCommand"; export * from "./ListPublishingDestinationsCommand"; @@ -63,6 +67,7 @@ export * from "./UpdateDetectorCommand"; export * from "./UpdateFilterCommand"; export * from "./UpdateFindingsFeedbackCommand"; export * from "./UpdateIPSetCommand"; +export * from "./UpdateMalwareProtectionPlanCommand"; export * from "./UpdateMalwareScanSettingsCommand"; export * from "./UpdateMemberDetectorsCommand"; export * from "./UpdateOrganizationConfigurationCommand"; diff --git a/clients/client-guardduty/src/models/models_0.ts b/clients/client-guardduty/src/models/models_0.ts index 67f92bfa8b77..b23365459ecf 100644 --- a/clients/client-guardduty/src/models/models_0.ts +++ b/clients/client-guardduty/src/models/models_0.ts @@ -2901,6 +2901,128 @@ export interface CreateIPSetResponse { IpSetId: string | undefined; } +/** + * @public + * @enum + */ +export const MalwareProtectionPlanTaggingActionStatus = { + DISABLED: "DISABLED", + ENABLED: "ENABLED", +} as const; + +/** + * @public + */ +export type MalwareProtectionPlanTaggingActionStatus = + (typeof MalwareProtectionPlanTaggingActionStatus)[keyof typeof MalwareProtectionPlanTaggingActionStatus]; + +/** + *Information about adding tags to the scanned S3 object after the scan result.
+ * @public + */ +export interface MalwareProtectionPlanTaggingAction { + /** + *Indicates whether or not the tags will added.
+ * @public + */ + Status?: MalwareProtectionPlanTaggingActionStatus; +} + +/** + *Information about whether the tags will be added to the S3 object after scanning.
+ * @public + */ +export interface MalwareProtectionPlanActions { + /** + *Indicates whether the scanned S3 object will have tags about the scan result.
+ * @public + */ + Tagging?: MalwareProtectionPlanTaggingAction; +} + +/** + *Information about the protected S3 bucket resource.
+ * @public + */ +export interface CreateS3BucketResource { + /** + *Name of the S3 bucket.
+ * @public + */ + BucketName?: string; + + /** + *Information about the specified object prefixes. The S3 object will be scanned only + * if it belongs to any of the specified object prefixes.
+ * @public + */ + ObjectPrefixes?: string[]; +} + +/** + *Information about the protected resource that
+ * is associated with the created Malware Protection plan.
+ * Presently, S3Bucket is the only supported
+ * protected resource.
Information about the protected S3 bucket resource.
+ * @public + */ + S3Bucket?: CreateS3BucketResource; +} + +/** + * @public + */ +export interface CreateMalwareProtectionPlanRequest { + /** + *The idempotency token for the create request.
+ * @public + */ + ClientToken?: string; + + /** + *IAM role with permissions required to scan and add tags to the associated + * protected resource.
+ * @public + */ + Role: string | undefined; + + /** + *Information about the protected resource that is associated with the created
+ * Malware Protection plan. Presently, S3Bucket is the only supported
+ * protected resource.
Information about whether the tags will be added to the S3 object after scanning.
+ * @public + */ + Actions?: MalwareProtectionPlanActions; + + /** + *Tags added to the Malware Protection plan resource.
+ * @public + */ + Tags?: RecordA unique identifier associated with the Malware Protection plan resource.
+ * @public + */ + MalwareProtectionPlanId?: string; +} + /** * @public */ @@ -3399,6 +3521,50 @@ export interface DeleteIPSetRequest { */ export interface DeleteIPSetResponse {} +/** + * @public + */ +export interface DeleteMalwareProtectionPlanRequest { + /** + *A unique identifier associated with Malware Protection plan resource.
+ * @public + */ + MalwareProtectionPlanId: string | undefined; +} + +/** + *The requested resource can't be found.
+ * @public + */ +export class ResourceNotFoundException extends __BaseException { + readonly name: "ResourceNotFoundException" = "ResourceNotFoundException"; + readonly $fault: "client" = "client"; + /** + *The error message.
+ * @public + */ + Message?: string; + + /** + *The error type.
+ * @public + */ + Type?: string; + /** + * @internal + */ + constructor(opts: __ExceptionOptionTypeEBS volume Arn information.
+ *EBS volume ARN information.
* @public */ VolumeArn?: string; @@ -3636,13 +3802,13 @@ export interface VolumeDetail { EncryptionType?: string; /** - *Snapshot Arn of the EBS volume.
+ *Snapshot ARN of the EBS volume.
* @public */ SnapshotArn?: string; /** - *KMS key Arn used to encrypt the EBS volume.
+ *KMS key ARN used to encrypt the EBS volume.
* @public */ KmsKeyArn?: string; @@ -3654,7 +3820,7 @@ export interface VolumeDetail { */ export interface ResourceDetails { /** - *InstanceArn that was scanned in the scan entry.
+ *Instance ARN that was scanned in the scan entry.
* @public */ InstanceArn?: string; @@ -4583,7 +4749,7 @@ export interface ScanFilePath { FilePath?: string; /** - *EBS volume Arn details of the infected file.
+ *EBS volume ARN details of the infected file.
* @public */ VolumeArn?: string; @@ -5619,6 +5785,43 @@ export interface PublicAccess { EffectivePermission?: string; } +/** + *Information about the S3 object that was scanned
+ * @public + */ +export interface S3ObjectDetail { + /** + *Amazon Resource Name (ARN) of the S3 object.
+ * @public + */ + ObjectArn?: string; + + /** + *Key of the S3 object.
+ * @public + */ + Key?: string; + + /** + *The entity tag is a hash of the S3 object. The ETag reflects changes only to the contents of + * an object, and not its metadata.
+ * @public + */ + ETag?: string; + + /** + *Hash of the threat detected in this finding.
+ * @public + */ + Hash?: string; + + /** + *Version ID of the object.
+ * @public + */ + VersionId?: string; +} + /** *Contains information on the S3 bucket.
* @public @@ -5671,6 +5874,12 @@ export interface S3BucketDetail { * @public */ PublicAccess?: PublicAccess; + + /** + *Information about the S3 object that was scanned.
+ * @public + */ + S3ObjectDetails?: S3ObjectDetail[]; } /** @@ -5774,6 +5983,64 @@ export interface ServiceAdditionalInfo { Type?: string; } +/** + *Information about the nested item path and hash of the protected + * resource.
+ * @public + */ +export interface ItemPath { + /** + *The nested item path where the infected file was found.
+ * @public + */ + NestedItemPath?: string; + + /** + *The hash value of the infected resource.
+ * @public + */ + Hash?: string; +} + +/** + *Information about the detected threats associated with the + * generated finding.
+ * @public + */ +export interface Threat { + /** + *Name of the detected threat that caused GuardDuty to generate this finding.
