types

package
v1.27.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: Apache-2.0 Imports: 4 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessDeniedException added in v1.17.0 

type AccessDeniedException struct {
	Message *string

	ErrorCodeOverride *string

	ErrorCode_         ErrorCode
	ErrorCodeReason    *string
	SubErrorCode       ErrorCode
	SubErrorCodeReason *string
	// contains filtered or unexported fields
}

The request issuer does not have permission to access this resource or perform this operation.

func (*AccessDeniedException) Error added in v1.17.0 

func (e *AccessDeniedException) Error() string

func (*AccessDeniedException) ErrorCode added in v1.17.0 

func (e *AccessDeniedException) ErrorCode() string

func (*AccessDeniedException) ErrorFault added in v1.17.0 

func (e *AccessDeniedException) ErrorFault() smithy.ErrorFault

func (*AccessDeniedException) ErrorMessage added in v1.17.0 

func (e *AccessDeniedException) ErrorMessage() string

type Account 

type Account struct {

	// The account identifier of the Amazon Web Services account.
	//
	// This member is required.
	AccountId *string

	// The Amazon Web Services account root user email address for the Amazon Web
	// Services account.
	//
	// This member is required.
	EmailAddress *string
	// contains filtered or unexported fields
}

An Amazon Web Services account that is the administrator account of or a member of a behavior graph.

type Administrator added in v1.12.0 

type Administrator struct {

	// The Amazon Web Services account identifier of the Detective administrator
	// account for the organization.
	AccountId *string

	// The date and time when the Detective administrator account was enabled. The
	// value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	DelegationTime *time.Time

	// The ARN of the organization behavior graph.
	GraphArn *string
	// contains filtered or unexported fields
}

Information about the Detective administrator account for an organization.

type ConflictException 

type ConflictException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request attempted an invalid action.

func (*ConflictException) Error 

func (e *ConflictException) Error() string

func (*ConflictException) ErrorCode 

func (e *ConflictException) ErrorCode() string

func (*ConflictException) ErrorFault 

func (e *ConflictException) ErrorFault() smithy.ErrorFault

func (*ConflictException) ErrorMessage 

func (e *ConflictException) ErrorMessage() string

type DatasourcePackage added in v1.16.0 

type DatasourcePackage string
const (
	DatasourcePackageDetectiveCore          DatasourcePackage = "DETECTIVE_CORE"
	DatasourcePackageEksAudit               DatasourcePackage = "EKS_AUDIT"
	DatasourcePackageAsffSecurityhubFinding DatasourcePackage = "ASFF_SECURITYHUB_FINDING"
)

Enum values for DatasourcePackage

func (DatasourcePackage) Values added in v1.16.0 

func (DatasourcePackage) Values() []DatasourcePackage

Values returns all known values for DatasourcePackage. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type DatasourcePackageIngestDetail added in v1.16.0 

type DatasourcePackageIngestDetail struct {

	// Details on which data source packages are ingested for a member account.
	DatasourcePackageIngestState DatasourcePackageIngestState

	// The date a data source package was enabled for this account
	LastIngestStateChange map[string]TimestampForCollection
	// contains filtered or unexported fields
}

Details about the data source packages ingested by your behavior graph.

type DatasourcePackageIngestState added in v1.16.0 

type DatasourcePackageIngestState string
const (
	DatasourcePackageIngestStateStarted  DatasourcePackageIngestState = "STARTED"
	DatasourcePackageIngestStateStopped  DatasourcePackageIngestState = "STOPPED"
	DatasourcePackageIngestStateDisabled DatasourcePackageIngestState = "DISABLED"
)

Enum values for DatasourcePackageIngestState

func (DatasourcePackageIngestState) Values added in v1.16.0 

func (DatasourcePackageIngestState) Values() []DatasourcePackageIngestState

Values returns all known values for DatasourcePackageIngestState. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type DatasourcePackageUsageInfo added in v1.16.0 

type DatasourcePackageUsageInfo struct {

	// Total volume of data in bytes per day ingested for a given data source package.
	VolumeUsageInBytes *int64

