guardduty – github.com/aws/aws-sdk-go-v2/service/guardduty Index | Files | Directories

package guardduty

import "github.com/aws/aws-sdk-go-v2/service/guardduty"

Index

Constants 

const ServiceAPIVersion = "2017-11-28"
const ServiceID = "GuardDuty"

Functions

func AddResolveEndpointMiddleware 

func AddResolveEndpointMiddleware(stack *middleware.Stack, options ResolveEndpointMiddlewareOptions)

func NewDefaultEndpointResolver 

func NewDefaultEndpointResolver() *internalendpoints.Resolver

NewDefaultEndpointResolver constructs a new service endpoint resolver

func RemoveResolveEndpointMiddleware 

func RemoveResolveEndpointMiddleware(stack *middleware.Stack) error

Types

type AcceptInvitationInput 

type AcceptInvitationInput struct {
	// The unique ID of the detector of the GuardDuty member account.
	DetectorId *string
	// The value that is used to validate the master account to the member account.
	InvitationId *string
	// The account ID of the master GuardDuty account whose invitation you're
	// accepting.
	MasterId *string
}

type AcceptInvitationOutput 

type AcceptInvitationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ArchiveFindingsInput 

type ArchiveFindingsInput struct {
	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to archive.
	DetectorId *string
	// The IDs of the findings that you want to archive.
	FindingIds []*string
}

type ArchiveFindingsOutput 

type ArchiveFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail event logs, and DNS logs. It uses threat intelligence feeds (such as lists of malicious IPs and domains) and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your AWS environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, URLs, or domains. For example, GuardDuty can detect compromised EC2 instances that serve malware or mine bitcoin. GuardDuty also monitors AWS account access behavior for signs of compromise. Some examples of this are unauthorized infrastructure deployments such as EC2 instances deployed in a Region that has never been used, or unusual API calls like a password policy change to reduce password strength. GuardDuty informs you of the status of your AWS environment by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch events. For more information, see the Amazon GuardDuty User Guide (https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html) .

func New 

func New(options Options, optFns ...func(*Options)) *Client

New returns an initialized Client based on the functional options. Provide additional functional options to further configure the behavior of the client, such as changing the client's endpoint or adding custom middleware behavior.

func NewFromConfig 

func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client

NewFromConfig returns a new client from the provided config.

func (*Client) AcceptInvitation 

func (c *Client) AcceptInvitation(ctx context.Context, params *AcceptInvitationInput, optFns ...func(*Options)) (*AcceptInvitationOutput, error)

Accepts the invitation to be monitored by a master GuardDuty account.

func (*Client) ArchiveFindings 

func (c *Client) ArchiveFindings(ctx context.Context, params *ArchiveFindingsInput, optFns ...func(*Options)) (*ArchiveFindingsOutput, error)

Archives GuardDuty findings that are specified by the list of finding IDs. Only the master account can archive findings. Member accounts don't have permission to archive findings from their accounts.

func (*Client) CreateDetector 

func (c *Client) CreateDetector(ctx context.Context, params *CreateDetectorInput, optFns ...func(*Options)) (*CreateDetectorOutput, error)

Creates a single Amazon GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default.

func (*Client) CreateFilter 

func (c *Client) CreateFilter(ctx context.Context, params *CreateFilterInput, optFns ...func(*Options)) (*CreateFilterOutput, error)

Creates a filter using the specified finding criteria.

func (*Client) CreateIPSet 

func (c *Client) CreateIPSet(ctx context.Context, params *CreateIPSetInput, optFns ...func(*Options)) (*CreateIPSetOutput, error)

Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with AWS infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the master account can use this operation.

func (*Client) CreateMembers 

func (c *Client) CreateMembers(ctx context.Context, params *CreateMembersInput, optFns ...func(*Options)) (*CreateMembersOutput, error)

Creates member accounts of the current AWS account by specifying a list of AWS account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization. When using Create Members as an organizations delegated administrator this action will enable GuardDuty in the added member accounts, with the exception of the organization master account, which must enable GuardDuty prior to being added as a member. If you are adding accounts by invitation use this action after GuardDuty has been enabled in potential member accounts and before using Invite Members (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html).

func (*Client) CreatePublishingDestination 

func (c *Client) CreatePublishingDestination(ctx context.Context, params *CreatePublishingDestinationInput, optFns ...func(*Options)) (*CreatePublishingDestinationOutput, error)

Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.

func (*Client) CreateSampleFindings 

func (c *Client) CreateSampleFindings(ctx context.Context, params *CreateSampleFindingsInput, optFns ...func(*Options)) (*CreateSampleFindingsOutput, error)

Generates example findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes, the API generates example findings of all supported finding types.

func (*Client) CreateThreatIntelSet 

func (c *Client) CreateThreatIntelSet(ctx context.Context, params *CreateThreatIntelSetInput, optFns ...func(*Options)) (*CreateThreatIntelSetOutput, error)

Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the master account can use this operation.

func (*Client) DeclineInvitations 

func (c *Client) DeclineInvitations(ctx context.Context, params *DeclineInvitationsInput, optFns ...func(*Options)) (*DeclineInvitationsOutput, error)

Declines invitations sent to the current member account by AWS accounts specified by their account IDs.

func (*Client) DeleteDetector 

func (c *Client) DeleteDetector(ctx context.Context, params *DeleteDetectorInput, optFns ...func(*Options)) (*DeleteDetectorOutput, error)

Deletes an Amazon GuardDuty detector that is specified by the detector ID.

func (*Client) DeleteFilter 

func (c *Client) DeleteFilter(ctx context.Context, params *DeleteFilterInput, optFns ...func(*Options)) (*DeleteFilterOutput, error)

Deletes the filter specified by the filter name.

func (*Client) DeleteIPSet 

func (c *Client) DeleteIPSet(ctx context.Context, params *DeleteIPSetInput, optFns ...func(*Options)) (*DeleteIPSetOutput, error)

Deletes the IPSet specified by the ipSetId. IPSets are called trusted IP lists in the console user interface.

func (*Client) DeleteInvitations 

func (c *Client) DeleteInvitations(ctx context.Context, params *DeleteInvitationsInput, optFns ...func(*Options)) (*DeleteInvitationsOutput, error)

Deletes invitations sent to the current member account by AWS accounts specified by their account IDs.

func (*Client) DeleteMembers 

func (c *Client) DeleteMembers(ctx context.Context, params *DeleteMembersInput, optFns ...func(*Options)) (*DeleteMembersOutput, error)

Deletes GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

func (*Client) DeletePublishingDestination 

func (c *Client) DeletePublishingDestination(ctx context.Context, params *DeletePublishingDestinationInput, optFns ...func(*Options)) (*DeletePublishingDestinationOutput, error)

Deletes the publishing definition with the specified destinationId.

func (*Client) DeleteThreatIntelSet 

func (c *Client) DeleteThreatIntelSet(ctx context.Context, params *DeleteThreatIntelSetInput, optFns ...func(*Options)) (*DeleteThreatIntelSetOutput, error)

Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.