+ * @public + */ + Name?: string; + + /** + *Source of the threat that generated this finding.
+ * @public + */ + Source?: string; + + /** + *Information about the nested item path and + * hash of the protected resource.
+ * @public + */ + ItemPaths?: ItemPath[]; +} + +/** + *Information about the malware scan that generated a GuardDuty finding.
+ * @public + */ +export interface MalwareScanDetails { + /** + *Information about the detected threats associated with the + * generated GuardDuty finding.
+ * @public + */ + Threats?: Threat[]; +} + /** *Information about the runtime process details.
* @public @@ -6199,6 +6466,12 @@ export interface Service { * @public */ Detection?: Detection; + + /** + *Returns details from the malware scan that generated a GuardDuty finding.
+ * @public + */ + MalwareScanDetails?: MalwareScanDetails; } /** @@ -6666,126 +6939,232 @@ export interface GetIPSetResponse { /** * @public */ -export interface GetMalwareScanSettingsRequest { +export interface GetMalwareProtectionPlanRequest { /** - *The unique ID of the detector that the scan setting is associated with.
+ *A unique identifier associated with Malware Protection plan resource.
* @public */ - DetectorId: string | undefined; + MalwareProtectionPlanId: string | undefined; } /** * @public * @enum */ -export const ScanCriterionKey = { - EC2_INSTANCE_TAG: "EC2_INSTANCE_TAG", +export const MalwareProtectionPlanStatus = { + ACTIVE: "ACTIVE", + ERROR: "ERROR", + WARNING: "WARNING", } as const; /** * @public */ -export type ScanCriterionKey = (typeof ScanCriterionKey)[keyof typeof ScanCriterionKey]; +export type MalwareProtectionPlanStatus = + (typeof MalwareProtectionPlanStatus)[keyof typeof MalwareProtectionPlanStatus]; /** - *Represents the key:value pair to be matched against given resource property.
Information about the issue code and message associated to the status of + * your Malware Protection plan.
* @public */ -export interface ScanConditionPair { +export interface MalwareProtectionPlanStatusReason { /** - *Represents the key in the map condition.
+ *Issue code.
* @public */ - Key: string | undefined; + Code?: string; /** - *Represents optional value in the map - * condition. If not specified, only the key will be - * matched.
+ *Issue message that specifies the reason. For information + * about potential troubleshooting steps, see + * Troubleshooting Malware Protection for S3 status issues in the + * GuardDuty User Guide.
* @public */ - Value?: string; + Message?: string; } /** - *Contains information about the condition.
* @public */ -export interface ScanCondition { +export interface GetMalwareProtectionPlanResponse { /** - *Represents an mapEqual - * condition to be applied - * to a single field when triggering for malware scan.
+ *Amazon Resource Name (ARN) of the protected resource.
* @public */ - MapEquals: ScanConditionPair[] | undefined; -} + Arn?: string; -/** - *Contains information about criteria used to filter resources before triggering malware - * scan.
- * @public - */ -export interface ScanResourceCriteria { /** - *Represents condition that when matched will allow a malware scan for a certain - * resource.
+ *IAM role that includes the permissions required to scan and + * add tags to the associated protected resource.
* @public */ - Include?: PartialRepresents condition that when matched will prevent a malware scan for a certain - * resource.
+ *Information about the protected resource that is associated with the created
+ * Malware Protection plan. Presently, S3Bucket is the only supported
+ * protected resource.
Represents the criteria to be used in the filter for scanning resources.
+ *Information about whether the tags will be added to the S3 object after scanning.
* @public */ - ScanResourceCriteria?: ScanResourceCriteria; + Actions?: MalwareProtectionPlanActions; /** - *An enum value representing possible snapshot preservation settings.
+ *The timestamp when the Malware Protection plan resource was created.
* @public */ - EbsSnapshotPreservation?: EbsSnapshotPreservation; -} + CreatedAt?: Date; -/** - * @public - */ -export interface GetMasterAccountRequest { /** - *The unique ID of the detector of the GuardDuty member account.
+ *Malware Protection plan status.
* @public */ - DetectorId: string | undefined; -} + Status?: MalwareProtectionPlanStatus; -/** - *Contains information about the administrator account and invitation.
- * @public - */ -export interface Master { /** - *The ID of the account used as the administrator account.
+ *Information about the issue code and message associated to the status of + * your Malware Protection plan.
* @public */ - AccountId?: string; + StatusReasons?: MalwareProtectionPlanStatusReason[]; /** - *The value used to validate the administrator account to the member account.
+ *Tags added to the Malware Protection plan resource.
* @public */ - InvitationId?: string; + Tags?: RecordThe unique ID of the detector that the scan setting is associated with.
+ * @public + */ + DetectorId: string | undefined; +} + +/** + * @public + * @enum + */ +export const ScanCriterionKey = { + EC2_INSTANCE_TAG: "EC2_INSTANCE_TAG", +} as const; + +/** + * @public + */ +export type ScanCriterionKey = (typeof ScanCriterionKey)[keyof typeof ScanCriterionKey]; + +/** + *Represents the key:value pair to be matched against given resource property.
Represents the key in the map condition.
+ * @public + */ + Key: string | undefined; + + /** + *Represents optional value in the map + * condition. If not specified, only the key will be + * matched.
+ * @public + */ + Value?: string; +} + +/** + *Contains information about the condition.
+ * @public + */ +export interface ScanCondition { + /** + *Represents an mapEqual + * condition to be applied + * to a single field when triggering for malware scan.
+ * @public + */ + MapEquals: ScanConditionPair[] | undefined; +} + +/** + *Contains information about criteria used to filter resources before triggering malware + * scan.
+ * @public + */ +export interface ScanResourceCriteria { + /** + *Represents condition that when matched will allow a malware scan for a certain + * resource.
+ * @public + */ + Include?: PartialRepresents condition that when matched will prevent a malware scan for a certain + * resource.
+ * @public + */ + Exclude?: PartialRepresents the criteria to be used in the filter for scanning resources.
+ * @public + */ + ScanResourceCriteria?: ScanResourceCriteria; + + /** + *An enum value representing possible snapshot preservation settings.
+ * @public + */ + EbsSnapshotPreservation?: EbsSnapshotPreservation; +} + +/** + * @public + */ +export interface GetMasterAccountRequest { + /** + *The unique ID of the detector of the GuardDuty member account.
+ * @public + */ + DetectorId: string | undefined; +} + +/** + *Contains information about the administrator account and invitation.
+ * @public + */ +export interface Master { + /** + *The ID of the account used as the administrator account.
+ * @public + */ + AccountId?: string; + + /** + *The value used to validate the administrator account to the member account.
+ * @public + */ + InvitationId?: string; /** *The status of the relationship between the administrator and member accounts.