	// The data and time when the member account data volume was last updated. The
	// value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	VolumeUsageUpdateTime *time.Time
	// contains filtered or unexported fields
}

Information on the usage of a data source package in the behavior graph.

type DateFilter added in v1.24.0 

type DateFilter struct {

	// A timestamp representing the end date of the time period until when data is
	// filtered, including the end date.
	//
	// This member is required.
	EndInclusive *time.Time

	// A timestamp representing the start of the time period from when data is
	// filtered, including the start date.
	//
	// This member is required.
	StartInclusive *time.Time
	// contains filtered or unexported fields
}

Contains details on the time range used to filter data.

type EntityType added in v1.24.0 

type EntityType string
const (
	EntityTypeIamRole EntityType = "IAM_ROLE"
	EntityTypeIamUser EntityType = "IAM_USER"
)

Enum values for EntityType

func (EntityType) Values added in v1.24.0 

func (EntityType) Values() []EntityType

Values returns all known values for EntityType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type ErrorCode added in v1.16.0 

type ErrorCode string
const (
	ErrorCodeInvalidGraphArn    ErrorCode = "INVALID_GRAPH_ARN"
	ErrorCodeInvalidRequestBody ErrorCode = "INVALID_REQUEST_BODY"
	ErrorCodeInternalError      ErrorCode = "INTERNAL_ERROR"
)

Enum values for ErrorCode

func (ErrorCode) Values added in v1.16.0 

func (ErrorCode) Values() []ErrorCode

Values returns all known values for ErrorCode. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type Field added in v1.24.0 

type Field string
const (
	FieldSeverity    Field = "SEVERITY"
	FieldStatus      Field = "STATUS"
	FieldCreatedTime Field = "CREATED_TIME"
)

Enum values for Field

func (Field) Values added in v1.24.0 

func (Field) Values() []Field

Values returns all known values for Field. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type FilterCriteria added in v1.24.0 

type FilterCriteria struct {

	// Filter the investigation results based on when the investigation was created.
	CreatedTime *DateFilter

	// Filter the investigation results based on the Amazon Resource Name (ARN) of the
	// entity.
	EntityArn *StringFilter

	// Filter the investigation results based on the severity.
	Severity *StringFilter

	// Filter the investigation results based on the state.
	State *StringFilter

	// Filter the investigation results based on the status.
	Status *StringFilter
	// contains filtered or unexported fields
}

Details on the criteria used to define the filter for investigation results.

type FlaggedIpAddressDetail added in v1.24.0 

type FlaggedIpAddressDetail struct {

	// IP address of the suspicious entity.
	IpAddress *string

	// Details the reason the IP address was flagged as suspicious.
	Reason Reason
	// contains filtered or unexported fields
}

Contains information on suspicious IP addresses identified as indicators of compromise. This indicator is derived from Amazon Web Services threat intelligence.

type Graph 

type Graph struct {

	// The ARN of the behavior graph.
	Arn *string

	// The date and time that the behavior graph was created. The value is an ISO8601
	// formatted string. For example, 2021-08-18T16:35:56.284Z .
	CreatedTime *time.Time
	// contains filtered or unexported fields
}

A behavior graph in Detective.

type ImpossibleTravelDetail added in v1.24.0 

type ImpossibleTravelDetail struct {

	// IP address where the resource was last used in the impossible travel.
	EndingIpAddress *string

	// Location where the resource was last used in the impossible travel.
	EndingLocation *string

	// Returns the time difference between the first and last timestamp the resource
	// was used.
	HourlyTimeDelta *int32

	// IP address where the resource was first used in the impossible travel.
	StartingIpAddress *string

	// Location where the resource was first used in the impossible travel.
	StartingLocation *string
	// contains filtered or unexported fields
}

Contains information on unusual and impossible travel in an account.