func (*Client) DescribeOrganizationConfiguration 

func (c *Client) DescribeOrganizationConfiguration(ctx context.Context, params *DescribeOrganizationConfigurationInput, optFns ...func(*Options)) (*DescribeOrganizationConfigurationOutput, error)

Returns information about the account selected as the delegated administrator for GuardDuty.

func (*Client) DescribePublishingDestination 

func (c *Client) DescribePublishingDestination(ctx context.Context, params *DescribePublishingDestinationInput, optFns ...func(*Options)) (*DescribePublishingDestinationOutput, error)

Returns information about the publishing destination specified by the provided destinationId.

func (*Client) DisableOrganizationAdminAccount 

func (c *Client) DisableOrganizationAdminAccount(ctx context.Context, params *DisableOrganizationAdminAccountInput, optFns ...func(*Options)) (*DisableOrganizationAdminAccountOutput, error)

Disables an AWS account within the Organization as the GuardDuty delegated administrator.

func (*Client) DisassociateFromMasterAccount 

func (c *Client) DisassociateFromMasterAccount(ctx context.Context, params *DisassociateFromMasterAccountInput, optFns ...func(*Options)) (*DisassociateFromMasterAccountOutput, error)

Disassociates the current GuardDuty member account from its master account.

func (*Client) DisassociateMembers 

func (c *Client) DisassociateMembers(ctx context.Context, params *DisassociateMembersInput, optFns ...func(*Options)) (*DisassociateMembersOutput, error)

Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

func (*Client) EnableOrganizationAdminAccount 

func (c *Client) EnableOrganizationAdminAccount(ctx context.Context, params *EnableOrganizationAdminAccountInput, optFns ...func(*Options)) (*EnableOrganizationAdminAccountOutput, error)

Enables an AWS account within the organization as the GuardDuty delegated administrator.

func (*Client) GetDetector 

func (c *Client) GetDetector(ctx context.Context, params *GetDetectorInput, optFns ...func(*Options)) (*GetDetectorOutput, error)

Retrieves an Amazon GuardDuty detector specified by the detectorId.

func (*Client) GetFilter 

func (c *Client) GetFilter(ctx context.Context, params *GetFilterInput, optFns ...func(*Options)) (*GetFilterOutput, error)

Returns the details of the filter specified by the filter name.

func (*Client) GetFindings 

func (c *Client) GetFindings(ctx context.Context, params *GetFindingsInput, optFns ...func(*Options)) (*GetFindingsOutput, error)

Describes Amazon GuardDuty findings specified by finding IDs.

func (*Client) GetFindingsStatistics 

func (c *Client) GetFindingsStatistics(ctx context.Context, params *GetFindingsStatisticsInput, optFns ...func(*Options)) (*GetFindingsStatisticsOutput, error)

Lists Amazon GuardDuty findings statistics for the specified detector ID.

func (*Client) GetIPSet 

func (c *Client) GetIPSet(ctx context.Context, params *GetIPSetInput, optFns ...func(*Options)) (*GetIPSetOutput, error)

Retrieves the IPSet specified by the ipSetId.

func (*Client) GetInvitationsCount 

func (c *Client) GetInvitationsCount(ctx context.Context, params *GetInvitationsCountInput, optFns ...func(*Options)) (*GetInvitationsCountOutput, error)

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.

func (*Client) GetMasterAccount 

func (c *Client) GetMasterAccount(ctx context.Context, params *GetMasterAccountInput, optFns ...func(*Options)) (*GetMasterAccountOutput, error)

Provides the details for the GuardDuty master account associated with the current GuardDuty member account.

func (*Client) GetMemberDetectors 

func (c *Client) GetMemberDetectors(ctx context.Context, params *GetMemberDetectorsInput, optFns ...func(*Options)) (*GetMemberDetectorsOutput, error)

Describes which data sources are enabled for the member account's detector.

func (*Client) GetMembers 

func (c *Client) GetMembers(ctx context.Context, params *GetMembersInput, optFns ...func(*Options)) (*GetMembersOutput, error)

Retrieves GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

func (*Client) GetThreatIntelSet 

func (c *Client) GetThreatIntelSet(ctx context.Context, params *GetThreatIntelSetInput, optFns ...func(*Options)) (*GetThreatIntelSetOutput, error)

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

func (*Client) GetUsageStatistics 

func (c *Client) GetUsageStatistics(ctx context.Context, params *GetUsageStatisticsInput, optFns ...func(*Options)) (*GetUsageStatisticsOutput, error)

Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID. For newly enabled detectors or data sources the cost returned will include only the usage so far under 30 days, this may differ from the cost metrics in the console, which projects usage over 30 days to provide a monthly cost estimate. For more information see Understanding How Usage Costs are Calculated (https://docs.aws.amazon.com/guardduty/latest/ug/monitoring_costs.html#usage-calculations).

func (*Client) InviteMembers 

func (c *Client) InviteMembers(ctx context.Context, params *InviteMembersInput, optFns ...func(*Options)) (*InviteMembersOutput, error)

Invites other AWS accounts (created as members of the current AWS account by CreateMembers) to enable GuardDuty, and allow the current AWS account to view and manage these accounts' GuardDuty findings on their behalf as the master account.

func (*Client) ListDetectors 

func (c *Client) ListDetectors(ctx context.Context, params *ListDetectorsInput, optFns ...func(*Options)) (*ListDetectorsOutput, error)

Lists detectorIds of all the existing Amazon GuardDuty detector resources.

func (*Client) ListFilters 

func (c *Client) ListFilters(ctx context.Context, params *ListFiltersInput, optFns ...func(*Options)) (*ListFiltersOutput, error)

Returns a paginated list of the current filters.

func (*Client) ListFindings 

func (c *Client) ListFindings(ctx context.Context, params *ListFindingsInput, optFns ...func(*Options)) (*ListFindingsOutput, error)

Lists Amazon GuardDuty findings for the specified detector ID.

func (*Client) ListIPSets 

func (c *Client) ListIPSets(ctx context.Context, params *ListIPSetsInput, optFns ...func(*Options)) (*ListIPSetsOutput, error)

Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the IPSets returned are the IPSets from the associated master account.

func (*Client) ListInvitations 

func (c *Client) ListInvitations(ctx context.Context, params *ListInvitationsInput, optFns ...func(*Options)) (*ListInvitationsOutput, error)

Lists all GuardDuty membership invitations that were sent to the current AWS account.

func (*Client) ListMembers 

func (c *Client) ListMembers(ctx context.Context, params *ListMembersInput, optFns ...func(*Options)) (*ListMembersOutput, error)

Lists details about all member accounts for the current GuardDuty master account.

func (*Client) ListOrganizationAdminAccounts 

func (c *Client) ListOrganizationAdminAccounts(ctx context.Context, params *ListOrganizationAdminAccountsInput, optFns ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)

Lists the accounts configured as GuardDuty delegated administrators.

func (*Client) ListPublishingDestinations 

func (c *Client) ListPublishingDestinations(ctx context.Context, params *ListPublishingDestinationsInput, optFns ...func(*Options)) (*ListPublishingDestinationsOutput, error)

