Class: Aws::GuardDuty::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::GuardDuty::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb
Overview
An API client for GuardDuty. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::GuardDuty::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#accept_administrator_invitation(params = {}) ⇒ Struct
Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation.
-
#accept_invitation(params = {}) ⇒ Struct
Accepts the invitation to be monitored by a GuardDuty administrator account.
-
#archive_findings(params = {}) ⇒ Struct
Archives GuardDuty findings that are specified by the list of finding IDs.
-
#create_detector(params = {}) ⇒ Types::CreateDetectorResponse
Creates a single GuardDuty detector.
-
#create_filter(params = {}) ⇒ Types::CreateFilterResponse
Creates a filter using the specified finding criteria.
-
#create_ip_set(params = {}) ⇒ Types::CreateIPSetResponse
Creates a new IPSet, which is called a trusted IP list in the console user interface.
-
#create_members(params = {}) ⇒ Types::CreateMembersResponse
Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs.
-
#create_publishing_destination(params = {}) ⇒ Types::CreatePublishingDestinationResponse
Creates a publishing destination to export findings to.
-
#create_sample_findings(params = {}) ⇒ Struct
Generates sample findings of types specified by the list of finding types.
-
#create_threat_intel_set(params = {}) ⇒ Types::CreateThreatIntelSetResponse
Creates a new ThreatIntelSet.
-
#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse
Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.
-
#delete_detector(params = {}) ⇒ Struct
Deletes an Amazon GuardDuty detector that is specified by the detector ID.
-
#delete_filter(params = {}) ⇒ Struct
Deletes the filter specified by the filter name.
-
#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse
Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.
-
#delete_ip_set(params = {}) ⇒ Struct
Deletes the IPSet specified by the
ipSetId
. -
#delete_members(params = {}) ⇒ Types::DeleteMembersResponse
Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs.
-
#delete_publishing_destination(params = {}) ⇒ Struct
Deletes the publishing definition with the specified
destinationId
. -
#delete_threat_intel_set(params = {}) ⇒ Struct
Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
-
#describe_malware_scans(params = {}) ⇒ Types::DescribeMalwareScansResponse
Returns a list of malware scans.
-
#describe_organization_configuration(params = {}) ⇒ Types::DescribeOrganizationConfigurationResponse
Returns information about the account selected as the delegated administrator for GuardDuty.
-
#describe_publishing_destination(params = {}) ⇒ Types::DescribePublishingDestinationResponse
Returns information about the publishing destination specified by the provided
destinationId
. -
#disable_organization_admin_account(params = {}) ⇒ Struct
Removes the existing GuardDuty delegated administrator of the organization.
-
#disassociate_from_administrator_account(params = {}) ⇒ Struct
Disassociates the current GuardDuty member account from its administrator account.
-
#disassociate_from_master_account(params = {}) ⇒ Struct
Disassociates the current GuardDuty member account from its administrator account.
-
#disassociate_members(params = {}) ⇒ Types::DisassociateMembersResponse
Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.
-
#enable_organization_admin_account(params = {}) ⇒ Struct
Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator.
-
#get_administrator_account(params = {}) ⇒ Types::GetAdministratorAccountResponse
Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account.
-
#get_coverage_statistics(params = {}) ⇒ Types::GetCoverageStatisticsResponse
Retrieves aggregated statistics for your account.
-
#get_detector(params = {}) ⇒ Types::GetDetectorResponse
Retrieves an Amazon GuardDuty detector specified by the detectorId.
-
#get_filter(params = {}) ⇒ Types::GetFilterResponse
Returns the details of the filter specified by the filter name.
-
#get_findings(params = {}) ⇒ Types::GetFindingsResponse
Describes Amazon GuardDuty findings specified by finding IDs.
-
#get_findings_statistics(params = {}) ⇒ Types::GetFindingsStatisticsResponse
Lists Amazon GuardDuty findings statistics for the specified detector ID.
-
#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse
Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.
-
#get_ip_set(params = {}) ⇒ Types::GetIPSetResponse
Retrieves the IPSet specified by the
ipSetId
. -
#get_malware_scan_settings(params = {}) ⇒ Types::GetMalwareScanSettingsResponse
Returns the details of the malware scan settings.
-
#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse
Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.
