From 85d62dbe2574f863e8f9b25686f7ac4ec0079f24 Mon Sep 17 00:00:00 2001 From: awstools Date: Wed, 11 Sep 2024 18:22:48 +0000 Subject: [PATCH] feat(client-guardduty): Add support for new statistic types in GetFindingsStatistics. --- .../CreatePublishingDestinationCommand.ts | 4 +- .../src/commands/GetDetectorCommand.ts | 2 +- .../commands/GetFindingsStatisticsCommand.ts | 49 +- .../GetOrganizationStatisticsCommand.ts | 2 +- .../GetRemainingFreeTrialDaysCommand.ts | 2 +- .../src/commands/GetThreatIntelSetCommand.ts | 2 +- .../client-guardduty/src/models/models_0.ts | 440 ++++++++++++------ .../client-guardduty/src/models/models_1.ts | 143 +++++- .../src/protocols/Aws_restJson1.ts | 132 ++++++ codegen/sdk-codegen/aws-models/guardduty.json | 377 +++++++++++++-- 10 files changed, 956 insertions(+), 197 deletions(-) diff --git a/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts b/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts index b143bd4eb9c1..67ba467f9ac2 100644 --- a/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts +++ b/clients/client-guardduty/src/commands/CreatePublishingDestinationCommand.ts @@ -33,8 +33,8 @@ export interface CreatePublishingDestinationCommandOutput __MetadataBearer {} /** - *

Creates a publishing destination to export findings to. The resource to export findings to - * must exist before you use this operation.

+ *

Creates a publishing destination where you can export your GuardDuty findings. Before you start exporting the + * findings, the destination resource must exist.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-guardduty/src/commands/GetDetectorCommand.ts b/clients/client-guardduty/src/commands/GetDetectorCommand.ts index 1ee6d46ace56..c8344e559684 100644 --- a/clients/client-guardduty/src/commands/GetDetectorCommand.ts +++ b/clients/client-guardduty/src/commands/GetDetectorCommand.ts @@ -28,7 +28,7 @@ export interface GetDetectorCommandInput extends GetDetectorRequest {} export interface GetDetectorCommandOutput extends GetDetectorResponse, __MetadataBearer {} /** - *

Retrieves an Amazon GuardDuty detector specified by the detectorId.

+ *

Retrieves a GuardDuty detector specified by the detectorId.

*

There might be regional differences because some data sources might not be * available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more * information, see Regions and endpoints.

diff --git a/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts b/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts index c3e0d96422ee..cb8479476811 100644 --- a/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts +++ b/clients/client-guardduty/src/commands/GetFindingsStatisticsCommand.ts @@ -28,7 +28,10 @@ export interface GetFindingsStatisticsCommandInput extends GetFindingsStatistics export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatisticsResponse, __MetadataBearer {} /** - *

Lists Amazon GuardDuty findings statistics for the specified detector ID.

+ *

Lists GuardDuty findings statistics for the specified detector ID.

+ *

You must provide either findingStatisticTypes or + * groupBy parameter, and not both. You can use the maxResults and orderBy + * parameters only when using groupBy.

*

There might be regional differences because some flags might not be available in all the Regions where GuardDuty * is currently supported. For more information, see Regions and endpoints.

* @example @@ -39,7 +42,7 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * const client = new GuardDutyClient(config); * const input = { // GetFindingsStatisticsRequest * DetectorId: "STRING_VALUE", // required - * FindingStatisticTypes: [ // FindingStatisticTypes // required + * FindingStatisticTypes: [ // FindingStatisticTypes * "COUNT_BY_SEVERITY", * ], * FindingCriteria: { // FindingCriteria @@ -68,6 +71,9 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * }, * }, * }, + * GroupBy: "ACCOUNT" || "DATE" || "FINDING_TYPE" || "RESOURCE" || "SEVERITY", + * OrderBy: "ASC" || "DESC", + * MaxResults: Number("int"), * }; * const command = new GetFindingsStatisticsCommand(input); * const response = await client.send(command); @@ -76,7 +82,46 @@ export interface GetFindingsStatisticsCommandOutput extends GetFindingsStatistic * // CountBySeverity: { // CountBySeverity * // "": Number("int"), * // }, + * // GroupedByAccount: [ // GroupedByAccount + * // { // AccountStatistics + * // AccountId: "STRING_VALUE", + * // LastGeneratedAt: new Date("TIMESTAMP"), + * // TotalFindings: Number("int"), + * // }, + * // ], + * // GroupedByDate: [ // GroupedByDate + * // { // DateStatistics + * // Date: new Date("TIMESTAMP"), + * // LastGeneratedAt: new Date("TIMESTAMP"), + * // Severity: Number("double"), + * // TotalFindings: Number("int"), + * // }, + * // ], + * // GroupedByFindingType: [ // GroupedByFindingType + * // { // FindingTypeStatistics + * // FindingType: "STRING_VALUE", + * // LastGeneratedAt: new Date("TIMESTAMP"), + * // TotalFindings: Number("int"), + * // }, + * // ], + * // GroupedByResource: [ // GroupedByResource + * // { // ResourceStatistics + * // AccountId: "STRING_VALUE", + * // LastGeneratedAt: new Date("TIMESTAMP"), + * // ResourceId: "STRING_VALUE", + * // ResourceType: "STRING_VALUE", + * // TotalFindings: Number("int"), + * // }, + * // ], + * // GroupedBySeverity: [ // GroupedBySeverity + * // { // SeverityStatistics + * // LastGeneratedAt: new Date("TIMESTAMP"), + * // Severity: Number("double"), + * // TotalFindings: Number("int"), + * // }, + * // ], * // }, + * // NextToken: "STRING_VALUE", * // }; * * ``` diff --git a/clients/client-guardduty/src/commands/GetOrganizationStatisticsCommand.ts b/clients/client-guardduty/src/commands/GetOrganizationStatisticsCommand.ts index 7c284b329f02..9f847fb0d25e 100644 --- a/clients/client-guardduty/src/commands/GetOrganizationStatisticsCommand.ts +++ b/clients/client-guardduty/src/commands/GetOrganizationStatisticsCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { GetOrganizationStatisticsResponse } from "../models/models_0"; +import { GetOrganizationStatisticsResponse } from "../models/models_1"; import { de_GetOrganizationStatisticsCommand, se_GetOrganizationStatisticsCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/commands/GetRemainingFreeTrialDaysCommand.ts b/clients/client-guardduty/src/commands/GetRemainingFreeTrialDaysCommand.ts index e2686514ccb3..b9ed4d8b47c8 100644 --- a/clients/client-guardduty/src/commands/GetRemainingFreeTrialDaysCommand.ts +++ b/clients/client-guardduty/src/commands/GetRemainingFreeTrialDaysCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { GetRemainingFreeTrialDaysRequest, GetRemainingFreeTrialDaysResponse } from "../models/models_0"; +import { GetRemainingFreeTrialDaysRequest, GetRemainingFreeTrialDaysResponse } from "../models/models_1"; import { de_GetRemainingFreeTrialDaysCommand, se_GetRemainingFreeTrialDaysCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/commands/GetThreatIntelSetCommand.ts b/clients/client-guardduty/src/commands/GetThreatIntelSetCommand.ts index 1e81b758422d..68722e46797c 100644 --- a/clients/client-guardduty/src/commands/GetThreatIntelSetCommand.ts +++ b/clients/client-guardduty/src/commands/GetThreatIntelSetCommand.ts @@ -6,7 +6,7 @@ import { MetadataBearer as __MetadataBearer } from "@smithy/types"; import { commonParams } from "../endpoint/EndpointParameters"; import { GuardDutyClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../GuardDutyClient"; -import { GetThreatIntelSetRequest, GetThreatIntelSetResponse } from "../models/models_0"; +import { GetThreatIntelSetRequest, GetThreatIntelSetResponse } from "../models/models_1"; import { de_GetThreatIntelSetCommand, se_GetThreatIntelSetCommand } from "../protocols/Aws_restJson1"; /** diff --git a/clients/client-guardduty/src/models/models_0.ts b/clients/client-guardduty/src/models/models_0.ts index b23365459ecf..8c5bd6794dc2 100644 --- a/clients/client-guardduty/src/models/models_0.ts +++ b/clients/client-guardduty/src/models/models_0.ts @@ -423,6 +423,30 @@ export interface AccountLevelPermissions { BlockPublicAccess?: BlockPublicAccess; } +/** + *

Represents a list of map of accounts with the number of findings associated with each account.