@@ -7252,425 +7631,6 @@ export interface GetThreatIntelSetResponse { Tags?: RecordContains information about the criteria used to query usage statistics.
- * @public - */ -export interface UsageCriteria { - /** - *The account IDs to aggregate usage statistics from.
- * @public - */ - AccountIds?: string[]; - - /** - * @deprecated - * - *The data sources to aggregate usage statistics from.
- * @public - */ - DataSources?: DataSource[]; - - /** - *The resources to aggregate usage statistics from. Only accepts exact resource - * names.
- * @public - */ - Resources?: string[]; - - /** - *The features to aggregate usage statistics from.
- * @public - */ - Features?: UsageFeature[]; -} - -/** - * @public - * @enum - */ -export const UsageStatisticType = { - SUM_BY_ACCOUNT: "SUM_BY_ACCOUNT", - SUM_BY_DATA_SOURCE: "SUM_BY_DATA_SOURCE", - SUM_BY_FEATURES: "SUM_BY_FEATURES", - SUM_BY_RESOURCE: "SUM_BY_RESOURCE", - TOP_ACCOUNTS_BY_FEATURE: "TOP_ACCOUNTS_BY_FEATURE", - TOP_RESOURCES: "TOP_RESOURCES", -} as const; - -/** - * @public - */ -export type UsageStatisticType = (typeof UsageStatisticType)[keyof typeof UsageStatisticType]; - -/** - * @public - */ -export interface GetUsageStatisticsRequest { - /** - *The ID of the detector that specifies the GuardDuty service whose usage statistics you - * want to retrieve.
- * @public - */ - DetectorId: string | undefined; - - /** - *The type of usage statistics to retrieve.
- * @public - */ - UsageStatisticType: UsageStatisticType | undefined; - - /** - *Represents the criteria used for querying usage.
- * @public - */ - UsageCriteria: UsageCriteria | undefined; - - /** - *The currency unit you would like to view your usage statistics in. Current valid values - * are USD.
- * @public - */ - Unit?: string; - - /** - *The maximum number of results to return in the response.
- * @public - */ - MaxResults?: number; - - /** - *A token to use for paginating results that are returned in the response. Set the value of - * this parameter to null for the first request to a list action. For subsequent calls, use the - * NextToken value returned from the previous request to continue listing results after the first - * page.
- * @public - */ - NextToken?: string; -} - -/** - *Contains the total usage with the corresponding currency unit for that value.
- * @public - */ -export interface Total { - /** - *The total usage.
- * @public - */ - Amount?: string; - - /** - *The currency unit that the amount is given in.
- * @public - */ - Unit?: string; -} - -/** - *Contains information on the total of usage based on account IDs.
- * @public - */ -export interface UsageAccountResult { - /** - *The Account ID that generated usage.
- * @public - */ - AccountId?: string; - - /** - *Represents the total of usage for the Account ID.
- * @public - */ - Total?: Total; -} - -/** - *Contains information on the result of usage based on data source type.
- * @public - */ -export interface UsageDataSourceResult { - /** - *The data source type that generated usage.
- * @public - */ - DataSource?: DataSource; - - /** - *Represents the total of usage for the specified data source.
- * @public - */ - Total?: Total; -} - -/** - *Contains information about the result of the total usage based on the feature.
- * @public - */ -export interface UsageFeatureResult { - /** - *The feature that generated the usage cost.
- * @public - */ - Feature?: UsageFeature; - - /** - *Contains the total usage with the corresponding currency unit for that value.
- * @public - */ - Total?: Total; -} - -/** - *Contains information on the sum of usage based on an Amazon Web Services resource.
- * @public - */ -export interface UsageResourceResult { - /** - *The Amazon Web Services resource that generated usage.
- * @public - */ - Resource?: string; - - /** - *Represents the sum total of usage for the specified resource type.
- * @public - */ - Total?: Total; -} - -/** - *Contains information on the total of usage based on the topmost 50 - * account IDs.
- * @public - */ -export interface UsageTopAccountResult { - /** - *The unique account ID.
- * @public - */ - AccountId?: string; - - /** - *Contains the total usage with the corresponding currency unit for that value.
- * @public - */ - Total?: Total; -} - -/** - *Information about the usage statistics, calculated - * by top accounts by feature.
- * @public - */ -export interface UsageTopAccountsResult { - /** - *Features by which you can generate the usage statistics.
- *
- * RDS_LOGIN_EVENTS is currently not supported
- * with topAccountsByFeature.
The accounts that contributed to the total usage cost.
- * @public - */ - Accounts?: UsageTopAccountResult[]; -} - -/** - *Contains the result of GuardDuty usage. If a UsageStatisticType is provided the result for - * other types will be null.
- * @public - */ -export interface UsageStatistics { - /** - *The usage statistic sum organized by account ID.
- * @public - */ - SumByAccount?: UsageAccountResult[]; - - /** - *Lists the top 50 accounts by feature that have generated the most - * GuardDuty usage, in the order from most to least expensive.
- *Currently, this doesn't support RDS_LOGIN_EVENTS.
The usage statistic sum organized by on data source.
- * @public - */ - SumByDataSource?: UsageDataSourceResult[]; - - /** - *The usage statistic sum organized by resource.
- * @public - */ - SumByResource?: UsageResourceResult[]; - - /** - *Lists the top 50 resources that have generated the most GuardDuty usage, in order from - * most to least expensive.
- * @public - */ - TopResources?: UsageResourceResult[]; - - /** - *The usage statistic sum organized by feature.
- * @public - */ - SumByFeature?: UsageFeatureResult[]; -} - -/** - * @public - */ -export interface GetUsageStatisticsResponse { - /** - *The usage statistics object. If a UsageStatisticType was provided, the objects - * representing other types will be null.
- * @public - */ - UsageStatistics?: UsageStatistics; - - /** - *The pagination parameter to be used on the next list operation to retrieve more - * items.
- * @public - */ - NextToken?: string; -} - -/** - * @public - */ -export interface InviteMembersRequest { - /** - *The unique ID of the detector of the GuardDuty account that you want to invite members - * with.
- * @public - */ - DetectorId: string | undefined; - - /** - *A list of account IDs of the accounts that you want to invite to GuardDuty as - * members.
- * @public - */ - AccountIds: string[] | undefined; - - /** - *A Boolean value that specifies whether you want to disable email notification to the - * accounts that you are inviting to GuardDuty as members.
- * @public - */ - DisableEmailNotification?: boolean; - - /** - *The invitation message that you want to send to the accounts that you're inviting to - * GuardDuty as members.
- * @public - */ - Message?: string; -} - -/** - * @public - */ -export interface InviteMembersResponse { - /** - *A list of objects that contain the unprocessed account and a result string that explains - * why it was unprocessed.