-
#get_member_detectors(params = {}) ⇒ Types::GetMemberDetectorsResponse
Describes which data sources are enabled for the member account's detector.
-
#get_members(params = {}) ⇒ Types::GetMembersResponse
Retrieves GuardDuty member accounts (of the current GuardDuty administrator account) specified by the account IDs.
-
#get_organization_statistics(params = {}) ⇒ Types::GetOrganizationStatisticsResponse
Retrieves how many active member accounts have each feature enabled within GuardDuty.
-
#get_remaining_free_trial_days(params = {}) ⇒ Types::GetRemainingFreeTrialDaysResponse
Provides the number of days left for each data source used in the free trial period.
-
#get_threat_intel_set(params = {}) ⇒ Types::GetThreatIntelSetResponse
Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.
-
#get_usage_statistics(params = {}) ⇒ Types::GetUsageStatisticsResponse
Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID.
-
#invite_members(params = {}) ⇒ Types::InviteMembersResponse
Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API.
-
#list_coverage(params = {}) ⇒ Types::ListCoverageResponse
Lists coverage details for your GuardDuty account.
-
#list_detectors(params = {}) ⇒ Types::ListDetectorsResponse
Lists detectorIds of all the existing Amazon GuardDuty detector resources.
-
#list_filters(params = {}) ⇒ Types::ListFiltersResponse
Returns a paginated list of the current filters.
-
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Lists GuardDuty findings for the specified detector ID.
-
#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse
Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.
-
#list_ip_sets(params = {}) ⇒ Types::ListIPSetsResponse
Lists the IPSets of the GuardDuty service specified by the detector ID.
-
#list_members(params = {}) ⇒ Types::ListMembersResponse
Lists details about all member accounts for the current GuardDuty administrator account.
-
#list_organization_admin_accounts(params = {}) ⇒ Types::ListOrganizationAdminAccountsResponse
Lists the accounts designated as GuardDuty delegated administrators.
-
#list_publishing_destinations(params = {}) ⇒ Types::ListPublishingDestinationsResponse
Returns a list of publishing destinations associated with the specified
detectorId
. -
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Lists tags for a resource.
-
#list_threat_intel_sets(params = {}) ⇒ Types::ListThreatIntelSetsResponse
Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID.
-
#start_malware_scan(params = {}) ⇒ Types::StartMalwareScanResponse
Initiates the malware scan.
-
#start_monitoring_members(params = {}) ⇒ Types::StartMonitoringMembersResponse
Turns on GuardDuty monitoring of the specified member accounts.
-
#stop_monitoring_members(params = {}) ⇒ Types::StopMonitoringMembersResponse
Stops GuardDuty monitoring for the specified member accounts.
-
#tag_resource(params = {}) ⇒ Struct
Adds tags to a resource.
-
#unarchive_findings(params = {}) ⇒ Struct
Unarchives GuardDuty findings specified by the
findingIds
. -
#untag_resource(params = {}) ⇒ Struct
Removes tags from a resource.
-
#update_detector(params = {}) ⇒ Struct
Updates the GuardDuty detector specified by the detector ID.
-
#update_filter(params = {}) ⇒ Types::UpdateFilterResponse
Updates the filter specified by the filter name.
-
#update_findings_feedback(params = {}) ⇒ Struct
Marks the specified GuardDuty findings as useful or not useful.
-
#update_ip_set(params = {}) ⇒ Struct
Updates the IPSet specified by the IPSet ID.
-
#update_malware_scan_settings(params = {}) ⇒ Struct
Updates the malware scan settings.
-
#update_member_detectors(params = {}) ⇒ Types::UpdateMemberDetectorsResponse
Contains information on member accounts to be updated.
-
#update_organization_configuration(params = {}) ⇒ Struct
Configures the delegated administrator account with the provided values.
-
#update_publishing_destination(params = {}) ⇒ Struct
Updates information about the publishing destination specified by the
destinationId
. -
#update_threat_intel_set(params = {}) ⇒ Struct
Updates the ThreatIntelSet specified by the ThreatIntelSet ID.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
409 410 411 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 409 def initialize(*args) super end |
Instance Method Details
#accept_administrator_invitation(params = {}) ⇒ Struct
Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation.