+ * @public + */ +export interface AccountStatistics { + /** + *

The ID of the Amazon Web Services account.

+ * @public + */ + AccountId?: string; + + /** + *

The timestamp at which the finding for this account was last generated.

+ * @public + */ + LastGeneratedAt?: Date; + + /** + *

The total number of findings associated with an account.

+ * @public + */ + TotalFindings?: number; +} + /** *

Contains information about the domain.

* @public @@ -2445,8 +2469,7 @@ export interface FindingCriteria { */ export interface CreateFilterRequest { /** - *

The ID of the detector belonging to the GuardDuty account that you want to create a filter - * for.

+ *

The detector ID associated with the GuardDuty account for which you want to create a filter.

* @public */ DetectorId: string | undefined; @@ -2845,8 +2868,7 @@ export type IpSetFormat = (typeof IpSetFormat)[keyof typeof IpSetFormat]; */ export interface CreateIPSetRequest { /** - *

The unique ID of the detector of the GuardDuty account that you want to create an IPSet - * for.

+ *

The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.

* @public */ DetectorId: string | undefined; @@ -2985,7 +3007,7 @@ export interface CreateMalwareProtectionPlanRequest { ClientToken?: string; /** - *

IAM role with permissions required to scan and add tags to the associated + *

Amazon Resource Name (ARN) of the IAM role that has the permissions to scan and add tags to the associated * protected resource.

* @public */ @@ -3028,8 +3050,8 @@ export interface CreateMalwareProtectionPlanResponse { */ export interface CreateMembersRequest { /** - *

The unique ID of the detector of the GuardDuty account that you want to associate member - * accounts with.

+ *

The unique ID of the detector of the GuardDuty account for which you want to associate member + * accounts.

* @public */ DetectorId: string | undefined; @@ -3154,7 +3176,7 @@ export interface CreatePublishingDestinationResponse { */ export interface CreateSampleFindingsRequest { /** - *

The ID of the detector to create sample findings for.

+ *

The ID of the detector for which you need to create sample findings.

* @public */ DetectorId: string | undefined; @@ -3194,8 +3216,8 @@ export type ThreatIntelSetFormat = (typeof ThreatIntelSetFormat)[keyof typeof Th */ export interface CreateThreatIntelSetRequest { /** - *

The unique ID of the detector of the GuardDuty account that you want to create a - * threatIntelSet for.

+ *

The unique ID of the detector of the GuardDuty account for which you want to create a + * ThreatIntelSet.

* @public */ DetectorId: string | undefined; @@ -3392,6 +3414,38 @@ export interface DataSourceConfigurationsResult { MalwareProtection?: MalwareProtectionConfigurationResult; } +/** + *

Represents list a map of dates with a count of total findings generated on each date.

+ * @public + */ +export interface DateStatistics { + /** + *

The timestamp when the total findings count is observed.

+ *

For example, Date would look like "2024-09-05T17:00:00-07:00" + * whereas LastGeneratedAt would look like 2024-09-05T17:12:29-07:00".

+ * @public + */ + Date?: Date; + + /** + *

The timestamp at which the last finding in the findings count, was generated.

+ * @public + */ + LastGeneratedAt?: Date; + + /** + *

The severity of the findings generated on each date.

+ * @public + */ + Severity?: number; + + /** + *

The total number of findings that were generated per severity level on each date.

+ * @public + */ + TotalFindings?: number; +} + /** * @public */ @@ -3458,7 +3512,7 @@ export interface DeleteDetectorResponse {} */ export interface DeleteFilterRequest { /** - *

The unique ID of the detector that the filter is associated with.

+ *

The unique ID of the detector that is associated with the filter.

* @public */ DetectorId: string | undefined; @@ -3621,7 +3675,7 @@ export interface DeletePublishingDestinationResponse {} */ export interface DeleteThreatIntelSetRequest { /** - *

The unique ID of the detector that the threatIntelSet is associated with.

+ *

The unique ID of the detector that is associated with the threatIntelSet.

* @public */ DetectorId: string | undefined; @@ -3913,8 +3967,8 @@ export interface Scan { /** *

The unique detector ID of the administrator account that the request is associated with. - * Note that this value will be the same as the one used for DetectorId if the - * account is an administrator.

+ * If the account is an administrator, the AdminDetectorId will be the same as the one used for + * DetectorId.

* @public */ AdminDetectorId?: string; @@ -4021,8 +4075,7 @@ export interface DescribeMalwareScansResponse { */ export interface DescribeOrganizationConfigurationRequest { /** - *

The ID of the detector to retrieve information about the delegated administrator - * from.

+ *

The detector ID of the delegated administrator for which you need to retrieve the information.

* @public */ DetectorId: string | undefined; @@ -6572,16 +6625,185 @@ export interface Finding { UpdatedAt: string | undefined; } +/** + *

Information about each finding type associated with the + * groupedByFindingType statistics.

+ * @public + */ +export interface FindingTypeStatistics { + /** + *

Name of the finding type.

+ * @public + */ + FindingType?: string; + + /** + *

The timestamp at which this finding type was last generated in your environment.

+ * @public + */ + LastGeneratedAt?: Date; + + /** + *

The total number of findings associated with generated for each distinct finding type.

+ * @public + */ + TotalFindings?: number; +} + +/** + *

Information about each resource type associated with the + * groupedByResource statistics.

+ * @public + */ +export interface ResourceStatistics { + /** + *

The ID of the Amazon Web Services account.

+ * @public + */ + AccountId?: string; + + /** + *

The timestamp at which the statistics for this resource was last generated.

+ * @public + */ + LastGeneratedAt?: Date; + + /** + *

ID associated with each resource. The following list provides the mapping of the resource type + * and resource ID.

+ *

+ * Mapping of resource and resource ID + *

+ * + * @public + */ + ResourceId?: string; + + /** + *

The type of resource.

+ * @public + */ + ResourceType?: string; + + /** + *

The total number of findings associated with this resource.

+ * @public + */ + TotalFindings?: number; +} + +/** + *

Information about severity level for each finding type.

+ * @public + */ +export interface SeverityStatistics { + /** + *

The timestamp at which a finding type for a specific severity was last generated.

+ * @public + */ + LastGeneratedAt?: Date; + + /** + *

The severity level associated with each finding type.

+ * @public + */ + Severity?: number; + + /** + *

The total number of findings associated with this severity.

