All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.detective.AmazonDetectiveClient Maven / Gradle / Ivy

/*
 * Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.detective;

import org.w3c.dom.*;

import java.net.*;
import java.util.*;

import javax.annotation.Generated;

import org.apache.commons.logging.*;

import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;

import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;

import com.amazonaws.services.detective.AmazonDetectiveClientBuilder;

import com.amazonaws.AmazonServiceException;

import com.amazonaws.services.detective.model.*;

import com.amazonaws.services.detective.model.transform.*;

/**
 * Client for accessing Amazon Detective. All service calls made using this client are blocking, and will not return
 * until the service call completes.
 * 

*

* Detective uses machine learning and purpose-built visualizations to help you to analyze and investigate security * issues across your Amazon Web Services (Amazon Web Services) workloads. Detective automatically extracts time-based * events such as login attempts, API calls, and network traffic from CloudTrail and Amazon Virtual Private Cloud * (Amazon VPC) flow logs. It also extracts findings detected by Amazon GuardDuty. *

*

* The Detective API primarily supports the creation and management of behavior graphs. A behavior graph contains the * extracted data from a set of member accounts, and is created and managed by an administrator account. *

*

* To add a member account to the behavior graph, the administrator account sends an invitation to the account. When the * account accepts the invitation, it becomes a member account in the behavior graph. *

*

* Detective is also integrated with Organizations. The organization management account designates the Detective * administrator account for the organization. That account becomes the administrator account for the organization * behavior graph. The Detective administrator account is also the delegated administrator account for Detective in * Organizations. *

*

* The Detective administrator account can enable any organization account as a member account in the organization * behavior graph. The organization accounts do not receive invitations. The Detective administrator account can also * invite other accounts to the organization behavior graph. *

*

* Every behavior graph is specific to a Region. You can only use the API to manage behavior graphs that belong to the * Region that is associated with the currently selected endpoint. *

*

* The administrator account for a behavior graph can use the Detective API to do the following: *

*
    *
  • *

    * Enable and disable Detective. Enabling Detective creates a new behavior graph. *

    *
  • *
  • *

    * View the list of member accounts in a behavior graph. *

    *
  • *
  • *

    * Add member accounts to a behavior graph. *

    *
  • *
  • *

    * Remove member accounts from a behavior graph. *

    *
  • *
  • *

    * Apply tags to a behavior graph. *

    *
  • *
*

* The organization management account can use the Detective API to select the delegated administrator for Detective. *

*

* The Detective administrator account for an organization can use the Detective API to do the following: *

*
    *
  • *

    * Perform all of the functions of an administrator account. *

    *
  • *
  • *

    * Determine whether to automatically enable new organization accounts as member accounts in the organization behavior * graph. *

    *
  • *
*

* An invited member account can use the Detective API to do the following: *

*
    *
  • *

    * View the list of behavior graphs that they are invited to. *

    *
  • *
  • *

    * Accept an invitation to contribute to a behavior graph. *

    *
  • *
  • *

    * Decline an invitation to contribute to a behavior graph. *

    *
  • *
  • *

    * Remove their account from a behavior graph. *

    *
  • *
*

* All API actions are logged as CloudTrail events. See Logging Detective API * Calls with CloudTrail. *

* *

* We replaced the term "master account" with the term "administrator account". An administrator account is used to * centrally manage multiple accounts. In the case of Detective, the administrator account manages the accounts in their * behavior graph. *

*
*/ @ThreadSafe @Generated("com.amazonaws:aws-java-sdk-code-generator") public class AmazonDetectiveClient extends AmazonWebServiceClient implements AmazonDetective { /** Provider for AWS credentials. */ private final AWSCredentialsProvider awsCredentialsProvider; private static final Log log = LogFactory.getLog(AmazonDetective.class); /** Default signing name for the service. */ private static final String DEFAULT_SIGNING_NAME = "detective"; /** Client configuration factory providing ClientConfigurations tailored to this client */ protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory(); private final AdvancedConfig advancedConfig; private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory( new JsonClientMetadata() .withProtocolVersion("1.1") .withSupportsCbor(false) .withSupportsIon(false) .withContentTypeOverride("application/json") .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ServiceQuotaExceededException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.ServiceQuotaExceededExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("InternalServerException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.InternalServerExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.AccessDeniedExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ConflictException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.ConflictExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ValidationException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.ValidationExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("TooManyRequestsException").withExceptionUnmarshaller( com.amazonaws.services.detective.model.transform.TooManyRequestsExceptionUnmarshaller.getInstance())) .withBaseServiceExceptionClass(com.amazonaws.services.detective.model.AmazonDetectiveException.class)); public static AmazonDetectiveClientBuilder builder() { return AmazonDetectiveClientBuilder.standard(); } /** * Constructs a new client to invoke service methods on Amazon Detective using the specified parameters. * *

