lib/aws-sdk-guardduty/client.rb in aws-sdk-guardduty-1.77.0 vs lib/aws-sdk-guardduty/client.rb in aws-sdk-guardduty-1.78.0
- old
+ new
@@ -1615,12 +1615,13 @@
def describe_publishing_destination(params = {}, options = {})
req = build_request(:describe_publishing_destination, params)
req.send_request(options)
end
- # Disables an Amazon Web Services account within the Organization as the
- # GuardDuty delegated administrator.
+ # Removes the existing GuardDuty delegated administrator of the
+ # organization. Only the organization's management account can run this
+ # API operation.
#
# @option params [required, String] :admin_account_id
# The Amazon Web Services Account ID for the organizations account to be
# disabled as a GuardDuty delegated administrator.
#
@@ -1733,12 +1734,12 @@
# member account, the delegated administrator must invoke the
# [DeleteMembers][3] API.
#
# With `autoEnableOrganizationMembers` configuration for your
# organization set to `ALL`, you'll receive an error if you attempt to
- # disassociate a member account before removing them from your Amazon
- # Web Services organization.
+ # disassociate a member account before removing them from your
+ # organization.
#
#
#
# [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html
# [2]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html
@@ -1776,12 +1777,13 @@
def disassociate_members(params = {}, options = {})
req = build_request(:disassociate_members, params)
req.send_request(options)
end
- # Enables an Amazon Web Services account within the organization as the
- # GuardDuty delegated administrator.
+ # Designates an Amazon Web Services account within the organization as
+ # your GuardDuty delegated administrator. Only the organization's
+ # management account can run this API operation.
#
# @option params [required, String] :admin_account_id
# The Amazon Web Services Account ID for the organization account to be
# enabled as a GuardDuty delegated administrator.
#
@@ -1800,13 +1802,18 @@
def enable_organization_admin_account(params = {}, options = {})
req = build_request(:enable_organization_admin_account, params)
req.send_request(options)
end
- # Provides the details for the GuardDuty administrator account
- # associated with the current GuardDuty member account.
+ # Provides the details of the GuardDuty administrator account associated
+ # with the current GuardDuty member account.
#
+ # <note markdown="1"> If the organization's management account or a delegated administrator
+ # runs this API, it will return success (`HTTP 200`) but no content.
+ #
+ # </note>
+ #
# @option params [required, String] :detector_id
# The unique ID of the detector of the GuardDuty member account.
#
# @return [Types::GetAdministratorAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
@@ -1859,11 +1866,11 @@
# resp = client.get_coverage_statistics({
# detector_id: "DetectorId", # required
# filter_criteria: {
# filter_criterion: [
# {
- # criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
+ # criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION, MANAGEMENT_TYPE
# filter_condition: {
# equals: ["String"],
# not_equals: ["String"],
# },
# },
@@ -2950,14 +2957,13 @@
req.send_request(options)
end
# Invites Amazon Web Services accounts to become members of an
# organization administered by the Amazon Web Services account that
- # invokes this API. If you are using Amazon Web Services Organizations
- # to manager your GuardDuty environment, this step is not needed. For
- # more information, see [Managing accounts with Amazon Web Services
- # Organizations][1].
+ # invokes this API. If you are using organizations to manager your
+ # GuardDuty environment, this step is not needed. For more information,
+ # see [Managing accounts with organizations][1].
#
# To invite Amazon Web Services accounts, the first step is to ensure
# that GuardDuty has been enabled in the potential member accounts. You
# can now invoke this API to add accounts by invitation. The invited
# accounts can either accept or decline the invitation from their
@@ -3069,11 +3075,11 @@
# next_token: "String",
# max_results: 1,
# filter_criteria: {
# filter_criterion: [
# {
- # criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION
+ # criterion_key: "ACCOUNT_ID", # accepts ACCOUNT_ID, CLUSTER_NAME, RESOURCE_TYPE, COVERAGE_STATUS, ADDON_VERSION, MANAGEMENT_TYPE
# filter_condition: {
# equals: ["String"],
# not_equals: ["String"],
# },
# },
@@ -3094,10 +3100,11 @@
# resp.resources[0].resource_details.eks_cluster_details.cluster_name #=> String
# resp.resources[0].resource_details.eks_cluster_details.covered_nodes #=> Integer
# resp.resources[0].resource_details.eks_cluster_details.compatible_nodes #=> Integer
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_version #=> String
# resp.resources[0].resource_details.eks_cluster_details.addon_details.addon_status #=> String
+ # resp.resources[0].resource_details.eks_cluster_details.management_type #=> String, one of "AUTO_MANAGED", "MANUAL"
# resp.resources[0].resource_details.resource_type #=> String, one of "EKS"
# resp.resources[0].coverage_status #=> String, one of "HEALTHY", "UNHEALTHY"
# resp.resources[0].issue #=> String
# resp.resources[0].updated_at #=> Time
# resp.next_token #=> String
@@ -3544,10 +3551,12 @@
req = build_request(:list_members, params)
req.send_request(options)