+ * @public + */ + TotalFindings?: number; +} + /** *

Contains information about finding statistics.

* @public */ export interface FindingStatistics { /** - *

Represents a map of severity to count statistics for a set of findings.

+ * @deprecated + * + *

Represents a list of map of severity to count statistics for a set of findings.

* @public */ CountBySeverity?: Record; + + /** + *

Represents a list of map of accounts with a findings count associated with each account.

+ * @public + */ + GroupedByAccount?: AccountStatistics[]; + + /** + *

Represents a list of map of dates with a count of total findings generated on each date per severity level.

+ * @public + */ + GroupedByDate?: DateStatistics[]; + + /** + *

Represents a list of map of finding types with a count of total findings generated for each type.

+ *

Based on the orderBy + * parameter, this request returns either the most occurring finding types or the least occurring finding types. If the + * orderBy parameter is ASC, this will represent the least occurring finding types in + * your account; otherwise, this will represent the most occurring finding types. The default + * value of orderBy is DESC.

+ * @public + */ + GroupedByFindingType?: FindingTypeStatistics[]; + + /** + *

Represents a list of map of top resources with a count of total findings.

+ * @public + */ + GroupedByResource?: ResourceStatistics[]; + + /** + *

Represents a list of map of total findings for each severity level.

+ * @public + */ + GroupedBySeverity?: SeverityStatistics[]; } /** @@ -6624,13 +6846,13 @@ export interface GetAdministratorAccountResponse { */ export interface GetCoverageStatisticsRequest { /** - *

The unique ID of the GuardDuty detector associated to the coverage statistics.

+ *

The unique ID of the GuardDuty detector.

* @public */ DetectorId: string | undefined; /** - *

Represents the criteria used to filter the coverage statistics

+ *

Represents the criteria used to filter the coverage statistics.

* @public */ FilterCriteria?: CoverageFilterCriteria; @@ -6725,7 +6947,7 @@ export interface GetDetectorResponse { */ export interface GetFilterRequest { /** - *

The unique ID of the detector that the filter is associated with.

+ *

The unique ID of the detector that is associated with this filter.

* @public */ DetectorId: string | undefined; @@ -6814,28 +7036,68 @@ export interface GetFindingsResponse { Findings: Finding[] | undefined; } +/** + * @public + * @enum + */ +export const GroupByType = { + ACCOUNT: "ACCOUNT", + DATE: "DATE", + FINDING_TYPE: "FINDING_TYPE", + RESOURCE: "RESOURCE", + SEVERITY: "SEVERITY", +} as const; + +/** + * @public + */ +export type GroupByType = (typeof GroupByType)[keyof typeof GroupByType]; + /** * @public */ export interface GetFindingsStatisticsRequest { /** - *

The ID of the detector that specifies the GuardDuty service whose findings' statistics you + *

The ID of the detector whose findings statistics you * want to retrieve.

* @public */ DetectorId: string | undefined; /** + * @deprecated + * *

The types of finding statistics to retrieve.

* @public */ - FindingStatisticTypes: FindingStatisticType[] | undefined; + FindingStatisticTypes?: FindingStatisticType[]; /** *

Represents the criteria that is used for querying findings.

* @public */ FindingCriteria?: FindingCriteria; + + /** + *

Displays the findings statistics grouped by one of the listed valid values.

+ * @public + */ + GroupBy?: GroupByType; + + /** + *

Displays the sorted findings in the requested order. The default + * value of orderBy is DESC.

+ *

You can use this parameter only with the groupBy parameter.

+ * @public + */ + OrderBy?: OrderBy; + + /** + *

The maximum number of results to be returned in the response. The default value is 25.

+ *

You can use this parameter only with the groupBy parameter.

+ * @public + */ + MaxResults?: number; } /** @@ -6847,6 +7109,13 @@ export interface GetFindingsStatisticsResponse { * @public */ FindingStatistics: FindingStatistics | undefined; + + /** + *

The pagination parameter to be used on the next list operation to retrieve more items.

+ *

This parameter is currently not supported.

+ * @public + */ + NextToken?: string; } /** @@ -6870,7 +7139,7 @@ export interface GetInvitationsCountResponse { */ export interface GetIPSetRequest { /** - *

The unique ID of the detector that the IPSet is associated with.

+ *

The unique ID of the detector that is associated with the IPSet.

* @public */ DetectorId: string | undefined; @@ -6996,7 +7265,7 @@ export interface GetMalwareProtectionPlanResponse { Arn?: string; /** - *

IAM role that includes the permissions required to scan and + *

Amazon Resource Name (ARN) of the IAM role that includes the permissions to scan and * add tags to the associated protected resource.

* @public */ @@ -7047,7 +7316,7 @@ export interface GetMalwareProtectionPlanResponse { */ export interface GetMalwareScanSettingsRequest { /** - *

The unique ID of the detector that the scan setting is associated with.

+ *

The unique ID of the detector that is associated with this scan.

* @public */ DetectorId: string | undefined; @@ -7201,7 +7470,7 @@ export interface GetMemberDetectorsRequest { DetectorId: string | undefined; /** - *

The account ID of the member account.

+ *

A list of member account IDs.

* @public */ AccountIds: string[] | undefined; @@ -7512,125 +7781,6 @@ export interface OrganizationDetails { OrganizationStatistics?: OrganizationStatistics; } -/** - * @public - */ -export interface GetOrganizationStatisticsResponse { - /** - *

Information about the statistics report for your organization.

- * @public - */ - OrganizationDetails?: OrganizationDetails; -} - -/** - * @public - */ -export interface GetRemainingFreeTrialDaysRequest { - /** - *

The unique ID of the detector of the GuardDuty member account.

- * @public - */ - DetectorId: string | undefined; - - /** - *

A list of account identifiers of the GuardDuty member account.

- * @public - */ - AccountIds?: string[]; -} - -/** - * @public - */ -export interface GetRemainingFreeTrialDaysResponse { - /** - *

The member accounts which were included in a request and were processed - * successfully.

- * @public - */ - Accounts?: AccountFreeTrialInfo[]; - - /** - *

The member account that was included in a request but for which the request could not be - * processed.

- * @public - */ - UnprocessedAccounts?: UnprocessedAccount[]; -} - -/** - * @public - */ -export interface GetThreatIntelSetRequest { - /** - *

The unique ID of the detector that the threatIntelSet is associated with.

- * @public - */ - DetectorId: string | undefined; - - /** - *

The unique ID of the threatIntelSet that you want to get.

- * @public - */ - ThreatIntelSetId: string | undefined; -} - -/** - * @public - * @enum - */ -export const ThreatIntelSetStatus = { - ACTIVATING: "ACTIVATING", - ACTIVE: "ACTIVE", - DEACTIVATING: "DEACTIVATING", - DELETED: "DELETED", - DELETE_PENDING: "DELETE_PENDING", - ERROR: "ERROR", - INACTIVE: "INACTIVE", -} as const; - -/** - * @public - */ -export type ThreatIntelSetStatus = (typeof ThreatIntelSetStatus)[keyof typeof ThreatIntelSetStatus]; - -/** - * @public - */ -export interface GetThreatIntelSetResponse { - /** - *

A user-friendly ThreatIntelSet name displayed in all findings that are generated by - * activity that involves IP addresses included in this ThreatIntelSet.

- * @public - */ - Name: string | undefined; - - /** - *

The format of the threatIntelSet.

- * @public - */ - Format: ThreatIntelSetFormat | undefined; - - /** - *

The URI of the file that contains the ThreatIntelSet.