Returns a list of publishing destinations associated with the specified dectectorId.

func (*Client) ListTagsForResource 

func (c *Client) ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error)

Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, and threat intel sets, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.

func (*Client) ListThreatIntelSets 

func (c *Client) ListThreatIntelSets(ctx context.Context, params *ListThreatIntelSetsInput, optFns ...func(*Options)) (*ListThreatIntelSetsOutput, error)

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the ThreatIntelSets associated with the master account are returned.

func (*Client) StartMonitoringMembers 

func (c *Client) StartMonitoringMembers(ctx context.Context, params *StartMonitoringMembersInput, optFns ...func(*Options)) (*StartMonitoringMembersOutput, error)

Turns on GuardDuty monitoring of the specified member accounts. Use this operation to restart monitoring of accounts that you stopped monitoring with the StopMonitoringMembers operation.

func (*Client) StopMonitoringMembers 

func (c *Client) StopMonitoringMembers(ctx context.Context, params *StopMonitoringMembersInput, optFns ...func(*Options)) (*StopMonitoringMembersOutput, error)

Stops GuardDuty monitoring for the specified member accounts. Use the StartMonitoringMembers operation to restart monitoring for those accounts.

func (*Client) TagResource 

func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error)

Adds tags to a resource.

func (*Client) UnarchiveFindings 

func (c *Client) UnarchiveFindings(ctx context.Context, params *UnarchiveFindingsInput, optFns ...func(*Options)) (*UnarchiveFindingsOutput, error)

Unarchives GuardDuty findings specified by the findingIds.

func (*Client) UntagResource 

func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error)

Removes tags from a resource.

func (*Client) UpdateDetector 

func (c *Client) UpdateDetector(ctx context.Context, params *UpdateDetectorInput, optFns ...func(*Options)) (*UpdateDetectorOutput, error)

Updates the Amazon GuardDuty detector specified by the detectorId.

func (*Client) UpdateFilter 

func (c *Client) UpdateFilter(ctx context.Context, params *UpdateFilterInput, optFns ...func(*Options)) (*UpdateFilterOutput, error)

Updates the filter specified by the filter name.

func (*Client) UpdateFindingsFeedback 

func (c *Client) UpdateFindingsFeedback(ctx context.Context, params *UpdateFindingsFeedbackInput, optFns ...func(*Options)) (*UpdateFindingsFeedbackOutput, error)

Marks the specified GuardDuty findings as useful or not useful.

func (*Client) UpdateIPSet 

func (c *Client) UpdateIPSet(ctx context.Context, params *UpdateIPSetInput, optFns ...func(*Options)) (*UpdateIPSetOutput, error)

Updates the IPSet specified by the IPSet ID.

func (*Client) UpdateMemberDetectors 

func (c *Client) UpdateMemberDetectors(ctx context.Context, params *UpdateMemberDetectorsInput, optFns ...func(*Options)) (*UpdateMemberDetectorsOutput, error)

Contains information on member accounts to be updated.

func (*Client) UpdateOrganizationConfiguration 

func (c *Client) UpdateOrganizationConfiguration(ctx context.Context, params *UpdateOrganizationConfigurationInput, optFns ...func(*Options)) (*UpdateOrganizationConfigurationOutput, error)

Updates the delegated administrator account with the values provided.

func (*Client) UpdatePublishingDestination 

func (c *Client) UpdatePublishingDestination(ctx context.Context, params *UpdatePublishingDestinationInput, optFns ...func(*Options)) (*UpdatePublishingDestinationOutput, error)

Updates information about the publishing destination specified by the destinationId.

func (*Client) UpdateThreatIntelSet 

func (c *Client) UpdateThreatIntelSet(ctx context.Context, params *UpdateThreatIntelSetInput, optFns ...func(*Options)) (*UpdateThreatIntelSetOutput, error)

Updates the ThreatIntelSet specified by the ThreatIntelSet ID.

type CreateDetectorInput 

type CreateDetectorInput struct {
	// An object that describes which data sources will be enabled for the detector.
	DataSources *types.DataSourceConfigurations
	// The idempotency token for the create request.
	ClientToken *string
	// The tags to be added to a new detector resource.
	Tags map[string]*string
	// An enum value that specifies how frequently updated findings are exported.
	FindingPublishingFrequency types.FindingPublishingFrequency
	// A Boolean value that specifies whether the detector is to be enabled.
	Enable *bool
}

type CreateDetectorOutput 

type CreateDetectorOutput struct {
	// The unique ID of the created detector.
	DetectorId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreateFilterInput 

type CreateFilterInput struct {
	// The unique ID of the detector of the GuardDuty account that you want to create a
	// filter for.
	DetectorId *string
	// The idempotency token for the create request.
	ClientToken *string
	// Represents the criteria to be used in the filter for querying findings. You can
	// only use the following attributes to query findings:
	//
	//     * accountId
	//
	//     *
	// region
	//
	//     * confidence
	//
	//     * id
	//
	//     *
	// resource.accessKeyDetails.accessKeyId
	//
	//     *
	// resource.accessKeyDetails.principalId
	//
	//     *
	// resource.accessKeyDetails.userName
	//
	//     * resource.accessKeyDetails.userType
	//
	//
	// * resource.instanceDetails.iamInstanceProfile.id
	//
	//     *
	// resource.instanceDetails.imageId
	//
	//     * resource.instanceDetails.instanceId
	//
	//
	// * resource.instanceDetails.outpostArn
	//
	//     *
	// resource.instanceDetails.networkInterfaces.ipv6Addresses
	//
	//     *
	// resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
	//
	//
	// * resource.instanceDetails.networkInterfaces.publicDnsName
	//
	//     *
	// resource.instanceDetails.networkInterfaces.publicIp
	//
	//     *
	// resource.instanceDetails.networkInterfaces.securityGroups.groupId
	//
	//     *
	// resource.instanceDetails.networkInterfaces.securityGroups.groupName
	//
	//     *
	// resource.instanceDetails.networkInterfaces.subnetId
	//
	//     *
	// resource.instanceDetails.networkInterfaces.vpcId
	//
	//     *
	// resource.instanceDetails.tags.key
	//
	//     * resource.instanceDetails.tags.value
	//
	//
	// * resource.resourceType
	//
	//     * service.action.actionType
	//
	//     *
	// service.action.awsApiCallAction.api
	//
	//     *
	// service.action.awsApiCallAction.callerType
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.city.cityName
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.country.countryName
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.organization.asn
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
	//
	//     *
	// service.action.awsApiCallAction.serviceName
	//
	//     *
	// service.action.dnsRequestAction.domain
	//
	//     *
	// service.action.networkConnectionAction.blocked
	//
	//     *
	// service.action.networkConnectionAction.connectionDirection
	//
	//     *
	// service.action.networkConnectionAction.localPortDetails.port
	//
	//     *
	// service.action.networkConnectionAction.protocol
	//
	//     *
	// service.action.networkConnectionAction.localIpDetails.ipAddressV4
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.city.cityName
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.country.countryName
	//
	//
	// * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.organization.asn
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
	//
	//
	// * service.action.networkConnectionAction.remotePortDetails.port
	//
	//     *
	// service.additionalInfo.threatListName
	//
	//     * service.archived When this
	// attribute is set to TRUE, only archived findings are listed. When it's set to
	// FALSE, only unarchived findings are listed. When this attribute is not set, all
	// existing findings are listed.
	//
	//     * service.resourceRole
	//
	//     * severity
	//
	//     *
	// type
	//
	//     * updatedAt Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or
	// YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
	FindingCriteria *types.FindingCriteria
	// The description of the filter.
	Description *string
	// Specifies the action that is to be applied to the findings that match the
	// filter.
	Action types.FilterAction
	// The name of the filter.
	Name *string
	// The tags to be added to a new filter resource.
	Tags map[string]*string
	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32
}

