guardduty

package module
v1.42.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2024 License: Apache-2.0 Imports: 41 Imported by: 45

Documentation

Overview

Package guardduty provides the API client, operations, and parameter types for Amazon GuardDuty.

Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following foundational data sources - VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs, EKS audit logs, DNS logs, Amazon EBS volume data, runtime activity belonging to container workloads, such as Amazon EKS, Amazon ECS (including Amazon Web Services Fargate), and Amazon EC2 instances. It uses threat intelligence feeds, such as lists of malicious IPs and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, domains, or presence of malware on your Amazon EC2 instances and container workloads. For example, GuardDuty can detect compromised EC2 instances and container workloads serving malware, or mining bitcoin. GuardDuty also monitors Amazon Web Services account access behavior for signs of compromise, such as unauthorized infrastructure deployments like EC2 instances deployed in a Region that has never been used, or unusual API calls like a password policy change to reduce password strength. GuardDuty informs you about the status of your Amazon Web Services environment by producing security findings that you can view in the GuardDuty console or through Amazon EventBridge. For more information, see the Amazon GuardDuty User Guide (https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html) .

Index

Constants

View Source 
const ServiceAPIVersion = "2017-11-28"
View Source 
const ServiceID = "GuardDuty"

Variables

This section is empty.

Functions

func NewDefaultEndpointResolver 

func NewDefaultEndpointResolver() *internalendpoints.Resolver

NewDefaultEndpointResolver constructs a new service endpoint resolver

func WithAPIOptions added in v1.0.0 

func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options)

WithAPIOptions returns a functional option for setting the Client's APIOptions option.

func WithEndpointResolver deprecated 

func WithEndpointResolver(v EndpointResolver) func(*Options)

Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for this field will likely prevent you from using any endpoint-related service features released after the introduction of EndpointResolverV2 and BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom endpoint, set the client option BaseEndpoint instead.

func WithEndpointResolverV2 added in v1.25.0 

func WithEndpointResolverV2(v EndpointResolverV2) func(*Options)

WithEndpointResolverV2 returns a functional option for setting the Client's EndpointResolverV2 option.

func WithSigV4SigningName added in v1.33.2 

func WithSigV4SigningName(name string) func(*Options)

WithSigV4SigningName applies an override to the authentication workflow to use the given signing name for SigV4-authenticated operations.

This is an advanced setting. The value here is FINAL, taking precedence over the resolved signing name from both auth scheme resolution and endpoint resolution.

func WithSigV4SigningRegion added in v1.33.2 

func WithSigV4SigningRegion(region string) func(*Options)

WithSigV4SigningRegion applies an override to the authentication workflow to use the given signing region for SigV4-authenticated operations.

This is an advanced setting. The value here is FINAL, taking precedence over the resolved signing region from both auth scheme resolution and endpoint resolution.

Types

type AcceptAdministratorInvitationInput added in v1.14.0 

type AcceptAdministratorInvitationInput struct {

	// The account ID of the GuardDuty administrator account whose invitation you're
	// accepting.
	//
	// This member is required.
	AdministratorId *string

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string

	// The value that is used to validate the administrator account to the member
	// account.
	//
	// This member is required.
	InvitationId *string
	// contains filtered or unexported fields
}

type AcceptAdministratorInvitationOutput added in v1.14.0 

type AcceptAdministratorInvitationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type AcceptInvitationInput 

type AcceptInvitationInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string

	// The value that is used to validate the administrator account to the member
	// account.
	//
	// This member is required.
	InvitationId *string

	// The account ID of the GuardDuty administrator account whose invitation you're
	// accepting.
	//
	// This member is required.
	MasterId *string
	// contains filtered or unexported fields
}

type AcceptInvitationOutput 

type AcceptInvitationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ArchiveFindingsInput 

type ArchiveFindingsInput struct {

	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to archive.
	//
	// This member is required.
	DetectorId *string

	// The IDs of the findings that you want to archive.
	//
	// This member is required.
	FindingIds []string
	// contains filtered or unexported fields
}

type ArchiveFindingsOutput 

type ArchiveFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type AuthResolverParameters added in v1.33.2 

type AuthResolverParameters struct {
	// The name of the operation being invoked.
	Operation string

	// The region in which the operation is being invoked.
	Region string
}

AuthResolverParameters contains the set of inputs necessary for auth scheme resolution.

type AuthSchemeResolver added in v1.33.2 

type AuthSchemeResolver interface {
	ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error)
}

AuthSchemeResolver returns a set of possible authentication options for an operation.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client provides the API client to make operations call for Amazon GuardDuty.

func New 

func New(options Options, optFns ...func(*Options)) *Client

New returns an initialized Client based on the functional options. Provide additional functional options to further configure the behavior of the client, such as changing the client's endpoint or adding custom middleware behavior.

func NewFromConfig 

func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client

NewFromConfig returns a new client from the provided config.

func (*Client) AcceptAdministratorInvitation added in v1.14.0 

func (c *Client) AcceptAdministratorInvitation(ctx context.Context, params *AcceptAdministratorInvitationInput, optFns ...func(*Options)) (*AcceptAdministratorInvitationOutput, error)

Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation.

func (*Client) AcceptInvitation deprecated 

func (c *Client) AcceptInvitation(ctx context.Context, params *AcceptInvitationInput, optFns ...func(*Options)) (*AcceptInvitationOutput, error)

Accepts the invitation to be monitored by a GuardDuty administrator account.

Deprecated: This operation is deprecated, use AcceptAdministratorInvitation instead

func (*Client) ArchiveFindings 

func (c *Client) ArchiveFindings(ctx context.Context, params *ArchiveFindingsInput, optFns ...func(*Options)) (*ArchiveFindingsOutput, error)

Archives GuardDuty findings that are specified by the list of finding IDs. Only the administrator account can archive findings. Member accounts don't have permission to archive findings from their accounts.

func (*Client) CreateDetector 

func (c *Client) CreateDetector(ctx context.Context, params *CreateDetectorInput, optFns ...func(*Options)) (*CreateDetectorOutput, error)

Creates a single GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default.

  • When you don't specify any features , with an exception to RUNTIME_MONITORING , all the optional features are enabled by default.
  • When you specify some of the features , any feature that is not specified in the API call gets enabled by default, with an exception to RUNTIME_MONITORING .

Specifying both EKS Runtime Monitoring ( EKS_RUNTIME_MONITORING ) and Runtime Monitoring ( RUNTIME_MONITORING ) will cause an error. You can add only one of these two features because Runtime Monitoring already includes the threat detection for Amazon EKS resources. For more information, see Runtime Monitoring (https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html) . There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) CreateFilter 

func (c *Client) CreateFilter(ctx context.Context, params *CreateFilterInput, optFns ...func(*Options)) (*CreateFilterOutput, error)

Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services account per Region is 100. For more information, see Quotas for GuardDuty (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html) .

func (*Client) CreateIPSet 

func (c *Client) CreateIPSet(ctx context.Context, params *CreateIPSetInput, optFns ...func(*Options)) (*CreateIPSetOutput, error)

Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this operation.

func (*Client) CreateMembers 

func (c *Client) CreateMembers(ctx context.Context, params *CreateMembersInput, optFns ...func(*Options)) (*CreateMembersOutput, error)

Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization. As a delegated administrator, using CreateMembers will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account. A delegated administrator must enable GuardDuty prior to being added as a member. When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html) . If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API. When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.

func (*Client) CreatePublishingDestination 

func (c *Client) CreatePublishingDestination(ctx context.Context, params *CreatePublishingDestinationInput, optFns ...func(*Options)) (*CreatePublishingDestinationOutput, error)

Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.

func (*Client) CreateSampleFindings 

func (c *Client) CreateSampleFindings(ctx context.Context, params *CreateSampleFindingsInput, optFns ...func(*Options)) (*CreateSampleFindingsOutput, error)

Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes , the API generates sample findings of all supported finding types.

func (*Client) CreateThreatIntelSet 

func (c *Client) CreateThreatIntelSet(ctx context.Context, params *CreateThreatIntelSetInput, optFns ...func(*Options)) (*CreateThreatIntelSetOutput, error)

Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator account can use this operation.

func (*Client) DeclineInvitations 

func (c *Client) DeclineInvitations(ctx context.Context, params *DeclineInvitationsInput, optFns ...func(*Options)) (*DeclineInvitationsOutput, error)

Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.

func (*Client) DeleteDetector 

func (c *Client) DeleteDetector(ctx context.Context, params *DeleteDetectorInput, optFns ...func(*Options)) (*DeleteDetectorOutput, error)

Deletes an Amazon GuardDuty detector that is specified by the detector ID.

func (*Client) DeleteFilter 

func (c *Client) DeleteFilter(ctx context.Context, params *DeleteFilterInput, optFns ...func(*Options)) (*DeleteFilterOutput, error)

Deletes the filter specified by the filter name.

func (*Client) DeleteIPSet 

func (c *Client) DeleteIPSet(ctx context.Context, params *DeleteIPSetInput, optFns ...func(*Options)) (*DeleteIPSetOutput, error)

Deletes the IPSet specified by the ipSetId . IPSets are called trusted IP lists in the console user interface.

func (*Client) DeleteInvitations 

func (c *Client) DeleteInvitations(ctx context.Context, params *DeleteInvitationsInput, optFns ...func(*Options)) (*DeleteInvitationsOutput, error)

Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.

func (*Client) DeleteMembers 

func (c *Client) DeleteMembers(ctx context.Context, params *DeleteMembersInput, optFns ...func(*Options)) (*DeleteMembersOutput, error)

Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs. With autoEnableOrganizationMembers configuration for your organization set to ALL , you'll receive an error if you attempt to disable GuardDuty for a member account in your organization.

func (*Client) DeletePublishingDestination 

func (c *Client) DeletePublishingDestination(ctx context.Context, params *DeletePublishingDestinationInput, optFns ...func(*Options)) (*DeletePublishingDestinationOutput, error)

Deletes the publishing definition with the specified destinationId .

func (*Client) DeleteThreatIntelSet 

func (c *Client) DeleteThreatIntelSet(ctx context.Context, params *DeleteThreatIntelSetInput, optFns ...func(*Options)) (*DeleteThreatIntelSetOutput, error)

Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.

func (*Client) DescribeMalwareScans added in v1.15.0 

func (c *Client) DescribeMalwareScans(ctx context.Context, params *DescribeMalwareScansInput, optFns ...func(*Options)) (*DescribeMalwareScansOutput, error)

Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An administrator can view the malware scans for all the member accounts. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) DescribeOrganizationConfiguration 

func (c *Client) DescribeOrganizationConfiguration(ctx context.Context, params *DescribeOrganizationConfigurationInput, optFns ...func(*Options)) (*DescribeOrganizationConfigurationOutput, error)

Returns information about the account selected as the delegated administrator for GuardDuty. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) DescribePublishingDestination 

func (c *Client) DescribePublishingDestination(ctx context.Context, params *DescribePublishingDestinationInput, optFns ...func(*Options)) (*DescribePublishingDestinationOutput, error)

Returns information about the publishing destination specified by the provided destinationId .

func (*Client) DisableOrganizationAdminAccount 

func (c *Client) DisableOrganizationAdminAccount(ctx context.Context, params *DisableOrganizationAdminAccountInput, optFns ...func(*Options)) (*DisableOrganizationAdminAccountOutput, error)

Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation.

func (*Client) DisassociateFromAdministratorAccount added in v1.14.0 

func (c *Client) DisassociateFromAdministratorAccount(ctx context.Context, params *DisassociateFromAdministratorAccountInput, optFns ...func(*Options)) (*DisassociateFromAdministratorAccountOutput, error)

Disassociates the current GuardDuty member account from its administrator account. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html) API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API. With autoEnableOrganizationMembers configuration for your organization set to ALL , you'll receive an error if you attempt to disable GuardDuty in a member account.

func (*Client) DisassociateFromMasterAccount deprecated 

func (c *Client) DisassociateFromMasterAccount(ctx context.Context, params *DisassociateFromMasterAccountInput, optFns ...func(*Options)) (*DisassociateFromMasterAccountOutput, error)

Disassociates the current GuardDuty member account from its administrator account. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html) API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API.