- * @public - */ - Location: string | undefined; - - /** - *

The status of threatIntelSet file uploaded.

- * @public - */ - Status: ThreatIntelSetStatus | undefined; - - /** - *

The tags of the threat list resource.

- * @public - */ - Tags?: Record; -} - /** * @internal */ diff --git a/clients/client-guardduty/src/models/models_1.ts b/clients/client-guardduty/src/models/models_1.ts index 82c926576047..1098fc17f77a 100644 --- a/clients/client-guardduty/src/models/models_1.ts +++ b/clients/client-guardduty/src/models/models_1.ts @@ -1,5 +1,6 @@ // smithy-typescript generated code import { + AccountFreeTrialInfo, AdminAccount, AutoEnableMembers, CoverageFilterCriteria, @@ -19,14 +20,135 @@ import { MalwareProtectionPlanActions, Member, MemberFilterSensitiveLog, + OrganizationDetails, OrgFeature, OrgFeatureAdditionalConfiguration, OrgFeatureStatus, ScanResourceCriteria, SortCriteria, + ThreatIntelSetFormat, UnprocessedAccount, } from "./models_0"; +/** + * @public + */ +export interface GetOrganizationStatisticsResponse { + /** + *

Information about the statistics report for your organization.

+ * @public + */ + OrganizationDetails?: OrganizationDetails; +} + +/** + * @public + */ +export interface GetRemainingFreeTrialDaysRequest { + /** + *

The unique ID of the detector of the GuardDuty member account.

+ * @public + */ + DetectorId: string | undefined; + + /** + *

A list of account identifiers of the GuardDuty member account.

+ * @public + */ + AccountIds?: string[]; +} + +/** + * @public + */ +export interface GetRemainingFreeTrialDaysResponse { + /** + *

The member accounts which were included in a request and were processed + * successfully.

+ * @public + */ + Accounts?: AccountFreeTrialInfo[]; + + /** + *

The member account that was included in a request but for which the request could not be + * processed.

+ * @public + */ + UnprocessedAccounts?: UnprocessedAccount[]; +} + +/** + * @public + */ +export interface GetThreatIntelSetRequest { + /** + *

The unique ID of the detector that is associated with the threatIntelSet.

+ * @public + */ + DetectorId: string | undefined; + + /** + *

The unique ID of the threatIntelSet that you want to get.

+ * @public + */ + ThreatIntelSetId: string | undefined; +} + +/** + * @public + * @enum + */ +export const ThreatIntelSetStatus = { + ACTIVATING: "ACTIVATING", + ACTIVE: "ACTIVE", + DEACTIVATING: "DEACTIVATING", + DELETED: "DELETED", + DELETE_PENDING: "DELETE_PENDING", + ERROR: "ERROR", + INACTIVE: "INACTIVE", +} as const; + +/** + * @public + */ +export type ThreatIntelSetStatus = (typeof ThreatIntelSetStatus)[keyof typeof ThreatIntelSetStatus]; + +/** + * @public + */ +export interface GetThreatIntelSetResponse { + /** + *

A user-friendly ThreatIntelSet name displayed in all findings that are generated by + * activity that involves IP addresses included in this ThreatIntelSet.

+ * @public + */ + Name: string | undefined; + + /** + *

The format of the threatIntelSet.

+ * @public + */ + Format: ThreatIntelSetFormat | undefined; + + /** + *

The URI of the file that contains the ThreatIntelSet.

+ * @public + */ + Location: string | undefined; + + /** + *

The status of threatIntelSet file uploaded.

+ * @public + */ + Status: ThreatIntelSetStatus | undefined; + + /** + *

The tags of the threat list resource.

+ * @public + */ + Tags?: Record; +} + /** * @public * @enum @@ -350,8 +472,7 @@ export interface GetUsageStatisticsResponse { */ export interface InviteMembersRequest { /** - *

The unique ID of the detector of the GuardDuty account that you want to invite members - * with.

+ *

The unique ID of the detector of the GuardDuty account with which you want to invite members.

* @public */ DetectorId: string | undefined; @@ -490,7 +611,7 @@ export interface ListDetectorsResponse { */ export interface ListFiltersRequest { /** - *

The unique ID of the detector that the filter is associated with.

+ *

The unique ID of the detector that is associated with the filter.

* @public */ DetectorId: string | undefined; @@ -683,6 +804,9 @@ export interface ListFindingsRequest { * existing findings are listed.

* *
  • + *

    service.ebsVolumeScanDetails.scanId

    + *
    • + *
  • *

    service.resourceRole

    *
    • *
  • @@ -816,7 +940,7 @@ export interface ListInvitationsResponse { */ export interface ListIPSetsRequest { /** - *

    The unique ID of the detector that the IPSet is associated with.

    + *

    The unique ID of the detector that is associated with IPSet.

    * @public */ DetectorId: string | undefined; @@ -909,7 +1033,7 @@ export interface ListMalwareProtectionPlansResponse { */ export interface ListMembersRequest { /** - *

    The unique ID of the detector the member is associated with.

    + *

    The unique ID of the detector that is associated with the member.

    * @public */ DetectorId: string | undefined; @@ -1007,7 +1131,7 @@ export interface ListOrganizationAdminAccountsResponse { */ export interface ListPublishingDestinationsRequest { /** - *

    The ID of the detector to retrieve publishing destinations for.

    + *

    The detector ID for which you want to retrieve the publishing destination.

    * @public */ DetectorId: string | undefined; @@ -1076,7 +1200,7 @@ export interface ListTagsForResourceResponse { */ export interface ListThreatIntelSetsRequest { /** - *

    The unique ID of the detector that the threatIntelSet is associated with.

    + *

    The unique ID of the detector that is associated with the threatIntelSet.

    * @public */ DetectorId: string | undefined; @@ -1373,7 +1497,8 @@ export interface UpdateFilterResponse { */ export interface UpdateFindingsFeedbackRequest { /** - *

    The ID of the detector associated with the findings to update feedback for.

    + *

    The ID of the detector that is associated with the findings for which you want to update + * the feedback.

    * @public */ DetectorId: string | undefined; @@ -1480,7 +1605,7 @@ export interface UpdateMalwareProtectionPlanRequest { MalwareProtectionPlanId: string | undefined; /** - *

    IAM role with permissions required to scan and add tags to + *

    Amazon Resource Name (ARN) of the IAM role with permissions to scan and add tags to * the associated protected resource.