type CreateFilterOutput 

type CreateFilterOutput struct {
	// The name of the successfully created filter.
	Name *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreateIPSetInput 

type CreateIPSetInput struct {
	// The format of the file that contains the IPSet.
	Format types.IpSetFormat
	// A Boolean value that indicates whether GuardDuty is to start using the uploaded
	// IPSet.
	Activate *bool
	// The URI of the file that contains the IPSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
	// The unique ID of the detector of the GuardDuty account that you want to create
	// an IPSet for.
	DetectorId *string
	// The user-friendly name to identify the IPSet. Allowed characters are
	// alphanumerics, spaces, hyphens (-), and underscores (_).
	Name *string
	// The idempotency token for the create request.
	ClientToken *string
	// The tags to be added to a new IP set resource.
	Tags map[string]*string
}

type CreateIPSetOutput 

type CreateIPSetOutput struct {
	// The ID of the IPSet resource.
	IpSetId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreateMembersInput 

type CreateMembersInput struct {
	// A list of account ID and email address pairs of the accounts that you want to
	// associate with the master GuardDuty account.
	AccountDetails []*types.AccountDetail
	// The unique ID of the detector of the GuardDuty account that you want to
	// associate member accounts with.
	DetectorId *string
}

type CreateMembersOutput 

type CreateMembersOutput struct {
	// A list of objects that include the accountIds of the unprocessed accounts and a
	// result string that explains why each was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreatePublishingDestinationInput 

type CreatePublishingDestinationInput struct {
	// The type of resource for the publishing destination. Currently only Amazon S3
	// buckets are supported.
	DestinationType types.DestinationType
	// The ID of the GuardDuty detector associated with the publishing destination.
	DetectorId *string
	// The idempotency token for the request.
	ClientToken *string
	// The properties of the publishing destination, including the ARNs for the
	// destination and the KMS key used for encryption.
	DestinationProperties *types.DestinationProperties
}

type CreatePublishingDestinationOutput 

type CreatePublishingDestinationOutput struct {
	// The ID of the publishing destination that is created.
	DestinationId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreateSampleFindingsInput 

type CreateSampleFindingsInput struct {
	// The ID of the detector to create sample findings for.
	DetectorId *string
	// The types of sample findings to generate.
	FindingTypes []*string
}

type CreateSampleFindingsOutput 

type CreateSampleFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type CreateThreatIntelSetInput 

type CreateThreatIntelSetInput struct {
	// The idempotency token for the create request.
	ClientToken *string
	// The URI of the file that contains the ThreatIntelSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
	// The tags to be added to a new threat list resource.
	Tags map[string]*string
	// A user-friendly ThreatIntelSet name displayed in all findings that are generated
	// by activity that involves IP addresses included in this ThreatIntelSet.
	Name *string
	// The format of the file that contains the ThreatIntelSet.
	Format types.ThreatIntelSetFormat
	// The unique ID of the detector of the GuardDuty account that you want to create a
	// threatIntelSet for.
	DetectorId *string
	// A Boolean value that indicates whether GuardDuty is to start using the uploaded
	// ThreatIntelSet.
	Activate *bool
}

type CreateThreatIntelSetOutput 

type CreateThreatIntelSetOutput struct {
	// The ID of the ThreatIntelSet resource.
	ThreatIntelSetId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeclineInvitationsInput 

type DeclineInvitationsInput struct {
	// A list of account IDs of the AWS accounts that sent invitations to the current
	// member account that you want to decline invitations from.
	AccountIds []*string
}

type DeclineInvitationsOutput 

type DeclineInvitationsOutput struct {
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteDetectorInput 

type DeleteDetectorInput struct {
	// The unique ID of the detector that you want to delete.
	DetectorId *string
}

type DeleteDetectorOutput 

type DeleteDetectorOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteFilterInput 

type DeleteFilterInput struct {
	// The unique ID of the detector that the filter is associated with.
	DetectorId *string
	// The name of the filter that you want to delete.
	FilterName *string
}

type DeleteFilterOutput 

type DeleteFilterOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteIPSetInput 

type DeleteIPSetInput struct {
	// The unique ID of the detector associated with the IPSet.
	DetectorId *string
	// The unique ID of the IPSet to delete.
	IpSetId *string
}

type DeleteIPSetOutput 

type DeleteIPSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteInvitationsInput 

type DeleteInvitationsInput struct {
	// A list of account IDs of the AWS accounts that sent invitations to the current
	// member account that you want to delete invitations from.
	AccountIds []*string
}

type DeleteInvitationsOutput 

type DeleteInvitationsOutput struct {
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteMembersInput 

type DeleteMembersInput struct {
	// The unique ID of the detector of the GuardDuty account whose members you want to
	// delete.
	DetectorId *string
	// A list of account IDs of the GuardDuty member accounts that you want to delete.
	AccountIds []*string
}

type DeleteMembersOutput 

type DeleteMembersOutput struct {
	// The accounts that could not be processed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeletePublishingDestinationInput 

type DeletePublishingDestinationInput struct {
	// The ID of the publishing destination to delete.
	DestinationId *string
	// The unique ID of the detector associated with the publishing destination to
	// delete.
	DetectorId *string
}

type DeletePublishingDestinationOutput 

type DeletePublishingDestinationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DeleteThreatIntelSetInput 

type DeleteThreatIntelSetInput struct {
	// The unique ID of the detector that the threatIntelSet is associated with.
	DetectorId *string
	// The unique ID of the threatIntelSet that you want to delete.
	ThreatIntelSetId *string
}

type DeleteThreatIntelSetOutput 

type DeleteThreatIntelSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribeOrganizationConfigurationInput 

type DescribeOrganizationConfigurationInput struct {
	// The ID of the detector to retrieve information about the delegated administrator
	// from.
	DetectorId *string
}

type DescribeOrganizationConfigurationOutput 

type DescribeOrganizationConfigurationOutput struct {
	// Indicates whether GuardDuty is automatically enabled for accounts added to the
	// organization.
	AutoEnable *bool
	// An object that describes which data sources are enabled automatically for member
	// accounts.
	DataSources *types.OrganizationDataSourceConfigurationsResult
	// Indicates whether the maximum number of allowed member accounts are already
	// associated with the delegated administrator master account.
	MemberAccountLimitReached *bool