443 444 445 446 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 443 def accept_administrator_invitation(params = {}, = {}) req = build_request(:accept_administrator_invitation, params) req.send_request() end |
#accept_invitation(params = {}) ⇒ Struct
Accepts the invitation to be monitored by a GuardDuty administrator account.
476 477 478 479 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 476 def accept_invitation(params = {}, = {}) req = build_request(:accept_invitation, params) req.send_request() end |
#archive_findings(params = {}) ⇒ Struct
Archives GuardDuty findings that are specified by the list of finding IDs.
509 510 511 512 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 509 def archive_findings(params = {}, = {}) req = build_request(:archive_findings, params) req.send_request() end |
#create_detector(params = {}) ⇒ Types::CreateDetectorResponse
Creates a single GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default.
When you don't specify any
features
, with an exception toRUNTIME_MONITORING
, all the optional features are enabled by default.When you specify some of the
features
, any feature that is not specified in the API call gets enabled by default, with an exception toRUNTIME_MONITORING
.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING
) and
Runtime Monitoring (RUNTIME_MONITORING
) will cause an error. You can
add only one of these two features because Runtime Monitoring already
includes the threat detection for Amazon EKS resources. For more
information, see Runtime Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
628 629 630 631 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 628 def create_detector(params = {}, = {}) req = build_request(:create_detector, params) req.send_request() end |
#create_filter(params = {}) ⇒ Types::CreateFilterResponse
Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services account per Region is 100. For more information, see Quotas for GuardDuty.
936 937 938 939 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 936 def create_filter(params = {}, = {}) req = build_request(:create_filter, params) req.send_request() end |
#create_ip_set(params = {}) ⇒ Types::CreateIPSetResponse
Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this operation.
1003 1004 1005 1006 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1003 def create_ip_set(params = {}, = {}) req = build_request(:create_ip_set, params) req.send_request() end |
#create_members(params = {}) ⇒ Types::CreateMembersResponse
Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization.
As a delegated administrator, using CreateMembers
will enable
GuardDuty in the added member accounts, with the exception of the
organization delegated administrator account. A delegated
administrator must enable GuardDuty prior to being added as a member.
When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
1078 1079 1080 1081 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1078 def create_members(params = {}, = {}) req = build_request(:create_members, params) req.send_request() end |
#create_publishing_destination(params = {}) ⇒ Types::CreatePublishingDestinationResponse
Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.
1128 1129 1130 1131 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1128 def create_publishing_destination(params = {}, = {}) req = build_request(:create_publishing_destination, params) req.send_request() end |
#create_sample_findings(params = {}) ⇒ Struct
Generates sample findings of types specified by the list of finding
types. If 'NULL' is specified for findingTypes
, the API generates
sample findings of all supported finding types.
1156 1157 1158 1159 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1156 def create_sample_findings(params = {}, = {}) req = build_request(:create_sample_findings, params) req.send_request() end |
#create_threat_intel_set(params = {}) ⇒ Types::CreateThreatIntelSetResponse
Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator account can use this operation.
1220 1221 1222 1223 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1220 def create_threat_intel_set(params = {}, = {}) req = build_request(:create_threat_intel_set, params) req.send_request() end |
#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse
Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.
1253 1254 1255 1256 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1253 def decline_invitations(params = {}, = {}) req = build_request(:decline_invitations, params) req.send_request() end |
#delete_detector(params = {}) ⇒ Struct
Deletes an Amazon GuardDuty detector that is specified by the detector ID.
1276 1277 1278 1279 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1276 def delete_detector(params = {}, = {}) req = build_request(:delete_detector, params) req.send_request() end |
#delete_filter(params = {}) ⇒ Struct
Deletes the filter specified by the filter name.
1302 1303 1304 1305 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1302 def delete_filter(params = {}, = {}) req = build_request(:delete_filter, params) req.send_request() end |
#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse
Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.
1362 1363 1364 1365 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1362 def delete_invitations(params = {}, = {}) req = build_request(:delete_invitations, params) req.send_request() end |
#delete_ip_set(params = {}) ⇒ Struct
Deletes the IPSet specified by the ipSetId
. IPSets are called
trusted IP lists in the console user interface.