    * @public */ diff --git a/clients/client-guardduty/src/protocols/Aws_restJson1.ts b/clients/client-guardduty/src/protocols/Aws_restJson1.ts index aea635b4839a..189d96dc57ae 100644 --- a/clients/client-guardduty/src/protocols/Aws_restJson1.ts +++ b/clients/client-guardduty/src/protocols/Aws_restJson1.ts @@ -224,6 +224,7 @@ import { AccountDetail, AccountFreeTrialInfo, AccountLevelPermissions, + AccountStatistics, Action, AddonDetails, AdminAccount, @@ -262,6 +263,7 @@ import { DataSourceConfigurationsResult, DataSourceFreeTrial, DataSourcesFreeTrial, + DateStatistics, DefaultServerSideEncryption, Destination, DestinationProperties, @@ -288,6 +290,7 @@ import { FindingCriteria, FindingStatistics, FindingStatisticType, + FindingTypeStatistics, FlowLogsConfigurationResult, FreeTrialFeatureConfigurationResult, GeoLocation, @@ -361,6 +364,7 @@ import { Resource, ResourceDetails, ResourceNotFoundException, + ResourceStatistics, RuntimeContext, RuntimeDetails, S3BucketDetail, @@ -383,6 +387,7 @@ import { SecurityGroup, Service, ServiceAdditionalInfo, + SeverityStatistics, SortCriteria, Tag, Threat, @@ -1149,6 +1154,9 @@ export const se_GetFindingsStatisticsCommand = async ( take(input, { findingCriteria: [, (_) => se_FindingCriteria(_, context), `FindingCriteria`], findingStatisticTypes: [, (_) => _json(_), `FindingStatisticTypes`], + groupBy: [, , `GroupBy`], + maxResults: [, , `MaxResults`], + orderBy: [, , `OrderBy`], }) ); b.m("POST").h(headers).b(body); @@ -2698,6 +2706,7 @@ export const de_GetFindingsStatisticsCommand = async ( const data: Record = __expectNonNull(__expectObject(await parseBody(output.body, context)), "body"); const doc = take(data, { FindingStatistics: [, (_) => de_FindingStatistics(_, context), `findingStatistics`], + NextToken: [, __expectString, `nextToken`], }); Object.assign(contents, doc); return contents; @@ -4325,6 +4334,17 @@ const de_AccountLevelPermissions = (output: any, context: __SerdeContext): Accou }) as any; }; +/** + * deserializeAws_restJson1AccountStatistics + */ +const de_AccountStatistics = (output: any, context: __SerdeContext): AccountStatistics => { + return take(output, { + AccountId: [, __expectString, `accountId`], + LastGeneratedAt: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `lastGeneratedAt`], + TotalFindings: [, __expectInt32, `totalFindings`], + }) as any; +}; + /** * deserializeAws_restJson1Action */ @@ -4802,6 +4822,18 @@ const de_DataSourcesFreeTrial = (output: any, context: __SerdeContext): DataSour }) as any; }; +/** + * deserializeAws_restJson1DateStatistics + */ +const de_DateStatistics = (output: any, context: __SerdeContext): DateStatistics => { + return take(output, { + Date: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `date`], + LastGeneratedAt: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `lastGeneratedAt`], + Severity: [, __limitedParseDouble, `severity`], + TotalFindings: [, __expectInt32, `totalFindings`], + }) as any; +}; + /** * deserializeAws_restJson1DefaultServerSideEncryption */ @@ -5121,6 +5153,22 @@ const de_Findings = (output: any, context: __SerdeContext): Finding[] => { const de_FindingStatistics = (output: any, context: __SerdeContext): FindingStatistics => { return take(output, { CountBySeverity: [, _json, `countBySeverity`], + GroupedByAccount: [, (_: any) => de_GroupedByAccount(_, context), `groupedByAccount`], + GroupedByDate: [, (_: any) => de_GroupedByDate(_, context), `groupedByDate`], + GroupedByFindingType: [, (_: any) => de_GroupedByFindingType(_, context), `groupedByFindingType`], + GroupedByResource: [, (_: any) => de_GroupedByResource(_, context), `groupedByResource`], + GroupedBySeverity: [, (_: any) => de_GroupedBySeverity(_, context), `groupedBySeverity`], + }) as any; +}; + +/** + * deserializeAws_restJson1FindingTypeStatistics + */ +const de_FindingTypeStatistics = (output: any, context: __SerdeContext): FindingTypeStatistics => { + return take(output, { + FindingType: [, __expectString, `findingType`], + LastGeneratedAt: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `lastGeneratedAt`], + TotalFindings: [, __expectInt32, `totalFindings`], }) as any; }; @@ -5173,6 +5221,66 @@ const de_GeoLocation = (output: any, context: __SerdeContext): GeoLocation => { }) as any; }; +/** + * deserializeAws_restJson1GroupedByAccount + */ +const de_GroupedByAccount = (output: any, context: __SerdeContext): AccountStatistics[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + return de_AccountStatistics(entry, context); + }); + return retVal; +}; + +/** + * deserializeAws_restJson1GroupedByDate + */ +const de_GroupedByDate = (output: any, context: __SerdeContext): DateStatistics[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + return de_DateStatistics(entry, context); + }); + return retVal; +}; + +/** + * deserializeAws_restJson1GroupedByFindingType + */ +const de_GroupedByFindingType = (output: any, context: __SerdeContext): FindingTypeStatistics[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + return de_FindingTypeStatistics(entry, context); + }); + return retVal; +}; + +/** + * deserializeAws_restJson1GroupedByResource + */ +const de_GroupedByResource = (output: any, context: __SerdeContext): ResourceStatistics[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + return de_ResourceStatistics(entry, context); + }); + return retVal; +}; + +/** + * deserializeAws_restJson1GroupedBySeverity + */ +const de_GroupedBySeverity = (output: any, context: __SerdeContext): SeverityStatistics[] => { + const retVal = (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + return de_SeverityStatistics(entry, context); + }); + return retVal; +}; + // de_Groups omitted. /** @@ -6289,6 +6397,19 @@ const de_ResourceDetails = (output: any, context: __SerdeContext): ResourceDetai }) as any; }; +/** + * deserializeAws_restJson1ResourceStatistics + */ +const de_ResourceStatistics = (output: any, context: __SerdeContext): ResourceStatistics => { + return take(output, { + AccountId: [, __expectString, `accountId`], + LastGeneratedAt: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `lastGeneratedAt`], + ResourceId: [, __expectString, `resourceId`], + ResourceType: [, __expectString, `resourceType`], + TotalFindings: [, __expectInt32, `totalFindings`], + }) as any; +}; + /** * deserializeAws_restJson1RuntimeContext */ @@ -6631,6 +6752,17 @@ const de_ServiceAdditionalInfo = (output: any, context: __SerdeContext): Service // de_SessionNameList omitted. +/** + * deserializeAws_restJson1SeverityStatistics + */ +const de_SeverityStatistics = (output: any, context: __SerdeContext): SeverityStatistics => { + return take(output, { + LastGeneratedAt: [, (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))), `lastGeneratedAt`], + Severity: [, __limitedParseDouble, `severity`], + TotalFindings: [, __expectInt32, `totalFindings`], + }) as any; +}; + // de_SourceIps omitted. // de_Sources omitted. diff --git a/codegen/sdk-codegen/aws-models/guardduty.json b/codegen/sdk-codegen/aws-models/guardduty.json index 0532e0f17276..a5a91da00f32 100644 --- a/codegen/sdk-codegen/aws-models/guardduty.json +++ b/codegen/sdk-codegen/aws-models/guardduty.json @@ -366,6 +366,35 @@ "smithy.api#documentation": "

    Contains information about the account level permissions on the S3 bucket.

    " } }, + "com.amazonaws.guardduty#AccountStatistics": { + "type": "structure", + "members": { + "AccountId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    The ID of the Amazon Web Services account.

    ", + "smithy.api#jsonName": "accountId" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp at which the finding for this account was last generated.

    ", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "

    The total number of findings associated with an account.

    ", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "

    Represents a list of map of accounts with the number of findings associated with each account.

    " + } + }, "com.amazonaws.guardduty#Action": { "type": "structure", "members": { @@ -1887,7 +1916,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector belonging to the GuardDuty account that you want to create a filter\n for.

    ", + "smithy.api#documentation": "

    The detector ID associated with the GuardDuty account for which you want to create a filter.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2000,7 +2029,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account that you want to create an IPSet\n for.