* All service calls made using this new client object are blocking, and will not return until the service call * completes. * * @param clientParams * Object providing client parameters. */ AmazonDetectiveClient(AwsSyncClientParams clientParams) { this(clientParams, false); } /** * Constructs a new client to invoke service methods on Amazon Detective using the specified parameters. * *

* All service calls made using this new client object are blocking, and will not return until the service call * completes. * * @param clientParams * Object providing client parameters. */ AmazonDetectiveClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) { super(clientParams); this.awsCredentialsProvider = clientParams.getCredentialsProvider(); this.advancedConfig = clientParams.getAdvancedConfig(); init(); } private void init() { setServiceNameIntern(DEFAULT_SIGNING_NAME); setEndpointPrefix(ENDPOINT_PREFIX); // calling this.setEndPoint(...) will also modify the signer accordingly setEndpoint("api.detective.us-east-1.amazonaws.com"); HandlerChainFactory chainFactory = new HandlerChainFactory(); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/detective/request.handlers")); requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/detective/request.handler2s")); requestHandler2s.addAll(chainFactory.getGlobalHandlers()); } /** *

* Accepts an invitation for the member account to contribute data to a behavior graph. This operation can only be * called by an invited member account. *

*

* The request provides the ARN of behavior graph. *

*

* The member account status in the graph must be INVITED. *

* * @param acceptInvitationRequest * @return Result of the AcceptInvitation operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.AcceptInvitation * @see AWS API * Documentation */ @Override public AcceptInvitationResult acceptInvitation(AcceptInvitationRequest request) { request = beforeClientExecution(request); return executeAcceptInvitation(request); } @SdkInternalApi final AcceptInvitationResult executeAcceptInvitation(AcceptInvitationRequest acceptInvitationRequest) { ExecutionContext executionContext = createExecutionContext(acceptInvitationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new AcceptInvitationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(acceptInvitationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AcceptInvitation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new AcceptInvitationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Gets data source package information for the behavior graph. *

* * @param batchGetGraphMemberDatasourcesRequest * @return Result of the BatchGetGraphMemberDatasources operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.BatchGetGraphMemberDatasources * @see AWS API Documentation */ @Override public BatchGetGraphMemberDatasourcesResult batchGetGraphMemberDatasources(BatchGetGraphMemberDatasourcesRequest request) { request = beforeClientExecution(request); return executeBatchGetGraphMemberDatasources(request); } @SdkInternalApi final BatchGetGraphMemberDatasourcesResult executeBatchGetGraphMemberDatasources(BatchGetGraphMemberDatasourcesRequest batchGetGraphMemberDatasourcesRequest) { ExecutionContext executionContext = createExecutionContext(batchGetGraphMemberDatasourcesRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchGetGraphMemberDatasourcesRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(batchGetGraphMemberDatasourcesRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchGetGraphMemberDatasources"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchGetGraphMemberDatasourcesResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Gets information on the data source package history for an account. *

* * @param batchGetMembershipDatasourcesRequest * @return Result of the BatchGetMembershipDatasources operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.BatchGetMembershipDatasources * @see AWS API Documentation */ @Override public BatchGetMembershipDatasourcesResult batchGetMembershipDatasources(BatchGetMembershipDatasourcesRequest request) { request = beforeClientExecution(request); return executeBatchGetMembershipDatasources(request); } @SdkInternalApi final BatchGetMembershipDatasourcesResult executeBatchGetMembershipDatasources(BatchGetMembershipDatasourcesRequest batchGetMembershipDatasourcesRequest) { ExecutionContext executionContext = createExecutionContext(batchGetMembershipDatasourcesRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchGetMembershipDatasourcesRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(batchGetMembershipDatasourcesRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchGetMembershipDatasources"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchGetMembershipDatasourcesResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Creates a new behavior graph for the calling account, and sets that account as the administrator account. This * operation is called by the account that is enabling Detective. *

*

* The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN * of the new behavior graph. *

*

* CreateGraph triggers a process to create the corresponding data tables for the new behavior graph. *

*

* An account can only be the administrator account for one behavior graph within a Region. If the same account * calls CreateGraph with the same administrator account, it always returns the same behavior graph * ARN. It does not create a new behavior graph. *

* * @param createGraphRequest * @return Result of the CreateGraph operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ServiceQuotaExceededException * This request cannot be completed for one of the following reasons.