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DescribePublishingDestinationInput 

type DescribePublishingDestinationInput struct {
	// The ID of the publishing destination to retrieve.
	DestinationId *string
	// The unique ID of the detector associated with the publishing destination to
	// retrieve.
	DetectorId *string
}

type DescribePublishingDestinationOutput 

type DescribePublishingDestinationOutput struct {
	// The ID of the publishing destination.
	DestinationId *string
	// The time, in epoch millisecond format, at which GuardDuty was first unable to
	// publish findings to the destination.
	PublishingFailureStartTimestamp *int64
	// The status of the publishing destination.
	Status types.PublishingStatus
	// A DestinationProperties object that includes the DestinationArn and KmsKeyArn of
	// the publishing destination.
	DestinationProperties *types.DestinationProperties
	// The type of publishing destination. Currently, only Amazon S3 buckets are
	// supported.
	DestinationType types.DestinationType

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DisableOrganizationAdminAccountInput 

type DisableOrganizationAdminAccountInput struct {
	// The AWS Account ID for the organizations account to be disabled as a GuardDuty
	// delegated administrator.
	AdminAccountId *string
}

type DisableOrganizationAdminAccountOutput 

type DisableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DisassociateFromMasterAccountInput 

type DisassociateFromMasterAccountInput struct {
	// The unique ID of the detector of the GuardDuty member account.
	DetectorId *string
}

type DisassociateFromMasterAccountOutput 

type DisassociateFromMasterAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type DisassociateMembersInput 

type DisassociateMembersInput struct {
	// A list of account IDs of the GuardDuty member accounts that you want to
	// disassociate from the master account.
	AccountIds []*string
	// The unique ID of the detector of the GuardDuty account whose members you want to
	// disassociate from the master account.
	DetectorId *string
}

type DisassociateMembersOutput 

type DisassociateMembersOutput struct {
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type EnableOrganizationAdminAccountInput 

type EnableOrganizationAdminAccountInput struct {
	// The AWS Account ID for the organization account to be enabled as a GuardDuty
	// delegated administrator.
	AdminAccountId *string
}

type EnableOrganizationAdminAccountOutput 

type EnableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type EndpointResolver 

type EndpointResolver interface {
	ResolveEndpoint(region string, options ResolverOptions) (aws.Endpoint, error)
}

EndpointResolver interface for resolving service endpoints.

func WithEndpointResolver 

func WithEndpointResolver(awsResolver aws.EndpointResolver, fallbackResolver EndpointResolver) EndpointResolver

WithEndpointResolver returns an EndpointResolver that first delegates endpoint resolution to the awsResolver. If awsResolver returns aws.EndpointNotFoundError error, the resolver will use the the provided fallbackResolver for resolution. awsResolver and fallbackResolver must not be nil

type EndpointResolverFunc 

type EndpointResolverFunc func(region string, options ResolverOptions) (aws.Endpoint, error)

EndpointResolverFunc is a helper utility that wraps a function so it satisfies the EndpointResolver interface. This is useful when you want to add additional endpoint resolving logic, or stub out specific endpoints with custom values.

func (EndpointResolverFunc) ResolveEndpoint 

func (fn EndpointResolverFunc) ResolveEndpoint(region string, options ResolverOptions) (endpoint aws.Endpoint, err error)

type GetDetectorInput 

type GetDetectorInput struct {
	// The unique ID of the detector that you want to get.
	DetectorId *string
}

type GetDetectorOutput 

type GetDetectorOutput struct {
	// The last-updated timestamp for the detector.
	UpdatedAt *string
	// The timestamp of when the detector was created.
	CreatedAt *string
	// The tags of the detector resource.
	Tags map[string]*string
	// An object that describes which data sources are enabled for the detector.
	DataSources *types.DataSourceConfigurationsResult
	// The GuardDuty service role.
	ServiceRole *string
	// The detector status.
	Status types.DetectorStatus
	// The publishing frequency of the finding.
	FindingPublishingFrequency types.FindingPublishingFrequency

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetFilterInput 

type GetFilterInput struct {
	// The name of the filter you want to get.
	FilterName *string
	// The unique ID of the detector that the filter is associated with.
	DetectorId *string
}

type GetFilterOutput 

type GetFilterOutput struct {
	// Represents the criteria to be used in the filter for querying findings.
	FindingCriteria *types.FindingCriteria
	// The description of the filter.
	Description *string
	// Specifies the action that is to be applied to the findings that match the
	// filter.
	Action types.FilterAction
	// The name of the filter.
	Name *string
	// The tags of the filter resource.
	Tags map[string]*string
	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetFindingsInput 

type GetFindingsInput struct {
	// Represents the criteria used for sorting findings.
	SortCriteria *types.SortCriteria
	// The IDs of the findings that you want to retrieve.
	FindingIds []*string
	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to retrieve.
	DetectorId *string
}

type GetFindingsOutput 

type GetFindingsOutput struct {
	// A list of findings.
	Findings []*types.Finding

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetFindingsStatisticsInput 

type GetFindingsStatisticsInput struct {
	// The ID of the detector that specifies the GuardDuty service whose findings'
	// statistics you want to retrieve.
	DetectorId *string
	// The types of finding statistics to retrieve.
	FindingStatisticTypes []types.FindingStatisticType
	// Represents the criteria that is used for querying findings.
	FindingCriteria *types.FindingCriteria
}

type GetFindingsStatisticsOutput 

type GetFindingsStatisticsOutput struct {
	// The finding statistics object.
	FindingStatistics *types.FindingStatistics

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetIPSetInput 

type GetIPSetInput struct {
	// The unique ID of the detector that the IPSet is associated with.
	DetectorId *string
	// The unique ID of the IPSet to retrieve.
	IpSetId *string
}

type GetIPSetOutput 

type GetIPSetOutput struct {
	// The URI of the file that contains the IPSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
	// The status of IPSet file that was uploaded.
	Status types.IpSetStatus
	// The tags of the IPSet resource.
	Tags map[string]*string
	// The user-friendly name for the IPSet.
	Name *string
	// The format of the file that contains the IPSet.
	Format types.IpSetFormat

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetInvitationsCountInput 

type GetInvitationsCountInput struct {
}

type GetInvitationsCountOutput 

type GetInvitationsCountOutput struct {
	// The number of received invitations.
	InvitationsCount *int32

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetMasterAccountInput 

type GetMasterAccountInput struct {
	// The unique ID of the detector of the GuardDuty member account.
	DetectorId *string
}

type GetMasterAccountOutput 

type GetMasterAccountOutput struct {
	// The master account details.
	Master *types.Master

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetMemberDetectorsInput 

type GetMemberDetectorsInput struct {
	// The detector ID for the master account.
	DetectorId *string
	// The account ID of the member account.
	AccountIds []*string
}

type GetMemberDetectorsOutput 

type GetMemberDetectorsOutput struct {
	// A list of member account IDs that were unable to be processed along with an
	// explanation for why they were not processed.
	UnprocessedAccounts []*types.UnprocessedAccount
	// An object that describes which data sources are enabled for a member account.
	MemberDataSourceConfigurations []*types.MemberDataSourceConfiguration