    ", + "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2125,7 +2154,7 @@ "target": "com.amazonaws.guardduty#String", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "

    IAM role with permissions required to scan and add tags to the associated\n protected resource.

    ", + "smithy.api#documentation": "

    Amazon Resource Name (ARN) of the IAM role that has the permissions to scan and add tags to the associated\n protected resource.

    ", "smithy.api#jsonName": "role", "smithy.api#required": {} } @@ -2204,7 +2233,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account that you want to associate member\n accounts with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account for which you want to associate member\n accounts.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2273,7 +2302,7 @@ } ], "traits": { - "smithy.api#documentation": "

    Creates a publishing destination to export findings to. The resource to export findings to\n must exist before you use this operation.

    ", + "smithy.api#documentation": "

    Creates a publishing destination where you can export your GuardDuty findings. Before you start exporting the\n findings, the destination resource must exist.

    ", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/publishingDestination", @@ -2394,7 +2423,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector to create sample findings for.

    ", + "smithy.api#documentation": "

    The ID of the detector for which you need to create sample findings.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2450,7 +2479,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account that you want to create a\n threatIntelSet for.

    ", + "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account for which you want to create a\n ThreatIntelSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -2824,6 +2853,42 @@ "smithy.api#documentation": "

    Contains information about which data sources are enabled for the GuardDuty member\n account.

    " } }, + "com.amazonaws.guardduty#DateStatistics": { + "type": "structure", + "members": { + "Date": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp when the total findings count is observed.

    \n

    For example, Date would look like \"2024-09-05T17:00:00-07:00\"\n whereas LastGeneratedAt would look like 2024-09-05T17:12:29-07:00\".

    ", + "smithy.api#jsonName": "date" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp at which the last finding in the findings count, was generated.

    ", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "Severity": { + "target": "com.amazonaws.guardduty#Double", + "traits": { + "smithy.api#documentation": "

    The severity of the findings generated on each date.

    ", + "smithy.api#jsonName": "severity" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "

    The total number of findings that were generated per severity level on each date.

    ", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "

    Represents list a map of dates with a count of total findings generated on each date.

    " + } + }, "com.amazonaws.guardduty#DeclineInvitations": { "type": "operation", "input": { @@ -2985,7 +3050,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the filter is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the filter.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -3334,7 +3399,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the threatIntelSet is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the threatIntelSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -3497,7 +3562,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector to retrieve information about the delegated administrator\n from.

    ", + "smithy.api#documentation": "

    The detector ID of the delegated administrator for which you need to retrieve the information.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5195,9 +5260,47 @@ "CountBySeverity": { "target": "com.amazonaws.guardduty#CountBySeverity", "traits": { - "smithy.api#documentation": "

    Represents a map of severity to count statistics for a set of findings.

    ", + "smithy.api#deprecated": { + "message": "This parameter is deprecated. Please set GroupBy to 'SEVERITY' to return GroupedBySeverity instead." + }, + "smithy.api#documentation": "

    Represents a list of map of severity to count statistics for a set of findings.

    ", "smithy.api#jsonName": "countBySeverity" } + }, + "GroupedByAccount": { + "target": "com.amazonaws.guardduty#GroupedByAccount", + "traits": { + "smithy.api#documentation": "

    Represents a list of map of accounts with a findings count associated with each account.

    ", + "smithy.api#jsonName": "groupedByAccount" + } + }, + "GroupedByDate": { + "target": "com.amazonaws.guardduty#GroupedByDate", + "traits": { + "smithy.api#documentation": "

    Represents a list of map of dates with a count of total findings generated on each date per severity level.

    ", + "smithy.api#jsonName": "groupedByDate" + } + }, + "GroupedByFindingType": { + "target": "com.amazonaws.guardduty#GroupedByFindingType", + "traits": { + "smithy.api#documentation": "

    Represents a list of map of finding types with a count of total findings generated for each type.

    \n

    Based on the orderBy\n parameter, this request returns either the most occurring finding types or the least occurring finding types. If the\n orderBy parameter is ASC, this will represent the least occurring finding types in\n your account; otherwise, this will represent the most occurring finding types. The default\n value of orderBy is DESC.

    ", + "smithy.api#jsonName": "groupedByFindingType" + } + }, + "GroupedByResource": { + "target": "com.amazonaws.guardduty#GroupedByResource", + "traits": { + "smithy.api#documentation": "

    Represents a list of map of top resources with a count of total findings.

    ", + "smithy.api#jsonName": "groupedByResource" + } + }, + "GroupedBySeverity": { + "target": "com.amazonaws.guardduty#GroupedBySeverity", + "traits": { + "smithy.api#documentation": "

    Represents a list of map of total findings for each severity level.

    ", + "smithy.api#jsonName": "groupedBySeverity" + } } }, "traits": { @@ -5213,6 +5316,35 @@ } } }, + "com.amazonaws.guardduty#FindingTypeStatistics": { + "type": "structure", + "members": { + "FindingType": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    Name of the finding type.

    ", + "smithy.api#jsonName": "findingType" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp at which this finding type was last generated in your environment.

    ", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "

    The total number of findings associated with generated for each distinct finding type.

    ", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "

    Information about each finding type associated with the \n groupedByFindingType statistics.

    " + } + }, "com.amazonaws.guardduty#FindingTypes": { "type": "list", "member": { @@ -5471,7 +5603,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the GuardDuty detector associated to the coverage statistics.

    ", + "smithy.api#documentation": "

    The unique ID of the GuardDuty detector.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5480,7 +5612,7 @@ "FilterCriteria": { "target": "com.amazonaws.guardduty#CoverageFilterCriteria", "traits": { - "smithy.api#documentation": "

    Represents the criteria used to filter the coverage statistics

    ", + "smithy.api#documentation": "

    Represents the criteria used to filter the coverage statistics.

    ", "smithy.api#jsonName": "filterCriteria" } }, @@ -5530,7 +5662,7 @@ } ], "traits": { - "smithy.api#documentation": "

    Retrieves an Amazon GuardDuty detector specified by the detectorId.

    \n

    There might be regional differences because some data sources might not be \n available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more \n information, see Regions and endpoints.

    ", + "smithy.api#documentation": "

    Retrieves a GuardDuty detector specified by the detectorId.

    \n

    There might be regional differences because some data sources might not be \n available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more \n information, see Regions and endpoints.

    ", "smithy.api#http": { "method": "GET", "uri": "/detector/{DetectorId}", @@ -5657,7 +5789,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the filter is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with this filter.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5825,7 +5957,7 @@ } ], "traits": { - "smithy.api#documentation": "

    Lists Amazon GuardDuty findings statistics for the specified detector ID.

    \n

    There might be regional differences because some flags might not be available in all the Regions where GuardDuty\n is currently supported. For more information, see Regions and endpoints.

    ", + "smithy.api#documentation": "

    Lists GuardDuty findings statistics for the specified detector ID.

    \n

    You must provide either findingStatisticTypes or\n groupBy parameter, and not both. You can use the maxResults and orderBy\n parameters only when using groupBy.

    \n

    There might be regional differences because some flags might not be available in all the Regions where GuardDuty\n is currently supported. For more information, see Regions and endpoints.

    ", "smithy.api#http": { "method": "POST", "uri": "/detector/{DetectorId}/findings/statistics", @@ -5839,7 +5971,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector that specifies the GuardDuty service whose findings' statistics you\n want to retrieve.