*
    *
  • *

    * This request cannot be completed if it would cause the number of member accounts in the behavior graph to * exceed the maximum allowed. A behavior graph cannot have more than 1,200 member accounts. *

    *
  • *
  • *

    * This request cannot be completed if the current volume ingested is above the limit of 10 TB per day. * Detective will not allow you to add additional member accounts. *

    *
  • * @sample AmazonDetective.CreateGraph * @see AWS API * Documentation */ @Override public CreateGraphResult createGraph(CreateGraphRequest request) { request = beforeClientExecution(request); return executeCreateGraph(request); } @SdkInternalApi final CreateGraphResult executeCreateGraph(CreateGraphRequest createGraphRequest) { ExecutionContext executionContext = createExecutionContext(createGraphRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new CreateGraphRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createGraphRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateGraph"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateGraphResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

    * CreateMembers is used to send invitations to accounts. For the organization behavior graph, the * Detective administrator account uses CreateMembers to enable organization accounts as member * accounts. *

    *

    * For invited accounts, CreateMembers sends a request to invite the specified Amazon Web Services * accounts to be member accounts in the behavior graph. This operation can only be called by the administrator * account for a behavior graph. *

    *

    * CreateMembers verifies the accounts and then invites the verified accounts. The administrator can * optionally specify to not send invitation emails to the member accounts. This would be used when the * administrator manages their member accounts centrally. *

    *

    * For organization accounts in the organization behavior graph, CreateMembers attempts to enable the * accounts. The organization accounts do not receive invitations. *

    *

    * The request provides the behavior graph ARN and the list of accounts to invite or to enable. *

    *

    * The response separates the requested accounts into two lists: *

    *
      *
    • *

      * The accounts that CreateMembers was able to process. For invited accounts, includes member accounts * that are being verified, that have passed verification and are to be invited, and that have failed verification. * For organization accounts in the organization behavior graph, includes accounts that can be enabled and that * cannot be enabled. *

      *
    • *
    • *

      * The accounts that CreateMembers was unable to process. This list includes accounts that were already * invited to be member accounts in the behavior graph. *

      *
    • *
    * * @param createMembersRequest * @return Result of the CreateMembers operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @throws ServiceQuotaExceededException * This request cannot be completed for one of the following reasons.

    *
      *
    • *

      * This request cannot be completed if it would cause the number of member accounts in the behavior graph to * exceed the maximum allowed. A behavior graph cannot have more than 1,200 member accounts. *

      *
    • *
    • *

      * This request cannot be completed if the current volume ingested is above the limit of 10 TB per day. * Detective will not allow you to add additional member accounts. *

      *
    • * @sample AmazonDetective.CreateMembers * @see AWS API * Documentation */ @Override public CreateMembersResult createMembers(CreateMembersRequest request) { request = beforeClientExecution(request); return executeCreateMembers(request); } @SdkInternalApi final CreateMembersResult executeCreateMembers(CreateMembersRequest createMembersRequest) { ExecutionContext executionContext = createExecutionContext(createMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new CreateMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Disables the specified behavior graph and queues it to be deleted. This operation removes the behavior graph from * each member account's list of behavior graphs. *

      *

      * DeleteGraph can only be called by the administrator account for a behavior graph. *

      * * @param deleteGraphRequest * @return Result of the DeleteGraph operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.DeleteGraph * @see AWS API * Documentation */ @Override public DeleteGraphResult deleteGraph(DeleteGraphRequest request) { request = beforeClientExecution(request); return executeDeleteGraph(request); } @SdkInternalApi final DeleteGraphResult executeDeleteGraph(DeleteGraphRequest deleteGraphRequest) { ExecutionContext executionContext = createExecutionContext(deleteGraphRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteGraphRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteGraphRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteGraph"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteGraphResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Removes the specified member accounts from the behavior graph. The removed accounts no longer contribute data to * the behavior graph. This operation can only be called by the administrator account for the behavior graph. *