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetMembersInput 

type GetMembersInput struct {
	// The unique ID of the detector of the GuardDuty account whose members you want to
	// retrieve.
	DetectorId *string
	// A list of account IDs of the GuardDuty member accounts that you want to
	// describe.
	AccountIds []*string
}

type GetMembersOutput 

type GetMembersOutput struct {
	// A list of members.
	Members []*types.Member
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetThreatIntelSetInput 

type GetThreatIntelSetInput struct {
	// The unique ID of the threatIntelSet that you want to get.
	ThreatIntelSetId *string
	// The unique ID of the detector that the threatIntelSet is associated with.
	DetectorId *string
}

type GetThreatIntelSetOutput 

type GetThreatIntelSetOutput struct {
	// A user-friendly ThreatIntelSet name displayed in all findings that are generated
	// by activity that involves IP addresses included in this ThreatIntelSet.
	Name *string
	// The format of the threatIntelSet.
	Format types.ThreatIntelSetFormat
	// The status of threatIntelSet file uploaded.
	Status types.ThreatIntelSetStatus
	// The URI of the file that contains the ThreatIntelSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
	// The tags of the threat list resource.
	Tags map[string]*string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type GetUsageStatisticsInput 

type GetUsageStatisticsInput struct {
	// Represents the criteria used for querying usage.
	UsageCriteria *types.UsageCriteria
	// The type of usage statistics to retrieve.
	UsageStatisticType types.UsageStatisticType
	// The ID of the detector that specifies the GuardDuty service whose usage
	// statistics you want to retrieve.
	DetectorId *string
	// The currency unit you would like to view your usage statistics in. Current valid
	// values are USD.
	Unit *string
	// The maximum number of results to return in the response.
	MaxResults *int32
	// A token to use for paginating results that are returned in the response. Set the
	// value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string
}

type GetUsageStatisticsOutput 

type GetUsageStatisticsOutput struct {
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string
	// The usage statistics object. If a UsageStatisticType was provided, the objects
	// representing other types will be null.
	UsageStatistics *types.UsageStatistics

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

type HTTPSignerV4 

type HTTPSignerV4 interface {
	SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time) error
}

type IdempotencyTokenProvider 

type IdempotencyTokenProvider interface {
	GetIdempotencyToken() (string, error)
}

IdempotencyTokenProvider interface for providing idempotency token

type InviteMembersInput 

type InviteMembersInput struct {
	// A Boolean value that specifies whether you want to disable email notification to
	// the accounts that you are inviting to GuardDuty as members.
	DisableEmailNotification *bool
	// The invitation message that you want to send to the accounts that you're
	// inviting to GuardDuty as members.
	Message *string
	// A list of account IDs of the accounts that you want to invite to GuardDuty as
	// members.
	AccountIds []*string
	// The unique ID of the detector of the GuardDuty account that you want to invite
	// members with.
	DetectorId *string
}

type InviteMembersOutput 

type InviteMembersOutput struct {
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListDetectorsInput 

type ListDetectorsInput struct {
	// You can use this parameter to indicate the maximum number of items that you want
	// in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
}

type ListDetectorsOutput 

type ListDetectorsOutput struct {
	// A list of detector IDs.
	DetectorIds []*string
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListFiltersInput 

type ListFiltersInput struct {
	// The unique ID of the detector that the filter is associated with.
	DetectorId *string
	// You can use this parameter to indicate the maximum number of items that you want
	// in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
}

type ListFiltersOutput 

type ListFiltersOutput struct {
	// A list of filter names.
	FilterNames []*string
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListFindingsInput 

type ListFindingsInput struct {
	// The ID of the detector that specifies the GuardDuty service whose findings you
	// want to list.
	DetectorId *string
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// Represents the criteria used for querying findings. Valid values include:
	//
	//     *
	// JSON field name
	//
	//     * accountId
	//
	//     * region
	//
	//     * confidence
	//
	//     * id
	//
	//
	// * resource.accessKeyDetails.accessKeyId
	//
	//     *
	// resource.accessKeyDetails.principalId
	//
	//     *
	// resource.accessKeyDetails.userName
	//
	//     * resource.accessKeyDetails.userType
	//
	//
	// * resource.instanceDetails.iamInstanceProfile.id
	//
	//     *
	// resource.instanceDetails.imageId
	//
	//     * resource.instanceDetails.instanceId
	//
	//
	// * resource.instanceDetails.networkInterfaces.ipv6Addresses
	//
	//     *
	// resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
	//
	//
	// * resource.instanceDetails.networkInterfaces.publicDnsName
	//
	//     *
	// resource.instanceDetails.networkInterfaces.publicIp
	//
	//     *
	// resource.instanceDetails.networkInterfaces.securityGroups.groupId
	//
	//     *
	// resource.instanceDetails.networkInterfaces.securityGroups.groupName
	//
	//     *
	// resource.instanceDetails.networkInterfaces.subnetId
	//
	//     *
	// resource.instanceDetails.networkInterfaces.vpcId
	//
	//     *
	// resource.instanceDetails.tags.key
	//
	//     * resource.instanceDetails.tags.value
	//
	//
	// * resource.resourceType
	//
	//     * service.action.actionType
	//
	//     *
	// service.action.awsApiCallAction.api
	//
	//     *
	// service.action.awsApiCallAction.callerType
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.city.cityName
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.country.countryName
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.organization.asn
	//
	//     *
	// service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
	//
	//     *
	// service.action.awsApiCallAction.serviceName
	//
	//     *
	// service.action.dnsRequestAction.domain
	//
	//     *
	// service.action.networkConnectionAction.blocked
	//
	//     *
	// service.action.networkConnectionAction.connectionDirection
	//
	//     *
	// service.action.networkConnectionAction.localPortDetails.port
	//
	//     *
	// service.action.networkConnectionAction.protocol
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.city.cityName
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.country.countryName
	//
	//
	// * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.organization.asn
	//
	//     *
	// service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
	//
	//
	// * service.action.networkConnectionAction.remotePortDetails.port
	//
	//     *
	// service.additionalInfo.threatListName
	//
	//     * service.archived When this
	// attribute is set to 'true', only archived findings are listed. When it's set to
	// 'false', only unarchived findings are listed. When this attribute is not set,
	// all existing findings are listed.
	//
	//     * service.resourceRole
	//
	//     * severity
	//
	//
	// * type
	//
	//     * updatedAt Type: Timestamp in Unix Epoch millisecond format:
	// 1486685375000
	FindingCriteria *types.FindingCriteria
	// Represents the criteria used for sorting findings.
	SortCriteria *types.SortCriteria
}

type ListFindingsOutput 

type ListFindingsOutput struct {
	// The IDs of the findings that you're listing.
	FindingIds []*string
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListIPSetsInput 

type ListIPSetsInput struct {
	// The unique ID of the detector that the IPSet is associated with.
	DetectorId *string
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
}

type ListIPSetsOutput 

type ListIPSetsOutput struct {
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string
	// The IDs of the IPSet resources.
	IpSetIds []*string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListInvitationsInput 

type ListInvitationsInput struct {
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// You can use this parameter to indicate the maximum number of items that you want
	// in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
}

type ListInvitationsOutput 

type ListInvitationsOutput struct {
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string
	// A list of invitation descriptions.
	Invitations []*types.Invitation

