diff --git a/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts b/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts index b143bd4eb9c1..67ba467f9ac2 100644 --- a/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts +++ b/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts @@ -33,8 +33,8 @@ export interface CreatePublishingDestinationCommandOutput __MetadataBearer {} /** - *
Creates a publishing destination to export findings to. The resource to export findings to - * must exist before you use this operation.
+ *Creates a publishing destination where you can export your GuardDuty findings. Before you start exporting the + * findings, the destination resource must exist.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-guardduty/src/commands/GetDetectorCommand.ts b/clients/client-guardduty/src/commands/GetDetectorCommand.ts index 1ee6d46ace56..c8344e559684 100644 --- a/clients/client-guardduty/src/commands/GetDetectorCommand.ts +++ b/clients/client-guardduty/src/commands/GetDetectorCommand.ts @@ -28,7 +28,7 @@ export interface GetDetectorCommandInput extends GetDetectorRequest {} export interface GetDetectorCommandOutput extends GetDetectorResponse, __MetadataBearer {} /** - *Retrieves an Amazon GuardDuty detector specified by the detectorId.
+ *Retrieves a GuardDuty detector specified by the detectorId.
*There might be regional differences because some data sources might not be * available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more * information, see Regions and endpoints.
diff --git a/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts b/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts index c3e0d96422ee..cb8479476811 100644 --- a/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts +++ b/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts @@ -28,7 +28,10 @@ export interface GetFindingsStatisticsCommandInput extends GetFindingsStatistics export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatisticsResponse, __MetadataBearer {} /** - *Lists Amazon GuardDuty findings statistics for the specified detector ID.
+ *Lists GuardDuty findings statistics for the specified detector ID.
+ *You must provide either findingStatisticTypes
or
+ * groupBy
parameter, and not both. You can use the maxResults
and orderBy
+ * parameters only when using groupBy
.
There might be regional differences because some flags might not be available in all the Regions where GuardDuty * is currently supported. For more information, see Regions and endpoints.
* @example @@ -39,7 +42,7 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * const client = new GuardDutyClient(config); * const input = { // GetFindingsStatisticsRequest * DetectorId: "STRING_VALUE", // required - * FindingStatisticTypes: [ // FindingStatisticTypes // required + * FindingStatisticTypes: [ // FindingStatisticTypes * "COUNT_BY_SEVERITY", * ], * FindingCriteria: { // FindingCriteria @@ -68,6 +71,9 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * }, * }, * }, + * GroupBy: "ACCOUNT" || "DATE" || "FINDING_TYPE" || "RESOURCE" || "SEVERITY", + * OrderBy: "ASC" || "DESC", + * MaxResults: Number("int"), * }; * const command = new GetFindingsStatisticsCommand(input); * const response = await client.send(command); @@ -76,7 +82,46 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * // CountBySeverity: { // CountBySeverity * // "Represents a list of map of accounts with the number of findings associated with each account.
+ * @public + */ +export interface AccountStatistics { + /** + *The ID of the Amazon Web Services account.
+ * @public + */ + AccountId?: string; + + /** + *The timestamp at which the finding for this account was last generated.
+ * @public + */ + LastGeneratedAt?: Date; + + /** + *The total number of findings associated with an account.
+ * @public + */ + TotalFindings?: number; +} + /** *Contains information about the domain.
* @public @@ -2445,8 +2469,7 @@ export interface FindingCriteria { */ export interface CreateFilterRequest { /** - *The ID of the detector belonging to the GuardDuty account that you want to create a filter - * for.
+ *The detector ID associated with the GuardDuty account for which you want to create a filter.
* @public */ DetectorId: string | undefined; @@ -2845,8 +2868,7 @@ export type IpSetFormat = (typeof IpSetFormat)[keyof typeof IpSetFormat]; */ export interface CreateIPSetRequest { /** - *The unique ID of the detector of the GuardDuty account that you want to create an IPSet - * for.
+ *The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.
* @public */ DetectorId: string | undefined; @@ -2985,7 +3007,7 @@ export interface CreateMalwareProtectionPlanRequest { ClientToken?: string; /** - *IAM role with permissions required to scan and add tags to the associated + *
Amazon Resource Name (ARN) of the IAM role that has the permissions to scan and add tags to the associated * protected resource.
* @public */ @@ -3028,8 +3050,8 @@ export interface CreateMalwareProtectionPlanResponse { */ export interface CreateMembersRequest { /** - *The unique ID of the detector of the GuardDuty account that you want to associate member - * accounts with.
+ *The unique ID of the detector of the GuardDuty account for which you want to associate member + * accounts.
* @public */ DetectorId: string | undefined; @@ -3154,7 +3176,7 @@ export interface CreatePublishingDestinationResponse { */ export interface CreateSampleFindingsRequest { /** - *The ID of the detector to create sample findings for.
+ *The ID of the detector for which you need to create sample findings.
* @public */ DetectorId: string | undefined; @@ -3194,8 +3216,8 @@ export type ThreatIntelSetFormat = (typeof ThreatIntelSetFormat)[keyof typeof Th */ export interface CreateThreatIntelSetRequest { /** - *The unique ID of the detector of the GuardDuty account that you want to create a - * threatIntelSet for.
+ *The unique ID of the detector of the GuardDuty account for which you want to create a
+ * ThreatIntelSet
.