- * @public - */ - UnprocessedAccounts: UnprocessedAccount[] | undefined; -} - -/** - * @public - */ -export interface ListCoverageRequest { - /** - *The unique ID of the detector whose coverage details you want to retrieve.
- * @public - */ - DetectorId: string | undefined; - - /** - *A token to use for paginating results that are returned in the response. Set the value of - * this parameter to null for the first request to a list action. For subsequent calls, use the - * NextToken value returned from the previous request to continue listing results after the first - * page.
- * @public - */ - NextToken?: string; - - /** - *The maximum number of results to return in the response.
- * @public - */ - MaxResults?: number; - - /** - *Represents the criteria used to filter the coverage details.
- * @public - */ - FilterCriteria?: CoverageFilterCriteria; - - /** - *Represents the criteria used to sort the coverage details.
- * @public - */ - SortCriteria?: CoverageSortCriteria; -} - -/** - * @public - */ -export interface ListCoverageResponse { - /** - *A list of resources and their attributes providing cluster details.
- * @public - */ - Resources: CoverageResource[] | undefined; - - /** - *The pagination parameter to be used on the next list operation to retrieve more - * items.
- * @public - */ - NextToken?: string; -} - /** * @internal */ diff --git a/clients/client-guardduty/src/models/models_1.ts b/clients/client-guardduty/src/models/models_1.ts index 6c622e8181a8..82c926576047 100644 --- a/clients/client-guardduty/src/models/models_1.ts +++ b/clients/client-guardduty/src/models/models_1.ts @@ -2,6 +2,10 @@ import { AdminAccount, AutoEnableMembers, + CoverageFilterCriteria, + CoverageResource, + CoverageSortCriteria, + DataSource, DataSourceConfigurations, Destination, DestinationProperties, @@ -12,6 +16,7 @@ import { FilterAction, FindingCriteria, FindingPublishingFrequency, + MalwareProtectionPlanActions, Member, MemberFilterSensitiveLog, OrgFeature, @@ -22,6 +27,425 @@ import { UnprocessedAccount, } from "./models_0"; +/** + * @public + * @enum + */ +export const UsageFeature = { + CLOUD_TRAIL: "CLOUD_TRAIL", + DNS_LOGS: "DNS_LOGS", + EBS_MALWARE_PROTECTION: "EBS_MALWARE_PROTECTION", + EC2_RUNTIME_MONITORING: "EC2_RUNTIME_MONITORING", + EKS_AUDIT_LOGS: "EKS_AUDIT_LOGS", + EKS_RUNTIME_MONITORING: "EKS_RUNTIME_MONITORING", + FARGATE_RUNTIME_MONITORING: "FARGATE_RUNTIME_MONITORING", + FLOW_LOGS: "FLOW_LOGS", + LAMBDA_NETWORK_LOGS: "LAMBDA_NETWORK_LOGS", + RDS_DBI_PROTECTION_PROVISIONED: "RDS_DBI_PROTECTION_PROVISIONED", + RDS_DBI_PROTECTION_SERVERLESS: "RDS_DBI_PROTECTION_SERVERLESS", + RDS_LOGIN_EVENTS: "RDS_LOGIN_EVENTS", + S3_DATA_EVENTS: "S3_DATA_EVENTS", +} as const; + +/** + * @public + */ +export type UsageFeature = (typeof UsageFeature)[keyof typeof UsageFeature]; + +/** + *Contains information about the criteria used to query usage statistics.
+ * @public + */ +export interface UsageCriteria { + /** + *The account IDs to aggregate usage statistics from.
+ * @public + */ + AccountIds?: string[]; + + /** + * @deprecated + * + *The data sources to aggregate usage statistics from.
+ * @public + */ + DataSources?: DataSource[]; + + /** + *The resources to aggregate usage statistics from. Only accepts exact resource + * names.
+ * @public + */ + Resources?: string[]; + + /** + *The features to aggregate usage statistics from.
+ * @public + */ + Features?: UsageFeature[]; +} + +/** + * @public + * @enum + */ +export const UsageStatisticType = { + SUM_BY_ACCOUNT: "SUM_BY_ACCOUNT", + SUM_BY_DATA_SOURCE: "SUM_BY_DATA_SOURCE", + SUM_BY_FEATURES: "SUM_BY_FEATURES", + SUM_BY_RESOURCE: "SUM_BY_RESOURCE", + TOP_ACCOUNTS_BY_FEATURE: "TOP_ACCOUNTS_BY_FEATURE", + TOP_RESOURCES: "TOP_RESOURCES", +} as const; + +/** + * @public + */ +export type UsageStatisticType = (typeof UsageStatisticType)[keyof typeof UsageStatisticType]; + +/** + * @public + */ +export interface GetUsageStatisticsRequest { + /** + *The ID of the detector that specifies the GuardDuty service whose usage statistics you + * want to retrieve.
+ * @public + */ + DetectorId: string | undefined; + + /** + *The type of usage statistics to retrieve.
+ * @public + */ + UsageStatisticType: UsageStatisticType | undefined; + + /** + *Represents the criteria used for querying usage.
+ * @public + */ + UsageCriteria: UsageCriteria | undefined; + + /** + *The currency unit you would like to view your usage statistics in. Current valid values + * are USD.
+ * @public + */ + Unit?: string; + + /** + *The maximum number of results to return in the response.
+ * @public + */ + MaxResults?: number; + + /** + *A token to use for paginating results that are returned in the response. Set the value of + * this parameter to null for the first request to a list action. For subsequent calls, use the + * NextToken value returned from the previous request to continue listing results after the first + * page.
+ * @public + */ + NextToken?: string; +} + +/** + *Contains the total usage with the corresponding currency unit for that value.
+ * @public + */ +export interface Total { + /** + *The total usage.
+ * @public + */ + Amount?: string; + + /** + *The currency unit that the amount is given in.
+ * @public + */ + Unit?: string; +} + +/** + *Contains information on the total of usage based on account IDs.
+ * @public + */ +export interface UsageAccountResult { + /** + *The Account ID that generated usage.
+ * @public + */ + AccountId?: string; + + /** + *Represents the total of usage for the Account ID.
+ * @public + */ + Total?: Total; +} + +/** + *Contains information on the result of usage based on data source type.
+ * @public + */ +export interface UsageDataSourceResult { + /** + *The data source type that generated usage.
+ * @public + */ + DataSource?: DataSource; + + /** + *Represents the total of usage for the specified data source.
+ * @public + */ + Total?: Total; +} + +/** + *Contains information about the result of the total usage based on the feature.
+ * @public + */ +export interface UsageFeatureResult { + /** + *The feature that generated the usage cost.
+ * @public + */ + Feature?: UsageFeature; + + /** + *Contains the total usage with the corresponding currency unit for that value.
+ * @public + */ + Total?: Total; +} + +/** + *Contains information on the sum of usage based on an Amazon Web Services resource.