    ", + "smithy.api#documentation": "

    The ID of the detector whose findings statistics you\n want to retrieve.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -5848,10 +5980,11 @@ "FindingStatisticTypes": { "target": "com.amazonaws.guardduty#FindingStatisticTypes", "traits": { - "smithy.api#clientOptional": {}, + "smithy.api#deprecated": { + "message": "This parameter is deprecated, please use GroupBy instead" + }, "smithy.api#documentation": "

    The types of finding statistics to retrieve.

    ", - "smithy.api#jsonName": "findingStatisticTypes", - "smithy.api#required": {} + "smithy.api#jsonName": "findingStatisticTypes" } }, "FindingCriteria": { @@ -5860,6 +5993,27 @@ "smithy.api#documentation": "

    Represents the criteria that is used for querying findings.

    ", "smithy.api#jsonName": "findingCriteria" } + }, + "GroupBy": { + "target": "com.amazonaws.guardduty#GroupByType", + "traits": { + "smithy.api#documentation": "

    Displays the findings statistics grouped by one of the listed valid values.

    ", + "smithy.api#jsonName": "groupBy" + } + }, + "OrderBy": { + "target": "com.amazonaws.guardduty#OrderBy", + "traits": { + "smithy.api#documentation": "

    Displays the sorted findings in the requested order. The default\n value of orderBy is DESC.

    \n

    You can use this parameter only with the groupBy parameter.

    ", + "smithy.api#jsonName": "orderBy" + } + }, + "MaxResults": { + "target": "com.amazonaws.guardduty#MaxResults100", + "traits": { + "smithy.api#documentation": "

    The maximum number of results to be returned in the response. The default value is 25.

    \n

    You can use this parameter only with the groupBy parameter.

    ", + "smithy.api#jsonName": "maxResults" + } } }, "traits": { @@ -5877,6 +6031,13 @@ "smithy.api#jsonName": "findingStatistics", "smithy.api#required": {} } + }, + "NextToken": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    The pagination parameter to be used on the next list operation to retrieve more items.

    \n

    This parameter is currently not supported.

    ", + "smithy.api#jsonName": "nextToken" + } } }, "traits": { @@ -5914,7 +6075,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the IPSet is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the IPSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6093,7 +6254,7 @@ "Role": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "

    IAM role that includes the permissions required to scan and \n add tags to the associated protected resource.

    ", + "smithy.api#documentation": "

    Amazon Resource Name (ARN) of the IAM role that includes the permissions to scan and \n add tags to the associated protected resource.

    ", "smithy.api#jsonName": "role" } }, @@ -6175,7 +6336,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the scan setting is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with this scan.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6317,7 +6478,7 @@ "target": "com.amazonaws.guardduty#AccountIds", "traits": { "smithy.api#clientOptional": {}, - "smithy.api#documentation": "

    The account ID of the member account.

    ", + "smithy.api#documentation": "

    A list of member account IDs.

    ", "smithy.api#jsonName": "accountIds", "smithy.api#required": {} } @@ -6572,7 +6733,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the threatIntelSet is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the threatIntelSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -6751,6 +6912,71 @@ "smithy.api#output": {} } }, + "com.amazonaws.guardduty#GroupByType": { + "type": "enum", + "members": { + "ACCOUNT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT" + } + }, + "DATE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DATE" + } + }, + "FINDING_TYPE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FINDING_TYPE" + } + }, + "RESOURCE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE" + } + }, + "SEVERITY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SEVERITY" + } + } + } + }, + "com.amazonaws.guardduty#GroupedByAccount": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#AccountStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByDate": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#DateStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByFindingType": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#FindingTypeStatistics" + } + }, + "com.amazonaws.guardduty#GroupedByResource": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#ResourceStatistics" + } + }, + "com.amazonaws.guardduty#GroupedBySeverity": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#SeverityStatistics" + } + }, "com.amazonaws.guardduty#Groups": { "type": "list", "member": { @@ -8318,7 +8544,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account that you want to invite members\n with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector of the GuardDuty account with which you want to invite members.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9309,7 +9535,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the filter is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the filter.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9406,7 +9632,7 @@ "FindingCriteria": { "target": "com.amazonaws.guardduty#FindingCriteria", "traits": { - "smithy.api#documentation": "

    Represents the criteria used for querying findings. Valid values include:

    \n
      \n
    • \n

      JSON field name

      \n
      • \n
    • \n

      accountId

      \n
      • \n
    • \n

      region

      \n
      • \n
    • \n

      confidence

      \n
      • \n
    • \n

      id

      \n
      • \n
    • \n

      resource.accessKeyDetails.accessKeyId

      \n
      • \n
    • \n

      resource.accessKeyDetails.principalId

      \n
      • \n
    • \n

      resource.accessKeyDetails.userName

      \n
      • \n
    • \n

      resource.accessKeyDetails.userType

      \n
      • \n
    • \n

      resource.instanceDetails.iamInstanceProfile.id

      \n
      • \n
    • \n

      resource.instanceDetails.imageId

      \n
      • \n
    • \n

      resource.instanceDetails.instanceId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.ipv6Addresses

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.publicDnsName

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.publicIp

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.securityGroups.groupId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.securityGroups.groupName

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.subnetId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.vpcId

      \n
      • \n
    • \n

      resource.instanceDetails.tags.key

      \n
      • \n
    • \n

      resource.instanceDetails.tags.value

      \n
      • \n
    • \n

      resource.resourceType

      \n
      • \n
    • \n

      service.action.actionType

      \n
      • \n
    • \n

      service.action.awsApiCallAction.api

      \n
      • \n
    • \n

      service.action.awsApiCallAction.callerType

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.city.cityName

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.country.countryName

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.organization.asn

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

      \n
      • \n
    • \n

      service.action.awsApiCallAction.serviceName

      \n
      • \n
    • \n

      service.action.dnsRequestAction.domain

      \n
      • \n
    • \n

      service.action.dnsRequestAction.domainWithSuffix

      \n
      • \n
    • \n

      service.action.networkConnectionAction.blocked

      \n
      • \n
    • \n

      service.action.networkConnectionAction.connectionDirection

      \n
      • \n
    • \n

      service.action.networkConnectionAction.localPortDetails.port

      \n
      • \n
    • \n

      service.action.networkConnectionAction.protocol

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.country.countryName

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.organization.asn

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remotePortDetails.port

      \n
      • \n
    • \n

      service.additionalInfo.threatListName

      \n
      • \n
    • \n

      service.archived

      \n

      When this attribute is set to 'true', only archived findings are listed. When it's set\n to 'false', only unarchived findings are listed. When this attribute is not set, all\n existing findings are listed.