type Indicator added in v1.24.0 

type Indicator struct {

	// Details about the indicators of compromise that are used to determine if a
	// resource is involved in a security incident. An indicator of compromise (IOC) is
	// an artifact observed in or on a network, system, or environment that can (with a
	// high level of confidence) identify malicious activity or a security incident.
	IndicatorDetail *IndicatorDetail

	// The type of indicator.
	IndicatorType IndicatorType
	// contains filtered or unexported fields
}

Detective investigations triages indicators of compromises such as a finding and surfaces only the most critical and suspicious issues, so you can focus on high-level investigations. An Indicator lets you determine if an Amazon Web Services resource is involved in unusual activity that could indicate malicious behavior and its impact.

type IndicatorDetail added in v1.24.0 

type IndicatorDetail struct {

	// Suspicious IP addresses that are flagged, which indicates critical or severe
	// threats based on threat intelligence by Detective. This indicator is derived
	// from Amazon Web Services threat intelligence.
	FlaggedIpAddressDetail *FlaggedIpAddressDetail

	// Identifies unusual and impossible user activity for an account.
	ImpossibleTravelDetail *ImpossibleTravelDetail

	// Contains details about the new Autonomous System Organization (ASO).
	NewAsoDetail *NewAsoDetail

	// Contains details about the new geographic location.
	NewGeolocationDetail *NewGeolocationDetail

	// Contains details about the new user agent.
	NewUserAgentDetail *NewUserAgentDetail

	// Contains details about related findings.
	RelatedFindingDetail *RelatedFindingDetail

	// Contains details about related finding groups.
	RelatedFindingGroupDetail *RelatedFindingGroupDetail

	// Details about the indicator of compromise.
	TTPsObservedDetail *TTPsObservedDetail
	// contains filtered or unexported fields
}

Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations (https://docs.aws.amazon.com/detective/latest/userguide/detective-investigations.html) .

type IndicatorType added in v1.24.0 

type IndicatorType string
const (
	IndicatorTypeTtpObserved         IndicatorType = "TTP_OBSERVED"
	IndicatorTypeImpossibleTravel    IndicatorType = "IMPOSSIBLE_TRAVEL"
	IndicatorTypeFlaggedIpAddress    IndicatorType = "FLAGGED_IP_ADDRESS"
	IndicatorTypeNewGeolocation      IndicatorType = "NEW_GEOLOCATION"
	IndicatorTypeNewAso              IndicatorType = "NEW_ASO"
	IndicatorTypeNewUserAgent        IndicatorType = "NEW_USER_AGENT"
	IndicatorTypeRelatedFinding      IndicatorType = "RELATED_FINDING"
	IndicatorTypeRelatedFindingGroup IndicatorType = "RELATED_FINDING_GROUP"
)

Enum values for IndicatorType

func (IndicatorType) Values added in v1.24.0 

func (IndicatorType) Values() []IndicatorType

Values returns all known values for IndicatorType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type InternalServerException 

type InternalServerException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request was valid but failed because of a problem with the service.

func (*InternalServerException) Error 

func (e *InternalServerException) Error() string

func (*InternalServerException) ErrorCode 

func (e *InternalServerException) ErrorCode() string

func (*InternalServerException) ErrorFault 

func (e *InternalServerException) ErrorFault() smithy.ErrorFault

func (*InternalServerException) ErrorMessage 

func (e *InternalServerException) ErrorMessage() string

type InvestigationDetail added in v1.24.0 

type InvestigationDetail struct {

	// The time stamp of the creation time of the investigation report. The value is
	// an UTC ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	CreatedTime *time.Time

	// The unique Amazon Resource Name (ARN) of the IAM user and IAM role.
	EntityArn *string

	// Type of entity. For example, Amazon Web Services accounts, such as IAM user and
	// role.
	EntityType EntityType

	// The investigation ID of the investigation report.
	InvestigationId *string

	// Severity based on the likelihood and impact of the indicators of compromise
	// discovered in the investigation.
	Severity Severity