1329 1330 1331 1332 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1329 def delete_ip_set(params = {}, = {}) req = build_request(:delete_ip_set, params) req.send_request() end |
#delete_members(params = {}) ⇒ Types::DeleteMembersResponse
Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs.
With autoEnableOrganizationMembers
configuration for your
organization set to ALL
, you'll receive an error if you attempt to
disable GuardDuty for a member account in your organization.
1403 1404 1405 1406 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1403 def delete_members(params = {}, = {}) req = build_request(:delete_members, params) req.send_request() end |
#delete_publishing_destination(params = {}) ⇒ Struct
Deletes the publishing definition with the specified destinationId
.
1430 1431 1432 1433 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1430 def delete_publishing_destination(params = {}, = {}) req = build_request(:delete_publishing_destination, params) req.send_request() end |
#delete_threat_intel_set(params = {}) ⇒ Struct
Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
1457 1458 1459 1460 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1457 def delete_threat_intel_set(params = {}, = {}) req = build_request(:delete_threat_intel_set, params) req.send_request() end |
#describe_malware_scans(params = {}) ⇒ Types::DescribeMalwareScansResponse
Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An administrator can view the malware scans for all the member accounts.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1565 1566 1567 1568 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1565 def describe_malware_scans(params = {}, = {}) req = build_request(:describe_malware_scans, params) req.send_request() end |
#describe_organization_configuration(params = {}) ⇒ Types::DescribeOrganizationConfigurationResponse
Returns information about the account selected as the delegated administrator for GuardDuty.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1636 1637 1638 1639 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1636 def describe_organization_configuration(params = {}, = {}) req = build_request(:describe_organization_configuration, params) req.send_request() end |
#describe_publishing_destination(params = {}) ⇒ Types::DescribePublishingDestinationResponse
Returns information about the publishing destination specified by the
provided destinationId
.
1679 1680 1681 1682 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1679 def describe_publishing_destination(params = {}, = {}) req = build_request(:describe_publishing_destination, params) req.send_request() end |
#disable_organization_admin_account(params = {}) ⇒ Struct
Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation.
1704 1705 1706 1707 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1704 def disable_organization_admin_account(params = {}, = {}) req = build_request(:disable_organization_admin_account, params) req.send_request() end |
#disassociate_from_administrator_account(params = {}) ⇒ Struct
Disassociates the current GuardDuty member account from its administrator account.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
With autoEnableOrganizationMembers
configuration for your
organization set to ALL
, you'll receive an error if you attempt to
disable GuardDuty in a member account.
1746 1747 1748 1749 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1746 def disassociate_from_administrator_account(params = {}, = {}) req = build_request(:disassociate_from_administrator_account, params) req.send_request() end |
#disassociate_from_master_account(params = {}) ⇒ Struct
Disassociates the current GuardDuty member account from its administrator account.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
1784 1785 1786 1787 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1784 def disassociate_from_master_account(params = {}, = {}) req = build_request(:disassociate_from_master_account, params) req.send_request() end |
#disassociate_members(params = {}) ⇒ Types::DisassociateMembersResponse
Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
With autoEnableOrganizationMembers
configuration for your
organization set to ALL
, you'll receive an error if you attempt to
disassociate a member account before removing them from your
organization.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
1854 1855 1856 1857 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1854 def disassociate_members(params = {}, = {}) req = build_request(:disassociate_members, params) req.send_request() end |
#enable_organization_admin_account(params = {}) ⇒ Struct
Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation.
1879 1880 1881 1882 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1879 def enable_organization_admin_account(params = {}, = {}) req = build_request(:enable_organization_admin_account, params) req.send_request() end |
#get_administrator_account(params = {}) ⇒ Types::GetAdministratorAccountResponse
Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account.
HTTP 200
) but no content.
1916 1917 1918 1919 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1916 def get_administrator_account(params = {}, = {}) req = build_request(:get_administrator_account, params) req.send_request() end |
#get_coverage_statistics(params = {}) ⇒ Types::GetCoverageStatisticsResponse
Retrieves aggregated statistics for your account. If you are a GuardDuty administrator, you can retrieve the statistics for all the resources associated with the active member accounts in your organization who have enabled Runtime Monitoring and have the GuardDuty security agent running on their resources.