      *

      * For invited accounts, the removed accounts are deleted from the list of accounts in the behavior graph. To * restore the account, the administrator account must send another invitation. *

      *

      * For organization accounts in the organization behavior graph, the Detective administrator account can always * enable the organization account again. Organization accounts that are not enabled as member accounts are not * included in the ListMembers results for the organization behavior graph. *

      *

      * An administrator account cannot use DeleteMembers to remove their own account from the behavior * graph. To disable a behavior graph, the administrator account uses the DeleteGraph API method. *

      * * @param deleteMembersRequest * @return Result of the DeleteMembers operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.DeleteMembers * @see AWS API * Documentation */ @Override public DeleteMembersResult deleteMembers(DeleteMembersRequest request) { request = beforeClientExecution(request); return executeDeleteMembers(request); } @SdkInternalApi final DeleteMembersResult executeDeleteMembers(DeleteMembersRequest deleteMembersRequest) { ExecutionContext executionContext = createExecutionContext(deleteMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Returns information about the configuration for the organization behavior graph. Currently indicates whether to * automatically enable new organization accounts as member accounts. *

      *

      * Can only be called by the Detective administrator account for the organization. *

      * * @param describeOrganizationConfigurationRequest * @return Result of the DescribeOrganizationConfiguration operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.DescribeOrganizationConfiguration * @see AWS API Documentation */ @Override public DescribeOrganizationConfigurationResult describeOrganizationConfiguration(DescribeOrganizationConfigurationRequest request) { request = beforeClientExecution(request); return executeDescribeOrganizationConfiguration(request); } @SdkInternalApi final DescribeOrganizationConfigurationResult executeDescribeOrganizationConfiguration( DescribeOrganizationConfigurationRequest describeOrganizationConfigurationRequest) { ExecutionContext executionContext = createExecutionContext(describeOrganizationConfigurationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(describeOrganizationConfigurationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeOrganizationConfiguration"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeOrganizationConfigurationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Removes the Detective administrator account in the current Region. Deletes the organization behavior graph. *

      *

      * Can only be called by the organization management account. *

      *

      * Removing the Detective administrator account does not affect the delegated administrator account for Detective in * Organizations. *

      *

      * To remove the delegated administrator account in Organizations, use the Organizations API. Removing the delegated * administrator account also removes the Detective administrator account in all Regions, except for Regions where * the Detective administrator account is the organization management account. *

      * * @param disableOrganizationAdminAccountRequest * @return Result of the DisableOrganizationAdminAccount operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.DisableOrganizationAdminAccount * @see AWS API Documentation */ @Override public DisableOrganizationAdminAccountResult disableOrganizationAdminAccount(DisableOrganizationAdminAccountRequest request) { request = beforeClientExecution(request); return executeDisableOrganizationAdminAccount(request); } @SdkInternalApi final DisableOrganizationAdminAccountResult executeDisableOrganizationAdminAccount( DisableOrganizationAdminAccountRequest disableOrganizationAdminAccountRequest) { ExecutionContext executionContext = createExecutionContext(disableOrganizationAdminAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(disableOrganizationAdminAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableOrganizationAdminAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisableOrganizationAdminAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Removes the member account from the specified behavior graph. This operation can only be called by an invited * member account that has the ENABLED status. *

      *

      * DisassociateMembership cannot be called by an organization account in the organization behavior * graph. For the organization behavior graph, the Detective administrator account determines which organization * accounts to enable or disable as member accounts. *

      * * @param disassociateMembershipRequest * @return Result of the DisassociateMembership operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.DisassociateMembership * @see AWS API Documentation */ @Override public DisassociateMembershipResult disassociateMembership(DisassociateMembershipRequest request) { request = beforeClientExecution(request); return executeDisassociateMembership(request); } @SdkInternalApi final DisassociateMembershipResult executeDisassociateMembership(DisassociateMembershipRequest disassociateMembershipRequest) { ExecutionContext executionContext = createExecutionContext(disassociateMembershipRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisassociateMembershipRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(disassociateMembershipRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateMembership"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisassociateMembershipResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Designates the Detective administrator account for the organization in the current Region. *