	// The current state of the investigation. An archived investigation indicates you
	// have completed reviewing the investigation.
	State State

	// Status based on the completion status of the investigation.
	Status Status
	// contains filtered or unexported fields
}

Details about the investigation related to a potential security event identified by Detective.

type InvitationType added in v1.12.0 

type InvitationType string
const (
	InvitationTypeInvitation   InvitationType = "INVITATION"
	InvitationTypeOrganization InvitationType = "ORGANIZATION"
)

Enum values for InvitationType

func (InvitationType) Values added in v1.12.0 

func (InvitationType) Values() []InvitationType

Values returns all known values for InvitationType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type MemberDetail 

type MemberDetail struct {

	// The Amazon Web Services account identifier for the member account.
	AccountId *string

	// The Amazon Web Services account identifier of the administrator account for the
	// behavior graph.
	AdministratorId *string

	// The state of a data source package for the behavior graph.
	DatasourcePackageIngestStates map[string]DatasourcePackageIngestState

	// For member accounts with a status of ACCEPTED_BUT_DISABLED , the reason that the
	// member account is not enabled. The reason can have one of the following values:
	//   - VOLUME_TOO_HIGH - Indicates that adding the member account would cause the
	//   data volume for the behavior graph to be too high.
	//   - VOLUME_UNKNOWN - Indicates that Detective is unable to verify the data
	//   volume for the member account. This is usually because the member account is not
	//   enrolled in Amazon GuardDuty.
	DisabledReason MemberDisabledReason

	// The Amazon Web Services account root user email address for the member account.
	EmailAddress *string

	// The ARN of the behavior graph.
	GraphArn *string

	// The type of behavior graph membership. For an organization account in the
	// organization behavior graph, the type is ORGANIZATION . For an account that was
	// invited to a behavior graph, the type is INVITATION .
	InvitationType InvitationType

	// For invited accounts, the date and time that Detective sent the invitation to
	// the account. The value is an ISO8601 formatted string. For example,
	// 2021-08-18T16:35:56.284Z .
	InvitedTime *time.Time

	// The Amazon Web Services account identifier of the administrator account for the
	// behavior graph.
	//
	// Deprecated: This property is deprecated. Use AdministratorId instead.
	MasterId *string

	// The member account data volume as a percentage of the maximum allowed data
	// volume. 0 indicates 0 percent, and 100 indicates 100 percent. Note that this is
	// not the percentage of the behavior graph data volume. For example, the data
	// volume for the behavior graph is 80 GB per day. The maximum data volume is 160
	// GB per day. If the data volume for the member account is 40 GB per day, then
	// PercentOfGraphUtilization is 25. It represents 25% of the maximum allowed data
	// volume.
	//
	// Deprecated: This property is deprecated. Use VolumeUsageByDatasourcePackage
	// instead.
	PercentOfGraphUtilization *float64

	// The date and time when the graph utilization percentage was last updated. The
	// value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	//
	// Deprecated: This property is deprecated. Use VolumeUsageByDatasourcePackage
	// instead.
	PercentOfGraphUtilizationUpdatedTime *time.Time

	// The current membership status of the member account. The status can have one of
	// the following values:
	//   - INVITED - For invited accounts only. Indicates that the member was sent an
	//   invitation but has not yet responded.
	//   - VERIFICATION_IN_PROGRESS - For invited accounts only, indicates that
	//   Detective is verifying that the account identifier and email address provided
	//   for the member account match. If they do match, then Detective sends the
	//   invitation. If the email address and account identifier don't match, then the
	//   member cannot be added to the behavior graph. For organization accounts in the
	//   organization behavior graph, indicates that Detective is verifying that the
	//   account belongs to the organization.
	//   - VERIFICATION_FAILED - For invited accounts only. Indicates that the account
	//   and email address provided for the member account do not match, and Detective
	//   did not send an invitation to the account.
	//   - ENABLED - Indicates that the member account currently contributes data to
	//   the behavior graph. For invited accounts, the member account accepted the
	//   invitation. For organization accounts in the organization behavior graph, the
	//   Detective administrator account enabled the organization account as a member
	//   account.
	//   - ACCEPTED_BUT_DISABLED - The account accepted the invitation, or was enabled
	//   by the Detective administrator account, but is prevented from contributing data
	//   to the behavior graph. DisabledReason provides the reason why the member
	//   account is not enabled.
	// Invited accounts that declined an invitation or that were removed from the
	// behavior graph are not included. In the organization behavior graph,
	// organization accounts that the Detective administrator account did not enable
	// are not included.
	Status MemberStatus