Deprecated: This operation is deprecated, use DisassociateFromAdministratorAccount instead

func (*Client) DisassociateMembers 

func (c *Client) DisassociateMembers(ctx context.Context, params *DisassociateMembersInput, optFns ...func(*Options)) (*DisassociateMembersOutput, error)

Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html) API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API. With autoEnableOrganizationMembers configuration for your organization set to ALL , you'll receive an error if you attempt to disassociate a member account before removing them from your organization. If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API. When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.

func (*Client) EnableOrganizationAdminAccount 

func (c *Client) EnableOrganizationAdminAccount(ctx context.Context, params *EnableOrganizationAdminAccountInput, optFns ...func(*Options)) (*EnableOrganizationAdminAccountOutput, error)

Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation.

func (*Client) GetAdministratorAccount added in v1.14.0 

func (c *Client) GetAdministratorAccount(ctx context.Context, params *GetAdministratorAccountInput, optFns ...func(*Options)) (*GetAdministratorAccountOutput, error)

Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account. If the organization's management account or a delegated administrator runs this API, it will return success ( HTTP 200 ) but no content.

func (*Client) GetCoverageStatistics added in v1.20.0 

func (c *Client) GetCoverageStatistics(ctx context.Context, params *GetCoverageStatisticsInput, optFns ...func(*Options)) (*GetCoverageStatisticsOutput, error)

Retrieves aggregated statistics for your account. If you are a GuardDuty administrator, you can retrieve the statistics for all the resources associated with the active member accounts in your organization who have enabled Runtime Monitoring and have the GuardDuty security agent running on their resources.

func (*Client) GetDetector 

func (c *Client) GetDetector(ctx context.Context, params *GetDetectorInput, optFns ...func(*Options)) (*GetDetectorOutput, error)

Retrieves an Amazon GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) GetFilter 

func (c *Client) GetFilter(ctx context.Context, params *GetFilterInput, optFns ...func(*Options)) (*GetFilterOutput, error)

Returns the details of the filter specified by the filter name.

func (*Client) GetFindings 

func (c *Client) GetFindings(ctx context.Context, params *GetFindingsInput, optFns ...func(*Options)) (*GetFindingsOutput, error)

Describes Amazon GuardDuty findings specified by finding IDs.

func (*Client) GetFindingsStatistics 

func (c *Client) GetFindingsStatistics(ctx context.Context, params *GetFindingsStatisticsInput, optFns ...func(*Options)) (*GetFindingsStatisticsOutput, error)

Lists Amazon GuardDuty findings statistics for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) GetIPSet 

func (c *Client) GetIPSet(ctx context.Context, params *GetIPSetInput, optFns ...func(*Options)) (*GetIPSetOutput, error)

Retrieves the IPSet specified by the ipSetId .

func (*Client) GetInvitationsCount 

func (c *Client) GetInvitationsCount(ctx context.Context, params *GetInvitationsCountInput, optFns ...func(*Options)) (*GetInvitationsCountOutput, error)

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.

func (*Client) GetMalwareScanSettings added in v1.15.0 

func (c *Client) GetMalwareScanSettings(ctx context.Context, params *GetMalwareScanSettingsInput, optFns ...func(*Options)) (*GetMalwareScanSettingsOutput, error)

Returns the details of the malware scan settings. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) GetMasterAccount deprecated 

func (c *Client) GetMasterAccount(ctx context.Context, params *GetMasterAccountInput, optFns ...func(*Options)) (*GetMasterAccountOutput, error)

Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.

Deprecated: This operation is deprecated, use GetAdministratorAccount instead

func (*Client) GetMemberDetectors 

func (c *Client) GetMemberDetectors(ctx context.Context, params *GetMemberDetectorsInput, optFns ...func(*Options)) (*GetMemberDetectorsOutput, error)

Describes which data sources are enabled for the member account's detector. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) GetMembers 

func (c *Client) GetMembers(ctx context.Context, params *GetMembersInput, optFns ...func(*Options)) (*GetMembersOutput, error)

Retrieves GuardDuty member accounts (of the current GuardDuty administrator account) specified by the account IDs.

func (*Client) GetOrganizationStatistics added in v1.36.0 

func (c *Client) GetOrganizationStatistics(ctx context.Context, params *GetOrganizationStatisticsInput, optFns ...func(*Options)) (*GetOrganizationStatisticsOutput, error)

Retrieves how many active member accounts have each feature enabled within GuardDuty. Only a delegated GuardDuty administrator of an organization can run this API. When you create a new organization, it might take up to 24 hours to generate the statistics for the entire organization.

func (*Client) GetRemainingFreeTrialDays added in v1.14.0 

func (c *Client) GetRemainingFreeTrialDays(ctx context.Context, params *GetRemainingFreeTrialDaysInput, optFns ...func(*Options)) (*GetRemainingFreeTrialDaysOutput, error)

Provides the number of days left for each data source used in the free trial period.

func (*Client) GetThreatIntelSet 

func (c *Client) GetThreatIntelSet(ctx context.Context, params *GetThreatIntelSetInput, optFns ...func(*Options)) (*GetThreatIntelSetOutput, error)

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

func (*Client) GetUsageStatistics 

func (c *Client) GetUsageStatistics(ctx context.Context, params *GetUsageStatisticsInput, optFns ...func(*Options)) (*GetUsageStatisticsOutput, error)

Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID. For newly enabled detectors or data sources, the cost returned will include only the usage so far under 30 days. This may differ from the cost metrics in the console, which project usage over 30 days to provide a monthly cost estimate. For more information, see Understanding How Usage Costs are Calculated (https://docs.aws.amazon.com/guardduty/latest/ug/monitoring_costs.html#usage-calculations) .

func (*Client) InviteMembers 

func (c *Client) InviteMembers(ctx context.Context, params *InviteMembersInput, optFns ...func(*Options)) (*InviteMembersOutput, error)

Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using Amazon Web Services Organizations to manage your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html) . To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_invitations.html) . After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html) ) from your account, the details of the member account obtained by invoking CreateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html) , including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html) again. To remove the details associated with a member account, you must also invoke DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) . If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) API. When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.

func (*Client) ListCoverage added in v1.20.0 

func (c *Client) ListCoverage(ctx context.Context, params *ListCoverageInput, optFns ...func(*Options)) (*ListCoverageOutput, error)

Lists coverage details for your GuardDuty account. If you're a GuardDuty administrator, you can retrieve all resources associated with the active member accounts in your organization. Make sure the accounts have Runtime Monitoring enabled and GuardDuty agent running on their resources.

func (*Client) ListDetectors 

func (c *Client) ListDetectors(ctx context.Context, params *ListDetectorsInput, optFns ...func(*Options)) (*ListDetectorsOutput, error)

Lists detectorIds of all the existing Amazon GuardDuty detector resources.

func (*Client) ListFilters 

func (c *Client) ListFilters(ctx context.Context, params *ListFiltersInput, optFns ...func(*Options)) (*ListFiltersOutput, error)

Returns a paginated list of the current filters.

func (*Client) ListFindings 

func (c *Client) ListFindings(ctx context.Context, params *ListFindingsInput, optFns ...func(*Options)) (*ListFindingsOutput, error)

Lists GuardDuty findings for the specified detector ID. There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) ListIPSets 

func (c *Client) ListIPSets(ctx context.Context, params *ListIPSetsInput, optFns ...func(*Options)) (*ListIPSetsOutput, error)

Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the IPSets returned are the IPSets from the associated administrator account.

func (*Client) ListInvitations 

func (c *Client) ListInvitations(ctx context.Context, params *ListInvitationsInput, optFns ...func(*Options)) (*ListInvitationsOutput, error)

Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.

func (*Client) ListMembers 

func (c *Client) ListMembers(ctx context.Context, params *ListMembersInput, optFns ...func(*Options)) (*ListMembersOutput, error)

Lists details about all member accounts for the current GuardDuty administrator account.

func (*Client) ListOrganizationAdminAccounts 

func (c *Client) ListOrganizationAdminAccounts(ctx context.Context, params *ListOrganizationAdminAccountsInput, optFns ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)

Lists the accounts designated as GuardDuty delegated administrators. Only the organization's management account can run this API operation.

func (*Client) ListPublishingDestinations 

func (c *Client) ListPublishingDestinations(ctx context.Context, params *ListPublishingDestinationsInput, optFns ...func(*Options)) (*ListPublishingDestinationsOutput, error)

Returns a list of publishing destinations associated with the specified detectorId .

func (*Client) ListTagsForResource 

func (c *Client) ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error)

Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.

func (*Client) ListThreatIntelSets 

func (c *Client) ListThreatIntelSets(ctx context.Context, params *ListThreatIntelSetsInput, optFns ...func(*Options)) (*ListThreatIntelSetsOutput, error)

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the ThreatIntelSets associated with the administrator account are returned.

func (*Client) Options added in v1.35.0 

func (c *Client) Options() Options

Options returns a copy of the client configuration.

Callers SHOULD NOT perform mutations on any inner structures within client config. Config overrides should instead be made on a per-operation basis through functional options.

func (*Client) StartMalwareScan added in v1.22.0 

func (c *Client) StartMalwareScan(ctx context.Context, params *StartMalwareScanInput, optFns ...func(*Options)) (*StartMalwareScanOutput, error)

Initiates the malware scan. Invoking this API will automatically create the Service-linked role (https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html) in the corresponding account. When the malware scan starts, you can use the associated scan ID to track the status of the scan. For more information, see DescribeMalwareScans (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeMalwareScans.html) .

func (*Client) StartMonitoringMembers 

func (c *Client) StartMonitoringMembers(ctx context.Context, params *StartMonitoringMembersInput, optFns ...func(*Options)) (*StartMonitoringMembersOutput, error)

Turns on GuardDuty monitoring of the specified member accounts. Use this operation to restart monitoring of accounts that you stopped monitoring with the StopMonitoringMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_StopMonitoringMembers.html) operation.

func (*Client) StopMonitoringMembers 

func (c *Client) StopMonitoringMembers(ctx context.Context, params *StopMonitoringMembersInput, optFns ...func(*Options)) (*StopMonitoringMembersOutput, error)

Stops GuardDuty monitoring for the specified member accounts. Use the StartMonitoringMembers operation to restart monitoring for those accounts. With autoEnableOrganizationMembers configuration for your organization set to ALL , you'll receive an error if you attempt to stop monitoring the member accounts in your organization.

func (*Client) TagResource 

func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error)

Adds tags to a resource.

func (*Client) UnarchiveFindings 

func (c *Client) UnarchiveFindings(ctx context.Context, params *UnarchiveFindingsInput, optFns ...func(*Options)) (*UnarchiveFindingsOutput, error)

Unarchives GuardDuty findings specified by the findingIds .

func (*Client) UntagResource 

func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error)

Removes tags from a resource.

func (*Client) UpdateDetector 

func (c *Client) UpdateDetector(ctx context.Context, params *UpdateDetectorInput, optFns ...func(*Options)) (*UpdateDetectorOutput, error)

Updates the GuardDuty detector specified by the detector ID. Specifying both EKS Runtime Monitoring ( EKS_RUNTIME_MONITORING ) and Runtime Monitoring ( RUNTIME_MONITORING ) will cause an error. You can add only one of these two features because Runtime Monitoring already includes the threat detection for Amazon EKS resources. For more information, see Runtime Monitoring (https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html) . There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) UpdateFilter 

func (c *Client) UpdateFilter(ctx context.Context, params *UpdateFilterInput, optFns ...func(*Options)) (*UpdateFilterOutput, error)

Updates the filter specified by the filter name.

func (*Client) UpdateFindingsFeedback 

func (c *Client) UpdateFindingsFeedback(ctx context.Context, params *UpdateFindingsFeedbackInput, optFns ...func(*Options)) (*UpdateFindingsFeedbackOutput, error)

Marks the specified GuardDuty findings as useful or not useful.

func (*Client) UpdateIPSet 

func (c *Client) UpdateIPSet(ctx context.Context, params *UpdateIPSetInput, optFns ...func(*Options)) (*UpdateIPSetOutput, error)

Updates the IPSet specified by the IPSet ID.

func (*Client) UpdateMalwareScanSettings added in v1.15.0 

func (c *Client) UpdateMalwareScanSettings(ctx context.Context, params *UpdateMalwareScanSettingsInput, optFns ...func(*Options)) (*UpdateMalwareScanSettingsOutput, error)