+ * @public + */ +export interface UsageResourceResult { + /** + *The Amazon Web Services resource that generated usage.
+ * @public + */ + Resource?: string; + + /** + *Represents the sum total of usage for the specified resource type.
+ * @public + */ + Total?: Total; +} + +/** + *Contains information on the total of usage based on the topmost 50 + * account IDs.
+ * @public + */ +export interface UsageTopAccountResult { + /** + *The unique account ID.
+ * @public + */ + AccountId?: string; + + /** + *Contains the total usage with the corresponding currency unit for that value.
+ * @public + */ + Total?: Total; +} + +/** + *Information about the usage statistics, calculated + * by top accounts by feature.
+ * @public + */ +export interface UsageTopAccountsResult { + /** + *Features by which you can generate the usage statistics.
+ *
+ * RDS_LOGIN_EVENTS is currently not supported
+ * with topAccountsByFeature.
The accounts that contributed to the total usage cost.
+ * @public + */ + Accounts?: UsageTopAccountResult[]; +} + +/** + *Contains the result of GuardDuty usage. If a UsageStatisticType is provided the result for + * other types will be null.
+ * @public + */ +export interface UsageStatistics { + /** + *The usage statistic sum organized by account ID.
+ * @public + */ + SumByAccount?: UsageAccountResult[]; + + /** + *Lists the top 50 accounts by feature that have generated the most + * GuardDuty usage, in the order from most to least expensive.
+ *Currently, this doesn't support RDS_LOGIN_EVENTS.
The usage statistic sum organized by on data source.
+ * @public + */ + SumByDataSource?: UsageDataSourceResult[]; + + /** + *The usage statistic sum organized by resource.
+ * @public + */ + SumByResource?: UsageResourceResult[]; + + /** + *Lists the top 50 resources that have generated the most GuardDuty usage, in order from + * most to least expensive.
+ * @public + */ + TopResources?: UsageResourceResult[]; + + /** + *The usage statistic sum organized by feature.
+ * @public + */ + SumByFeature?: UsageFeatureResult[]; +} + +/** + * @public + */ +export interface GetUsageStatisticsResponse { + /** + *The usage statistics object. If a UsageStatisticType was provided, the objects + * representing other types will be null.
+ * @public + */ + UsageStatistics?: UsageStatistics; + + /** + *The pagination parameter to be used on the next list operation to retrieve more + * items.
+ * @public + */ + NextToken?: string; +} + +/** + * @public + */ +export interface InviteMembersRequest { + /** + *The unique ID of the detector of the GuardDuty account that you want to invite members + * with.
+ * @public + */ + DetectorId: string | undefined; + + /** + *A list of account IDs of the accounts that you want to invite to GuardDuty as + * members.
+ * @public + */ + AccountIds: string[] | undefined; + + /** + *A Boolean value that specifies whether you want to disable email notification to the + * accounts that you are inviting to GuardDuty as members.
+ * @public + */ + DisableEmailNotification?: boolean; + + /** + *The invitation message that you want to send to the accounts that you're inviting to + * GuardDuty as members.
+ * @public + */ + Message?: string; +} + +/** + * @public + */ +export interface InviteMembersResponse { + /** + *A list of objects that contain the unprocessed account and a result string that explains + * why it was unprocessed.
+ * @public + */ + UnprocessedAccounts: UnprocessedAccount[] | undefined; +} + +/** + * @public + */ +export interface ListCoverageRequest { + /** + *The unique ID of the detector whose coverage details you want to retrieve.
+ * @public + */ + DetectorId: string | undefined; + + /** + *A token to use for paginating results that are returned in the response. Set the value of + * this parameter to null for the first request to a list action. For subsequent calls, use the + * NextToken value returned from the previous request to continue listing results after the first + * page.
+ * @public + */ + NextToken?: string; + + /** + *The maximum number of results to return in the response.
+ * @public + */ + MaxResults?: number; + + /** + *Represents the criteria used to filter the coverage details.
+ * @public + */ + FilterCriteria?: CoverageFilterCriteria; + + /** + *Represents the criteria used to sort the coverage details.
+ * @public + */ + SortCriteria?: CoverageSortCriteria; +} + +/** + * @public + */ +export interface ListCoverageResponse { + /** + *A list of resources and their attributes providing cluster details.
+ * @public + */ + Resources: CoverageResource[] | undefined; + + /** + *The pagination parameter to be used on the next list operation to retrieve more + * items.
+ * @public + */ + NextToken?: string; +} + /** * @public */ @@ -432,6 +856,54 @@ export interface ListIPSetsResponse { NextToken?: string; } +/** + * @public + */ +export interface ListMalwareProtectionPlansRequest { + /** + *You can use this parameter when paginating results. Set the value
+ * of this parameter to null on your first call to the list action.
+ * For subsequent calls to the action, fill nextToken in the request
+ * with the value of NextToken from the previous response to
+ * continue listing data.
Information about the Malware Protection plan resource.
+ * @public + */ +export interface MalwareProtectionPlanSummary { + /** + *A unique identifier associated with Malware Protection plan.
+ * @public + */ + MalwareProtectionPlanId?: string; +} + +/** + * @public + */ +export interface ListMalwareProtectionPlansResponse { + /** + *A list of unique identifiers associated with each Malware Protection plan.
+ * @public + */ + MalwareProtectionPlans?: MalwareProtectionPlanSummary[]; + + /** + *You can use this parameter when paginating results. Set the value
+ * of this parameter to null on your first call to the list action.
+ * For subsequent calls to the action, fill nextToken in the request
+ * with the value of NextToken from the previous response to
+ * continue listing data.
Information about the protected S3 bucket resource.
+ * @public + */ +export interface UpdateS3BucketResource { + /** + *Information about the specified object prefixes. The S3 object will be scanned only + * if it belongs to any of the specified object prefixes.
+ * @public + */ + ObjectPrefixes?: string[]; +} + +/** + *Information about the protected resource
+ * that is associated with the created Malware Protection plan.
+ * Presently, S3Bucket is the only supported protected resource.
Information about the protected S3 bucket resource.
+ * @public + */ + S3Bucket?: UpdateS3BucketResource; +} + +/** + * @public + */ +export interface UpdateMalwareProtectionPlanRequest { + /** + *A unique identifier associated with the Malware Protection plan.
+ * @public + */ + MalwareProtectionPlanId: string | undefined; + + /** + *IAM role with permissions required to scan and add tags to + * the associated protected resource.
+ * @public + */ + Role?: string; + + /** + *Information about whether the tags will be added to the S3 object after scanning.
+ * @public + */ + Actions?: MalwareProtectionPlanActions; + + /** + *Information about the protected resource that is associated
+ * with the created Malware Protection plan. Presently, S3Bucket
+ * is the only supported protected resource.