1970 1971 1972 1973 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1970 def get_coverage_statistics(params = {}, = {}) req = build_request(:get_coverage_statistics, params) req.send_request() end |
#get_detector(params = {}) ⇒ Types::GetDetectorResponse
Retrieves an Amazon GuardDuty detector specified by the detectorId.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
2036 2037 2038 2039 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2036 def get_detector(params = {}, = {}) req = build_request(:get_detector, params) req.send_request() end |
#get_filter(params = {}) ⇒ Types::GetFilterResponse
Returns the details of the filter specified by the filter name.
2095 2096 2097 2098 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2095 def get_filter(params = {}, = {}) req = build_request(:get_filter, params) req.send_request() end |
#get_findings(params = {}) ⇒ Types::GetFindingsResponse
Describes Amazon GuardDuty findings specified by finding IDs.
2596 2597 2598 2599 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2596 def get_findings(params = {}, = {}) req = build_request(:get_findings, params) req.send_request() end |
#get_findings_statistics(params = {}) ⇒ Types::GetFindingsStatisticsResponse
Lists Amazon GuardDuty findings statistics for the specified detector ID.
There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
2660 2661 2662 2663 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2660 def get_findings_statistics(params = {}, = {}) req = build_request(:get_findings_statistics, params) req.send_request() end |
#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse
Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.
2722 2723 2724 2725 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2722 def get_invitations_count(params = {}, = {}) req = build_request(:get_invitations_count, params) req.send_request() end |
#get_ip_set(params = {}) ⇒ Types::GetIPSetResponse
Retrieves the IPSet specified by the ipSetId
.
2701 2702 2703 2704 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2701 def get_ip_set(params = {}, = {}) req = build_request(:get_ip_set, params) req.send_request() end |
#get_malware_scan_settings(params = {}) ⇒ Types::GetMalwareScanSettingsResponse
Returns the details of the malware scan settings.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
2769 2770 2771 2772 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2769 def get_malware_scan_settings(params = {}, = {}) req = build_request(:get_malware_scan_settings, params) req.send_request() end |
#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse
Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.
2801 2802 2803 2804 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2801 def get_master_account(params = {}, = {}) req = build_request(:get_master_account, params) req.send_request() end |
#get_member_detectors(params = {}) ⇒ Types::GetMemberDetectorsResponse
Describes which data sources are enabled for the member account's detector.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
2864 2865 2866 2867 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2864 def get_member_detectors(params = {}, = {}) req = build_request(:get_member_detectors, params) req.send_request() end |
#get_members(params = {}) ⇒ Types::GetMembersResponse
Retrieves GuardDuty member accounts (of the current GuardDuty administrator account) specified by the account IDs.
2911 2912 2913 2914 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2911 def get_members(params = {}, = {}) req = build_request(:get_members, params) req.send_request() end |
#get_organization_statistics(params = {}) ⇒ Types::GetOrganizationStatisticsResponse
Retrieves how many active member accounts have each feature enabled within GuardDuty. Only a delegated GuardDuty administrator of an organization can run this API.
When you create a new organization, it might take up to 24 hours to generate the statistics for the entire organization.
2945 2946 2947 2948 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2945 def get_organization_statistics(params = {}, = {}) req = build_request(:get_organization_statistics, params) req.send_request() end |
#get_remaining_free_trial_days(params = {}) ⇒ Types::GetRemainingFreeTrialDaysResponse
Provides the number of days left for each data source used in the free trial period.
2992 2993 2994 2995 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 2992 def get_remaining_free_trial_days(params = {}, = {}) req = build_request(:get_remaining_free_trial_days, params) req.send_request() end |
#get_threat_intel_set(params = {}) ⇒ Types::GetThreatIntelSetResponse
Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.
3035 3036 3037 3038 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3035 def get_threat_intel_set(params = {}, = {}) req = build_request(:get_threat_intel_set, params) req.send_request() end |
#get_usage_statistics(params = {}) ⇒ Types::GetUsageStatisticsResponse
Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID. For newly enabled detectors or data sources, the cost returned will include only the usage so far under 30 days. This may differ from the cost metrics in the console, which project usage over 30 days to provide a monthly cost estimate. For more information, see Understanding How Usage Costs are Calculated.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3132 3133 3134 3135 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3132 def get_usage_statistics(params = {}, = {}) req = build_request(:get_usage_statistics, params) req.send_request() end |
#invite_members(params = {}) ⇒ Types::InviteMembersResponse
Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using Amazon Web Services Organizations to manage your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations.