	// The date and time that the member account was last updated. The value is an
	// ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	UpdatedTime *time.Time

	// Details on the volume of usage for each data source package in a behavior graph.
	VolumeUsageByDatasourcePackage map[string]DatasourcePackageUsageInfo

	// The data volume in bytes per day for the member account.
	//
	// Deprecated: This property is deprecated. Use VolumeUsageByDatasourcePackage
	// instead.
	VolumeUsageInBytes *int64

	// The data and time when the member account data volume was last updated. The
	// value is an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	//
	// Deprecated: This property is deprecated. Use VolumeUsageByDatasourcePackage
	// instead.
	VolumeUsageUpdatedTime *time.Time
	// contains filtered or unexported fields
}

Details about a member account in a behavior graph.

type MemberDisabledReason 

type MemberDisabledReason string
const (
	MemberDisabledReasonVolumeTooHigh MemberDisabledReason = "VOLUME_TOO_HIGH"
	MemberDisabledReasonVolumeUnknown MemberDisabledReason = "VOLUME_UNKNOWN"
)

Enum values for MemberDisabledReason

func (MemberDisabledReason) Values added in v0.29.0 

func (MemberDisabledReason) Values() []MemberDisabledReason

Values returns all known values for MemberDisabledReason. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type MemberStatus 

type MemberStatus string
const (
	MemberStatusInvited                MemberStatus = "INVITED"
	MemberStatusVerificationInProgress MemberStatus = "VERIFICATION_IN_PROGRESS"
	MemberStatusVerificationFailed     MemberStatus = "VERIFICATION_FAILED"
	MemberStatusEnabled                MemberStatus = "ENABLED"
	MemberStatusAcceptedButDisabled    MemberStatus = "ACCEPTED_BUT_DISABLED"
)

Enum values for MemberStatus

func (MemberStatus) Values added in v0.29.0 

func (MemberStatus) Values() []MemberStatus

Values returns all known values for MemberStatus. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type MembershipDatasources added in v1.16.0 

type MembershipDatasources struct {

	// The account identifier of the Amazon Web Services account.
	AccountId *string

	// Details on when a data source package was added to a behavior graph.
	DatasourcePackageIngestHistory map[string]map[string]TimestampForCollection

	// The ARN of the organization behavior graph.
	GraphArn *string
	// contains filtered or unexported fields
}

Details on data source packages for members of the behavior graph.

type NewAsoDetail added in v1.24.0 

type NewAsoDetail struct {

	// Details about the new Autonomous System Organization (ASO).
	Aso *string

	// Checks if the Autonomous System Organization (ASO) is new for the entire
	// account.
	IsNewForEntireAccount bool
	// contains filtered or unexported fields
}

Details new Autonomous System Organizations (ASOs) used either at the resource or account level.

type NewGeolocationDetail added in v1.24.0 

type NewGeolocationDetail struct {

	// IP address using which the resource was accessed.
	IpAddress *string

	// Checks if the geolocation is new for the entire account.
	IsNewForEntireAccount bool

	// Location where the resource was accessed.
	Location *string
	// contains filtered or unexported fields
}

Details new geolocations used either at the resource or account level. For example, lists an observed geolocation that is an infrequent or unused location based on previous user activity.