Creates a new Malware Protection plan for the protected resource.
\nWhen you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware\n Protection apply. For more information, see Amazon Web Services service terms for GuardDuty Malware Protection.
", + "smithy.api#http": { + "method": "POST", + "uri": "/malware-protection-plan", + "code": 200 + } + } + }, + "com.amazonaws.guardduty#CreateMalwareProtectionPlanRequest": { + "type": "structure", + "members": { + "ClientToken": { + "target": "com.amazonaws.guardduty#ClientToken", + "traits": { + "smithy.api#documentation": "The idempotency token for the create request.
", + "smithy.api#idempotencyToken": {}, + "smithy.api#jsonName": "clientToken" + } + }, + "Role": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#documentation": "IAM role with permissions required to scan and add tags to the associated\n protected resource.
", + "smithy.api#jsonName": "role", + "smithy.api#required": {} + } + }, + "ProtectedResource": { + "target": "com.amazonaws.guardduty#CreateProtectedResource", + "traits": { + "smithy.api#clientOptional": {}, + "smithy.api#documentation": "Information about the protected resource that is associated with the created \n Malware Protection plan. Presently, S3Bucket is the only supported \n protected resource.
Information about whether the tags will be added to the S3 object after scanning.
", + "smithy.api#jsonName": "actions" + } + }, + "Tags": { + "target": "com.amazonaws.guardduty#TagMap", + "traits": { + "smithy.api#documentation": "Tags added to the Malware Protection plan resource.
", + "smithy.api#jsonName": "tags" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.guardduty#CreateMalwareProtectionPlanResponse": { + "type": "structure", + "members": { + "MalwareProtectionPlanId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "A unique identifier associated with the Malware Protection plan resource.
", + "smithy.api#jsonName": "malwareProtectionPlanId" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.guardduty#CreateMembers": { "type": "operation", "input": { @@ -2147,6 +2241,21 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#CreateProtectedResource": { + "type": "structure", + "members": { + "S3Bucket": { + "target": "com.amazonaws.guardduty#CreateS3BucketResource", + "traits": { + "smithy.api#documentation": "Information about the protected S3 bucket resource.
", + "smithy.api#jsonName": "s3Bucket" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the protected resource that\n is associated with the created Malware Protection plan.\n Presently, S3Bucket is the only supported \n protected resource.
Name of the S3 bucket.
", + "smithy.api#jsonName": "bucketName" + } + }, + "ObjectPrefixes": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanObjectPrefixesList", + "traits": { + "smithy.api#documentation": "Information about the specified object prefixes. The S3 object will be scanned only \n if it belongs to any of the specified object prefixes.
", + "smithy.api#jsonName": "objectPrefixes" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the protected S3 bucket resource.
" + } + }, "com.amazonaws.guardduty#CreateSampleFindings": { "type": "operation", "input": { @@ -2998,6 +3129,54 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#DeleteMalwareProtectionPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.guardduty#DeleteMalwareProtectionPlanRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.guardduty#AccessDeniedException" + }, + { + "target": "com.amazonaws.guardduty#BadRequestException" + }, + { + "target": "com.amazonaws.guardduty#InternalServerErrorException" + }, + { + "target": "com.amazonaws.guardduty#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "Deletes the Malware Protection plan ID associated with the Malware Protection plan resource.\n Use this API only when you no longer want to protect the resource associated with this\n Malware Protection plan ID.
", + "smithy.api#http": { + "method": "DELETE", + "uri": "/malware-protection-plan/{MalwareProtectionPlanId}", + "code": 200 + } + } + }, + "com.amazonaws.guardduty#DeleteMalwareProtectionPlanRequest": { + "type": "structure", + "members": { + "MalwareProtectionPlanId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "A unique identifier associated with Malware Protection plan resource.
", + "smithy.api#httpLabel": {}, + "smithy.api#jsonName": "malwareProtectionPlanId", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, "com.amazonaws.guardduty#DeleteMembers": { "type": "operation", "input": { @@ -5853,6 +6032,118 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#GetMalwareProtectionPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.guardduty#GetMalwareProtectionPlanRequest" + }, + "output": { + "target": "com.amazonaws.guardduty#GetMalwareProtectionPlanResponse" + }, + "errors": [ + { + "target": "com.amazonaws.guardduty#AccessDeniedException" + }, + { + "target": "com.amazonaws.guardduty#BadRequestException" + }, + { + "target": "com.amazonaws.guardduty#InternalServerErrorException" + }, + { + "target": "com.amazonaws.guardduty#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "Retrieves the Malware Protection plan details associated with a Malware Protection\n plan ID.
", + "smithy.api#http": { + "method": "GET", + "uri": "/malware-protection-plan/{MalwareProtectionPlanId}", + "code": 200 + } + } + }, + "com.amazonaws.guardduty#GetMalwareProtectionPlanRequest": { + "type": "structure", + "members": { + "MalwareProtectionPlanId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "A unique identifier associated with Malware Protection plan resource.
", + "smithy.api#httpLabel": {}, + "smithy.api#jsonName": "malwareProtectionPlanId", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.guardduty#GetMalwareProtectionPlanResponse": { + "type": "structure", + "members": { + "Arn": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Amazon Resource Name (ARN) of the protected resource.
", + "smithy.api#jsonName": "arn" + } + }, + "Role": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "IAM role that includes the permissions required to scan and \n add tags to the associated protected resource.
", + "smithy.api#jsonName": "role" + } + }, + "ProtectedResource": { + "target": "com.amazonaws.guardduty#CreateProtectedResource", + "traits": { + "smithy.api#documentation": "Information about the protected resource that is associated with the created \n Malware Protection plan. Presently, S3Bucket is the only supported \n protected resource.
Information about whether the tags will be added to the S3 object after scanning.
", + "smithy.api#jsonName": "actions" + } + }, + "CreatedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp when the Malware Protection plan resource was created.
", + "smithy.api#jsonName": "createdAt" + } + }, + "Status": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanStatus", + "traits": { + "smithy.api#documentation": "Malware Protection plan status.
", + "smithy.api#jsonName": "status" + } + }, + "StatusReasons": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanStatusReasonsList", + "traits": { + "smithy.api#documentation": "Information about the issue code and message associated to the status of\n your Malware Protection plan.
", + "smithy.api#jsonName": "statusReasons" + } + }, + "Tags": { + "target": "com.amazonaws.guardduty#TagMap", + "traits": { + "smithy.api#documentation": "Tags added to the Malware Protection plan resource.