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListMembersInput 

type ListMembersInput struct {
	// You can use this parameter to indicate the maximum number of items you want in
	// the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
	// The unique ID of the detector the member is associated with.
	DetectorId *string
	// You can use this parameter when paginating results. Set the value of this
	// parameter to null on your first call to the list action. For subsequent calls to
	// the action, fill nextToken in the request with the value of NextToken from the
	// previous response to continue listing data.
	NextToken *string
	// Specifies whether to only return associated members or to return all members
	// (including members who haven't been invited yet or have been disassociated).
	OnlyAssociated *string
}

type ListMembersOutput 

type ListMembersOutput struct {
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string
	// A list of members.
	Members []*types.Member

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListOrganizationAdminAccountsInput 

type ListOrganizationAdminAccountsInput struct {
	// The maximum number of results to return in the response.
	MaxResults *int32
	// A token to use for paginating results that are returned in the response. Set the
	// value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string
}

type ListOrganizationAdminAccountsOutput 

type ListOrganizationAdminAccountsOutput struct {
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string
	// An AdminAccounts object that includes a list of accounts configured as GuardDuty
	// delegated administrators.
	AdminAccounts []*types.AdminAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListPublishingDestinationsInput 

type ListPublishingDestinationsInput struct {
	// The ID of the detector to retrieve publishing destinations for.
	DetectorId *string
	// The maximum number of results to return in the response.
	MaxResults *int32
	// A token to use for paginating results that are returned in the response. Set the
	// value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string
}

type ListPublishingDestinationsOutput 

type ListPublishingDestinationsOutput struct {
	// A Destinations object that includes information about each publishing
	// destination returned.
	Destinations []*types.Destination
	// A token to use for paginating results that are returned in the response. Set the
	// value of this parameter to null for the first request to a list action. For
	// subsequent calls, use the NextToken value returned from the previous request to
	// continue listing results after the first page.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListTagsForResourceInput 

type ListTagsForResourceInput struct {
	// The Amazon Resource Name (ARN) for the given GuardDuty resource.
	ResourceArn *string
}

type ListTagsForResourceOutput 

type ListTagsForResourceOutput struct {
	// The tags associated with the resource.
	Tags map[string]*string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ListThreatIntelSetsInput 

type ListThreatIntelSetsInput struct {
	// You can use this parameter to paginate results in the response. Set the value of
	// this parameter to null on your first call to the list action. For subsequent
	// calls to the action, fill nextToken in the request with the value of NextToken
	// from the previous response to continue listing data.
	NextToken *string
	// The unique ID of the detector that the threatIntelSet is associated with.
	DetectorId *string
	// You can use this parameter to indicate the maximum number of items that you want
	// in the response. The default value is 50. The maximum value is 50.
	MaxResults *int32
}

type ListThreatIntelSetsOutput 

type ListThreatIntelSetsOutput struct {
	// The IDs of the ThreatIntelSet resources.
	ThreatIntelSetIds []*string
	// The pagination parameter to be used on the next list operation to retrieve more
	// items.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type Options 

type Options struct {
	// Set of options to modify how an operation is invoked. These apply to all
	// operations invoked for this client. Use functional options on operation call to
	// modify this list for per operation behavior.
	APIOptions []func(*middleware.Stack) error

	// The credentials object to use when signing requests.
	Credentials aws.CredentialsProvider

	// The endpoint options to be used when attempting to resolve an endpoint.
	EndpointOptions ResolverOptions

	// The service endpoint resolver.
	EndpointResolver EndpointResolver

	// Signature Version 4 (SigV4) Signer
	HTTPSignerV4 HTTPSignerV4

	// Provides idempotency tokens values that will be automatically populated into
	// idempotent API operations.
	IdempotencyTokenProvider IdempotencyTokenProvider

	// The region to send requests to. (Required)
	Region string

	// Retryer guides how HTTP requests should be retried in case of recoverable
	// failures. When nil the API client will use a default retryer.
	Retryer retry.Retryer

	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
	// implementation if nil.
	HTTPClient HTTPClient
}

func (Options) Copy 

func (o Options) Copy() Options

Copy creates a clone where the APIOptions list is deep copied.

func (Options) GetCredentials 

func (o Options) GetCredentials() aws.CredentialsProvider

func (Options) GetEndpointOptions 

func (o Options) GetEndpointOptions() ResolverOptions

func (Options) GetEndpointResolver 

func (o Options) GetEndpointResolver() EndpointResolver

func (Options) GetHTTPSignerV4 

func (o Options) GetHTTPSignerV4() HTTPSignerV4

func (Options) GetIdempotencyTokenProvider 

func (o Options) GetIdempotencyTokenProvider() IdempotencyTokenProvider

func (Options) GetRegion 

func (o Options) GetRegion() string

func (Options) GetRetryer 

func (o Options) GetRetryer() retry.Retryer

type ResolveEndpoint 

type ResolveEndpoint struct {
	Resolver EndpointResolver
	Options  ResolverOptions
}

func (*ResolveEndpoint) HandleSerialize 

func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
	out middleware.SerializeOutput, metadata middleware.Metadata, err error,
)

func (*ResolveEndpoint) ID 

func (*ResolveEndpoint) ID() string

type ResolveEndpointMiddlewareOptions 

type ResolveEndpointMiddlewareOptions interface {
	GetEndpointResolver() EndpointResolver
	GetEndpointOptions() ResolverOptions
}

type ResolverOptions 

type ResolverOptions = internalendpoints.Options

ResolverOptions is the service endpoint resolver options

type StartMonitoringMembersInput 

type StartMonitoringMembersInput struct {
	// A list of account IDs of the GuardDuty member accounts to start monitoring.
	AccountIds []*string
	// The unique ID of the detector of the GuardDuty master account associated with
	// the member accounts to monitor.
	DetectorId *string
}

type StartMonitoringMembersOutput 

type StartMonitoringMembersOutput struct {
	// A list of objects that contain the unprocessed account and a result string that
	// explains why it was unprocessed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type StopMonitoringMembersInput 

type StopMonitoringMembersInput struct {
	// A list of account IDs for the member accounts to stop monitoring.
	AccountIds []*string
	// The unique ID of the detector associated with the GuardDuty master account that
	// is monitoring member accounts.
	DetectorId *string
}

type StopMonitoringMembersOutput 

type StopMonitoringMembersOutput struct {
	// A list of objects that contain an accountId for each account that could not be
	// processed, and a result string that indicates why the account was not processed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type TagResourceInput 

type TagResourceInput struct {
	// The Amazon Resource Name (ARN) for the GuardDuty resource to apply a tag to.
	ResourceArn *string
	// The tags to be added to a resource.
	Tags map[string]*string
}

type TagResourceOutput 

type TagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UnarchiveFindingsInput 

type UnarchiveFindingsInput struct {
	// The IDs of the findings to unarchive.
	FindingIds []*string
	// The ID of the detector associated with the findings to unarchive.
	DetectorId *string
}