end
# Lists the accounts configured as GuardDuty delegated administrators.
+ # Only the organization's management account can run this API
+ # operation.
#
# @option params [Integer] :max_results
# The maximum number of results to return in the response.
#
# @option params [String] :next_token
@@ -3635,12 +3644,12 @@
req.send_request(options)
end
# Lists tags for a resource. Tagging is currently supported for
# detectors, finding filters, IP sets, threat intel sets, and publishing
- # destination, with a limit of 50 tags per each resource. When invoked,
- # this operation returns all assigned tags for a given resource.
+ # destination, with a limit of 50 tags per resource. When invoked, this
+ # operation returns all assigned tags for a given resource.
#
# @option params [required, String] :resource_arn
# The Amazon Resource Name (ARN) for the given GuardDuty resource.
#
# @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -4285,12 +4294,12 @@
req = build_request(:update_member_detectors, params)
req.send_request(options)
end
# Configures the delegated administrator account with the provided
- # values. You must provide the value for either
- # `autoEnableOrganizationMembers` or `autoEnable`.
+ # values. You must provide a value for either
+ # `autoEnableOrganizationMembers` or `autoEnable`, but not both.
#
# There might be regional differences because some data sources might
# not be available in all the Amazon Web Services Regions where
# GuardDuty is presently supported. For more information, see [Regions
# and endpoints][1].
@@ -4305,33 +4314,42 @@
# @option params [Boolean] :auto_enable
# Indicates whether to automatically enable member accounts in the
# organization.
#
# Even though this is still supported, we recommend using
- # `AutoEnableOrganizationMembers` to achieve the similar results.
+ # `AutoEnableOrganizationMembers` to achieve the similar results. You
+ # must provide the value for either `autoEnableOrganizationMembers` or
+ # `autoEnable`.
#
# @option params [Types::OrganizationDataSourceConfigurations] :data_sources
# Describes which data sources will be updated.
#
# @option params [Array<Types::OrganizationFeatureConfiguration>] :features
# A list of features that will be configured for the organization.
#
# @option params [String] :auto_enable_organization_members
# Indicates the auto-enablement configuration of GuardDuty for the
- # member accounts in the organization.
+ # member accounts in the organization. You must provide a value for
+ # either `autoEnableOrganizationMembers` or `autoEnable`.
#
+ # Use one of the following configuration values for
+ # `autoEnableOrganizationMembers`:
+ #
# * `NEW`: Indicates that when a new account joins the organization,
# they will have GuardDuty enabled automatically.
#
- # * `ALL`: Indicates that all accounts in the Amazon Web Services
- # Organization have GuardDuty enabled automatically. This includes
- # `NEW` accounts that join the organization and accounts that may have
- # been suspended or removed from the organization in GuardDuty.
+ # * `ALL`: Indicates that all accounts in the organization have
+ # GuardDuty enabled automatically. This includes `NEW` accounts that
+ # join the organization and accounts that may have been suspended or
+ # removed from the organization in GuardDuty.
#
+ # It may take up to 24 hours to update the configuration for all the
+ # member accounts.
+ #
# * `NONE`: Indicates that GuardDuty will not be automatically enabled
- # for any accounts in the organization. GuardDuty must be managed for
- # each account individually by the administrator.
+ # for any account in the organization. The administrator must manage
+ # GuardDuty for each account in the organization individually.
#
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
#
# @example Request syntax with placeholder values
#
@@ -4468,10 +4486,10 @@
operation: config.api.operation(operation_name),
client: self,
params: params,
config: config)
context[:gem_name] = 'aws-sdk-guardduty'
- context[:gem_version] = '1.77.0'
+ context[:gem_version] = '1.78.0'
Seahorse::Client::Request.new(handlers, context)
end
# @api private
# @deprecated