", + "smithy.api#jsonName": "tags" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, "com.amazonaws.guardduty#GetMalwareScanSettings": { "type": "operation", "input": { @@ -6488,6 +6779,9 @@ { "target": "com.amazonaws.guardduty#CreateIPSet" }, + { + "target": "com.amazonaws.guardduty#CreateMalwareProtectionPlan" + }, { "target": "com.amazonaws.guardduty#CreateMembers" }, @@ -6515,6 +6809,9 @@ { "target": "com.amazonaws.guardduty#DeleteIPSet" }, + { + "target": "com.amazonaws.guardduty#DeleteMalwareProtectionPlan" + }, { "target": "com.amazonaws.guardduty#DeleteMembers" }, @@ -6572,6 +6869,9 @@ { "target": "com.amazonaws.guardduty#GetIPSet" }, + { + "target": "com.amazonaws.guardduty#GetMalwareProtectionPlan" + }, { "target": "com.amazonaws.guardduty#GetMalwareScanSettings" }, @@ -6617,6 +6917,9 @@ { "target": "com.amazonaws.guardduty#ListIPSets" }, + { + "target": "com.amazonaws.guardduty#ListMalwareProtectionPlans" + }, { "target": "com.amazonaws.guardduty#ListMembers" }, @@ -6662,6 +6965,9 @@ { "target": "com.amazonaws.guardduty#UpdateIPSet" }, + { + "target": "com.amazonaws.guardduty#UpdateMalwareProtectionPlan" + }, { "target": "com.amazonaws.guardduty#UpdateMalwareScanSettings" }, @@ -8193,6 +8499,34 @@ } } }, + "com.amazonaws.guardduty#ItemPath": { + "type": "structure", + "members": { + "NestedItemPath": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The nested item path where the infected file was found.
", + "smithy.api#jsonName": "nestedItemPath" + } + }, + "Hash": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The hash value of the infected resource.
", + "smithy.api#jsonName": "hash" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the nested item path and hash of the protected\n resource.
" + } + }, + "com.amazonaws.guardduty#ItemPaths": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#ItemPath" + } + }, "com.amazonaws.guardduty#KubernetesApiCallAction": { "type": "structure", "members": { @@ -9291,15 +9625,18 @@ "smithy.api#output": {} } }, - "com.amazonaws.guardduty#ListMembers": { + "com.amazonaws.guardduty#ListMalwareProtectionPlans": { "type": "operation", "input": { - "target": "com.amazonaws.guardduty#ListMembersRequest" + "target": "com.amazonaws.guardduty#ListMalwareProtectionPlansRequest" }, "output": { - "target": "com.amazonaws.guardduty#ListMembersResponse" + "target": "com.amazonaws.guardduty#ListMalwareProtectionPlansResponse" }, "errors": [ + { + "target": "com.amazonaws.guardduty#AccessDeniedException" + }, { "target": "com.amazonaws.guardduty#BadRequestException" }, @@ -9308,12 +9645,75 @@ } ], "traits": { - "smithy.api#documentation": "Lists details about all member accounts for the current GuardDuty administrator\n account.
", + "smithy.api#documentation": "Lists the Malware Protection plan IDs associated with the protected\n resources in your Amazon Web Services account.
", "smithy.api#http": { "method": "GET", - "uri": "/detector/{DetectorId}/member", + "uri": "/malware-protection-plan", "code": 200 - }, + } + } + }, + "com.amazonaws.guardduty#ListMalwareProtectionPlansRequest": { + "type": "structure", + "members": { + "NextToken": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "You can use this parameter when paginating results. Set the value \n of this parameter to null on your first call to the list action. \n For subsequent calls to the action, fill nextToken in the request \n with the value of NextToken from the previous response to \n continue listing data.
A list of unique identifiers associated with each Malware Protection plan.
", + "smithy.api#jsonName": "malwareProtectionPlans" + } + }, + "NextToken": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "You can use this parameter when paginating results. Set the value \n of this parameter to null on your first call to the list action. \n For subsequent calls to the action, fill nextToken in the request \n with the value of NextToken from the previous response to \n continue listing data.
Lists details about all member accounts for the current GuardDuty administrator\n account.
", + "smithy.api#http": { + "method": "GET", + "uri": "/detector/{DetectorId}/member", + "code": 200 + }, "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -9850,6 +10250,158 @@ "smithy.api#documentation": "Provides details about Malware Protection when it is enabled as a data source.
" } }, + "com.amazonaws.guardduty#MalwareProtectionPlanActions": { + "type": "structure", + "members": { + "Tagging": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanTaggingAction", + "traits": { + "smithy.api#documentation": "Indicates whether the scanned S3 object will have tags about the scan result.
", + "smithy.api#jsonName": "tagging" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about whether the tags will be added to the S3 object after scanning.
" + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanObjectPrefixesList": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#String" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 5 + } + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanStatus": { + "type": "enum", + "members": { + "ACTIVE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACTIVE" + } + }, + "WARNING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WARNING" + } + }, + "ERROR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ERROR" + } + } + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanStatusReason": { + "type": "structure", + "members": { + "Code": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Issue code.
", + "smithy.api#jsonName": "code" + } + }, + "Message": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Issue message that specifies the reason. For information\n about potential troubleshooting steps, see\n Troubleshooting Malware Protection for S3 status issues in the \n GuardDuty User Guide.
", + "smithy.api#jsonName": "message" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the issue code and message associated to the status of\n your Malware Protection plan.
" + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanStatusReasonsList": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanStatusReason" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanSummary": { + "type": "structure", + "members": { + "MalwareProtectionPlanId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "A unique identifier associated with Malware Protection plan.
", + "smithy.api#jsonName": "malwareProtectionPlanId" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the Malware Protection plan resource.
" + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanTaggingAction": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanTaggingActionStatus", + "traits": { + "smithy.api#documentation": "Indicates whether or not the tags will added.
", + "smithy.api#jsonName": "status" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about adding tags to the scanned S3 object after the scan result.
" + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlanTaggingActionStatus": { + "type": "enum", + "members": { + "ENABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ENABLED" + } + }, + "DISABLED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISABLED" + } + } + } + }, + "com.amazonaws.guardduty#MalwareProtectionPlansSummary": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanSummary" + } + }, + "com.amazonaws.guardduty#MalwareScanDetails": { + "type": "structure", + "members": { + "Threats": { + "target": "com.amazonaws.guardduty#Threats", + "traits": { + "smithy.api#documentation": "Information about the detected threats associated with the\n generated GuardDuty finding.
", + "smithy.api#jsonName": "threats" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the malware scan that generated a GuardDuty finding.
" + } + }, "com.amazonaws.guardduty#ManagementType": { "type": "enum", "members": { @@ -11710,7 +12262,7 @@ "InstanceArn": { "target": "com.amazonaws.guardduty#InstanceArn", "traits": { - "smithy.api#documentation": "InstanceArn that was scanned in the scan entry.
", + "smithy.api#documentation": "Instance ARN that was scanned in the scan entry.