type NewUserAgentDetail added in v1.24.0 

type NewUserAgentDetail struct {

	// Checks if the user agent is new for the entire account.
	IsNewForEntireAccount bool

	// New user agent which accessed the resource.
	UserAgent *string
	// contains filtered or unexported fields
}

Details new user agents used either at the resource or account level.

type Reason added in v1.24.0 

type Reason string
const (
	ReasonAwsThreatIntelligence Reason = "AWS_THREAT_INTELLIGENCE"
)

Enum values for Reason

func (Reason) Values added in v1.24.0 

func (Reason) Values() []Reason

Values returns all known values for Reason. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type RelatedFindingDetail added in v1.24.0 

type RelatedFindingDetail struct {

	// The Amazon Resource Name (ARN) of the related finding.
	Arn *string

	// The IP address of the finding.
	IpAddress *string

	// The type of finding.
	Type *string
	// contains filtered or unexported fields
}

Details related activities associated with a potential security event. Lists all distinct categories of evidence that are connected to the resource or the finding group.

type RelatedFindingGroupDetail added in v1.24.0 

type RelatedFindingGroupDetail struct {

	// The unique identifier for the finding group.
	Id *string
	// contains filtered or unexported fields
}

Details multiple activities as they related to a potential security event. Detective uses graph analysis technique that infers relationships between findings and entities, and groups them together as a finding group.

type ResourceNotFoundException 

type ResourceNotFoundException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request refers to a nonexistent resource.

func (*ResourceNotFoundException) Error 

func (e *ResourceNotFoundException) Error() string

func (*ResourceNotFoundException) ErrorCode 

func (e *ResourceNotFoundException) ErrorCode() string

func (*ResourceNotFoundException) ErrorFault 

func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault

func (*ResourceNotFoundException) ErrorMessage 

func (e *ResourceNotFoundException) ErrorMessage() string

type ServiceQuotaExceededException 

type ServiceQuotaExceededException struct {
	Message *string

	ErrorCodeOverride *string

	Resources []string
	// contains filtered or unexported fields
}

This request cannot be completed for one of the following reasons.

  • This request cannot be completed if it would cause the number of member accounts in the behavior graph to exceed the maximum allowed. A behavior graph cannot have more than 1,200 member accounts.
  • This request cannot be completed if the current volume ingested is above the limit of 10 TB per day. Detective will not allow you to add additional member accounts.

func (*ServiceQuotaExceededException) Error 

func (e *ServiceQuotaExceededException) Error() string

func (*ServiceQuotaExceededException) ErrorCode 

func (e *ServiceQuotaExceededException) ErrorCode() string

func (*ServiceQuotaExceededException) ErrorFault 

func (e *ServiceQuotaExceededException) ErrorFault() smithy.ErrorFault

func (*ServiceQuotaExceededException) ErrorMessage 

func (e *ServiceQuotaExceededException) ErrorMessage() string

type Severity added in v1.24.0 

type Severity string
const (
	SeverityInformational Severity = "INFORMATIONAL"
	SeverityLow           Severity = "LOW"
	SeverityMedium        Severity = "MEDIUM"
	SeverityHigh          Severity = "HIGH"
	SeverityCritical      Severity = "CRITICAL"
)

Enum values for Severity

func (Severity) Values added in v1.24.0 

func (Severity) Values() []Severity

Values returns all known values for Severity. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type SortCriteria added in v1.24.0 

type SortCriteria struct {

	// Represents the Field attribute to sort investigations.
	Field Field

	// The order by which the sorted findings are displayed.
	SortOrder SortOrder
	// contains filtered or unexported fields
}

Details about the criteria used for sorting investigations.

type SortOrder added in v1.24.0 

type SortOrder string
const (
	SortOrderAsc  SortOrder = "ASC"
	SortOrderDesc SortOrder = "DESC"
)