      *

      * If the account does not have Detective enabled, then enables Detective for that account and creates a new * behavior graph. *

      *

      * Can only be called by the organization management account. *

      *

      * If the organization has a delegated administrator account in Organizations, then the Detective administrator * account must be either the delegated administrator account or the organization management account. *

      *

      * If the organization does not have a delegated administrator account in Organizations, then you can choose any * account in the organization. If you choose an account other than the organization management account, Detective * calls Organizations to make that account the delegated administrator account for Detective. The organization * management account cannot be the delegated administrator account. *

      * * @param enableOrganizationAdminAccountRequest * @return Result of the EnableOrganizationAdminAccount operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.EnableOrganizationAdminAccount * @see AWS API Documentation */ @Override public EnableOrganizationAdminAccountResult enableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest request) { request = beforeClientExecution(request); return executeEnableOrganizationAdminAccount(request); } @SdkInternalApi final EnableOrganizationAdminAccountResult executeEnableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest enableOrganizationAdminAccountRequest) { ExecutionContext executionContext = createExecutionContext(enableOrganizationAdminAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new EnableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(enableOrganizationAdminAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableOrganizationAdminAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new EnableOrganizationAdminAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An * indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a * high level of confidence) identify malicious activity or a security incident. GetInvestigation * returns the investigation results of an investigation for a behavior graph. *

      * * @param getInvestigationRequest * @return Result of the GetInvestigation operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.GetInvestigation * @see AWS API * Documentation */ @Override public GetInvestigationResult getInvestigation(GetInvestigationRequest request) { request = beforeClientExecution(request); return executeGetInvestigation(request); } @SdkInternalApi final GetInvestigationResult executeGetInvestigation(GetInvestigationRequest getInvestigationRequest) { ExecutionContext executionContext = createExecutionContext(getInvestigationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetInvestigationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInvestigationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInvestigation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInvestigationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Returns the membership details for specified member accounts for a behavior graph. *

      * * @param getMembersRequest * @return Result of the GetMembers operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.GetMembers * @see AWS API * Documentation */ @Override public GetMembersResult getMembers(GetMembersRequest request) { request = beforeClientExecution(request); return executeGetMembers(request); } @SdkInternalApi final GetMembersResult executeGetMembers(GetMembersRequest getMembersRequest) { ExecutionContext executionContext = createExecutionContext(getMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata() .withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Lists data source packages in the behavior graph. *

      * * @param listDatasourcePackagesRequest * @return Result of the ListDatasourcePackages operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.ListDatasourcePackages * @see AWS API Documentation */ @Override public ListDatasourcePackagesResult listDatasourcePackages(ListDatasourcePackagesRequest request) { request = beforeClientExecution(request); return executeListDatasourcePackages(request); } @SdkInternalApi final ListDatasourcePackagesResult executeListDatasourcePackages(ListDatasourcePackagesRequest listDatasourcePackagesRequest) { ExecutionContext executionContext = createExecutionContext(listDatasourcePackagesRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListDatasourcePackagesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listDatasourcePackagesRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListDatasourcePackages"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListDatasourcePackagesResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Returns the list of behavior graphs that the calling account is an administrator account of. This operation can * only be called by an administrator account. *

      *

      * Because an account can currently only be the administrator of one behavior graph within a Region, the results * always contain a single behavior graph. *

      * * @param listGraphsRequest * @return Result of the ListGraphs operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.ListGraphs * @see AWS API * Documentation */ @Override public ListGraphsResult listGraphs(ListGraphsRequest request) { request = beforeClientExecution(request); return executeListGraphs(request); } @SdkInternalApi final ListGraphsResult executeListGraphs(ListGraphsRequest listGraphsRequest) { ExecutionContext executionContext = createExecutionContext(listGraphsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListGraphsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listGraphsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListGraphs"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata() .withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListGraphsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Gets the indicators from an investigation. You can use the information from the indicators to determine if an IAM * user and/or IAM role is involved in an unusual activity that could indicate malicious behavior and its impact. *