      \n
      • \n
    • \n

      service.resourceRole

      \n
      • \n
    • \n

      severity

      \n
      • \n
    • \n

      type

      \n
      • \n
    • \n

      updatedAt

      \n

      Type: Timestamp in Unix Epoch millisecond format: 1486685375000

      \n
      • \n
    ", + "smithy.api#documentation": "

    Represents the criteria used for querying findings. Valid values include:

    \n
      \n
    • \n

      JSON field name

      \n
      • \n
    • \n

      accountId

      \n
      • \n
    • \n

      region

      \n
      • \n
    • \n

      confidence

      \n
      • \n
    • \n

      id

      \n
      • \n
    • \n

      resource.accessKeyDetails.accessKeyId

      \n
      • \n
    • \n

      resource.accessKeyDetails.principalId

      \n
      • \n
    • \n

      resource.accessKeyDetails.userName

      \n
      • \n
    • \n

      resource.accessKeyDetails.userType

      \n
      • \n
    • \n

      resource.instanceDetails.iamInstanceProfile.id

      \n
      • \n
    • \n

      resource.instanceDetails.imageId

      \n
      • \n
    • \n

      resource.instanceDetails.instanceId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.ipv6Addresses

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.publicDnsName

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.publicIp

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.securityGroups.groupId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.securityGroups.groupName

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.subnetId

      \n
      • \n
    • \n

      resource.instanceDetails.networkInterfaces.vpcId

      \n
      • \n
    • \n

      resource.instanceDetails.tags.key

      \n
      • \n
    • \n

      resource.instanceDetails.tags.value

      \n
      • \n
    • \n

      resource.resourceType

      \n
      • \n
    • \n

      service.action.actionType

      \n
      • \n
    • \n

      service.action.awsApiCallAction.api

      \n
      • \n
    • \n

      service.action.awsApiCallAction.callerType

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.city.cityName

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.country.countryName

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.organization.asn

      \n
      • \n
    • \n

      service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

      \n
      • \n
    • \n

      service.action.awsApiCallAction.serviceName

      \n
      • \n
    • \n

      service.action.dnsRequestAction.domain

      \n
      • \n
    • \n

      service.action.dnsRequestAction.domainWithSuffix

      \n
      • \n
    • \n

      service.action.networkConnectionAction.blocked

      \n
      • \n
    • \n

      service.action.networkConnectionAction.connectionDirection

      \n
      • \n
    • \n

      service.action.networkConnectionAction.localPortDetails.port

      \n
      • \n
    • \n

      service.action.networkConnectionAction.protocol

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.country.countryName

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.organization.asn

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

      \n
      • \n
    • \n

      service.action.networkConnectionAction.remotePortDetails.port

      \n
      • \n
    • \n

      service.additionalInfo.threatListName

      \n
      • \n
    • \n

      service.archived

      \n

      When this attribute is set to 'true', only archived findings are listed. When it's set\n to 'false', only unarchived findings are listed. When this attribute is not set, all\n existing findings are listed.

      \n
      • \n
    • \n

      service.ebsVolumeScanDetails.scanId

      \n
      • \n
    • \n

      service.resourceRole

      \n
      • \n
    • \n

      severity

      \n
      • \n
    • \n

      type

      \n
      • \n
    • \n

      updatedAt

      \n

      Type: Timestamp in Unix Epoch millisecond format: 1486685375000

      \n
      • \n
    ", "smithy.api#jsonName": "findingCriteria" } }, @@ -9497,7 +9723,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the IPSet is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with IPSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9728,7 +9954,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector the member is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the member.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -9898,7 +10124,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector to retrieve publishing destinations for.

    ", + "smithy.api#documentation": "

    The detector ID for which you want to retrieve the publishing destination.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -10046,7 +10272,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique ID of the detector that the threatIntelSet is associated with.

    ", + "smithy.api#documentation": "

    The unique ID of the detector that is associated with the threatIntelSet.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -10476,6 +10702,15 @@ } } }, + "com.amazonaws.guardduty#MaxResults100": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 100 + } + } + }, "com.amazonaws.guardduty#Member": { "type": "structure", "members": { @@ -12301,6 +12536,49 @@ "smithy.api#httpError": 404 } }, + "com.amazonaws.guardduty#ResourceStatistics": { + "type": "structure", + "members": { + "AccountId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    The ID of the Amazon Web Services account.

    ", + "smithy.api#jsonName": "accountId" + } + }, + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp at which the statistics for this resource was last generated.

    ", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "ResourceId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    ID associated with each resource. The following list provides the mapping of the resource type\n and resource ID.

    \n

    \n Mapping of resource and resource ID\n

    \n
      \n
    • \n

      AccessKey - resource.accessKeyDetails.accessKeyId\n

      \n
      • \n
    • \n

      Container - resource.containerDetails.id\n

      \n
      • \n
    • \n

      ECSCluster - resource.ecsClusterDetails.name\n

      \n
      • \n
    • \n

      EKSCluster - resource.eksClusterDetails.name\n

      \n
      • \n
    • \n

      Instance - resource.instanceDetails.instanceId\n

      \n
      • \n
    • \n

      KubernetesCluster - resource.kubernetesDetails.kubernetesWorkloadDetails.name\n

      \n
      • \n
    • \n

      Lambda - resource.lambdaDetails.functionName\n

      \n
      • \n
    • \n

      RDSDBInstance - resource.rdsDbInstanceDetails.dbInstanceIdentifier\n

      \n
      • \n
    • \n

      S3Bucket - resource.s3BucketDetails.name\n

      \n
      • \n
    • \n

      S3Object - resource.s3BucketDetails.name\n

      \n
      • \n
    ", + "smithy.api#jsonName": "resourceId" + } + }, + "ResourceType": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "

    The type of resource.

    ", + "smithy.api#jsonName": "resourceType" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "

    The total number of findings associated with this resource.

    ", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "

    Information about each resource type associated with the \n groupedByResource statistics.

    " + } + }, "com.amazonaws.guardduty#ResourceType": { "type": "enum", "members": { @@ -12702,7 +12980,7 @@ "AdminDetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The unique detector ID of the administrator account that the request is associated with.\n Note that this value will be the same as the one used for DetectorId if the\n account is an administrator.

    ", + "smithy.api#documentation": "

    The unique detector ID of the administrator account that the request is associated with.\n If the account is an administrator, the AdminDetectorId will be the same as the one used for \n DetectorId.

    ", "smithy.api#jsonName": "adminDetectorId" } }, @@ -13352,6 +13630,35 @@ "target": "com.amazonaws.guardduty#String" } }, + "com.amazonaws.guardduty#SeverityStatistics": { + "type": "structure", + "members": { + "LastGeneratedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "

    The timestamp at which a finding type for a specific severity was last generated.

    ", + "smithy.api#jsonName": "lastGeneratedAt" + } + }, + "Severity": { + "target": "com.amazonaws.guardduty#Double", + "traits": { + "smithy.api#documentation": "

    The severity level associated with each finding type.

    ", + "smithy.api#jsonName": "severity" + } + }, + "TotalFindings": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "

    The total number of findings associated with this severity.

    ", + "smithy.api#jsonName": "totalFindings" + } + } + }, + "traits": { + "smithy.api#documentation": "

    Information about severity level for each finding type.

    " + } + }, "com.amazonaws.guardduty#SortCriteria": { "type": "structure", "members": { @@ -14391,7 +14698,7 @@ "DetectorId": { "target": "com.amazonaws.guardduty#DetectorId", "traits": { - "smithy.api#documentation": "

    The ID of the detector associated with the findings to update feedback for.

    ", + "smithy.api#documentation": "

    The ID of the detector that is associated with the findings for which you want to update \n the feedback.

    ", "smithy.api#httpLabel": {}, "smithy.api#jsonName": "detectorId", "smithy.api#required": {} @@ -14559,7 +14866,7 @@ "Role": { "target": "com.amazonaws.guardduty#String", "traits": { - "smithy.api#documentation": "

    IAM role with permissions required to scan and add tags to \n the associated protected resource.

    ", + "smithy.api#documentation": "

    Amazon Resource Name (ARN) of the IAM role with permissions to scan and add tags to \n the associated protected resource.

    ", "smithy.api#jsonName": "role" } },