Enum values for SortOrder

func (SortOrder) Values added in v1.24.0 

func (SortOrder) Values() []SortOrder

Values returns all known values for SortOrder. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type State added in v1.24.0 

type State string
const (
	StateActive   State = "ACTIVE"
	StateArchived State = "ARCHIVED"
)

Enum values for State

func (State) Values added in v1.24.0 

func (State) Values() []State

Values returns all known values for State. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type Status added in v1.24.0 

type Status string
const (
	StatusRunning    Status = "RUNNING"
	StatusFailed     Status = "FAILED"
	StatusSuccessful Status = "SUCCESSFUL"
)

Enum values for Status

func (Status) Values added in v1.24.0 

func (Status) Values() []Status

Values returns all known values for Status. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type StringFilter added in v1.24.0 

type StringFilter struct {

	// The string filter value.
	//
	// This member is required.
	Value *string
	// contains filtered or unexported fields
}

A string for filtering Detective investigations.

type TTPsObservedDetail added in v1.24.0 

type TTPsObservedDetail struct {

	// The total number of failed API requests.
	APIFailureCount int64

	// The name of the API where the tactics, techniques, and procedure (TTP) was
	// observed.
	APIName *string

	// The total number of successful API requests.
	APISuccessCount int64

	// The IP address where the tactics, techniques, and procedure (TTP) was observed.
	IpAddress *string

	// The procedure used, identified by the investigation.
	Procedure *string

	// The tactic used, identified by the investigation.
	Tactic *string

	// The technique used, identified by the investigation.
	Technique *string
	// contains filtered or unexported fields
}

Details tactics, techniques, and procedures (TTPs) used in a potential security event. Tactics are based on MITRE ATT&CK Matrix for Enterprise (https://attack.mitre.org/matrices/enterprise/) .

type TimestampForCollection added in v1.16.0 

type TimestampForCollection struct {

	// The data and time when data collection began for a source package. The value is
	// an ISO8601 formatted string. For example, 2021-08-18T16:35:56.284Z .
	Timestamp *time.Time
	// contains filtered or unexported fields
}

Details on when data collection began for a source package.

type TooManyRequestsException added in v1.12.0 

type TooManyRequestsException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request cannot be completed because too many other requests are occurring at the same time.

func (*TooManyRequestsException) Error added in v1.12.0 

func (e *TooManyRequestsException) Error() string

func (*TooManyRequestsException) ErrorCode added in v1.12.0 

func (e *TooManyRequestsException) ErrorCode() string

func (*TooManyRequestsException) ErrorFault added in v1.12.0 

func (e *TooManyRequestsException) ErrorFault() smithy.ErrorFault

func (*TooManyRequestsException) ErrorMessage added in v1.12.0 

func (e *TooManyRequestsException) ErrorMessage() string

type UnprocessedAccount 

type UnprocessedAccount struct {

	// The Amazon Web Services account identifier of the member account that was not
	// processed.
	AccountId *string

	// The reason that the member account request could not be processed.
	Reason *string
	// contains filtered or unexported fields
}

A member account that was included in a request but for which the request could not be processed.

type UnprocessedGraph added in v1.16.0 

type UnprocessedGraph struct {

	// The ARN of the organization behavior graph.
	GraphArn *string

	// The reason data source package information could not be processed for a
	// behavior graph.
	Reason *string
	// contains filtered or unexported fields
}

Behavior graphs that could not be processed in the request.

type ValidationException 

type ValidationException struct {
	Message *string

	ErrorCodeOverride *string

	ErrorCode_      ErrorCode
	ErrorCodeReason *string
	// contains filtered or unexported fields
}

The request parameters are invalid.

func (*ValidationException) Error 

func (e *ValidationException) Error() string

func (*ValidationException) ErrorCode 

func (e *ValidationException) ErrorCode() string

func (*ValidationException) ErrorFault 

func (e *ValidationException) ErrorFault() smithy.ErrorFault

func (*ValidationException) ErrorMessage 

func (e *ValidationException) ErrorMessage() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.