", "smithy.api#jsonName": "instanceArn" } } @@ -11725,6 +12277,30 @@ "target": "com.amazonaws.guardduty#String" } }, + "com.amazonaws.guardduty#ResourceNotFoundException": { + "type": "structure", + "members": { + "Message": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The error message.
", + "smithy.api#jsonName": "message" + } + }, + "Type": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The error type.
", + "smithy.api#jsonName": "__type" + } + } + }, + "traits": { + "smithy.api#documentation": "The requested resource can't be found.
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, "com.amazonaws.guardduty#ResourceType": { "type": "enum", "members": { @@ -12011,6 +12587,13 @@ "smithy.api#documentation": "Describes the public access policies that apply to the S3 bucket.
", "smithy.api#jsonName": "publicAccess" } + }, + "S3ObjectDetails": { + "target": "com.amazonaws.guardduty#S3ObjectDetails", + "traits": { + "smithy.api#documentation": "Information about the S3 object that was scanned.
", + "smithy.api#jsonName": "s3ObjectDetails" + } } }, "traits": { @@ -12057,6 +12640,55 @@ "smithy.api#documentation": "Describes whether S3 data event logs will be enabled as a data source.
" } }, + "com.amazonaws.guardduty#S3ObjectDetail": { + "type": "structure", + "members": { + "ObjectArn": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Amazon Resource Name (ARN) of the S3 object.
", + "smithy.api#jsonName": "objectArn" + } + }, + "Key": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Key of the S3 object.
", + "smithy.api#jsonName": "key" + } + }, + "ETag": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The entity tag is a hash of the S3 object. The ETag reflects changes only to the contents of \n an object, and not its metadata.
", + "smithy.api#jsonName": "eTag" + } + }, + "Hash": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Hash of the threat detected in this finding.
", + "smithy.api#jsonName": "hash" + } + }, + "VersionId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Version ID of the object.
", + "smithy.api#jsonName": "versionId" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the S3 object that was scanned
" + } + }, + "com.amazonaws.guardduty#S3ObjectDetails": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#S3ObjectDetail" + } + }, "com.amazonaws.guardduty#Scan": { "type": "structure", "members": { @@ -12316,7 +12948,7 @@ "VolumeArn": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "EBS volume Arn details of the infected file.
", + "smithy.api#documentation": "EBS volume ARN details of the infected file.
", "smithy.api#jsonName": "volumeArn" } }, @@ -12679,6 +13311,13 @@ "smithy.api#documentation": "Contains information about the detected unusual behavior.
", "smithy.api#jsonName": "detection" } + }, + "MalwareScanDetails": { + "target": "com.amazonaws.guardduty#MalwareScanDetails", + "traits": { + "smithy.api#documentation": "Returns details from the malware scan that generated a GuardDuty finding.
", + "smithy.api#jsonName": "malwareScanDetails" + } } }, "traits": { @@ -13087,6 +13726,35 @@ "target": "com.amazonaws.guardduty#Tag" } }, + "com.amazonaws.guardduty#Threat": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Name of the detected threat that caused GuardDuty to generate this finding.
", + "smithy.api#jsonName": "name" + } + }, + "Source": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Source of the threat that generated this finding.
", + "smithy.api#jsonName": "source" + } + }, + "ItemPaths": { + "target": "com.amazonaws.guardduty#ItemPaths", + "traits": { + "smithy.api#documentation": "Information about the nested item path and \n hash of the protected resource.
", + "smithy.api#jsonName": "itemPaths" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the detected threats associated with the\n generated finding.
" + } + }, "com.amazonaws.guardduty#ThreatDetectedByName": { "type": "structure", "members": { @@ -13276,6 +13944,12 @@ "target": "com.amazonaws.guardduty#String" } }, + "com.amazonaws.guardduty#Threats": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#Threat" + } + }, "com.amazonaws.guardduty#ThreatsDetectedItemCount": { "type": "structure", "members": { @@ -13839,6 +14513,75 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#UpdateMalwareProtectionPlan": { + "type": "operation", + "input": { + "target": "com.amazonaws.guardduty#UpdateMalwareProtectionPlanRequest" + }, + "output": { + "target": "smithy.api#Unit" + }, + "errors": [ + { + "target": "com.amazonaws.guardduty#AccessDeniedException" + }, + { + "target": "com.amazonaws.guardduty#BadRequestException" + }, + { + "target": "com.amazonaws.guardduty#InternalServerErrorException" + }, + { + "target": "com.amazonaws.guardduty#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "Updates an existing Malware Protection plan resource.
", + "smithy.api#http": { + "method": "PATCH", + "uri": "/malware-protection-plan/{MalwareProtectionPlanId}", + "code": 200 + } + } + }, + "com.amazonaws.guardduty#UpdateMalwareProtectionPlanRequest": { + "type": "structure", + "members": { + "MalwareProtectionPlanId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "A unique identifier associated with the Malware Protection plan.
", + "smithy.api#httpLabel": {}, + "smithy.api#jsonName": "malwareProtectionPlanId", + "smithy.api#required": {} + } + }, + "Role": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "IAM role with permissions required to scan and add tags to \n the associated protected resource.
", + "smithy.api#jsonName": "role" + } + }, + "Actions": { + "target": "com.amazonaws.guardduty#MalwareProtectionPlanActions", + "traits": { + "smithy.api#documentation": "Information about whether the tags will be added to the S3 object after scanning.
", + "smithy.api#jsonName": "actions" + } + }, + "ProtectedResource": { + "target": "com.amazonaws.guardduty#UpdateProtectedResource", + "traits": { + "smithy.api#documentation": "Information about the protected resource that is associated \n with the created Malware Protection plan. Presently, S3Bucket\n is the only supported protected resource.
Information about the protected S3 bucket resource.
", + "smithy.api#jsonName": "s3Bucket" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the protected resource \n that is associated with the created Malware Protection plan. \n Presently, S3Bucket is the only supported protected resource.
Information about the specified object prefixes. The S3 object will be scanned only \n if it belongs to any of the specified object prefixes.
", + "smithy.api#jsonName": "objectPrefixes" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the protected S3 bucket resource.
" + } + }, "com.amazonaws.guardduty#UpdateThreatIntelSet": { "type": "operation", "input": { @@ -14627,7 +15400,7 @@ "VolumeArn": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "EBS volume Arn information.
", + "smithy.api#documentation": "EBS volume ARN information.
", "smithy.api#jsonName": "volumeArn" } }, @@ -14662,14 +15435,14 @@ "SnapshotArn": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "Snapshot Arn of the EBS volume.
", + "smithy.api#documentation": "Snapshot ARN of the EBS volume.
", "smithy.api#jsonName": "snapshotArn" } }, "KmsKeyArn": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "KMS key Arn used to encrypt the EBS volume.
", + "smithy.api#documentation": "KMS key ARN used to encrypt the EBS volume.
", "smithy.api#jsonName": "kmsKeyArn" } }