Updates the malware scan settings. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) UpdateMemberDetectors 

func (c *Client) UpdateMemberDetectors(ctx context.Context, params *UpdateMemberDetectorsInput, optFns ...func(*Options)) (*UpdateMemberDetectorsOutput, error)

Contains information on member accounts to be updated. Specifying both EKS Runtime Monitoring ( EKS_RUNTIME_MONITORING ) and Runtime Monitoring ( RUNTIME_MONITORING ) will cause an error. You can add only one of these two features because Runtime Monitoring already includes the threat detection for Amazon EKS resources. For more information, see Runtime Monitoring (https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html) . There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) UpdateOrganizationConfiguration 

func (c *Client) UpdateOrganizationConfiguration(ctx context.Context, params *UpdateOrganizationConfigurationInput, optFns ...func(*Options)) (*UpdateOrganizationConfigurationOutput, error)

Configures the delegated administrator account with the provided values. You must provide a value for either autoEnableOrganizationMembers or autoEnable , but not both. Specifying both EKS Runtime Monitoring ( EKS_RUNTIME_MONITORING ) and Runtime Monitoring ( RUNTIME_MONITORING ) will cause an error. You can add only one of these two features because Runtime Monitoring already includes the threat detection for Amazon EKS resources. For more information, see Runtime Monitoring (https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring.html) . There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html) .

func (*Client) UpdatePublishingDestination 

func (c *Client) UpdatePublishingDestination(ctx context.Context, params *UpdatePublishingDestinationInput, optFns ...func(*Options)) (*UpdatePublishingDestinationOutput, error)

Updates information about the publishing destination specified by the destinationId .

func (*Client) UpdateThreatIntelSet 

func (c *Client) UpdateThreatIntelSet(ctx context.Context, params *UpdateThreatIntelSetInput, optFns ...func(*Options)) (*UpdateThreatIntelSetOutput, error)

Updates the ThreatIntelSet specified by the ThreatIntelSet ID.

type CreateDetectorInput 

type CreateDetectorInput struct {

	// A Boolean value that specifies whether the detector is to be enabled.
	//
	// This member is required.
	Enable *bool

	// The idempotency token for the create request.
	ClientToken *string

	// Describes which data sources will be enabled for the detector. There might be
	// regional differences because some data sources might not be available in all the
	// Amazon Web Services Regions where GuardDuty is presently supported. For more
	// information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html)
	// .
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.DataSourceConfigurations

	// A list of features that will be configured for the detector.
	Features []types.DetectorFeatureConfiguration

	// A value that specifies how frequently updated findings are exported.
	FindingPublishingFrequency types.FindingPublishingFrequency

	// The tags to be added to a new detector resource.
	Tags map[string]string
	// contains filtered or unexported fields
}

type CreateDetectorOutput 

type CreateDetectorOutput struct {

	// The unique ID of the created detector.
	DetectorId *string

	// Specifies the data sources that couldn't be enabled when GuardDuty was enabled
	// for the first time.
	UnprocessedDataSources *types.UnprocessedDataSourcesResult

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateFilterInput 

type CreateFilterInput struct {

	// The ID of the detector belonging to the GuardDuty account that you want to
	// create a filter for.
	//
	// This member is required.
	DetectorId *string

	// Represents the criteria to be used in the filter for querying findings. You can
	// only use the following attributes to query findings:
	//   - accountId
	//   - id
	//   - region
	//   - severity To filter on the basis of severity, the API and CLI use the
	//   following input list for the FindingCriteria (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_FindingCriteria.html)
	//   condition:
	//   - Low: ["1", "2", "3"]
	//   - Medium: ["4", "5", "6"]
	//   - High: ["7", "8", "9"] For more information, see Severity levels for
	//   GuardDuty findings (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity)
	//   .
	//   - type
	//   - updatedAt Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or
	//   YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
	//   - resource.accessKeyDetails.accessKeyId
	//   - resource.accessKeyDetails.principalId
	//   - resource.accessKeyDetails.userName
	//   - resource.accessKeyDetails.userType
	//   - resource.instanceDetails.iamInstanceProfile.id
	//   - resource.instanceDetails.imageId
	//   - resource.instanceDetails.instanceId
	//   - resource.instanceDetails.tags.key
	//   - resource.instanceDetails.tags.value
	//   - resource.instanceDetails.networkInterfaces.ipv6Addresses
	//   -
	//   resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
	//   - resource.instanceDetails.networkInterfaces.publicDnsName
	//   - resource.instanceDetails.networkInterfaces.publicIp
	//   - resource.instanceDetails.networkInterfaces.securityGroups.groupId
	//   - resource.instanceDetails.networkInterfaces.securityGroups.groupName
	//   - resource.instanceDetails.networkInterfaces.subnetId
	//   - resource.instanceDetails.networkInterfaces.vpcId
	//   - resource.instanceDetails.outpostArn
	//   - resource.resourceType
	//   - resource.s3BucketDetails.publicAccess.effectivePermissions
	//   - resource.s3BucketDetails.name
	//   - resource.s3BucketDetails.tags.key
	//   - resource.s3BucketDetails.tags.value
	//   - resource.s3BucketDetails.type
	//   - service.action.actionType
	//   - service.action.awsApiCallAction.api
	//   - service.action.awsApiCallAction.callerType
	//   - service.action.awsApiCallAction.errorCode
	//   - service.action.awsApiCallAction.remoteIpDetails.city.cityName
	//   - service.action.awsApiCallAction.remoteIpDetails.country.countryName
	//   - service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
	//   - service.action.awsApiCallAction.remoteIpDetails.ipAddressV6
	//   - service.action.awsApiCallAction.remoteIpDetails.organization.asn
	//   - service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
	//   - service.action.awsApiCallAction.serviceName
	//   - service.action.dnsRequestAction.domain
	//   - service.action.dnsRequestAction.domainWithSuffix
	//   - service.action.networkConnectionAction.blocked
	//   - service.action.networkConnectionAction.connectionDirection
	//   - service.action.networkConnectionAction.localPortDetails.port
	//   - service.action.networkConnectionAction.protocol
	//   - service.action.networkConnectionAction.remoteIpDetails.city.cityName
	//   - service.action.networkConnectionAction.remoteIpDetails.country.countryName
	//   - service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
	//   - service.action.networkConnectionAction.remoteIpDetails.ipAddressV6
	//   - service.action.networkConnectionAction.remoteIpDetails.organization.asn
	//   - service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
	//   - service.action.networkConnectionAction.remotePortDetails.port
	//   - service.action.awsApiCallAction.remoteAccountDetails.affiliated
	//   - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4
	//   - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6
	//   - service.action.kubernetesApiCallAction.namespace
	//   - service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn
	//   - service.action.kubernetesApiCallAction.requestUri
	//   - service.action.kubernetesApiCallAction.statusCode
	//   - service.action.networkConnectionAction.localIpDetails.ipAddressV4
	//   - service.action.networkConnectionAction.localIpDetails.ipAddressV6
	//   - service.action.networkConnectionAction.protocol
	//   - service.action.awsApiCallAction.serviceName
	//   - service.action.awsApiCallAction.remoteAccountDetails.accountId
	//   - service.additionalInfo.threatListName
	//   - service.resourceRole
	//   - resource.eksClusterDetails.name
	//   - resource.kubernetesDetails.kubernetesWorkloadDetails.name
	//   - resource.kubernetesDetails.kubernetesWorkloadDetails.namespace
	//   - resource.kubernetesDetails.kubernetesUserDetails.username
	//   - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image
	//   - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix
	//   - service.ebsVolumeScanDetails.scanId
	//   -
	//   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name
	//
	//   -
	//   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity
	//
	//   -
	//   service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash
	//
	//   - resource.ecsClusterDetails.name
	//   - resource.ecsClusterDetails.taskDetails.containers.image
	//   - resource.ecsClusterDetails.taskDetails.definitionArn
	//   - resource.containerDetails.image
	//   - resource.rdsDbInstanceDetails.dbInstanceIdentifier
	//   - resource.rdsDbInstanceDetails.dbClusterIdentifier
	//   - resource.rdsDbInstanceDetails.engine
	//   - resource.rdsDbUserDetails.user
	//   - resource.rdsDbInstanceDetails.tags.key
	//   - resource.rdsDbInstanceDetails.tags.value
	//   - service.runtimeDetails.process.executableSha256
	//   - service.runtimeDetails.process.name
	//   - service.runtimeDetails.process.name
	//   - resource.lambdaDetails.functionName
	//   - resource.lambdaDetails.functionArn
	//   - resource.lambdaDetails.tags.key
	//   - resource.lambdaDetails.tags.value
	//
	// This member is required.
	FindingCriteria *types.FindingCriteria

	// The name of the filter. Valid characters include period (.), underscore (_),
	// dash (-), and alphanumeric characters. A whitespace is considered to be an
	// invalid character.
	//
	// This member is required.
	Name *string

	// Specifies the action that is to be applied to the findings that match the
	// filter.
	Action types.FilterAction

	// The idempotency token for the create request.
	ClientToken *string

	// The description of the filter. Valid characters include alphanumeric
	// characters, and special characters such as hyphen, period, colon, underscore,
	// parentheses ( { } , [ ] , and ( ) ), forward slash, horizontal tab, vertical
	// tab, newline, form feed, return, and whitespace.
	Description *string

	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32

	// The tags to be added to a new filter resource.
	Tags map[string]string
	// contains filtered or unexported fields
}

type CreateFilterOutput 

type CreateFilterOutput struct {

	// The name of the successfully created filter.
	//
	// This member is required.
	Name *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateIPSetInput 

type CreateIPSetInput struct {

	// A Boolean value that indicates whether GuardDuty is to start using the uploaded
	// IPSet.
	//
	// This member is required.
	Activate *bool

	// The unique ID of the detector of the GuardDuty account that you want to create
	// an IPSet for.
	//
	// This member is required.
	DetectorId *string

	// The format of the file that contains the IPSet.
	//
	// This member is required.
	Format types.IpSetFormat

	// The URI of the file that contains the IPSet.
	//
	// This member is required.
	Location *string

	// The user-friendly name to identify the IPSet. Allowed characters are
	// alphanumeric, whitespace, dash (-), and underscores (_).
	//
	// This member is required.
	Name *string

	// The idempotency token for the create request.
	ClientToken *string

	// The tags to be added to a new IP set resource.
	Tags map[string]string
	// contains filtered or unexported fields
}

type CreateIPSetOutput 

type CreateIPSetOutput struct {

	// The ID of the IPSet resource.
	//
	// This member is required.
	IpSetId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateMembersInput 

type CreateMembersInput struct {

	// A list of account ID and email address pairs of the accounts that you want to
	// associate with the GuardDuty administrator account.
	//
	// This member is required.
	AccountDetails []types.AccountDetail

	// The unique ID of the detector of the GuardDuty account that you want to
	// associate member accounts with.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type CreateMembersOutput 

type CreateMembersOutput struct {

	// A list of objects that include the accountIds of the unprocessed accounts and a
	// result string that explains why each was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreatePublishingDestinationInput 

type CreatePublishingDestinationInput struct {

	// The properties of the publishing destination, including the ARNs for the
	// destination and the KMS key used for encryption.
	//
	// This member is required.
	DestinationProperties *types.DestinationProperties

	// The type of resource for the publishing destination. Currently only Amazon S3
	// buckets are supported.
	//
	// This member is required.
	DestinationType types.DestinationType

	// The ID of the GuardDuty detector associated with the publishing destination.
	//
	// This member is required.
	DetectorId *string

	// The idempotency token for the request.
	ClientToken *string
	// contains filtered or unexported fields
}

type CreatePublishingDestinationOutput 

type CreatePublishingDestinationOutput struct {

	// The ID of the publishing destination that is created.
	//
	// This member is required.
	DestinationId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateSampleFindingsInput 

type CreateSampleFindingsInput struct {

	// The ID of the detector to create sample findings for.
	//
	// This member is required.
	DetectorId *string

	// The types of sample findings to generate.
	FindingTypes []string
	// contains filtered or unexported fields
}

type CreateSampleFindingsOutput 

type CreateSampleFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateThreatIntelSetInput 

type CreateThreatIntelSetInput struct {

	// A Boolean value that indicates whether GuardDuty is to start using the uploaded
	// ThreatIntelSet.
	//
	// This member is required.
	Activate *bool