To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation.
After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers, including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers again. To remove the details associated with a member account, you must also invoke DeleteMembers.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
3223 3224 3225 3226 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3223 def invite_members(params = {}, = {}) req = build_request(:invite_members, params) req.send_request() end |
#list_coverage(params = {}) ⇒ Types::ListCoverageResponse
Lists coverage details for your GuardDuty account. If you're a GuardDuty administrator, you can retrieve all resources associated with the active member accounts in your organization.
Make sure the accounts have Runtime Monitoring enabled and GuardDuty agent running on their resources.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3318 3319 3320 3321 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3318 def list_coverage(params = {}, = {}) req = build_request(:list_coverage, params) req.send_request() end |
#list_detectors(params = {}) ⇒ Types::ListDetectorsResponse
Lists detectorIds of all the existing Amazon GuardDuty detector resources.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3362 3363 3364 3365 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3362 def list_detectors(params = {}, = {}) req = build_request(:list_detectors, params) req.send_request() end |
#list_filters(params = {}) ⇒ Types::ListFiltersResponse
Returns a paginated list of the current filters.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3409 3410 3411 3412 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3409 def list_filters(params = {}, = {}) req = build_request(:list_filters, params) req.send_request() end |
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Lists GuardDuty findings for the specified detector ID.
There might be regional differences because some flags might not be available in all the Regions where GuardDuty is currently supported. For more information, see Regions and endpoints.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3599 3600 3601 3602 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3599 def list_findings(params = {}, = {}) req = build_request(:list_findings, params) req.send_request() end |
#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse
Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3695 3696 3697 3698 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3695 def list_invitations(params = {}, = {}) req = build_request(:list_invitations, params) req.send_request() end |
#list_ip_sets(params = {}) ⇒ Types::ListIPSetsResponse
Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the IPSets returned are the IPSets from the associated administrator account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3648 3649 3650 3651 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3648 def list_ip_sets(params = {}, = {}) req = build_request(:list_ip_sets, params) req.send_request() end |
#list_members(params = {}) ⇒ Types::ListMembersResponse
Lists details about all member accounts for the current GuardDuty administrator account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3762 3763 3764 3765 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3762 def list_members(params = {}, = {}) req = build_request(:list_members, params) req.send_request() end |
#list_organization_admin_accounts(params = {}) ⇒ Types::ListOrganizationAdminAccountsResponse
Lists the accounts designated as GuardDuty delegated administrators. Only the organization's management account can run this API operation.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3806 3807 3808 3809 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3806 def list_organization_admin_accounts(params = {}, = {}) req = build_request(:list_organization_admin_accounts, params) req.send_request() end |
#list_publishing_destinations(params = {}) ⇒ Types::ListPublishingDestinationsResponse
Returns a list of publishing destinations associated with the
specified detectorId
.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3854 3855 3856 3857 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3854 def list_publishing_destinations(params = {}, = {}) req = build_request(:list_publishing_destinations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, and publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.
3886 3887 3888 3889 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3886 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#list_threat_intel_sets(params = {}) ⇒ Types::ListThreatIntelSetsResponse
Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the ThreatIntelSets associated with the administrator account are returned.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
3937 3938 3939 3940 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3937 def list_threat_intel_sets(params = {}, = {}) req = build_request(:list_threat_intel_sets, params) req.send_request() end |
#start_malware_scan(params = {}) ⇒ Types::StartMalwareScanResponse
Initiates the malware scan. Invoking this API will automatically create the Service-linked role in the corresponding account.
When the malware scan starts, you can use the associated scan ID to track the status of the scan. For more information, see DescribeMalwareScans.
3976 3977 3978 3979 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 3976 def start_malware_scan(params = {}, = {}) req = build_request(:start_malware_scan, params) req.send_request() end |
#start_monitoring_members(params = {}) ⇒ Types::StartMonitoringMembersResponse
Turns on GuardDuty monitoring of the specified member accounts. Use this operation to restart monitoring of accounts that you stopped monitoring with the StopMonitoringMembers operation.
4018 4019 4020 4021 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4018 def start_monitoring_members(params = {}, = {}) req = build_request(:start_monitoring_members, params) req.send_request() end |
#stop_monitoring_members(params = {}) ⇒ Types::StopMonitoringMembersResponse
Stops GuardDuty monitoring for the specified member accounts. Use the
StartMonitoringMembers
operation to restart monitoring for those
accounts.
With autoEnableOrganizationMembers
configuration for your
organization set to ALL
, you'll receive an error if you attempt to
stop monitoring the member accounts in your organization.
4059 4060 4061 4062 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4059 def stop_monitoring_members(params = {}, = {}) req = build_request(:stop_monitoring_members, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds tags to a resource.
4088 4089 4090 4091 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4088 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#unarchive_findings(params = {}) ⇒ Struct
Unarchives GuardDuty findings specified by the findingIds
.
4114 4115 4116 4117 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4114 def unarchive_findings(params = {}, = {}) req = build_request(:unarchive_findings, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes tags from a resource.
4140 4141 4142 4143 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4140 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_detector(params = {}) ⇒ Struct
Updates the GuardDuty detector specified by the detector ID.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING
) and
Runtime Monitoring (RUNTIME_MONITORING
) will cause an error. You can
add only one of these two features because Runtime Monitoring already
includes the threat detection for Amazon EKS resources. For more
information, see Runtime Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
4229 4230 4231 4232 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4229 def update_detector(params = {}, = {}) req = build_request(:update_detector, params) req.send_request() end |
#update_filter(params = {}) ⇒ Types::UpdateFilterResponse
Updates the filter specified by the filter name.
4303 4304 4305 4306 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4303 def update_filter(params = {}, = {}) req = build_request(:update_filter, params) req.send_request() end |
#update_findings_feedback(params = {}) ⇒ Struct
Marks the specified GuardDuty findings as useful or not useful.
4338 4339 4340 4341 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4338 def update_findings_feedback(params = {}, = {}) req = build_request(:update_findings_feedback, params) req.send_request() end |
#update_ip_set(params = {}) ⇒ Struct
Updates the IPSet specified by the IPSet ID.
4378 4379 4380 4381 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4378 def update_ip_set(params = {}, = {}) req = build_request(:update_ip_set, params) req.send_request() end |
#update_malware_scan_settings(params = {}) ⇒ Struct
Updates the malware scan settings.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
4440 4441 4442 4443 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4440 def update_malware_scan_settings(params = {}, = {}) req = build_request(:update_malware_scan_settings, params) req.send_request() end |
#update_member_detectors(params = {}) ⇒ Types::UpdateMemberDetectorsResponse
Contains information on member accounts to be updated.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING
) and
Runtime Monitoring (RUNTIME_MONITORING
) will cause an error. You can
add only one of these two features because Runtime Monitoring already
includes the threat detection for Amazon EKS resources. For more
information, see Runtime Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
4524 4525 4526 4527 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4524 def update_member_detectors(params = {}, = {}) req = build_request(:update_member_detectors, params) req.send_request() end |
#update_organization_configuration(params = {}) ⇒ Struct
Configures the delegated administrator account with the provided
values. You must provide a value for either
autoEnableOrganizationMembers
or autoEnable
, but not both.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING
) and
Runtime Monitoring (RUNTIME_MONITORING
) will cause an error. You can
add only one of these two features because Runtime Monitoring already
includes the threat detection for Amazon EKS resources. For more
information, see Runtime Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
4640 4641 4642 4643 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4640 def update_organization_configuration(params = {}, = {}) req = build_request(:update_organization_configuration, params) req.send_request() end |
#update_publishing_destination(params = {}) ⇒ Struct
Updates information about the publishing destination specified by the
destinationId
.
4676 4677 4678 4679 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4676 def update_publishing_destination(params = {}, = {}) req = build_request(:update_publishing_destination, params) req.send_request() end |
#update_threat_intel_set(params = {}) ⇒ Struct
Updates the ThreatIntelSet specified by the ThreatIntelSet ID.
4718 4719 4720 4721 |
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 4718 def update_threat_intel_set(params = {}, = {}) req = build_request(:update_threat_intel_set, params) req.send_request() end |