type UnarchiveFindingsOutput 

type UnarchiveFindingsOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UntagResourceInput 

type UntagResourceInput struct {
	// The tag keys to remove from the resource.
	TagKeys []*string
	// The Amazon Resource Name (ARN) for the resource to remove tags from.
	ResourceArn *string
}

type UntagResourceOutput 

type UntagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateDetectorInput 

type UpdateDetectorInput struct {
	// An object that describes which data sources will be updated.
	DataSources *types.DataSourceConfigurations
	// The unique ID of the detector to update.
	DetectorId *string
	// Specifies whether the detector is enabled or not enabled.
	Enable *bool
	// An enum value that specifies how frequently findings are exported, such as to
	// CloudWatch Events.
	FindingPublishingFrequency types.FindingPublishingFrequency
}

type UpdateDetectorOutput 

type UpdateDetectorOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateFilterInput 

type UpdateFilterInput struct {
	// Represents the criteria to be used in the filter for querying findings.
	FindingCriteria *types.FindingCriteria
	// Specifies the position of the filter in the list of current filters. Also
	// specifies the order in which this filter is applied to the findings.
	Rank *int32
	// The unique ID of the detector that specifies the GuardDuty service where you
	// want to update a filter.
	DetectorId *string
	// Specifies the action that is to be applied to the findings that match the
	// filter.
	Action types.FilterAction
	// The description of the filter.
	Description *string
	// The name of the filter.
	FilterName *string
}

type UpdateFilterOutput 

type UpdateFilterOutput struct {
	// The name of the filter.
	Name *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateFindingsFeedbackInput 

type UpdateFindingsFeedbackInput struct {
	// The ID of the detector associated with the findings to update feedback for.
	DetectorId *string
	// The IDs of the findings that you want to mark as useful or not useful.
	FindingIds []*string
	// The feedback for the finding.
	Feedback types.Feedback
	// Additional feedback about the GuardDuty findings.
	Comments *string
}

type UpdateFindingsFeedbackOutput 

type UpdateFindingsFeedbackOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateIPSetInput 

type UpdateIPSetInput struct {
	// The unique ID that specifies the IPSet that you want to update.
	Name *string
	// The unique ID that specifies the IPSet that you want to update.
	IpSetId *string
	// The updated Boolean value that specifies whether the IPSet is active or not.
	Activate *bool
	// The detectorID that specifies the GuardDuty service whose IPSet you want to
	// update.
	DetectorId *string
	// The updated URI of the file that contains the IPSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
}

type UpdateIPSetOutput 

type UpdateIPSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateMemberDetectorsInput 

type UpdateMemberDetectorsInput struct {
	// A list of member account IDs to be updated.
	AccountIds []*string
	// The detector ID of the master account.
	DetectorId *string
	// An object describes which data sources will be updated.
	DataSources *types.DataSourceConfigurations
}

type UpdateMemberDetectorsOutput 

type UpdateMemberDetectorsOutput struct {
	// A list of member account IDs that were unable to be processed along with an
	// explanation for why they were not processed.
	UnprocessedAccounts []*types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateOrganizationConfigurationInput 

type UpdateOrganizationConfigurationInput struct {
	// The ID of the detector to update the delegated administrator for.
	DetectorId *string
	// Indicates whether to automatically enable member accounts in the organization.
	AutoEnable *bool
	// An object describes which data sources will be updated.
	DataSources *types.OrganizationDataSourceConfigurations
}

type UpdateOrganizationConfigurationOutput 

type UpdateOrganizationConfigurationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdatePublishingDestinationInput 

type UpdatePublishingDestinationInput struct {
	// A DestinationProperties object that includes the DestinationArn and KmsKeyArn of
	// the publishing destination.
	DestinationProperties *types.DestinationProperties
	// The ID of the publishing destination to update.
	DestinationId *string
	// The ID of the detector associated with the publishing destinations to update.
	DetectorId *string
}

type UpdatePublishingDestinationOutput 

type UpdatePublishingDestinationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type UpdateThreatIntelSetInput 

type UpdateThreatIntelSetInput struct {
	// The updated Boolean value that specifies whether the ThreateIntelSet is active
	// or not.
	Activate *bool
	// The unique ID that specifies the ThreatIntelSet that you want to update.
	ThreatIntelSetId *string
	// The unique ID that specifies the ThreatIntelSet that you want to update.
	Name *string
	// The detectorID that specifies the GuardDuty service whose ThreatIntelSet you
	// want to update.
	DetectorId *string
	// The updated URI of the file that contains the ThreateIntelSet. For example:
	// https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key.
	Location *string
}

type UpdateThreatIntelSetOutput 

type UpdateThreatIntelSetOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

Source Files

api_client.go api_op_AcceptInvitation.go api_op_ArchiveFindings.go api_op_CreateDetector.go api_op_CreateFilter.go api_op_CreateIPSet.go api_op_CreateMembers.go api_op_CreatePublishingDestination.go api_op_CreateSampleFindings.go api_op_CreateThreatIntelSet.go api_op_DeclineInvitations.go api_op_DeleteDetector.go api_op_DeleteFilter.go api_op_DeleteIPSet.go api_op_DeleteInvitations.go api_op_DeleteMembers.go api_op_DeletePublishingDestination.go api_op_DeleteThreatIntelSet.go api_op_DescribeOrganizationConfiguration.go api_op_DescribePublishingDestination.go api_op_DisableOrganizationAdminAccount.go api_op_DisassociateFromMasterAccount.go api_op_DisassociateMembers.go api_op_EnableOrganizationAdminAccount.go api_op_GetDetector.go api_op_GetFilter.go api_op_GetFindings.go api_op_GetFindingsStatistics.go api_op_GetIPSet.go api_op_GetInvitationsCount.go api_op_GetMasterAccount.go api_op_GetMemberDetectors.go api_op_GetMembers.go api_op_GetThreatIntelSet.go api_op_GetUsageStatistics.go api_op_InviteMembers.go api_op_ListDetectors.go api_op_ListFilters.go api_op_ListFindings.go api_op_ListIPSets.go api_op_ListInvitations.go api_op_ListMembers.go api_op_ListOrganizationAdminAccounts.go api_op_ListPublishingDestinations.go api_op_ListTagsForResource.go api_op_ListThreatIntelSets.go api_op_StartMonitoringMembers.go api_op_StopMonitoringMembers.go api_op_TagResource.go api_op_UnarchiveFindings.go api_op_UntagResource.go api_op_UpdateDetector.go api_op_UpdateFilter.go api_op_UpdateFindingsFeedback.go api_op_UpdateIPSet.go api_op_UpdateMemberDetectors.go api_op_UpdateOrganizationConfiguration.go api_op_UpdatePublishingDestination.go api_op_UpdateThreatIntelSet.go deserializers.go endpoints.go serializers.go validators.go

Directories

PathSynopsis
internal
types
Version
v0.1.0
Published
Sep 29, 2020
Platform
js/wasm
Imports
28 packages
Last checked
now

Tools for package owners.