client.rb in aws-sdk-guardduty-1.72.0

- old
+ new

@@ -857,23 +857,31 @@
     # Creates member accounts of the current Amazon Web Services account by
     # specifying a list of Amazon Web Services account IDs. This step is a
     # prerequisite for managing the associated member accounts either by
     # invitation or through an organization.
     #
-    # When using `Create Members` as an organizations delegated
-    # administrator this action will enable GuardDuty in the added member
-    # accounts, with the exception of the organization delegated
-    # administrator account, which must enable GuardDuty prior to being
-    # added as a member.
+    # As a delegated administrator, using `CreateMembers` will enable
+    # GuardDuty in the added member accounts, with the exception of the
+    # organization delegated administrator account. A delegated
+    # administrator must enable GuardDuty prior to being added as a member.
     #
-    # If you are adding accounts by invitation, use this action after
-    # GuardDuty has bee enabled in potential member accounts and before
-    # using [InviteMembers][1].
+    # If you are adding accounts by invitation, before using
+    # [InviteMembers][1], use `CreateMembers` after GuardDuty has been
+    # enabled in potential member accounts.
     #
+    # If you disassociate a member from a GuardDuty delegated administrator,
+    # the member account details obtained from this API, including the
+    # associated email addresses, will be retained. This is done so that the
+    # delegated administrator can invoke the [InviteMembers][1] API without
+    # the need to invoke the CreateMembers API again. To remove the details
+    # associated with a member account, the delegated administrator must
+    # invoke the [DeleteMembers][2] API.
     #
     #
+    #
     # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
     #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
     #   to associate member accounts with.
     #
@@ -1538,14 +1546,29 @@
     end
 
     # Disassociates the current GuardDuty member account from its
     # administrator account.
     #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
+    #
     # With `autoEnableOrganizationMembers` configuration for your
     # organization set to `ALL`, you'll receive an error if you attempt to
     # disable GuardDuty in a member account.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty member account.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1565,10 +1588,25 @@
     end
 
     # Disassociates the current GuardDuty member account from its
     # administrator account.
     #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty member account.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1585,18 +1623,33 @@
     def disassociate_from_master_account(params = {}, options = {})
       req = build_request(:disassociate_from_master_account, params)
       req.send_request(options)
     end
 
-    # Disassociates GuardDuty member accounts (to the current administrator
-    # account) specified by the account IDs.
+    # Disassociates GuardDuty member accounts (from the current
+    # administrator account) specified by the account IDs.
     #
+    # When you disassociate an invited member from a GuardDuty delegated
+    # administrator, the member account details obtained from the
+    # [CreateMembers][1] API, including the associated email addresses, are
+    # retained. This is done so that the delegated administrator can invoke
+    # the [InviteMembers][2] API without the need to invoke the
+    # CreateMembers API again. To remove the details associated with a
+    # member account, the delegated administrator must invoke the
+    # [DeleteMembers][3] API.
+    #
     # With `autoEnableOrganizationMembers` configuration for your
     # organization set to `ALL`, you'll receive an error if you attempt to
     # disassociate a member account before removing them from your Amazon
     # Web Services organization.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account whose members
     #   you want to disassociate from the administrator account.
     #
     # @option params [required, Array<String>] :account_ids
@@ -2797,16 +2850,43 @@
     def get_usage_statistics(params = {}, options = {})
       req = build_request(:get_usage_statistics, params)
       req.send_request(options)
     end
 
-    # Invites other Amazon Web Services accounts (created as members of the
-    # current Amazon Web Services account by CreateMembers) to enable
-    # GuardDuty, and allow the current Amazon Web Services account to view
-    # and manage these accounts' findings on their behalf as the GuardDuty
-    # administrator account.
+    # Invites Amazon Web Services accounts to become members of an
+    # organization administered by the Amazon Web Services account that
+    # invokes this API. If you are using Amazon Web Services Organizations
+    # to manager your GuardDuty environment, this step is not needed. For
+    # more information, see [Managing accounts with Amazon Web Services
+    # Organizations][1].
     #
+    # To invite Amazon Web Services accounts, the first step is to ensure
+    # that GuardDuty has been enabled in the potential member accounts. You
+    # can now invoke this API to add accounts by invitation. The invited
+    # accounts can either accept or decline the invitation from their
+    # GuardDuty accounts. Each invited Amazon Web Services account can
+    # choose to accept the invitation from only one Amazon Web Services
+    # account. For more information, see [Managing GuardDuty accounts by
+    # invitation][2].
+    #
+    # After the invite has been accepted and you choose to disassociate a
+    # member account (by using [DisassociateMembers][3]) from your account,
+    # the details of the member account obtained by invoking
+    # [CreateMembers][4], including the associated email addresses, will be
+    # retained. This is done so that you can invoke InviteMembers without
+    # the need to invoke [CreateMembers][4] again. To remove the details
+    # associated with a member account, you must also invoke
+    # [DeleteMembers][5].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html
+    # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_invitations.html
+    # [3]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DisassociateMembers.html
+    # [4]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
+    # [5]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html
+    #
     # @option params [required, String] :detector_id
     #   The unique ID of the detector of the GuardDuty account that you want
     #   to invite members with.
     #
     # @option params [required, Array<String>] :account_ids
@@ -4290,10 +4370,10 @@
         operation: config.api.operation(operation_name),
         client: self,
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-guardduty'
-      context[:gem_version] = '1.71.0'
+      context[:gem_version] = '1.72.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 
     # @api private
     # @deprecated