      * * @param listIndicatorsRequest * @return Result of the ListIndicators operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.ListIndicators * @see AWS API * Documentation */ @Override public ListIndicatorsResult listIndicators(ListIndicatorsRequest request) { request = beforeClientExecution(request); return executeListIndicators(request); } @SdkInternalApi final ListIndicatorsResult executeListIndicators(ListIndicatorsRequest listIndicatorsRequest) { ExecutionContext executionContext = createExecutionContext(listIndicatorsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListIndicatorsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listIndicatorsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListIndicators"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListIndicatorsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An * indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a * high level of confidence) identify malicious activity or a security incident. ListInvestigations * lists all active Detective investigations. *

      * * @param listInvestigationsRequest * @return Result of the ListInvestigations operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.ListInvestigations * @see AWS * API Documentation */ @Override public ListInvestigationsResult listInvestigations(ListInvestigationsRequest request) { request = beforeClientExecution(request); return executeListInvestigations(request); } @SdkInternalApi final ListInvestigationsResult executeListInvestigations(ListInvestigationsRequest listInvestigationsRequest) { ExecutionContext executionContext = createExecutionContext(listInvestigationsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListInvestigationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listInvestigationsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListInvestigations"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListInvestigationsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Retrieves the list of open and accepted behavior graph invitations for the member account. This operation can * only be called by an invited member account. *

      *

      * Open invitations are invitations that the member account has not responded to. *

      *

      * The results do not include behavior graphs for which the member account declined the invitation. The results also * do not include behavior graphs that the member account resigned from or was removed from. *

      * * @param listInvitationsRequest * @return Result of the ListInvitations operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.ListInvitations * @see AWS API * Documentation */ @Override public ListInvitationsResult listInvitations(ListInvitationsRequest request) { request = beforeClientExecution(request); return executeListInvitations(request); } @SdkInternalApi final ListInvitationsResult executeListInvitations(ListInvitationsRequest listInvitationsRequest) { ExecutionContext executionContext = createExecutionContext(listInvitationsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listInvitationsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListInvitations"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListInvitationsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Retrieves the list of member accounts for a behavior graph. *

      *

      * For invited accounts, the results do not include member accounts that were removed from the behavior graph. *

      *

      * For the organization behavior graph, the results do not include organization accounts that the Detective * administrator account has not enabled as member accounts. *

      * * @param listMembersRequest * @return Result of the ListMembers operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.ListMembers * @see AWS API * Documentation */ @Override public ListMembersResult listMembers(ListMembersRequest request) { request = beforeClientExecution(request); return executeListMembers(request); } @SdkInternalApi final ListMembersResult executeListMembers(ListMembersRequest listMembersRequest) { ExecutionContext executionContext = createExecutionContext(listMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Returns information about the Detective administrator account for an organization. Can only be called by the * organization management account. *

      * * @param listOrganizationAdminAccountsRequest * @return Result of the ListOrganizationAdminAccounts operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.ListOrganizationAdminAccounts * @see AWS API Documentation */ @Override public ListOrganizationAdminAccountsResult listOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest request) { request = beforeClientExecution(request); return executeListOrganizationAdminAccounts(request); } @SdkInternalApi final ListOrganizationAdminAccountsResult executeListOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest listOrganizationAdminAccountsRequest) { ExecutionContext executionContext = createExecutionContext(listOrganizationAdminAccountsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListOrganizationAdminAccountsRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(listOrganizationAdminAccountsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListOrganizationAdminAccounts"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListOrganizationAdminAccountsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Returns the tag values that are assigned to a behavior graph. *

      * * @param listTagsForResourceRequest * @return Result of the ListTagsForResource operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @sample AmazonDetective.ListTagsForResource * @see AWS * API Documentation */ @Override public ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request) { request = beforeClientExecution(request); return executeListTagsForResource(request); } @SdkInternalApi final ListTagsForResourceResult executeListTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) { ExecutionContext executionContext = createExecutionContext(listTagsForResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListTagsForResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listTagsForResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListTagsForResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListTagsForResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Rejects an invitation to contribute the account data to a behavior graph. This operation must be called by an * invited member account that has the INVITED status. *

      *

      * RejectInvitation cannot be called by an organization account in the organization behavior graph. In * the organization behavior graph, organization accounts do not receive an invitation. *