	// The unique ID of the detector of the GuardDuty account that you want to create
	// a threatIntelSet for.
	//
	// This member is required.
	DetectorId *string

	// The format of the file that contains the ThreatIntelSet.
	//
	// This member is required.
	Format types.ThreatIntelSetFormat

	// The URI of the file that contains the ThreatIntelSet.
	//
	// This member is required.
	Location *string

	// A user-friendly ThreatIntelSet name displayed in all findings that are
	// generated by activity that involves IP addresses included in this
	// ThreatIntelSet.
	//
	// This member is required.
	Name *string

	// The idempotency token for the create request.
	ClientToken *string

	// The tags to be added to a new threat list resource.
	Tags map[string]string
	// contains filtered or unexported fields
}

type CreateThreatIntelSetOutput 

type CreateThreatIntelSetOutput struct {

	// The ID of the ThreatIntelSet resource.
	//
	// This member is required.
	ThreatIntelSetId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeclineInvitationsInput 

type DeclineInvitationsInput struct {

	// A list of account IDs of the Amazon Web Services accounts that sent invitations
	// to the current member account that you want to decline invitations from.
	//
	// This member is required.
	AccountIds []string
	// contains filtered or unexported fields
}

type DeclineInvitationsOutput 

type DeclineInvitationsOutput struct {

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteDetectorInput 

type DeleteDetectorInput struct {

	// The unique ID of the detector that you want to delete.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DeleteDetectorOutput 

type DeleteDetectorOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteFilterInput 

type DeleteFilterInput struct {

	// The unique ID of the detector that the filter is associated with.
	//
	// This member is required.
	DetectorId *string

	// The name of the filter that you want to delete.
	//
	// This member is required.
	FilterName *string
	// contains filtered or unexported fields
}

type DeleteFilterOutput 

type DeleteFilterOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteIPSetInput 

type DeleteIPSetInput struct {

	// The unique ID of the detector associated with the IPSet.
	//
	// This member is required.
	DetectorId *string

	// The unique ID of the IPSet to delete.
	//
	// This member is required.
	IpSetId *string
	// contains filtered or unexported fields
}

type DeleteIPSetOutput 

type DeleteIPSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteInvitationsInput 

type DeleteInvitationsInput struct {

	// A list of account IDs of the Amazon Web Services accounts that sent invitations
	// to the current member account that you want to delete invitations from.
	//
	// This member is required.
	AccountIds []string
	// contains filtered or unexported fields
}

type DeleteInvitationsOutput 

type DeleteInvitationsOutput struct {

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteMembersInput 

type DeleteMembersInput struct {

	// A list of account IDs of the GuardDuty member accounts that you want to delete.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector of the GuardDuty account whose members you want
	// to delete.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DeleteMembersOutput 

type DeleteMembersOutput struct {

	// The accounts that could not be processed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeletePublishingDestinationInput 

type DeletePublishingDestinationInput struct {

	// The ID of the publishing destination to delete.
	//
	// This member is required.
	DestinationId *string

	// The unique ID of the detector associated with the publishing destination to
	// delete.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DeletePublishingDestinationOutput 

type DeletePublishingDestinationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteThreatIntelSetInput 

type DeleteThreatIntelSetInput struct {

	// The unique ID of the detector that the threatIntelSet is associated with.
	//
	// This member is required.
	DetectorId *string

	// The unique ID of the threatIntelSet that you want to delete.
	//
	// This member is required.
	ThreatIntelSetId *string
	// contains filtered or unexported fields
}

type DeleteThreatIntelSetOutput 

type DeleteThreatIntelSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DescribeMalwareScansAPIClient added in v1.15.0 

type DescribeMalwareScansAPIClient interface {
	DescribeMalwareScans(context.Context, *DescribeMalwareScansInput, ...func(*Options)) (*DescribeMalwareScansOutput, error)
}

DescribeMalwareScansAPIClient is a client that implements the DescribeMalwareScans operation.

type DescribeMalwareScansInput added in v1.15.0 

type DescribeMalwareScansInput struct {

	// The unique ID of the detector that the request is associated with.
	//
	// This member is required.
	DetectorId *string

	// Represents the criteria to be used in the filter for describing scan entries.
	FilterCriteria *types.FilterCriteria

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string

	// Represents the criteria used for sorting scan entries. The attributeName (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_SortCriteria.html#guardduty-Type-SortCriteria-attributeName)
	// is required and it must be scanStartTime .
	SortCriteria *types.SortCriteria
	// contains filtered or unexported fields
}

type DescribeMalwareScansOutput added in v1.15.0 

type DescribeMalwareScansOutput struct {

	// Contains information about malware scans.
	//
	// This member is required.
	Scans []types.Scan

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DescribeMalwareScansPaginator added in v1.15.0 

type DescribeMalwareScansPaginator struct {
	// contains filtered or unexported fields
}

DescribeMalwareScansPaginator is a paginator for DescribeMalwareScans

func NewDescribeMalwareScansPaginator added in v1.15.0 

func NewDescribeMalwareScansPaginator(client DescribeMalwareScansAPIClient, params *DescribeMalwareScansInput, optFns ...func(*DescribeMalwareScansPaginatorOptions)) *DescribeMalwareScansPaginator

NewDescribeMalwareScansPaginator returns a new DescribeMalwareScansPaginator

func (*DescribeMalwareScansPaginator) HasMorePages added in v1.15.0 

func (p *DescribeMalwareScansPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*DescribeMalwareScansPaginator) NextPage added in v1.15.0 

func (p *DescribeMalwareScansPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*DescribeMalwareScansOutput, error)

NextPage retrieves the next DescribeMalwareScans page.

type DescribeMalwareScansPaginatorOptions added in v1.15.0 

type DescribeMalwareScansPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

DescribeMalwareScansPaginatorOptions is the paginator options for DescribeMalwareScans

type DescribeOrganizationConfigurationAPIClient added in v1.18.0 

type DescribeOrganizationConfigurationAPIClient interface {
	DescribeOrganizationConfiguration(context.Context, *DescribeOrganizationConfigurationInput, ...func(*Options)) (*DescribeOrganizationConfigurationOutput, error)
}

DescribeOrganizationConfigurationAPIClient is a client that implements the DescribeOrganizationConfiguration operation.

type DescribeOrganizationConfigurationInput 

type DescribeOrganizationConfigurationInput struct {

	// The ID of the detector to retrieve information about the delegated
	// administrator from.
	//
	// This member is required.
	DetectorId *string

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type DescribeOrganizationConfigurationOutput 

type DescribeOrganizationConfigurationOutput struct {

	// Indicates whether the maximum number of allowed member accounts are already
	// associated with the delegated administrator account for your organization.
	//
	// This member is required.
	MemberAccountLimitReached *bool

	// Indicates whether GuardDuty is automatically enabled for accounts added to the
	// organization. Even though this is still supported, we recommend using
	// AutoEnableOrganizationMembers to achieve the similar results.
	//
	// Deprecated: This field is deprecated, use AutoEnableOrganizationMembers instead
	AutoEnable *bool

	// Indicates the auto-enablement configuration of GuardDuty or any of the
	// corresponding protection plans for the member accounts in the organization.
	//   - NEW : Indicates that when a new account joins the organization, they will
	//   have GuardDuty or any of the corresponding protection plans enabled
	//   automatically.
	//   - ALL : Indicates that all accounts in the organization have GuardDuty and any
	//   of the corresponding protection plans enabled automatically. This includes NEW
	//   accounts that join the organization and accounts that may have been suspended or
	//   removed from the organization in GuardDuty.
	//   - NONE : Indicates that GuardDuty or any of the corresponding protection plans
	//   will not be automatically enabled for any account in the organization. The
	//   administrator must manage GuardDuty for each account in the organization
	//   individually. When you update the auto-enable setting from ALL or NEW to NONE
	//   , this action doesn't disable the corresponding option for your existing
	//   accounts. This configuration will apply to the new accounts that join the
	//   organization. After you update the auto-enable settings, no new account will
	//   have the corresponding option as enabled.
	AutoEnableOrganizationMembers types.AutoEnableMembers

	// Describes which data sources are enabled automatically for member accounts.
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.OrganizationDataSourceConfigurationsResult

	// A list of features that are configured for this organization.
	Features []types.OrganizationFeatureConfigurationResult

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DescribeOrganizationConfigurationPaginator added in v1.18.0 

type DescribeOrganizationConfigurationPaginator struct {
	// contains filtered or unexported fields
}

DescribeOrganizationConfigurationPaginator is a paginator for DescribeOrganizationConfiguration

func NewDescribeOrganizationConfigurationPaginator added in v1.18.0 

func NewDescribeOrganizationConfigurationPaginator(client DescribeOrganizationConfigurationAPIClient, params *DescribeOrganizationConfigurationInput, optFns ...func(*DescribeOrganizationConfigurationPaginatorOptions)) *DescribeOrganizationConfigurationPaginator

NewDescribeOrganizationConfigurationPaginator returns a new DescribeOrganizationConfigurationPaginator

func (*DescribeOrganizationConfigurationPaginator) HasMorePages added in v1.18.0 

func (p *DescribeOrganizationConfigurationPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*DescribeOrganizationConfigurationPaginator) NextPage added in v1.18.0 

func (p *DescribeOrganizationConfigurationPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*DescribeOrganizationConfigurationOutput, error)

NextPage retrieves the next DescribeOrganizationConfiguration page.

type DescribeOrganizationConfigurationPaginatorOptions added in v1.18.0 

type DescribeOrganizationConfigurationPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

DescribeOrganizationConfigurationPaginatorOptions is the paginator options for DescribeOrganizationConfiguration

type DescribePublishingDestinationInput 

type DescribePublishingDestinationInput struct {

	// The ID of the publishing destination to retrieve.
	//
	// This member is required.
	DestinationId *string

	// The unique ID of the detector associated with the publishing destination to
	// retrieve.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DescribePublishingDestinationOutput 

type DescribePublishingDestinationOutput struct {

	// The ID of the publishing destination.
	//
	// This member is required.
	DestinationId *string

	// A DestinationProperties object that includes the DestinationArn and KmsKeyArn
	// of the publishing destination.
	//
	// This member is required.
	DestinationProperties *types.DestinationProperties

	// The type of publishing destination. Currently, only Amazon S3 buckets are
	// supported.
	//
	// This member is required.
	DestinationType types.DestinationType

	// The time, in epoch millisecond format, at which GuardDuty was first unable to
	// publish findings to the destination.
	//
	// This member is required.
	PublishingFailureStartTimestamp *int64

	// The status of the publishing destination.
	//
	// This member is required.
	Status types.PublishingStatus

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisableOrganizationAdminAccountInput 

type DisableOrganizationAdminAccountInput struct {

	// The Amazon Web Services Account ID for the organizations account to be disabled
	// as a GuardDuty delegated administrator.
	//
	// This member is required.
	AdminAccountId *string
	// contains filtered or unexported fields
}

type DisableOrganizationAdminAccountOutput 

type DisableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisassociateFromAdministratorAccountInput added in v1.14.0 

type DisassociateFromAdministratorAccountInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DisassociateFromAdministratorAccountOutput added in v1.14.0 

type DisassociateFromAdministratorAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisassociateFromMasterAccountInput 

type DisassociateFromMasterAccountInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DisassociateFromMasterAccountOutput 

type DisassociateFromMasterAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisassociateMembersInput 

type DisassociateMembersInput struct {

	// A list of account IDs of the GuardDuty member accounts that you want to
	// disassociate from the administrator account.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector of the GuardDuty account whose members you want
	// to disassociate from the administrator account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type DisassociateMembersOutput 

type DisassociateMembersOutput struct {

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type EnableOrganizationAdminAccountInput 

type EnableOrganizationAdminAccountInput struct {

	// The Amazon Web Services account ID for the organization account to be enabled
	// as a GuardDuty delegated administrator.
	//
	// This member is required.
	AdminAccountId *string
	// contains filtered or unexported fields
}

type EnableOrganizationAdminAccountOutput 

type EnableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type EndpointParameters added in v1.25.0 

type EndpointParameters struct {
	// The AWS region used to dispatch the request.
	//
	// Parameter is
	// required.
	//
	// AWS::Region
	Region *string

	// When true, use the dual-stack endpoint. If the configured endpoint does not
	// support dual-stack, dispatching the request MAY return an error.
	//
	// Defaults to
	// false if no value is provided.
	//
	// AWS::UseDualStack
	UseDualStack *bool

	// When true, send this request to the FIPS-compliant regional endpoint. If the
	// configured endpoint does not have a FIPS compliant endpoint, dispatching the
	// request will return an error.
	//
	// Defaults to false if no value is
	// provided.
	//
	// AWS::UseFIPS
	UseFIPS *bool

	// Override the endpoint used to send this request
	//
	// Parameter is
	// required.
	//
	// SDK::Endpoint
	Endpoint *string
}

EndpointParameters provides the parameters that influence how endpoints are resolved.

func (EndpointParameters) ValidateRequired added in v1.25.0 

func (p EndpointParameters) ValidateRequired() error

ValidateRequired validates required parameters are set.

func (EndpointParameters) WithDefaults added in v1.25.0 

func (p EndpointParameters) WithDefaults() EndpointParameters

WithDefaults returns a shallow copy of EndpointParameterswith default values applied to members where applicable.

type EndpointResolver 

type EndpointResolver interface {
	ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
}

EndpointResolver interface for resolving service endpoints.

func EndpointResolverFromURL added in v1.1.0 

func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver

EndpointResolverFromURL returns an EndpointResolver configured using the provided endpoint url. By default, the resolved endpoint resolver uses the client region as signing region, and the endpoint source is set to EndpointSourceCustom.You can provide functional options to configure endpoint values for the resolved endpoint.

type EndpointResolverFunc 

type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)

EndpointResolverFunc is a helper utility that wraps a function so it satisfies the EndpointResolver interface. This is useful when you want to add additional endpoint resolving logic, or stub out specific endpoints with custom values.

func (EndpointResolverFunc) ResolveEndpoint 

func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error)

type EndpointResolverOptions added in v0.29.0 

type EndpointResolverOptions = internalendpoints.Options

EndpointResolverOptions is the service endpoint resolver options

type EndpointResolverV2 added in v1.25.0 

type EndpointResolverV2 interface {
	// ResolveEndpoint attempts to resolve the endpoint with the provided options,
	// returning the endpoint if found. Otherwise an error is returned.
	ResolveEndpoint(ctx context.Context, params EndpointParameters) (
		smithyendpoints.Endpoint, error,
	)
}

EndpointResolverV2 provides the interface for resolving service endpoints.

func NewDefaultEndpointResolverV2 added in v1.25.0 

func NewDefaultEndpointResolverV2() EndpointResolverV2

type GetAdministratorAccountInput added in v1.14.0 

type GetAdministratorAccountInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetAdministratorAccountOutput added in v1.14.0 

type GetAdministratorAccountOutput struct {

	// The administrator account details.
	//
	// This member is required.
	Administrator *types.Administrator

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetCoverageStatisticsInput added in v1.20.0 

type GetCoverageStatisticsInput struct {

	// The unique ID of the GuardDuty detector associated to the coverage statistics.
	//
	// This member is required.
	DetectorId *string

	// Represents the statistics type used to aggregate the coverage details.
	//
	// This member is required.
	StatisticsType []types.CoverageStatisticsType

	// Represents the criteria used to filter the coverage statistics
	FilterCriteria *types.CoverageFilterCriteria
	// contains filtered or unexported fields
}

type GetCoverageStatisticsOutput added in v1.20.0 

type GetCoverageStatisticsOutput struct {

	// Represents the count aggregated by the statusCode and resourceType .
	CoverageStatistics *types.CoverageStatistics

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetDetectorInput 

type GetDetectorInput struct {

	// The unique ID of the detector that you want to get.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetDetectorOutput 

type GetDetectorOutput struct {

	// The GuardDuty service role.
	//
	// This member is required.
	ServiceRole *string

	// The detector status.
	//
	// This member is required.
	Status types.DetectorStatus

	// The timestamp of when the detector was created.
	CreatedAt *string

	// Describes which data sources are enabled for the detector.
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.DataSourceConfigurationsResult

	// Describes the features that have been enabled for the detector.
	Features []types.DetectorFeatureConfigurationResult

	// The publishing frequency of the finding.
	FindingPublishingFrequency types.FindingPublishingFrequency

	// The tags of the detector resource.
	Tags map[string]string

	// The last-updated timestamp for the detector.
	UpdatedAt *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetFilterInput 

type GetFilterInput struct {

	// The unique ID of the detector that the filter is associated with.
	//
	// This member is required.
	DetectorId *string

	// The name of the filter you want to get.
	//
	// This member is required.
	FilterName *string
	// contains filtered or unexported fields
}

type GetFilterOutput 

type GetFilterOutput struct {

	// Specifies the action that is to be applied to the findings that match the
	// filter.
	//
	// This member is required.
	Action types.FilterAction

	// Represents the criteria to be used in the filter for querying findings.
	//
	// This member is required.
	FindingCriteria *types.FindingCriteria

	// The name of the filter.
	//
	// This member is required.
	Name *string

	// The description of the filter.
	Description *string

	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32

	// The tags of the filter resource.
	Tags map[string]string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetFindingsInput 

type GetFindingsInput struct {

	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to retrieve.
	//
	// This member is required.
	DetectorId *string

	// The IDs of the findings that you want to retrieve.
	//
	// This member is required.
	FindingIds []string

	// Represents the criteria used for sorting findings.
	SortCriteria *types.SortCriteria
	// contains filtered or unexported fields
}

type GetFindingsOutput 

type GetFindingsOutput struct {

	// A list of findings.
	//
	// This member is required.
	Findings []types.Finding

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetFindingsStatisticsInput 

type GetFindingsStatisticsInput struct {

	// The ID of the detector that specifies the GuardDuty service whose findings'
	// statistics you want to retrieve.
	//
	// This member is required.
	DetectorId *string

	// The types of finding statistics to retrieve.
	//
	// This member is required.
	FindingStatisticTypes []types.FindingStatisticType

	// Represents the criteria that is used for querying findings.
	FindingCriteria *types.FindingCriteria
	// contains filtered or unexported fields
}

type GetFindingsStatisticsOutput 

type GetFindingsStatisticsOutput struct {

	// The finding statistics object.
	//
	// This member is required.
	FindingStatistics *types.FindingStatistics

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetIPSetInput 

type GetIPSetInput struct {

	// The unique ID of the detector that the IPSet is associated with.
	//
	// This member is required.
	DetectorId *string

	// The unique ID of the IPSet to retrieve.
	//
	// This member is required.
	IpSetId *string
	// contains filtered or unexported fields
}

type GetIPSetOutput 

type GetIPSetOutput struct {

	// The format of the file that contains the IPSet.
	//
	// This member is required.
	Format types.IpSetFormat

	// The URI of the file that contains the IPSet.
	//
	// This member is required.
	Location *string

	// The user-friendly name for the IPSet.
	//
	// This member is required.
	Name *string

	// The status of IPSet file that was uploaded.
	//
	// This member is required.
	Status types.IpSetStatus

	// The tags of the IPSet resource.
	Tags map[string]string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetInvitationsCountInput 

type GetInvitationsCountInput struct {
	// contains filtered or unexported fields
}

type GetInvitationsCountOutput 

type GetInvitationsCountOutput struct {

	// The number of received invitations.
	InvitationsCount *int32

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetMalwareScanSettingsInput added in v1.15.0 

type GetMalwareScanSettingsInput struct {

	// The unique ID of the detector that the scan setting is associated with.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetMalwareScanSettingsOutput added in v1.15.0 

type GetMalwareScanSettingsOutput struct {

	// An enum value representing possible snapshot preservation settings.
	EbsSnapshotPreservation types.EbsSnapshotPreservation

	// Represents the criteria to be used in the filter for scanning resources.
	ScanResourceCriteria *types.ScanResourceCriteria

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetMasterAccountInput 

type GetMasterAccountInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetMasterAccountOutput 

type GetMasterAccountOutput struct {

	// The administrator account details.
	//
	// This member is required.
	Master *types.Master

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetMemberDetectorsInput 

type GetMemberDetectorsInput struct {

	// The account ID of the member account.
	//
	// This member is required.
	AccountIds []string

	// The detector ID for the administrator account.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetMemberDetectorsOutput 

type GetMemberDetectorsOutput struct {

	// An object that describes which data sources are enabled for a member account.
	//
	// This member is required.
	MemberDataSourceConfigurations []types.MemberDataSourceConfiguration

	// A list of member account IDs that were unable to be processed along with an
	// explanation for why they were not processed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetMembersInput 

type GetMembersInput struct {

	// A list of account IDs of the GuardDuty member accounts that you want to
	// describe.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector of the GuardDuty account whose members you want
	// to retrieve.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type GetMembersOutput 

type GetMembersOutput struct {

	// A list of members.
	//
	// This member is required.
	Members []types.Member

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetOrganizationStatisticsInput added in v1.36.0 

type GetOrganizationStatisticsInput struct {
	// contains filtered or unexported fields
}

type GetOrganizationStatisticsOutput added in v1.36.0 

type GetOrganizationStatisticsOutput struct {

	// Information about the statistics report for your organization.
	OrganizationDetails *types.OrganizationDetails

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetRemainingFreeTrialDaysInput added in v1.14.0 

type GetRemainingFreeTrialDaysInput struct {

	// The unique ID of the detector of the GuardDuty member account.
	//
	// This member is required.
	DetectorId *string

	// A list of account identifiers of the GuardDuty member account.
	AccountIds []string
	// contains filtered or unexported fields
}

type GetRemainingFreeTrialDaysOutput added in v1.14.0 

type GetRemainingFreeTrialDaysOutput struct {

	// The member accounts which were included in a request and were processed
	// successfully.
	Accounts []types.AccountFreeTrialInfo

	// The member account that was included in a request but for which the request
	// could not be processed.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetThreatIntelSetInput 

type GetThreatIntelSetInput struct {

	// The unique ID of the detector that the threatIntelSet is associated with.
	//
	// This member is required.
	DetectorId *string

	// The unique ID of the threatIntelSet that you want to get.
	//
	// This member is required.
	ThreatIntelSetId *string
	// contains filtered or unexported fields
}

type GetThreatIntelSetOutput 

type GetThreatIntelSetOutput struct {

	// The format of the threatIntelSet.
	//
	// This member is required.
	Format types.ThreatIntelSetFormat

	// The URI of the file that contains the ThreatIntelSet.
	//
	// This member is required.
	Location *string

	// A user-friendly ThreatIntelSet name displayed in all findings that are
	// generated by activity that involves IP addresses included in this
	// ThreatIntelSet.
	//
	// This member is required.
	Name *string

	// The status of threatIntelSet file uploaded.
	//
	// This member is required.
	Status types.ThreatIntelSetStatus

	// The tags of the threat list resource.
	Tags map[string]string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetUsageStatisticsAPIClient added in v0.30.0 

type GetUsageStatisticsAPIClient interface {
	GetUsageStatistics(context.Context, *GetUsageStatisticsInput, ...func(*Options)) (*GetUsageStatisticsOutput, error)
}

GetUsageStatisticsAPIClient is a client that implements the GetUsageStatistics operation.

type GetUsageStatisticsInput 

type GetUsageStatisticsInput struct {

	// The ID of the detector that specifies the GuardDuty service whose usage
	// statistics you want to retrieve.
	//
	// This member is required.
	DetectorId *string

	// Represents the criteria used for querying usage.
	//
	// This member is required.
	UsageCriteria *types.UsageCriteria

	// The type of usage statistics to retrieve.
	//
	// This member is required.
	UsageStatisticType types.UsageStatisticType

	// The maximum number of results to return in the response.
	MaxResults *int32

	// A token to use for paginating results that are returned in the response. Set
	// the value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string

	// The currency unit you would like to view your usage statistics in. Current
	// valid values are USD.
	Unit *string
	// contains filtered or unexported fields
}

type GetUsageStatisticsOutput 

type GetUsageStatisticsOutput struct {

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// The usage statistics object. If a UsageStatisticType was provided, the objects
	// representing other types will be null.
	UsageStatistics *types.UsageStatistics

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetUsageStatisticsPaginator added in v0.30.0 

type GetUsageStatisticsPaginator struct {
	// contains filtered or unexported fields
}

GetUsageStatisticsPaginator is a paginator for GetUsageStatistics

func NewGetUsageStatisticsPaginator added in v0.30.0 

func NewGetUsageStatisticsPaginator(client GetUsageStatisticsAPIClient, params *GetUsageStatisticsInput, optFns ...func(*GetUsageStatisticsPaginatorOptions)) *GetUsageStatisticsPaginator

NewGetUsageStatisticsPaginator returns a new GetUsageStatisticsPaginator

func (*GetUsageStatisticsPaginator) HasMorePages added in v0.30.0 

func (p *GetUsageStatisticsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*GetUsageStatisticsPaginator) NextPage added in v0.30.0 

func (p *GetUsageStatisticsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*GetUsageStatisticsOutput, error)

NextPage retrieves the next GetUsageStatistics page.

type GetUsageStatisticsPaginatorOptions added in v0.30.0 

type GetUsageStatisticsPaginatorOptions struct {
	// The maximum number of results to return in the response.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

GetUsageStatisticsPaginatorOptions is the paginator options for GetUsageStatistics

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

type HTTPSignerV4 

type HTTPSignerV4 interface {
	SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error
}

type IdempotencyTokenProvider 

type IdempotencyTokenProvider interface {
	GetIdempotencyToken() (string, error)
}

IdempotencyTokenProvider interface for providing idempotency token

type InviteMembersInput 

type InviteMembersInput struct {

	// A list of account IDs of the accounts that you want to invite to GuardDuty as
	// members.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector of the GuardDuty account that you want to invite
	// members with.
	//
	// This member is required.
	DetectorId *string

	// A Boolean value that specifies whether you want to disable email notification
	// to the accounts that you are inviting to GuardDuty as members.
	DisableEmailNotification *bool

	// The invitation message that you want to send to the accounts that you're
	// inviting to GuardDuty as members.
	Message *string
	// contains filtered or unexported fields
}

type InviteMembersOutput 

type InviteMembersOutput struct {

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListCoverageAPIClient added in v1.20.0 

type ListCoverageAPIClient interface {
	ListCoverage(context.Context, *ListCoverageInput, ...func(*Options)) (*ListCoverageOutput, error)
}

ListCoverageAPIClient is a client that implements the ListCoverage operation.

type ListCoverageInput added in v1.20.0 

type ListCoverageInput struct {

	// The unique ID of the detector whose coverage details you want to retrieve.
	//
	// This member is required.
	DetectorId *string

	// Represents the criteria used to filter the coverage details.
	FilterCriteria *types.CoverageFilterCriteria

	// The maximum number of results to return in the response.
	MaxResults *int32

	// A token to use for paginating results that are returned in the response. Set
	// the value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string

	// Represents the criteria used to sort the coverage details.
	SortCriteria *types.CoverageSortCriteria
	// contains filtered or unexported fields
}

type ListCoverageOutput added in v1.20.0 

type ListCoverageOutput struct {

	// A list of resources and their attributes providing cluster details.
	//
	// This member is required.
	Resources []types.CoverageResource

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListCoveragePaginator added in v1.20.0 

type ListCoveragePaginator struct {
	// contains filtered or unexported fields
}

ListCoveragePaginator is a paginator for ListCoverage

func NewListCoveragePaginator added in v1.20.0 

func NewListCoveragePaginator(client ListCoverageAPIClient, params *ListCoverageInput, optFns ...func(*ListCoveragePaginatorOptions)) *ListCoveragePaginator

NewListCoveragePaginator returns a new ListCoveragePaginator

func (*ListCoveragePaginator) HasMorePages added in v1.20.0 

func (p *ListCoveragePaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListCoveragePaginator) NextPage added in v1.20.0 

func (p *ListCoveragePaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListCoverageOutput, error)

NextPage retrieves the next ListCoverage page.

type ListCoveragePaginatorOptions added in v1.20.0 

type ListCoveragePaginatorOptions struct {
	// The maximum number of results to return in the response.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListCoveragePaginatorOptions is the paginator options for ListCoverage

type ListDetectorsAPIClient added in v0.30.0 

type ListDetectorsAPIClient interface {
	ListDetectors(context.Context, *ListDetectorsInput, ...func(*Options)) (*ListDetectorsOutput, error)
}

ListDetectorsAPIClient is a client that implements the ListDetectors operation.

type ListDetectorsInput 

type ListDetectorsInput struct {

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type ListDetectorsOutput 

type ListDetectorsOutput struct {

	// A list of detector IDs.
	//
	// This member is required.
	DetectorIds []string

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListDetectorsPaginator added in v0.30.0 

type ListDetectorsPaginator struct {
	// contains filtered or unexported fields
}

ListDetectorsPaginator is a paginator for ListDetectors

func NewListDetectorsPaginator added in v0.30.0 

func NewListDetectorsPaginator(client ListDetectorsAPIClient, params *ListDetectorsInput, optFns ...func(*ListDetectorsPaginatorOptions)) *ListDetectorsPaginator

NewListDetectorsPaginator returns a new ListDetectorsPaginator

func (*ListDetectorsPaginator) HasMorePages added in v0.30.0 

func (p *ListDetectorsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListDetectorsPaginator) NextPage added in v0.30.0 

func (p *ListDetectorsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListDetectorsOutput, error)

NextPage retrieves the next ListDetectors page.

type ListDetectorsPaginatorOptions added in v0.30.0 

type ListDetectorsPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListDetectorsPaginatorOptions is the paginator options for ListDetectors

type ListFiltersAPIClient added in v0.30.0 

type ListFiltersAPIClient interface {
	ListFilters(context.Context, *ListFiltersInput, ...func(*Options)) (*ListFiltersOutput, error)
}

ListFiltersAPIClient is a client that implements the ListFilters operation.

type ListFiltersInput 

type ListFiltersInput struct {

	// The unique ID of the detector that the filter is associated with.
	//
	// This member is required.
	DetectorId *string

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type ListFiltersOutput 

type ListFiltersOutput struct {

	// A list of filter names.
	//
	// This member is required.
	FilterNames []string

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListFiltersPaginator added in v0.30.0 

type ListFiltersPaginator struct {
	// contains filtered or unexported fields
}

ListFiltersPaginator is a paginator for ListFilters

func NewListFiltersPaginator added in v0.30.0 

func NewListFiltersPaginator(client ListFiltersAPIClient, params *ListFiltersInput, optFns ...func(*ListFiltersPaginatorOptions)) *ListFiltersPaginator

NewListFiltersPaginator returns a new ListFiltersPaginator

func (*ListFiltersPaginator) HasMorePages added in v0.30.0 

func (p *ListFiltersPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListFiltersPaginator) NextPage added in v0.30.0 

func (p *ListFiltersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListFiltersOutput, error)

NextPage retrieves the next ListFilters page.

type ListFiltersPaginatorOptions added in v0.30.0 

type ListFiltersPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListFiltersPaginatorOptions is the paginator options for ListFilters

type ListFindingsAPIClient added in v0.30.0 

type ListFindingsAPIClient interface {
	ListFindings(context.Context, *ListFindingsInput, ...func(*Options)) (*ListFindingsOutput, error)
}

ListFindingsAPIClient is a client that implements the ListFindings operation.

type ListFindingsInput 

type ListFindingsInput struct {

	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to list.
	//
	// This member is required.
	DetectorId *string

	// Represents the criteria used for querying findings. Valid values include:
	//   - JSON field name
	//   - accountId
	//   - region
	//   - confidence
	//   - id
	//   - resource.accessKeyDetails.accessKeyId
	//   - resource.accessKeyDetails.principalId
	//   - resource.accessKeyDetails.userName
	//   - resource.accessKeyDetails.userType
	//   - resource.instanceDetails.iamInstanceProfile.id
	//   - resource.instanceDetails.imageId
	//   - resource.instanceDetails.instanceId
	//   - resource.instanceDetails.networkInterfaces.ipv6Addresses
	//   -
	//   resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
	//   - resource.instanceDetails.networkInterfaces.publicDnsName
	//   - resource.instanceDetails.networkInterfaces.publicIp
	//   - resource.instanceDetails.networkInterfaces.securityGroups.groupId
	//   - resource.instanceDetails.networkInterfaces.securityGroups.groupName
	//   - resource.instanceDetails.networkInterfaces.subnetId
	//   - resource.instanceDetails.networkInterfaces.vpcId
	//   - resource.instanceDetails.tags.key
	//   - resource.instanceDetails.tags.value
	//   - resource.resourceType
	//   - service.action.actionType
	//   - service.action.awsApiCallAction.api
	//   - service.action.awsApiCallAction.callerType
	//   - service.action.awsApiCallAction.remoteIpDetails.city.cityName
	//   - service.action.awsApiCallAction.remoteIpDetails.country.countryName
	//   - service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
	//   - service.action.awsApiCallAction.remoteIpDetails.organization.asn
	//   - service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
	//   - service.action.awsApiCallAction.serviceName
	//   - service.action.dnsRequestAction.domain
	//   - service.action.dnsRequestAction.domainWithSuffix
	//   - service.action.networkConnectionAction.blocked
	//   - service.action.networkConnectionAction.connectionDirection
	//   - service.action.networkConnectionAction.localPortDetails.port
	//   - service.action.networkConnectionAction.protocol
	//   - service.action.networkConnectionAction.remoteIpDetails.country.countryName
	//   - service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
	//   - service.action.networkConnectionAction.remoteIpDetails.organization.asn
	//   - service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
	//   - service.action.networkConnectionAction.remotePortDetails.port
	//   - service.additionalInfo.threatListName
	//   - service.archived When this attribute is set to 'true', only archived
	//   findings are listed. When it's set to 'false', only unarchived findings are
	//   listed. When this attribute is not set, all existing findings are listed.
	//   - service.resourceRole
	//   - severity
	//   - type
	//   - updatedAt Type: Timestamp in Unix Epoch millisecond format: 1486685375000
	FindingCriteria *types.FindingCriteria

	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string

	// Represents the criteria used for sorting findings.
	SortCriteria *types.SortCriteria
	// contains filtered or unexported fields
}

type ListFindingsOutput 

type ListFindingsOutput struct {

	// The IDs of the findings that you're listing.
	//
	// This member is required.
	FindingIds []string

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListFindingsPaginator added in v0.30.0 

type ListFindingsPaginator struct {
	// contains filtered or unexported fields
}

ListFindingsPaginator is a paginator for ListFindings

func NewListFindingsPaginator added in v0.30.0 

func NewListFindingsPaginator(client ListFindingsAPIClient, params *ListFindingsInput, optFns ...func(*ListFindingsPaginatorOptions)) *ListFindingsPaginator

NewListFindingsPaginator returns a new ListFindingsPaginator

func (*ListFindingsPaginator) HasMorePages added in v0.30.0 

func (p *ListFindingsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListFindingsPaginator) NextPage added in v0.30.0 

func (p *ListFindingsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListFindingsOutput, error)

NextPage retrieves the next ListFindings page.

type ListFindingsPaginatorOptions added in v0.30.0 

type ListFindingsPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListFindingsPaginatorOptions is the paginator options for ListFindings

type ListIPSetsAPIClient added in v0.30.0 

type ListIPSetsAPIClient interface {
	ListIPSets(context.Context, *ListIPSetsInput, ...func(*Options)) (*ListIPSetsOutput, error)
}

ListIPSetsAPIClient is a client that implements the ListIPSets operation.

type ListIPSetsInput 

type ListIPSetsInput struct {

	// The unique ID of the detector that the IPSet is associated with.
	//
	// This member is required.
	DetectorId *string

	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type ListIPSetsOutput 

type ListIPSetsOutput struct {

	// The IDs of the IPSet resources.
	//
	// This member is required.
	IpSetIds []string

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListIPSetsPaginator added in v0.30.0 

type ListIPSetsPaginator struct {
	// contains filtered or unexported fields
}

ListIPSetsPaginator is a paginator for ListIPSets

func NewListIPSetsPaginator added in v0.30.0 

func NewListIPSetsPaginator(client ListIPSetsAPIClient, params *ListIPSetsInput, optFns ...func(*ListIPSetsPaginatorOptions)) *ListIPSetsPaginator

NewListIPSetsPaginator returns a new ListIPSetsPaginator

func (*ListIPSetsPaginator) HasMorePages added in v0.30.0 

func (p *ListIPSetsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListIPSetsPaginator) NextPage added in v0.30.0 

func (p *ListIPSetsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListIPSetsOutput, error)

NextPage retrieves the next ListIPSets page.

type ListIPSetsPaginatorOptions added in v0.30.0 

type ListIPSetsPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListIPSetsPaginatorOptions is the paginator options for ListIPSets

type ListInvitationsAPIClient added in v0.30.0 

type ListInvitationsAPIClient interface {
	ListInvitations(context.Context, *ListInvitationsInput, ...func(*Options)) (*ListInvitationsOutput, error)
}

ListInvitationsAPIClient is a client that implements the ListInvitations operation.

type ListInvitationsInput 

type ListInvitationsInput struct {

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type ListInvitationsOutput 

type ListInvitationsOutput struct {

	// A list of invitation descriptions.
	Invitations []types.Invitation

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListInvitationsPaginator added in v0.30.0 

type ListInvitationsPaginator struct {
	// contains filtered or unexported fields
}

ListInvitationsPaginator is a paginator for ListInvitations

func NewListInvitationsPaginator added in v0.30.0 

func NewListInvitationsPaginator(client ListInvitationsAPIClient, params *ListInvitationsInput, optFns ...func(*ListInvitationsPaginatorOptions)) *ListInvitationsPaginator

NewListInvitationsPaginator returns a new ListInvitationsPaginator

func (*ListInvitationsPaginator) HasMorePages added in v0.30.0 

func (p *ListInvitationsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListInvitationsPaginator) NextPage added in v0.30.0 

func (p *ListInvitationsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListInvitationsOutput, error)

NextPage retrieves the next ListInvitations page.

type ListInvitationsPaginatorOptions added in v0.30.0 

type ListInvitationsPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListInvitationsPaginatorOptions is the paginator options for ListInvitations

type ListMembersAPIClient added in v0.30.0 

type ListMembersAPIClient interface {
	ListMembers(context.Context, *ListMembersInput, ...func(*Options)) (*ListMembersOutput, error)
}

ListMembersAPIClient is a client that implements the ListMembers operation.

type ListMembersInput 

type ListMembersInput struct {

	// The unique ID of the detector the member is associated with.
	//
	// This member is required.
	DetectorId *string

	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string

	// Specifies whether to only return associated members or to return all members
	// (including members who haven't been invited yet or have been disassociated).
	// Member accounts must have been previously associated with the GuardDuty
	// administrator account using Create Members (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html)
	// .
	OnlyAssociated *string
	// contains filtered or unexported fields
}

type ListMembersOutput 

type ListMembersOutput struct {

	// A list of members. The values for email and invitedAt are available only if the
	// member accounts are added by invitation.
	Members []types.Member

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListMembersPaginator added in v0.30.0 

type ListMembersPaginator struct {
	// contains filtered or unexported fields
}

ListMembersPaginator is a paginator for ListMembers

func NewListMembersPaginator added in v0.30.0 

func NewListMembersPaginator(client ListMembersAPIClient, params *ListMembersInput, optFns ...func(*ListMembersPaginatorOptions)) *ListMembersPaginator

NewListMembersPaginator returns a new ListMembersPaginator

func (*ListMembersPaginator) HasMorePages added in v0.30.0 

func (p *ListMembersPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListMembersPaginator) NextPage added in v0.30.0 

func (p *ListMembersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListMembersOutput, error)

NextPage retrieves the next ListMembers page.

type ListMembersPaginatorOptions added in v0.30.0 

type ListMembersPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListMembersPaginatorOptions is the paginator options for ListMembers

type ListOrganizationAdminAccountsAPIClient added in v0.30.0 

type ListOrganizationAdminAccountsAPIClient interface {
	ListOrganizationAdminAccounts(context.Context, *ListOrganizationAdminAccountsInput, ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)
}

ListOrganizationAdminAccountsAPIClient is a client that implements the ListOrganizationAdminAccounts operation.

type ListOrganizationAdminAccountsInput 

type ListOrganizationAdminAccountsInput struct {

	// The maximum number of results to return in the response.
	MaxResults *int32

	// A token to use for paginating results that are returned in the response. Set
	// the value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string
	// contains filtered or unexported fields
}

type ListOrganizationAdminAccountsOutput 

type ListOrganizationAdminAccountsOutput struct {

	// A list of accounts configured as GuardDuty delegated administrators.
	AdminAccounts []types.AdminAccount

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListOrganizationAdminAccountsPaginator added in v0.30.0 

type ListOrganizationAdminAccountsPaginator struct {
	// contains filtered or unexported fields
}

ListOrganizationAdminAccountsPaginator is a paginator for ListOrganizationAdminAccounts

func NewListOrganizationAdminAccountsPaginator added in v0.30.0 

func NewListOrganizationAdminAccountsPaginator(client ListOrganizationAdminAccountsAPIClient, params *ListOrganizationAdminAccountsInput, optFns ...func(*ListOrganizationAdminAccountsPaginatorOptions)) *ListOrganizationAdminAccountsPaginator

NewListOrganizationAdminAccountsPaginator returns a new ListOrganizationAdminAccountsPaginator

func (*ListOrganizationAdminAccountsPaginator) HasMorePages added in v0.30.0 

func (p *ListOrganizationAdminAccountsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListOrganizationAdminAccountsPaginator) NextPage added in v0.30.0 

func (p *ListOrganizationAdminAccountsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)

NextPage retrieves the next ListOrganizationAdminAccounts page.

type ListOrganizationAdminAccountsPaginatorOptions added in v0.30.0 

type ListOrganizationAdminAccountsPaginatorOptions struct {
	// The maximum number of results to return in the response.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListOrganizationAdminAccountsPaginatorOptions is the paginator options for ListOrganizationAdminAccounts

type ListPublishingDestinationsAPIClient added in v0.30.0 

type ListPublishingDestinationsAPIClient interface {
	ListPublishingDestinations(context.Context, *ListPublishingDestinationsInput, ...func(*Options)) (*ListPublishingDestinationsOutput, error)
}

ListPublishingDestinationsAPIClient is a client that implements the ListPublishingDestinations operation.

type ListPublishingDestinationsInput 

type ListPublishingDestinationsInput struct {

	// The ID of the detector to retrieve publishing destinations for.
	//
	// This member is required.
	DetectorId *string

	// The maximum number of results to return in the response.
	MaxResults *int32

	// A token to use for paginating results that are returned in the response. Set
	// the value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string
	// contains filtered or unexported fields
}

type ListPublishingDestinationsOutput 

type ListPublishingDestinationsOutput struct {

	// A Destinations object that includes information about each publishing
	// destination returned.
	//
	// This member is required.
	Destinations []types.Destination

	// A token to use for paginating results that are returned in the response. Set
	// the value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListPublishingDestinationsPaginator added in v0.30.0 

type ListPublishingDestinationsPaginator struct {
	// contains filtered or unexported fields
}

ListPublishingDestinationsPaginator is a paginator for ListPublishingDestinations

func NewListPublishingDestinationsPaginator added in v0.30.0 

func NewListPublishingDestinationsPaginator(client ListPublishingDestinationsAPIClient, params *ListPublishingDestinationsInput, optFns ...func(*ListPublishingDestinationsPaginatorOptions)) *ListPublishingDestinationsPaginator

NewListPublishingDestinationsPaginator returns a new ListPublishingDestinationsPaginator

func (*ListPublishingDestinationsPaginator) HasMorePages added in v0.30.0 

func (p *ListPublishingDestinationsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListPublishingDestinationsPaginator) NextPage added in v0.30.0 

func (p *ListPublishingDestinationsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListPublishingDestinationsOutput, error)

NextPage retrieves the next ListPublishingDestinations page.

type ListPublishingDestinationsPaginatorOptions added in v0.30.0 

type ListPublishingDestinationsPaginatorOptions struct {
	// The maximum number of results to return in the response.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListPublishingDestinationsPaginatorOptions is the paginator options for ListPublishingDestinations

type ListTagsForResourceInput 

type ListTagsForResourceInput struct {

	// The Amazon Resource Name (ARN) for the given GuardDuty resource.
	//
	// This member is required.
	ResourceArn *string
	// contains filtered or unexported fields
}

type ListTagsForResourceOutput 

type ListTagsForResourceOutput struct {

	// The tags associated with the resource.
	Tags map[string]string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListThreatIntelSetsAPIClient added in v0.30.0 

type ListThreatIntelSetsAPIClient interface {
	ListThreatIntelSets(context.Context, *ListThreatIntelSetsInput, ...func(*Options)) (*ListThreatIntelSetsOutput, error)
}

ListThreatIntelSetsAPIClient is a client that implements the ListThreatIntelSets operation.

type ListThreatIntelSetsInput 

type ListThreatIntelSetsInput struct {

	// The unique ID of the detector that the threatIntelSet is associated with.
	//
	// This member is required.
	DetectorId *string

	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32

	// You can use this parameter to paginate results in the response. Set the value
	// of this parameter to null on your first call to the list action. For subsequent
	// calls to the action, fill nextToken in the request with the value of NextToken
	// from the previous response to continue listing data.
	NextToken *string
	// contains filtered or unexported fields
}

type ListThreatIntelSetsOutput 

type ListThreatIntelSetsOutput struct {

	// The IDs of the ThreatIntelSet resources.
	//
	// This member is required.
	ThreatIntelSetIds []string

	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListThreatIntelSetsPaginator added in v0.30.0 

type ListThreatIntelSetsPaginator struct {
	// contains filtered or unexported fields
}

ListThreatIntelSetsPaginator is a paginator for ListThreatIntelSets

func NewListThreatIntelSetsPaginator added in v0.30.0 

func NewListThreatIntelSetsPaginator(client ListThreatIntelSetsAPIClient, params *ListThreatIntelSetsInput, optFns ...func(*ListThreatIntelSetsPaginatorOptions)) *ListThreatIntelSetsPaginator

NewListThreatIntelSetsPaginator returns a new ListThreatIntelSetsPaginator

func (*ListThreatIntelSetsPaginator) HasMorePages added in v0.30.0 

func (p *ListThreatIntelSetsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListThreatIntelSetsPaginator) NextPage added in v0.30.0 

func (p *ListThreatIntelSetsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListThreatIntelSetsOutput, error)

NextPage retrieves the next ListThreatIntelSets page.

type ListThreatIntelSetsPaginatorOptions added in v0.30.0 

type ListThreatIntelSetsPaginatorOptions struct {
	// You can use this parameter to indicate the maximum number of items that you
	// want in the response. The default value is 50. The maximum value is 50.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListThreatIntelSetsPaginatorOptions is the paginator options for ListThreatIntelSets

type Options 

type Options struct {
	// Set of options to modify how an operation is invoked. These apply to all
	// operations invoked for this client. Use functional options on operation call to
	// modify this list for per operation behavior.
	APIOptions []func(*middleware.Stack) error

	// The optional application specific identifier appended to the User-Agent header.
	AppID string

	// This endpoint will be given as input to an EndpointResolverV2. It is used for
	// providing a custom base endpoint that is subject to modifications by the
	// processing EndpointResolverV2.
	BaseEndpoint *string

	// Configures the events that will be sent to the configured logger.
	ClientLogMode aws.ClientLogMode

	// The credentials object to use when signing requests.
	Credentials aws.CredentialsProvider

	// The configuration DefaultsMode that the SDK should use when constructing the
	// clients initial default settings.
	DefaultsMode aws.DefaultsMode

	// The endpoint options to be used when attempting to resolve an endpoint.
	EndpointOptions EndpointResolverOptions

	// The service endpoint resolver.
	//
	// Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
	// value for this field will likely prevent you from using any endpoint-related
	// service features released after the introduction of EndpointResolverV2 and
	// BaseEndpoint. To migrate an EndpointResolver implementation that uses a custom
	// endpoint, set the client option BaseEndpoint instead.
	EndpointResolver EndpointResolver

	// Resolves the endpoint used for a particular service operation. This should be
	// used over the deprecated EndpointResolver.
	EndpointResolverV2 EndpointResolverV2

	// Signature Version 4 (SigV4) Signer
	HTTPSignerV4 HTTPSignerV4

	// Provides idempotency tokens values that will be automatically populated into
	// idempotent API operations.
	IdempotencyTokenProvider IdempotencyTokenProvider

	// The logger writer interface to write logging messages to.
	Logger logging.Logger

	// The region to send requests to. (Required)
	Region string

	// RetryMaxAttempts specifies the maximum number attempts an API client will call
	// an operation that fails with a retryable error. A value of 0 is ignored, and
	// will not be used to configure the API client created default retryer, or modify
	// per operation call's retry max attempts. If specified in an operation call's
	// functional options with a value that is different than the constructed client's
	// Options, the Client's Retryer will be wrapped to use the operation's specific
	// RetryMaxAttempts value.
	RetryMaxAttempts int

	// RetryMode specifies the retry mode the API client will be created with, if
	// Retryer option is not also specified. When creating a new API Clients this
	// member will only be used if the Retryer Options member is nil. This value will
	// be ignored if Retryer is not nil. Currently does not support per operation call
	// overrides, may in the future.
	RetryMode aws.RetryMode

	// Retryer guides how HTTP requests should be retried in case of recoverable
	// failures. When nil the API client will use a default retryer. The kind of
	// default retry created by the API client can be changed with the RetryMode
	// option.
	Retryer aws.Retryer

	// The RuntimeEnvironment configuration, only populated if the DefaultsMode is set
	// to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You
	// should not populate this structure programmatically, or rely on the values here
	// within your applications.
	RuntimeEnvironment aws.RuntimeEnvironment

	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
	// implementation if nil.
	HTTPClient HTTPClient

	// The auth scheme resolver which determines how to authenticate for each
	// operation.
	AuthSchemeResolver AuthSchemeResolver

	// The list of auth schemes supported by the client.
	AuthSchemes []smithyhttp.AuthScheme
	// contains filtered or unexported fields
}

func (Options) Copy 

func (o Options) Copy() Options

Copy creates a clone where the APIOptions list is deep copied.

func (Options) GetIdentityResolver added in v1.33.2 

func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver

type ResolveEndpoint 

type ResolveEndpoint struct {
	Resolver EndpointResolver
	Options  EndpointResolverOptions
}

func (*ResolveEndpoint) HandleSerialize 

func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
	out middleware.SerializeOutput, metadata middleware.Metadata, err error,
)

func (*ResolveEndpoint) ID 

func (*ResolveEndpoint) ID() string

type StartMalwareScanInput added in v1.22.0 

type StartMalwareScanInput struct {

	// Amazon Resource Name (ARN) of the resource for which you invoked the API.
	//
	// This member is required.
	ResourceArn *string
	// contains filtered or unexported fields
}

type StartMalwareScanOutput added in v1.22.0 

type StartMalwareScanOutput struct {

	// A unique identifier that gets generated when you invoke the API without any
	// error. Each malware scan has a corresponding scan ID. Using this scan ID, you
	// can monitor the status of your malware scan.
	ScanId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type StartMonitoringMembersInput 

type StartMonitoringMembersInput struct {

	// A list of account IDs of the GuardDuty member accounts to start monitoring.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector of the GuardDuty administrator account associated
	// with the member accounts to monitor.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type StartMonitoringMembersOutput 

type StartMonitoringMembersOutput struct {

	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type StopMonitoringMembersInput 

type StopMonitoringMembersInput struct {

	// A list of account IDs for the member accounts to stop monitoring.
	//
	// This member is required.
	AccountIds []string

	// The unique ID of the detector associated with the GuardDuty administrator
	// account that is monitoring member accounts.
	//
	// This member is required.
	DetectorId *string
	// contains filtered or unexported fields
}

type StopMonitoringMembersOutput 

type StopMonitoringMembersOutput struct {

	// A list of objects that contain an accountId for each account that could not be
	// processed, and a result string that indicates why the account was not processed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type TagResourceInput 

type TagResourceInput struct {

	// The Amazon Resource Name (ARN) for the GuardDuty resource to apply a tag to.
	//
	// This member is required.
	ResourceArn *string

	// The tags to be added to a resource.
	//
	// This member is required.
	Tags map[string]string
	// contains filtered or unexported fields
}

type TagResourceOutput 

type TagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UnarchiveFindingsInput 

type UnarchiveFindingsInput struct {

	// The ID of the detector associated with the findings to unarchive.
	//
	// This member is required.
	DetectorId *string

	// The IDs of the findings to unarchive.
	//
	// This member is required.
	FindingIds []string
	// contains filtered or unexported fields
}

type UnarchiveFindingsOutput 

type UnarchiveFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UntagResourceInput 

type UntagResourceInput struct {

	// The Amazon Resource Name (ARN) for the resource to remove tags from.
	//
	// This member is required.
	ResourceArn *string

	// The tag keys to remove from the resource.
	//
	// This member is required.
	TagKeys []string
	// contains filtered or unexported fields
}

type UntagResourceOutput 

type UntagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateDetectorInput 

type UpdateDetectorInput struct {

	// The unique ID of the detector to update.
	//
	// This member is required.
	DetectorId *string

	// Describes which data sources will be updated. There might be regional
	// differences because some data sources might not be available in all the Amazon
	// Web Services Regions where GuardDuty is presently supported. For more
	// information, see Regions and endpoints (https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html)
	// .
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.DataSourceConfigurations

	// Specifies whether the detector is enabled or not enabled.
	Enable *bool

	// Provides the features that will be updated for the detector.
	Features []types.DetectorFeatureConfiguration

	// An enum value that specifies how frequently findings are exported, such as to
	// CloudWatch Events.
	FindingPublishingFrequency types.FindingPublishingFrequency
	// contains filtered or unexported fields
}

type UpdateDetectorOutput 

type UpdateDetectorOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateFilterInput 

type UpdateFilterInput struct {

	// The unique ID of the detector that specifies the GuardDuty service where you
	// want to update a filter.
	//
	// This member is required.
	DetectorId *string

	// The name of the filter.
	//
	// This member is required.
	FilterName *string

	// Specifies the action that is to be applied to the findings that match the
	// filter.
	Action types.FilterAction

	// The description of the filter. Valid characters include alphanumeric
	// characters, and special characters such as hyphen, period, colon, underscore,
	// parentheses ( { } , [ ] , and ( ) ), forward slash, horizontal tab, vertical
	// tab, newline, form feed, return, and whitespace.
	Description *string

	// Represents the criteria to be used in the filter for querying findings.
	FindingCriteria *types.FindingCriteria

	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32
	// contains filtered or unexported fields
}

type UpdateFilterOutput 

type UpdateFilterOutput struct {

	// The name of the filter.
	//
	// This member is required.
	Name *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateFindingsFeedbackInput 

type UpdateFindingsFeedbackInput struct {

	// The ID of the detector associated with the findings to update feedback for.
	//
	// This member is required.
	DetectorId *string

	// The feedback for the finding.
	//
	// This member is required.
	Feedback types.Feedback

	// The IDs of the findings that you want to mark as useful or not useful.
	//
	// This member is required.
	FindingIds []string

	// Additional feedback about the GuardDuty findings.
	Comments *string
	// contains filtered or unexported fields
}

type UpdateFindingsFeedbackOutput 

type UpdateFindingsFeedbackOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateIPSetInput 

type UpdateIPSetInput struct {

	// The detectorID that specifies the GuardDuty service whose IPSet you want to
	// update.
	//
	// This member is required.
	DetectorId *string

	// The unique ID that specifies the IPSet that you want to update.
	//
	// This member is required.
	IpSetId *string

	// The updated Boolean value that specifies whether the IPSet is active or not.
	Activate *bool

	// The updated URI of the file that contains the IPSet.
	Location *string

	// The unique ID that specifies the IPSet that you want to update.
	Name *string
	// contains filtered or unexported fields
}

type UpdateIPSetOutput 

type UpdateIPSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateMalwareScanSettingsInput added in v1.15.0 

type UpdateMalwareScanSettingsInput struct {

	// The unique ID of the detector that specifies the GuardDuty service where you
	// want to update scan settings.
	//
	// This member is required.
	DetectorId *string

	// An enum value representing possible snapshot preservation settings.
	EbsSnapshotPreservation types.EbsSnapshotPreservation

	// Represents the criteria to be used in the filter for selecting resources to
	// scan.
	ScanResourceCriteria *types.ScanResourceCriteria
	// contains filtered or unexported fields
}

type UpdateMalwareScanSettingsOutput added in v1.15.0 

type UpdateMalwareScanSettingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateMemberDetectorsInput 

type UpdateMemberDetectorsInput struct {

	// A list of member account IDs to be updated.
	//
	// This member is required.
	AccountIds []string

	// The detector ID of the administrator account.
	//
	// This member is required.
	DetectorId *string

	// Describes which data sources will be updated.
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.DataSourceConfigurations

	// A list of features that will be updated for the specified member accounts.
	Features []types.MemberFeaturesConfiguration
	// contains filtered or unexported fields
}

type UpdateMemberDetectorsOutput 

type UpdateMemberDetectorsOutput struct {

	// A list of member account IDs that were unable to be processed along with an
	// explanation for why they were not processed.
	//
	// This member is required.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateOrganizationConfigurationInput 

type UpdateOrganizationConfigurationInput struct {

	// The ID of the detector that configures the delegated administrator.
	//
	// This member is required.
	DetectorId *string

	// Represents whether or not to automatically enable member accounts in the
	// organization. Even though this is still supported, we recommend using
	// AutoEnableOrganizationMembers to achieve the similar results. You must provide a
	// value for either autoEnableOrganizationMembers or autoEnable .
	//
	// Deprecated: This field is deprecated, use AutoEnableOrganizationMembers instead
	AutoEnable *bool

	// Indicates the auto-enablement configuration of GuardDuty for the member
	// accounts in the organization. You must provide a value for either
	// autoEnableOrganizationMembers or autoEnable . Use one of the following
	// configuration values for autoEnableOrganizationMembers :
	//   - NEW : Indicates that when a new account joins the organization, they will
	//   have GuardDuty enabled automatically.
	//   - ALL : Indicates that all accounts in the organization have GuardDuty enabled
	//   automatically. This includes NEW accounts that join the organization and
	//   accounts that may have been suspended or removed from the organization in
	//   GuardDuty. It may take up to 24 hours to update the configuration for all the
	//   member accounts.
	//   - NONE : Indicates that GuardDuty will not be automatically enabled for any
	//   account in the organization. The administrator must manage GuardDuty for each
	//   account in the organization individually. When you update the auto-enable
	//   setting from ALL or NEW to NONE , this action doesn't disable the
	//   corresponding option for your existing accounts. This configuration will apply
	//   to the new accounts that join the organization. After you update the auto-enable
	//   settings, no new account will have the corresponding option as enabled.
	AutoEnableOrganizationMembers types.AutoEnableMembers

	// Describes which data sources will be updated.
	//
	// Deprecated: This parameter is deprecated, use Features instead
	DataSources *types.OrganizationDataSourceConfigurations

	// A list of features that will be configured for the organization.
	Features []types.OrganizationFeatureConfiguration
	// contains filtered or unexported fields
}

type UpdateOrganizationConfigurationOutput 

type UpdateOrganizationConfigurationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdatePublishingDestinationInput 

type UpdatePublishingDestinationInput struct {

	// The ID of the publishing destination to update.
	//
	// This member is required.
	DestinationId *string

	// The ID of the detector associated with the publishing destinations to update.
	//
	// This member is required.
	DetectorId *string

	// A DestinationProperties object that includes the DestinationArn and KmsKeyArn
	// of the publishing destination.
	DestinationProperties *types.DestinationProperties
	// contains filtered or unexported fields
}

type UpdatePublishingDestinationOutput 

type UpdatePublishingDestinationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateThreatIntelSetInput 

type UpdateThreatIntelSetInput struct {

	// The detectorID that specifies the GuardDuty service whose ThreatIntelSet you
	// want to update.
	//
	// This member is required.
	DetectorId *string

	// The unique ID that specifies the ThreatIntelSet that you want to update.
	//
	// This member is required.
	ThreatIntelSetId *string

	// The updated Boolean value that specifies whether the ThreateIntelSet is active
	// or not.
	Activate *bool

	// The updated URI of the file that contains the ThreateIntelSet.
	Location *string

	// The unique ID that specifies the ThreatIntelSet that you want to update.
	Name *string
	// contains filtered or unexported fields
}

type UpdateThreatIntelSetOutput 

type UpdateThreatIntelSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis
internal
endpoints

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.