Represents list a map of dates with a count of total findings generated on each date.
+ * @public + */ +export interface DateStatistics { + /** + *The timestamp when the total findings count is observed.
+ *For example, Date
would look like "2024-09-05T17:00:00-07:00"
+ * whereas LastGeneratedAt
would look like 2024-09-05T17:12:29-07:00".
The timestamp at which the last finding in the findings count, was generated.
+ * @public + */ + LastGeneratedAt?: Date; + + /** + *The severity of the findings generated on each date.
+ * @public + */ + Severity?: number; + + /** + *The total number of findings that were generated per severity level on each date.
+ * @public + */ + TotalFindings?: number; +} + /** * @public */ @@ -3458,7 +3512,7 @@ export interface DeleteDetectorResponse {} */ export interface DeleteFilterRequest { /** - *The unique ID of the detector that the filter is associated with.
+ *The unique ID of the detector that is associated with the filter.
* @public */ DetectorId: string | undefined; @@ -3621,7 +3675,7 @@ export interface DeletePublishingDestinationResponse {} */ export interface DeleteThreatIntelSetRequest { /** - *The unique ID of the detector that the threatIntelSet is associated with.
+ *The unique ID of the detector that is associated with the threatIntelSet.
* @public */ DetectorId: string | undefined; @@ -3913,8 +3967,8 @@ export interface Scan { /** *The unique detector ID of the administrator account that the request is associated with.
- * Note that this value will be the same as the one used for DetectorId
if the
- * account is an administrator.
AdminDetectorId
will be the same as the one used for
+ * DetectorId
.
* @public
*/
AdminDetectorId?: string;
@@ -4021,8 +4075,7 @@ export interface DescribeMalwareScansResponse {
*/
export interface DescribeOrganizationConfigurationRequest {
/**
- * The ID of the detector to retrieve information about the delegated administrator - * from.
+ *The detector ID of the delegated administrator for which you need to retrieve the information.
* @public */ DetectorId: string | undefined; @@ -6572,16 +6625,185 @@ export interface Finding { UpdatedAt: string | undefined; } +/** + *Information about each finding type associated with the
+ * groupedByFindingType
statistics.
Name of the finding type.
+ * @public + */ + FindingType?: string; + + /** + *The timestamp at which this finding type was last generated in your environment.
+ * @public + */ + LastGeneratedAt?: Date; + + /** + *The total number of findings associated with generated for each distinct finding type.
+ * @public + */ + TotalFindings?: number; +} + +/** + *Information about each resource type associated with the
+ * groupedByResource
statistics.
The ID of the Amazon Web Services account.
+ * @public + */ + AccountId?: string; + + /** + *The timestamp at which the statistics for this resource was last generated.
+ * @public + */ + LastGeneratedAt?: Date; + + /** + *ID associated with each resource. The following list provides the mapping of the resource type + * and resource ID.
+ *+ * Mapping of resource and resource ID + *
+ *AccessKey - resource.accessKeyDetails.accessKeyId
+ *
Container - resource.containerDetails.id
+ *
ECSCluster - resource.ecsClusterDetails.name
+ *
EKSCluster - resource.eksClusterDetails.name
+ *
Instance - resource.instanceDetails.instanceId
+ *
KubernetesCluster - resource.kubernetesDetails.kubernetesWorkloadDetails.name
+ *
Lambda - resource.lambdaDetails.functionName
+ *
RDSDBInstance - resource.rdsDbInstanceDetails.dbInstanceIdentifier
+ *
S3Bucket - resource.s3BucketDetails.name
+ *
S3Object - resource.s3BucketDetails.name
+ *
The type of resource.
+ * @public + */ + ResourceType?: string; + + /** + *The total number of findings associated with this resource.
+ * @public + */ + TotalFindings?: number; +} + +/** + *Information about severity level for each finding type.
+ * @public + */ +export interface SeverityStatistics { + /** + *The timestamp at which a finding type for a specific severity was last generated.
+ * @public + */ + LastGeneratedAt?: Date; + + /** + *The severity level associated with each finding type.
+ * @public + */ + Severity?: number; + + /** + *The total number of findings associated with this severity.
+ * @public + */ + TotalFindings?: number; +} + /** *Contains information about finding statistics.
* @public */ export interface FindingStatistics { /** - *Represents a map of severity to count statistics for a set of findings.
+ * @deprecated + * + *Represents a list of map of severity to count statistics for a set of findings.
* @public */ CountBySeverity?: RecordRepresents a list of map of accounts with a findings count associated with each account.
+ * @public + */ + GroupedByAccount?: AccountStatistics[]; + + /** + *Represents a list of map of dates with a count of total findings generated on each date per severity level.
+ * @public + */ + GroupedByDate?: DateStatistics[]; + + /** + *Represents a list of map of finding types with a count of total findings generated for each type.
+ *Based on the orderBy
+ * parameter, this request returns either the most occurring finding types or the least occurring finding types. If the
+ * orderBy
parameter is ASC
, this will represent the least occurring finding types in
+ * your account; otherwise, this will represent the most occurring finding types. The default
+ * value of orderBy
is DESC
.
Represents a list of map of top resources with a count of total findings.
+ * @public + */ + GroupedByResource?: ResourceStatistics[]; + + /** + *Represents a list of map of total findings for each severity level.
+ * @public + */ + GroupedBySeverity?: SeverityStatistics[]; } /** @@ -6624,13 +6846,13 @@ export interface GetAdministratorAccountResponse { */ export interface GetCoverageStatisticsRequest { /** - *The unique ID of the GuardDuty detector associated to the coverage statistics.
+ *The unique ID of the GuardDuty detector.
* @public */ DetectorId: string | undefined; /** - *Represents the criteria used to filter the coverage statistics
+ *Represents the criteria used to filter the coverage statistics.
* @public */ FilterCriteria?: CoverageFilterCriteria; @@ -6725,7 +6947,7 @@ export interface GetDetectorResponse { */ export interface GetFilterRequest { /** - *The unique ID of the detector that the filter is associated with.
+ *The unique ID of the detector that is associated with this filter.
* @public */ DetectorId: string | undefined; @@ -6814,28 +7036,68 @@ export interface GetFindingsResponse { Findings: Finding[] | undefined; } +/** + * @public + * @enum + */ +export const GroupByType = { + ACCOUNT: "ACCOUNT", + DATE: "DATE", + FINDING_TYPE: "FINDING_TYPE", + RESOURCE: "RESOURCE", + SEVERITY: "SEVERITY", +} as const; + +/** + * @public + */ +export type GroupByType = (typeof GroupByType)[keyof typeof GroupByType]; + /** * @public */ export interface GetFindingsStatisticsRequest { /** - *The ID of the detector that specifies the GuardDuty service whose findings' statistics you + *
The ID of the detector whose findings statistics you * want to retrieve.
* @public */ DetectorId: string | undefined; /** + * @deprecated + * *The types of finding statistics to retrieve.
* @public */ - FindingStatisticTypes: FindingStatisticType[] | undefined; + FindingStatisticTypes?: FindingStatisticType[]; /** *Represents the criteria that is used for querying findings.
* @public */ FindingCriteria?: FindingCriteria; + + /** + *Displays the findings statistics grouped by one of the listed valid values.
+ * @public + */ + GroupBy?: GroupByType; + + /** + *Displays the sorted findings in the requested order. The default
+ * value of orderBy
is DESC
.
You can use this parameter only with the groupBy
parameter.
The maximum number of results to be returned in the response. The default value is 25.
+ *You can use this parameter only with the groupBy
parameter.
The pagination parameter to be used on the next list operation to retrieve more items.
+ *This parameter is currently not supported.
+ * @public + */ + NextToken?: string; } /** @@ -6870,7 +7139,7 @@ export interface GetInvitationsCountResponse { */ export interface GetIPSetRequest { /** - *The unique ID of the detector that the IPSet is associated with.
+ *The unique ID of the detector that is associated with the IPSet.
* @public */ DetectorId: string | undefined; @@ -6996,7 +7265,7 @@ export interface GetMalwareProtectionPlanResponse { Arn?: string; /** - *IAM role that includes the permissions required to scan and + *
Amazon Resource Name (ARN) of the IAM role that includes the permissions to scan and * add tags to the associated protected resource.
* @public */ @@ -7047,7 +7316,7 @@ export interface GetMalwareProtectionPlanResponse { */ export interface GetMalwareScanSettingsRequest { /** - *The unique ID of the detector that the scan setting is associated with.
+ *The unique ID of the detector that is associated with this scan.
* @public */ DetectorId: string | undefined; @@ -7201,7 +7470,7 @@ export interface GetMemberDetectorsRequest { DetectorId: string | undefined; /** - *The account ID of the member account.
+ *A list of member account IDs.
* @public */ AccountIds: string[] | undefined; @@ -7512,125 +7781,6 @@ export interface OrganizationDetails { OrganizationStatistics?: OrganizationStatistics; } -/** - * @public - */ -export interface GetOrganizationStatisticsResponse { - /** - *Information about the statistics report for your organization.
- * @public - */ - OrganizationDetails?: OrganizationDetails; -} - -/** - * @public - */ -export interface GetRemainingFreeTrialDaysRequest { - /** - *The unique ID of the detector of the GuardDuty member account.
- * @public - */ - DetectorId: string | undefined; - - /** - *A list of account identifiers of the GuardDuty member account.
- * @public - */ - AccountIds?: string[]; -} - -/** - * @public - */ -export interface GetRemainingFreeTrialDaysResponse { - /** - *The member accounts which were included in a request and were processed - * successfully.
- * @public - */ - Accounts?: AccountFreeTrialInfo[]; - - /** - *The member account that was included in a request but for which the request could not be - * processed.
- * @public - */ - UnprocessedAccounts?: UnprocessedAccount[]; -} - -/** - * @public - */ -export interface GetThreatIntelSetRequest { - /** - *The unique ID of the detector that the threatIntelSet is associated with.
- * @public - */ - DetectorId: string | undefined; - - /** - *The unique ID of the threatIntelSet that you want to get.
- * @public - */ - ThreatIntelSetId: string | undefined; -} - -/** - * @public - * @enum - */ -export const ThreatIntelSetStatus = { - ACTIVATING: "ACTIVATING", - ACTIVE: "ACTIVE", - DEACTIVATING: "DEACTIVATING", - DELETED: "DELETED", - DELETE_PENDING: "DELETE_PENDING", - ERROR: "ERROR", - INACTIVE: "INACTIVE", -} as const; - -/** - * @public - */ -export type ThreatIntelSetStatus = (typeof ThreatIntelSetStatus)[keyof typeof ThreatIntelSetStatus]; - -/** - * @public - */ -export interface GetThreatIntelSetResponse { - /** - *A user-friendly ThreatIntelSet name displayed in all findings that are generated by - * activity that involves IP addresses included in this ThreatIntelSet.
- * @public - */ - Name: string | undefined; - - /** - *The format of the threatIntelSet.
- * @public - */ - Format: ThreatIntelSetFormat | undefined; - - /** - *The URI of the file that contains the ThreatIntelSet.
- * @public - */ - Location: string | undefined; - - /** - *The status of threatIntelSet file uploaded.
- * @public - */ - Status: ThreatIntelSetStatus | undefined; - - /** - *The tags of the threat list resource.
- * @public - */ - Tags?: RecordInformation about the statistics report for your organization.
+ * @public + */ + OrganizationDetails?: OrganizationDetails; +} + +/** + * @public + */ +export interface GetRemainingFreeTrialDaysRequest { + /** + *The unique ID of the detector of the GuardDuty member account.
+ * @public + */ + DetectorId: string | undefined; + + /** + *A list of account identifiers of the GuardDuty member account.
+ * @public + */ + AccountIds?: string[]; +} + +/** + * @public + */ +export interface GetRemainingFreeTrialDaysResponse { + /** + *The member accounts which were included in a request and were processed + * successfully.
+ * @public + */ + Accounts?: AccountFreeTrialInfo[]; + + /** + *The member account that was included in a request but for which the request could not be + * processed.
+ * @public + */ + UnprocessedAccounts?: UnprocessedAccount[]; +} + +/** + * @public + */ +export interface GetThreatIntelSetRequest { + /** + *The unique ID of the detector that is associated with the threatIntelSet.
+ * @public + */ + DetectorId: string | undefined; + + /** + *The unique ID of the threatIntelSet that you want to get.
+ * @public + */ + ThreatIntelSetId: string | undefined; +} + +/** + * @public + * @enum + */ +export const ThreatIntelSetStatus = { + ACTIVATING: "ACTIVATING", + ACTIVE: "ACTIVE", + DEACTIVATING: "DEACTIVATING", + DELETED: "DELETED", + DELETE_PENDING: "DELETE_PENDING", + ERROR: "ERROR", + INACTIVE: "INACTIVE", +} as const; + +/** + * @public + */ +export type ThreatIntelSetStatus = (typeof ThreatIntelSetStatus)[keyof typeof ThreatIntelSetStatus]; + +/** + * @public + */ +export interface GetThreatIntelSetResponse { + /** + *A user-friendly ThreatIntelSet name displayed in all findings that are generated by + * activity that involves IP addresses included in this ThreatIntelSet.
+ * @public + */ + Name: string | undefined; + + /** + *The format of the threatIntelSet.
+ * @public + */ + Format: ThreatIntelSetFormat | undefined; + + /** + *The URI of the file that contains the ThreatIntelSet.
+ * @public + */ + Location: string | undefined; + + /** + *The status of threatIntelSet file uploaded.
+ * @public + */ + Status: ThreatIntelSetStatus | undefined; + + /** + *The tags of the threat list resource.
+ * @public + */ + Tags?: RecordThe unique ID of the detector of the GuardDuty account that you want to invite members - * with.
+ *The unique ID of the detector of the GuardDuty account with which you want to invite members.
* @public */ DetectorId: string | undefined; @@ -490,7 +611,7 @@ export interface ListDetectorsResponse { */ export interface ListFiltersRequest { /** - *The unique ID of the detector that the filter is associated with.
+ *The unique ID of the detector that is associated with the filter.
* @public */ DetectorId: string | undefined; @@ -683,6 +804,9 @@ export interface ListFindingsRequest { * existing findings are listed. * *service.ebsVolumeScanDetails.scanId
+ *service.resourceRole
*The unique ID of the detector that the IPSet is associated with.
+ *The unique ID of the detector that is associated with IPSet.
* @public */ DetectorId: string | undefined; @@ -909,7 +1033,7 @@ export interface ListMalwareProtectionPlansResponse { */ export interface ListMembersRequest { /** - *The unique ID of the detector the member is associated with.
+ *The unique ID of the detector that is associated with the member.
* @public */ DetectorId: string | undefined; @@ -1007,7 +1131,7 @@ export interface ListOrganizationAdminAccountsResponse { */ export interface ListPublishingDestinationsRequest { /** - *The ID of the detector to retrieve publishing destinations for.
+ *The detector ID for which you want to retrieve the publishing destination.
* @public */ DetectorId: string | undefined; @@ -1076,7 +1200,7 @@ export interface ListTagsForResourceResponse { */ export interface ListThreatIntelSetsRequest { /** - *The unique ID of the detector that the threatIntelSet is associated with.
+ *The unique ID of the detector that is associated with the threatIntelSet.
* @public */ DetectorId: string | undefined; @@ -1373,7 +1497,8 @@ export interface UpdateFilterResponse { */ export interface UpdateFindingsFeedbackRequest { /** - *The ID of the detector associated with the findings to update feedback for.
+ *The ID of the detector that is associated with the findings for which you want to update + * the feedback.
* @public */ DetectorId: string | undefined; @@ -1480,7 +1605,7 @@ export interface UpdateMalwareProtectionPlanRequest { MalwareProtectionPlanId: string | undefined; /** - *IAM role with permissions required to scan and add tags to + *
Amazon Resource Name (ARN) of the IAM role with permissions to scan and add tags to * the associated protected resource.
* @public */ diff --git a/clients/client-guardduty/src/protocols/Aws_restJson1.ts b/clients/client-guardduty/src/protocols/Aws_restJson1.ts index aea635b4839a..189d96dc57ae 100644 --- a/clients/client-guardduty/src/protocols/Aws_restJson1.ts +++ b/clients/client-guardduty/src/protocols/Aws_restJson1.ts @@ -224,6 +224,7 @@ import { AccountDetail, AccountFreeTrialInfo, AccountLevelPermissions, + AccountStatistics, Action, AddonDetails, AdminAccount, @@ -262,6 +263,7 @@ import { DataSourceConfigurationsResult, DataSourceFreeTrial, DataSourcesFreeTrial, + DateStatistics, DefaultServerSideEncryption, Destination, DestinationProperties, @@ -288,6 +290,7 @@ import { FindingCriteria, FindingStatistics, FindingStatisticType, + FindingTypeStatistics, FlowLogsConfigurationResult, FreeTrialFeatureConfigurationResult, GeoLocation, @@ -361,6 +364,7 @@ import { Resource, ResourceDetails, ResourceNotFoundException, + ResourceStatistics, RuntimeContext, RuntimeDetails, S3BucketDetail, @@ -383,6 +387,7 @@ import { SecurityGroup, Service, ServiceAdditionalInfo, + SeverityStatistics, SortCriteria, Tag, Threat, @@ -1149,6 +1154,9 @@ export const se_GetFindingsStatisticsCommand = async ( take(input, { findingCriteria: [, (_) => se_FindingCriteria(_, context), `FindingCriteria`], findingStatisticTypes: [, (_) => _json(_), `FindingStatisticTypes`], + groupBy: [, , `GroupBy`], + maxResults: [, , `MaxResults`], + orderBy: [, , `OrderBy`], }) ); b.m("POST").h(headers).b(body); @@ -2698,6 +2706,7 @@ export const de_GetFindingsStatisticsCommand = async ( const data: RecordContains information about the account level permissions on the S3 bucket.
" } }, + "com.amazonaws.guardduty#AccountStatistics": { + "type": "structure", + "members": { + "AccountId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The ID of the Amazon Web Services account.
", + "smithy.api#jsonName": "accountId" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp at which the finding for this account was last generated.
", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The total number of findings associated with an account.
", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "Represents a list of map of accounts with the number of findings associated with each account.
" + } + }, "com.amazonaws.guardduty#Action": { "type": "structure", "members": { @@ -1887,7 +1916,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector belonging to the GuardDuty account that you want to create a filter\n for.
", + "smithy.api#documentation": "The detector ID associated with the GuardDuty account for which you want to create a filter.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2000,7 +2029,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account that you want to create an IPSet\n for.
", + "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2125,7 +2154,7 @@ "target": "com.amazonaws.guardduty#String", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "IAM role with permissions required to scan and add tags to the associated\n protected resource.
", + "smithy.api#documentation": "Amazon Resource Name (ARN) of the IAM role that has the permissions to scan and add tags to the associated\n protected resource.
", "smithy.api#jsonName": "role", "smithy.api#required": {} } @@ -2204,7 +2233,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account that you want to associate member\n accounts with.
", + "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account for which you want to associate member\n accounts.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2273,7 +2302,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a publishing destination to export findings to. The resource to export findings to\n must exist before you use this operation.
", + "smithy.api#documentation": "Creates a publishing destination where you can export your GuardDuty findings. Before you start exporting the\n findings, the destination resource must exist.
", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/publishingDestination", @@ -2394,7 +2423,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector to create sample findings for.
", + "smithy.api#documentation": "The ID of the detector for which you need to create sample findings.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2450,7 +2479,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account that you want to create a\n threatIntelSet for.
", + "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account for which you want to create a\n ThreatIntelSet
.
Contains information about which data sources are enabled for the GuardDuty member\n account.
" } }, + "com.amazonaws.guardduty#DateStatistics": { + "type": "structure", + "members": { + "Date": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp when the total findings count is observed.
\nFor example, Date
would look like \"2024-09-05T17:00:00-07:00\"
\n whereas LastGeneratedAt
would look like 2024-09-05T17:12:29-07:00\".
The timestamp at which the last finding in the findings count, was generated.
", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "Severity": { + "target": "com.amazonaws.guardduty#Double", + "traits": { + "smithy.api#documentation": "The severity of the findings generated on each date.
", + "smithy.api#jsonName": "severity" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The total number of findings that were generated per severity level on each date.
", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "Represents list a map of dates with a count of total findings generated on each date.
" + } + }, "com.amazonaws.guardduty#DeclineInvitations": { "type": "operation", "input": { @@ -2985,7 +3050,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the filter is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the filter.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -3334,7 +3399,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the threatIntelSet is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the threatIntelSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -3497,7 +3562,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector to retrieve information about the delegated administrator\n from.
", + "smithy.api#documentation": "The detector ID of the delegated administrator for which you need to retrieve the information.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5195,9 +5260,47 @@ "CountBySeverity": { "target": "com.amazonaws.guardduty#CountBySeverity", "traits": { - "smithy.api#documentation": "Represents a map of severity to count statistics for a set of findings.
", + "smithy.api#deprecated": { + "message": "This parameter is deprecated. Please set GroupBy to 'SEVERITY' to return GroupedBySeverity instead." + }, + "smithy.api#documentation": "Represents a list of map of severity to count statistics for a set of findings.
", "smithy.api#jsonName": "countBySeverity" } + }, + "GroupedByAccount": { + "target": "com.amazonaws.guardduty#GroupedByAccount", + "traits": { + "smithy.api#documentation": "Represents a list of map of accounts with a findings count associated with each account.
", + "smithy.api#jsonName": "groupedByAccount" + } + }, + "GroupedByDate": { + "target": "com.amazonaws.guardduty#GroupedByDate", + "traits": { + "smithy.api#documentation": "Represents a list of map of dates with a count of total findings generated on each date per severity level.
", + "smithy.api#jsonName": "groupedByDate" + } + }, + "GroupedByFindingType": { + "target": "com.amazonaws.guardduty#GroupedByFindingType", + "traits": { + "smithy.api#documentation": "Represents a list of map of finding types with a count of total findings generated for each type.
\nBased on the orderBy
\n parameter, this request returns either the most occurring finding types or the least occurring finding types. If the\n orderBy
parameter is ASC
, this will represent the least occurring finding types in\n your account; otherwise, this will represent the most occurring finding types. The default\n value of orderBy
is DESC
.
Represents a list of map of top resources with a count of total findings.
", + "smithy.api#jsonName": "groupedByResource" + } + }, + "GroupedBySeverity": { + "target": "com.amazonaws.guardduty#GroupedBySeverity", + "traits": { + "smithy.api#documentation": "Represents a list of map of total findings for each severity level.
", + "smithy.api#jsonName": "groupedBySeverity" + } } }, "traits": { @@ -5213,6 +5316,35 @@ } } }, + "com.amazonaws.guardduty#FindingTypeStatistics": { + "type": "structure", + "members": { + "FindingType": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Name of the finding type.
", + "smithy.api#jsonName": "findingType" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp at which this finding type was last generated in your environment.
", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The total number of findings associated with generated for each distinct finding type.
", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about each finding type associated with the \n groupedByFindingType
statistics.
The unique ID of the GuardDuty detector associated to the coverage statistics.
", + "smithy.api#documentation": "The unique ID of the GuardDuty detector.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5480,7 +5612,7 @@ "FilterCriteria": { "target": "com.amazonaws.guardduty#CoverageFilterCriteria", "traits": { - "smithy.api#documentation": "Represents the criteria used to filter the coverage statistics
", + "smithy.api#documentation": "Represents the criteria used to filter the coverage statistics.
", "smithy.api#jsonName": "filterCriteria" } }, @@ -5530,7 +5662,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves an Amazon GuardDuty detector specified by the detectorId.
\nThere might be regional differences because some data sources might not be \n available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more \n information, see Regions and endpoints.
", + "smithy.api#documentation": "Retrieves a GuardDuty detector specified by the detectorId.
\nThere might be regional differences because some data sources might not be \n available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more \n information, see Regions and endpoints.
", "smithy.api#http": { "method": "GET", "uri": "/detector/{DetectorId}", @@ -5657,7 +5789,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the filter is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with this filter.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5825,7 +5957,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists Amazon GuardDuty findings statistics for the specified detector ID.
\nThere might be regional differences because some flags might not be available in all the Regions where GuardDuty\n is currently supported. For more information, see Regions and endpoints.
", + "smithy.api#documentation": "Lists GuardDuty findings statistics for the specified detector ID.
\nYou must provide either findingStatisticTypes
or\n groupBy
parameter, and not both. You can use the maxResults
and orderBy
\n parameters only when using groupBy
.
There might be regional differences because some flags might not be available in all the Regions where GuardDuty\n is currently supported. For more information, see Regions and endpoints.
", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/findings/statistics", @@ -5839,7 +5971,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector that specifies the GuardDuty service whose findings' statistics you\n want to retrieve.
", + "smithy.api#documentation": "The ID of the detector whose findings statistics you\n want to retrieve.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5848,10 +5980,11 @@ "FindingStatisticTypes": { "target": "com.amazonaws.guardduty#FindingStatisticTypes", "traits": { - "smithy.api#clientOptional": {}, + "smithy.api#deprecated": { + "message": "This parameter is deprecated, please use GroupBy instead" + }, "smithy.api#documentation": "The types of finding statistics to retrieve.
", - "smithy.api#jsonName": "findingStatisticTypes", - "smithy.api#required": {} + "smithy.api#jsonName": "findingStatisticTypes" } }, "FindingCriteria": { @@ -5860,6 +5993,27 @@ "smithy.api#documentation": "Represents the criteria that is used for querying findings.
", "smithy.api#jsonName": "findingCriteria" } + }, + "GroupBy": { + "target": "com.amazonaws.guardduty#GroupByType", + "traits": { + "smithy.api#documentation": "Displays the findings statistics grouped by one of the listed valid values.
", + "smithy.api#jsonName": "groupBy" + } + }, + "OrderBy": { + "target": "com.amazonaws.guardduty#OrderBy", + "traits": { + "smithy.api#documentation": "Displays the sorted findings in the requested order. The default\n value of orderBy
is DESC
.
You can use this parameter only with the groupBy
parameter.
The maximum number of results to be returned in the response. The default value is 25.
\nYou can use this parameter only with the groupBy
parameter.
The pagination parameter to be used on the next list operation to retrieve more items.
\nThis parameter is currently not supported.
", + "smithy.api#jsonName": "nextToken" + } } }, "traits": { @@ -5914,7 +6075,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the IPSet is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the IPSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6093,7 +6254,7 @@ "Role": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "IAM role that includes the permissions required to scan and \n add tags to the associated protected resource.
", + "smithy.api#documentation": "Amazon Resource Name (ARN) of the IAM role that includes the permissions to scan and \n add tags to the associated protected resource.
", "smithy.api#jsonName": "role" } }, @@ -6175,7 +6336,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the scan setting is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with this scan.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6317,7 +6478,7 @@ "target": "com.amazonaws.guardduty#AccountIds", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "The account ID of the member account.
", + "smithy.api#documentation": "A list of member account IDs.
", "smithy.api#jsonName": "accountIds", "smithy.api#required": {} } @@ -6572,7 +6733,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the threatIntelSet is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the threatIntelSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6751,6 +6912,71 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#GroupByType": { + "type": "enum", + "members": { + "ACCOUNT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT" + } + }, + "DATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DATE" + } + }, + "FINDING_TYPE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FINDING_TYPE" + } + }, + "RESOURCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE" + } + }, + "SEVERITY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SEVERITY" + } + } + } + }, + "com.amazonaws.guardduty#GroupedByAccount": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#AccountStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByDate": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#DateStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByFindingType": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#FindingTypeStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByResource": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#ResourceStatistics" + } + }, + "com.amazonaws.guardduty#GroupedBySeverity": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#SeverityStatistics" + } + }, "com.amazonaws.guardduty#Groups": { "type": "list", "member": { @@ -8318,7 +8544,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account that you want to invite members\n with.
", + "smithy.api#documentation": "The unique ID of the detector of the GuardDuty account with which you want to invite members.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9309,7 +9535,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the filter is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the filter.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9406,7 +9632,7 @@ "FindingCriteria": { "target": "com.amazonaws.guardduty#FindingCriteria", "traits": { - "smithy.api#documentation": "Represents the criteria used for querying findings. Valid values include:
\nJSON field name
\naccountId
\nregion
\nconfidence
\nid
\nresource.accessKeyDetails.accessKeyId
\nresource.accessKeyDetails.principalId
\nresource.accessKeyDetails.userName
\nresource.accessKeyDetails.userType
\nresource.instanceDetails.iamInstanceProfile.id
\nresource.instanceDetails.imageId
\nresource.instanceDetails.instanceId
\nresource.instanceDetails.networkInterfaces.ipv6Addresses
\nresource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
\nresource.instanceDetails.networkInterfaces.publicDnsName
\nresource.instanceDetails.networkInterfaces.publicIp
\nresource.instanceDetails.networkInterfaces.securityGroups.groupId
\nresource.instanceDetails.networkInterfaces.securityGroups.groupName
\nresource.instanceDetails.networkInterfaces.subnetId
\nresource.instanceDetails.networkInterfaces.vpcId
\nresource.instanceDetails.tags.key
\nresource.instanceDetails.tags.value
\nresource.resourceType
\nservice.action.actionType
\nservice.action.awsApiCallAction.api
\nservice.action.awsApiCallAction.callerType
\nservice.action.awsApiCallAction.remoteIpDetails.city.cityName
\nservice.action.awsApiCallAction.remoteIpDetails.country.countryName
\nservice.action.awsApiCallAction.remoteIpDetails.ipAddressV4
\nservice.action.awsApiCallAction.remoteIpDetails.organization.asn
\nservice.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
\nservice.action.awsApiCallAction.serviceName
\nservice.action.dnsRequestAction.domain
\nservice.action.dnsRequestAction.domainWithSuffix
\nservice.action.networkConnectionAction.blocked
\nservice.action.networkConnectionAction.connectionDirection
\nservice.action.networkConnectionAction.localPortDetails.port
\nservice.action.networkConnectionAction.protocol
\nservice.action.networkConnectionAction.remoteIpDetails.country.countryName
\nservice.action.networkConnectionAction.remoteIpDetails.ipAddressV4
\nservice.action.networkConnectionAction.remoteIpDetails.organization.asn
\nservice.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
\nservice.action.networkConnectionAction.remotePortDetails.port
\nservice.additionalInfo.threatListName
\nservice.archived
\nWhen this attribute is set to 'true', only archived findings are listed. When it's set\n to 'false', only unarchived findings are listed. When this attribute is not set, all\n existing findings are listed.
\nservice.resourceRole
\nseverity
\ntype
\nupdatedAt
\nType: Timestamp in Unix Epoch millisecond format: 1486685375000
\nRepresents the criteria used for querying findings. Valid values include:
\nJSON field name
\naccountId
\nregion
\nconfidence
\nid
\nresource.accessKeyDetails.accessKeyId
\nresource.accessKeyDetails.principalId
\nresource.accessKeyDetails.userName
\nresource.accessKeyDetails.userType
\nresource.instanceDetails.iamInstanceProfile.id
\nresource.instanceDetails.imageId
\nresource.instanceDetails.instanceId
\nresource.instanceDetails.networkInterfaces.ipv6Addresses
\nresource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
\nresource.instanceDetails.networkInterfaces.publicDnsName
\nresource.instanceDetails.networkInterfaces.publicIp
\nresource.instanceDetails.networkInterfaces.securityGroups.groupId
\nresource.instanceDetails.networkInterfaces.securityGroups.groupName
\nresource.instanceDetails.networkInterfaces.subnetId
\nresource.instanceDetails.networkInterfaces.vpcId
\nresource.instanceDetails.tags.key
\nresource.instanceDetails.tags.value
\nresource.resourceType
\nservice.action.actionType
\nservice.action.awsApiCallAction.api
\nservice.action.awsApiCallAction.callerType
\nservice.action.awsApiCallAction.remoteIpDetails.city.cityName
\nservice.action.awsApiCallAction.remoteIpDetails.country.countryName
\nservice.action.awsApiCallAction.remoteIpDetails.ipAddressV4
\nservice.action.awsApiCallAction.remoteIpDetails.organization.asn
\nservice.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
\nservice.action.awsApiCallAction.serviceName
\nservice.action.dnsRequestAction.domain
\nservice.action.dnsRequestAction.domainWithSuffix
\nservice.action.networkConnectionAction.blocked
\nservice.action.networkConnectionAction.connectionDirection
\nservice.action.networkConnectionAction.localPortDetails.port
\nservice.action.networkConnectionAction.protocol
\nservice.action.networkConnectionAction.remoteIpDetails.country.countryName
\nservice.action.networkConnectionAction.remoteIpDetails.ipAddressV4
\nservice.action.networkConnectionAction.remoteIpDetails.organization.asn
\nservice.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
\nservice.action.networkConnectionAction.remotePortDetails.port
\nservice.additionalInfo.threatListName
\nservice.archived
\nWhen this attribute is set to 'true', only archived findings are listed. When it's set\n to 'false', only unarchived findings are listed. When this attribute is not set, all\n existing findings are listed.
\nservice.ebsVolumeScanDetails.scanId
\nservice.resourceRole
\nseverity
\ntype
\nupdatedAt
\nType: Timestamp in Unix Epoch millisecond format: 1486685375000
\nThe unique ID of the detector that the IPSet is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with IPSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9728,7 +9954,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector the member is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the member.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9898,7 +10124,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector to retrieve publishing destinations for.
", + "smithy.api#documentation": "The detector ID for which you want to retrieve the publishing destination.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -10046,7 +10272,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The unique ID of the detector that the threatIntelSet is associated with.
", + "smithy.api#documentation": "The unique ID of the detector that is associated with the threatIntelSet.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -10476,6 +10702,15 @@ } } }, + "com.amazonaws.guardduty#MaxResults100": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, "com.amazonaws.guardduty#Member": { "type": "structure", "members": { @@ -12301,6 +12536,49 @@ "smithy.api#httpError": 404 } }, + "com.amazonaws.guardduty#ResourceStatistics": { + "type": "structure", + "members": { + "AccountId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The ID of the Amazon Web Services account.
", + "smithy.api#jsonName": "accountId" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp at which the statistics for this resource was last generated.
", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "ResourceId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "ID associated with each resource. The following list provides the mapping of the resource type\n and resource ID.
\n\n Mapping of resource and resource ID\n
\nAccessKey - resource.accessKeyDetails.accessKeyId
\n
Container - resource.containerDetails.id
\n
ECSCluster - resource.ecsClusterDetails.name
\n
EKSCluster - resource.eksClusterDetails.name
\n
Instance - resource.instanceDetails.instanceId
\n
KubernetesCluster - resource.kubernetesDetails.kubernetesWorkloadDetails.name
\n
Lambda - resource.lambdaDetails.functionName
\n
RDSDBInstance - resource.rdsDbInstanceDetails.dbInstanceIdentifier
\n
S3Bucket - resource.s3BucketDetails.name
\n
S3Object - resource.s3BucketDetails.name
\n
The type of resource.
", + "smithy.api#jsonName": "resourceType" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The total number of findings associated with this resource.
", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about each resource type associated with the \n groupedByResource
statistics.
The unique detector ID of the administrator account that the request is associated with.\n Note that this value will be the same as the one used for DetectorId
if the\n account is an administrator.
The unique detector ID of the administrator account that the request is associated with.\n If the account is an administrator, the AdminDetectorId
will be the same as the one used for \n DetectorId
.
The timestamp at which a finding type for a specific severity was last generated.
", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "Severity": { + "target": "com.amazonaws.guardduty#Double", + "traits": { + "smithy.api#documentation": "The severity level associated with each finding type.
", + "smithy.api#jsonName": "severity" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The total number of findings associated with this severity.
", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about severity level for each finding type.
" + } + }, "com.amazonaws.guardduty#SortCriteria": { "type": "structure", "members": { @@ -14391,7 +14698,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "The ID of the detector associated with the findings to update feedback for.
", + "smithy.api#documentation": "The ID of the detector that is associated with the findings for which you want to update \n the feedback.
", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -14559,7 +14866,7 @@ "Role": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "IAM role with permissions required to scan and add tags to \n the associated protected resource.
", + "smithy.api#documentation": "Amazon Resource Name (ARN) of the IAM role with permissions to scan and add tags to \n the associated protected resource.
", "smithy.api#jsonName": "role" } },