      * * @param rejectInvitationRequest * @return Result of the RejectInvitation operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.RejectInvitation * @see AWS API * Documentation */ @Override public RejectInvitationResult rejectInvitation(RejectInvitationRequest request) { request = beforeClientExecution(request); return executeRejectInvitation(request); } @SdkInternalApi final RejectInvitationResult executeRejectInvitation(RejectInvitationRequest rejectInvitationRequest) { ExecutionContext executionContext = createExecutionContext(rejectInvitationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new RejectInvitationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(rejectInvitationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "RejectInvitation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new RejectInvitationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An * indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a * high level of confidence) identify malicious activity or a security incident. StartInvestigation * initiates an investigation on an entity in a behavior graph. *

      * * @param startInvestigationRequest * @return Result of the StartInvestigation operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @sample AmazonDetective.StartInvestigation * @see AWS * API Documentation */ @Override public StartInvestigationResult startInvestigation(StartInvestigationRequest request) { request = beforeClientExecution(request); return executeStartInvestigation(request); } @SdkInternalApi final StartInvestigationResult executeStartInvestigation(StartInvestigationRequest startInvestigationRequest) { ExecutionContext executionContext = createExecutionContext(startInvestigationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new StartInvestigationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(startInvestigationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "StartInvestigation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new StartInvestigationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

      * Sends a request to enable data ingest for a member account that has a status of * ACCEPTED_BUT_DISABLED. *

      *

      * For valid member accounts, the status is updated as follows. *

      *
        *
      • *

        * If Detective enabled the member account, then the new status is ENABLED. *

        *
      • *
      • *

        * If Detective cannot enable the member account, the status remains ACCEPTED_BUT_DISABLED. *

        *
      • *
      * * @param startMonitoringMemberRequest * @return Result of the StartMonitoringMember operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws ConflictException * The request attempted an invalid action. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ServiceQuotaExceededException * This request cannot be completed for one of the following reasons.

      *
        *
      • *

        * This request cannot be completed if it would cause the number of member accounts in the behavior graph to * exceed the maximum allowed. A behavior graph cannot have more than 1,200 member accounts. *

        *
      • *
      • *

        * This request cannot be completed if the current volume ingested is above the limit of 10 TB per day. * Detective will not allow you to add additional member accounts. *

        *
      • * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.StartMonitoringMember * @see AWS API Documentation */ @Override public StartMonitoringMemberResult startMonitoringMember(StartMonitoringMemberRequest request) { request = beforeClientExecution(request); return executeStartMonitoringMember(request); } @SdkInternalApi final StartMonitoringMemberResult executeStartMonitoringMember(StartMonitoringMemberRequest startMonitoringMemberRequest) { ExecutionContext executionContext = createExecutionContext(startMonitoringMemberRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new StartMonitoringMemberRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(startMonitoringMemberRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "StartMonitoringMember"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory .createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new StartMonitoringMemberResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

        * Applies tag values to a behavior graph. *

        * * @param tagResourceRequest * @return Result of the TagResource operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @sample AmazonDetective.TagResource * @see AWS API * Documentation */ @Override public TagResourceResult tagResource(TagResourceRequest request) { request = beforeClientExecution(request); return executeTagResource(request); } @SdkInternalApi final TagResourceResult executeTagResource(TagResourceRequest tagResourceRequest) { ExecutionContext executionContext = createExecutionContext(tagResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new TagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(tagResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "TagResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new TagResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

        * Removes tags from a behavior graph. *

        * * @param untagResourceRequest * @return Result of the UntagResource operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @sample AmazonDetective.UntagResource * @see AWS API * Documentation */ @Override public UntagResourceResult untagResource(UntagResourceRequest request) { request = beforeClientExecution(request); return executeUntagResource(request); } @SdkInternalApi final UntagResourceResult executeUntagResource(UntagResourceRequest untagResourceRequest) { ExecutionContext executionContext = createExecutionContext(untagResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UntagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(untagResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UntagResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UntagResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

        * Starts a data source packages for the behavior graph. *

        * * @param updateDatasourcePackagesRequest * @return Result of the UpdateDatasourcePackages operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws ServiceQuotaExceededException * This request cannot be completed for one of the following reasons.

        *
          *
        • *

          * This request cannot be completed if it would cause the number of member accounts in the behavior graph to * exceed the maximum allowed. A behavior graph cannot have more than 1,200 member accounts. *

          *
        • *
        • *

          * This request cannot be completed if the current volume ingested is above the limit of 10 TB per day. * Detective will not allow you to add additional member accounts. *

          *
        • * @throws ValidationException * The request parameters are invalid. * @sample AmazonDetective.UpdateDatasourcePackages * @see AWS API Documentation */ @Override public UpdateDatasourcePackagesResult updateDatasourcePackages(UpdateDatasourcePackagesRequest request) { request = beforeClientExecution(request); return executeUpdateDatasourcePackages(request); } @SdkInternalApi final UpdateDatasourcePackagesResult executeUpdateDatasourcePackages(UpdateDatasourcePackagesRequest updateDatasourcePackagesRequest) { ExecutionContext executionContext = createExecutionContext(updateDatasourcePackagesRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateDatasourcePackagesRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(updateDatasourcePackagesRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateDatasourcePackages"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateDatasourcePackagesResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

          * Updates the state of an investigation. *

          * * @param updateInvestigationStateRequest * @return Result of the UpdateInvestigationState operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws ResourceNotFoundException * The request refers to a nonexistent resource. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.UpdateInvestigationState * @see AWS API Documentation */ @Override public UpdateInvestigationStateResult updateInvestigationState(UpdateInvestigationStateRequest request) { request = beforeClientExecution(request); return executeUpdateInvestigationState(request); } @SdkInternalApi final UpdateInvestigationStateResult executeUpdateInvestigationState(UpdateInvestigationStateRequest updateInvestigationStateRequest) { ExecutionContext executionContext = createExecutionContext(updateInvestigationStateRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateInvestigationStateRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(updateInvestigationStateRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateInvestigationState"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateInvestigationStateResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

          * Updates the configuration for the Organizations integration in the current Region. Can only be called by the * Detective administrator account for the organization. *

          * * @param updateOrganizationConfigurationRequest * @return Result of the UpdateOrganizationConfiguration operation returned by the service. * @throws AccessDeniedException * The request issuer does not have permission to access this resource or perform this operation. * @throws InternalServerException * The request was valid but failed because of a problem with the service. * @throws ValidationException * The request parameters are invalid. * @throws TooManyRequestsException * The request cannot be completed because too many other requests are occurring at the same time. * @sample AmazonDetective.UpdateOrganizationConfiguration * @see AWS API Documentation */ @Override public UpdateOrganizationConfigurationResult updateOrganizationConfiguration(UpdateOrganizationConfigurationRequest request) { request = beforeClientExecution(request); return executeUpdateOrganizationConfiguration(request); } @SdkInternalApi final UpdateOrganizationConfigurationResult executeUpdateOrganizationConfiguration( UpdateOrganizationConfigurationRequest updateOrganizationConfigurationRequest) { ExecutionContext executionContext = createExecutionContext(updateOrganizationConfigurationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(updateOrganizationConfigurationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "Detective"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateOrganizationConfiguration"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateOrganizationConfigurationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** * Returns additional metadata for a previously executed successful, request, typically used for debugging issues * where a service isn't acting as expected. This data isn't considered part of the result data returned by an * operation, so it's available through this separate, diagnostic interface. *

          * Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic * information for an executed request, you should use this method to retrieve it as soon as possible after * executing the request. * * @param request * The originally executed request * * @return The response metadata for the specified request, or null if none is available. */ public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) { return client.getResponseMetadataForRequest(request); } /** * Normal invoke with authentication. Credentials are required and may be overriden at the request level. **/ private Response invoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext) { return invoke(request, responseHandler, executionContext, null, null); } /** * Normal invoke with authentication. Credentials are required and may be overriden at the request level. **/ private Response invoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) { executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider)); return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait); } /** * Invoke with no authentication. Credentials are not required and any credentials set on the client or request will * be ignored for this operation. **/ private Response anonymousInvoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext) { return doInvoke(request, responseHandler, executionContext, null, null); } /** * Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the * ExecutionContext beforehand. **/ private Response doInvoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) { if (discoveredEndpoint != null) { request.setEndpoint(discoveredEndpoint); request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery"); } else if (uriFromEndpointTrait != null) { request.setEndpoint(uriFromEndpointTrait); } else { request.setEndpoint(endpoint); } request.setTimeOffset(timeOffset); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata()); return client.execute(request, responseHandler, errorResponseHandler, executionContext); } @com.amazonaws.annotation.SdkInternalApi static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() { return protocolFactory; } @Override public void shutdown() { super.shutdown(); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy