com.amazonaws.services.guardduty.AmazonGuardDuty Maven / Gradle / Ivy
Show all versions of aws-java-sdk-guardduty Show documentation
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.guardduty;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.guardduty.model.*;
/**
* Interface for accessing Amazon GuardDuty.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.guardduty.AbstractAmazonGuardDuty} instead.
*
*
*
* Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following foundational
* data sources - VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs,
* EKS audit logs, DNS logs, Amazon EBS volume data, runtime activity belonging to container workloads, such as Amazon
* EKS, Amazon ECS (including Amazon Web Services Fargate), and Amazon EC2 instances. It uses threat intelligence feeds,
* such as lists of malicious IPs and domains, and machine learning to identify unexpected, potentially unauthorized,
* and malicious activity within your Amazon Web Services environment. This can include issues like escalations of
* privileges, uses of exposed credentials, or communication with malicious IPs, domains, or presence of malware on your
* Amazon EC2 instances and container workloads. For example, GuardDuty can detect compromised EC2 instances and
* container workloads serving malware, or mining bitcoin.
*
*
* GuardDuty also monitors Amazon Web Services account access behavior for signs of compromise, such as unauthorized
* infrastructure deployments like EC2 instances deployed in a Region that has never been used, or unusual API calls
* like a password policy change to reduce password strength.
*
*
* GuardDuty informs you about the status of your Amazon Web Services environment by producing security findings that
* you can view in the GuardDuty console or through Amazon EventBridge. For more information, see the Amazon GuardDuty User Guide .
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AmazonGuardDuty {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "guardduty";
/**
*
* Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent
* the invitation.
*
*
* @param acceptAdministratorInvitationRequest
* @return Result of the AcceptAdministratorInvitation operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.AcceptAdministratorInvitation
* @see AWS API Documentation
*/
AcceptAdministratorInvitationResult acceptAdministratorInvitation(AcceptAdministratorInvitationRequest acceptAdministratorInvitationRequest);
/**
*
* Accepts the invitation to be monitored by a GuardDuty administrator account.
*
*
* @param acceptInvitationRequest
* @return Result of the AcceptInvitation operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.AcceptInvitation
* @see AWS API
* Documentation
*/
@Deprecated
AcceptInvitationResult acceptInvitation(AcceptInvitationRequest acceptInvitationRequest);
/**
*
* Archives GuardDuty findings that are specified by the list of finding IDs.
*
*
*
* Only the administrator account can archive findings. Member accounts don't have permission to archive findings
* from their accounts.
*
*
*
* @param archiveFindingsRequest
* @return Result of the ArchiveFindings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ArchiveFindings
* @see AWS API
* Documentation
*/
ArchiveFindingsResult archiveFindings(ArchiveFindingsRequest archiveFindingsRequest);
/**
*
* Creates a single Amazon GuardDuty detector. A detector is a resource that represents the GuardDuty service. To
* start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only
* one detector per account per Region. All data sources are enabled in a new detector by default.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param createDetectorRequest
* @return Result of the CreateDetector operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateDetector
* @see AWS API
* Documentation
*/
CreateDetectorResult createDetector(CreateDetectorRequest createDetectorRequest);
/**
*
* Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web
* Services account per Region is 100. For more information, see Quotas for GuardDuty.
*
*
* @param createFilterRequest
* @return Result of the CreateFilter operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateFilter
* @see AWS API
* Documentation
*/
CreateFilterResult createFilter(CreateFilterRequest createFilterRequest);
/**
*
* Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP
* addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications.
* GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the
* administrator account can use this operation.
*
*
* @param createIPSetRequest
* @return Result of the CreateIPSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateIPSet
* @see AWS API
* Documentation
*/
CreateIPSetResult createIPSet(CreateIPSetRequest createIPSetRequest);
/**
*
* Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services
* account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or
* through an organization.
*
*
* As a delegated administrator, using CreateMembers
will enable GuardDuty in the added member
* accounts, with the exception of the organization delegated administrator account. A delegated administrator must
* enable GuardDuty prior to being added as a member.
*
*
* When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's
* auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing
* members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration.
*
*
* If you are adding accounts by invitation, before using InviteMembers, use
* CreateMembers
after GuardDuty has been enabled in potential member accounts.
*
*
* If you disassociate a member from a GuardDuty delegated administrator, the member account details obtained from
* this API, including the associated email addresses, will be retained. This is done so that the delegated
* administrator can invoke the InviteMembers API
* without the need to invoke the CreateMembers API again. To remove the details associated with a member account,
* the delegated administrator must invoke the DeleteMembers API.
*
*
* @param createMembersRequest
* @return Result of the CreateMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateMembers
* @see AWS API
* Documentation
*/
CreateMembersResult createMembers(CreateMembersRequest createMembersRequest);
/**
*
* Creates a publishing destination to export findings to. The resource to export findings to must exist before you
* use this operation.
*
*
* @param createPublishingDestinationRequest
* @return Result of the CreatePublishingDestination operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreatePublishingDestination
* @see AWS API Documentation
*/
CreatePublishingDestinationResult createPublishingDestination(CreatePublishingDestinationRequest createPublishingDestinationRequest);
/**
*
* Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for
* findingTypes
, the API generates sample findings of all supported finding types.
*
*
* @param createSampleFindingsRequest
* @return Result of the CreateSampleFindings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateSampleFindings
* @see AWS
* API Documentation
*/
CreateSampleFindingsResult createSampleFindings(CreateSampleFindingsRequest createSampleFindingsRequest);
/**
*
* Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates
* findings based on ThreatIntelSets. Only users of the administrator account can use this operation.
*
*
* @param createThreatIntelSetRequest
* @return Result of the CreateThreatIntelSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.CreateThreatIntelSet
* @see AWS
* API Documentation
*/
CreateThreatIntelSetResult createThreatIntelSet(CreateThreatIntelSetRequest createThreatIntelSetRequest);
/**
*
* Declines invitations sent to the current member account by Amazon Web Services accounts specified by their
* account IDs.
*
*
* @param declineInvitationsRequest
* @return Result of the DeclineInvitations operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeclineInvitations
* @see AWS
* API Documentation
*/
DeclineInvitationsResult declineInvitations(DeclineInvitationsRequest declineInvitationsRequest);
/**
*
* Deletes an Amazon GuardDuty detector that is specified by the detector ID.
*
*
* @param deleteDetectorRequest
* @return Result of the DeleteDetector operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteDetector
* @see AWS API
* Documentation
*/
DeleteDetectorResult deleteDetector(DeleteDetectorRequest deleteDetectorRequest);
/**
*
* Deletes the filter specified by the filter name.
*
*
* @param deleteFilterRequest
* @return Result of the DeleteFilter operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteFilter
* @see AWS API
* Documentation
*/
DeleteFilterResult deleteFilter(DeleteFilterRequest deleteFilterRequest);
/**
*
* Deletes the IPSet specified by the ipSetId
. IPSets are called trusted IP lists in the console user
* interface.
*
*
* @param deleteIPSetRequest
* @return Result of the DeleteIPSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteIPSet
* @see AWS API
* Documentation
*/
DeleteIPSetResult deleteIPSet(DeleteIPSetRequest deleteIPSetRequest);
/**
*
* Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account
* IDs.
*
*
* @param deleteInvitationsRequest
* @return Result of the DeleteInvitations operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteInvitations
* @see AWS
* API Documentation
*/
DeleteInvitationsResult deleteInvitations(DeleteInvitationsRequest deleteInvitationsRequest);
/**
*
* Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs.
*
*
* With autoEnableOrganizationMembers
configuration for your organization set to ALL
,
* you'll receive an error if you attempt to disable GuardDuty for a member account in your organization.
*
*
* @param deleteMembersRequest
* @return Result of the DeleteMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteMembers
* @see AWS API
* Documentation
*/
DeleteMembersResult deleteMembers(DeleteMembersRequest deleteMembersRequest);
/**
*
* Deletes the publishing definition with the specified destinationId
.
*
*
* @param deletePublishingDestinationRequest
* @return Result of the DeletePublishingDestination operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeletePublishingDestination
* @see AWS API Documentation
*/
DeletePublishingDestinationResult deletePublishingDestination(DeletePublishingDestinationRequest deletePublishingDestinationRequest);
/**
*
* Deletes the ThreatIntelSet specified by the ThreatIntelSet ID.
*
*
* @param deleteThreatIntelSetRequest
* @return Result of the DeleteThreatIntelSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DeleteThreatIntelSet
* @see AWS
* API Documentation
*/
DeleteThreatIntelSetResult deleteThreatIntelSet(DeleteThreatIntelSetRequest deleteThreatIntelSetRequest);
/**
*
* Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An
* administrator can view the malware scans for all the member accounts.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param describeMalwareScansRequest
* @return Result of the DescribeMalwareScans operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DescribeMalwareScans
* @see AWS
* API Documentation
*/
DescribeMalwareScansResult describeMalwareScans(DescribeMalwareScansRequest describeMalwareScansRequest);
/**
*
* Returns information about the account selected as the delegated administrator for GuardDuty.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param describeOrganizationConfigurationRequest
* @return Result of the DescribeOrganizationConfiguration operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DescribeOrganizationConfiguration
* @see AWS API Documentation
*/
DescribeOrganizationConfigurationResult describeOrganizationConfiguration(DescribeOrganizationConfigurationRequest describeOrganizationConfigurationRequest);
/**
*
* Returns information about the publishing destination specified by the provided destinationId
.
*
*
* @param describePublishingDestinationRequest
* @return Result of the DescribePublishingDestination operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DescribePublishingDestination
* @see AWS API Documentation
*/
DescribePublishingDestinationResult describePublishingDestination(DescribePublishingDestinationRequest describePublishingDestinationRequest);
/**
*
* Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management
* account can run this API operation.
*
*
* @param disableOrganizationAdminAccountRequest
* @return Result of the DisableOrganizationAdminAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DisableOrganizationAdminAccount
* @see AWS API Documentation
*/
DisableOrganizationAdminAccountResult disableOrganizationAdminAccount(DisableOrganizationAdminAccountRequest disableOrganizationAdminAccountRequest);
/**
*
* Disassociates the current GuardDuty member account from its administrator account.
*
*
* When you disassociate an invited member from a GuardDuty delegated administrator, the member account details
* obtained from the CreateMembers API,
* including the associated email addresses, are retained. This is done so that the delegated administrator can
* invoke the InviteMembers API
* without the need to invoke the CreateMembers API again. To remove the details associated with a member account,
* the delegated administrator must invoke the DeleteMembers API.
*
*
* With autoEnableOrganizationMembers
configuration for your organization set to ALL
,
* you'll receive an error if you attempt to disable GuardDuty in a member account.
*
*
* @param disassociateFromAdministratorAccountRequest
* @return Result of the DisassociateFromAdministratorAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DisassociateFromAdministratorAccount
* @see AWS API Documentation
*/
DisassociateFromAdministratorAccountResult disassociateFromAdministratorAccount(
DisassociateFromAdministratorAccountRequest disassociateFromAdministratorAccountRequest);
/**
*
* Disassociates the current GuardDuty member account from its administrator account.
*
*
* When you disassociate an invited member from a GuardDuty delegated administrator, the member account details
* obtained from the CreateMembers API,
* including the associated email addresses, are retained. This is done so that the delegated administrator can
* invoke the InviteMembers API
* without the need to invoke the CreateMembers API again. To remove the details associated with a member account,
* the delegated administrator must invoke the DeleteMembers API.
*
*
* @param disassociateFromMasterAccountRequest
* @return Result of the DisassociateFromMasterAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DisassociateFromMasterAccount
* @see AWS API Documentation
*/
@Deprecated
DisassociateFromMasterAccountResult disassociateFromMasterAccount(DisassociateFromMasterAccountRequest disassociateFromMasterAccountRequest);
/**
*
* Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.
*
*
* When you disassociate an invited member from a GuardDuty delegated administrator, the member account details
* obtained from the CreateMembers API,
* including the associated email addresses, are retained. This is done so that the delegated administrator can
* invoke the InviteMembers API
* without the need to invoke the CreateMembers API again. To remove the details associated with a member account,
* the delegated administrator must invoke the DeleteMembers API.
*
*
* With autoEnableOrganizationMembers
configuration for your organization set to ALL
,
* you'll receive an error if you attempt to disassociate a member account before removing them from your
* organization.
*
*
* @param disassociateMembersRequest
* @return Result of the DisassociateMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.DisassociateMembers
* @see AWS
* API Documentation
*/
DisassociateMembersResult disassociateMembers(DisassociateMembersRequest disassociateMembersRequest);
/**
*
* Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only
* the organization's management account can run this API operation.
*
*
* @param enableOrganizationAdminAccountRequest
* @return Result of the EnableOrganizationAdminAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.EnableOrganizationAdminAccount
* @see AWS API Documentation
*/
EnableOrganizationAdminAccountResult enableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest enableOrganizationAdminAccountRequest);
/**
*
* Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account.
*
*
*
* If the organization's management account or a delegated administrator runs this API, it will return success (
* HTTP 200
) but no content.
*
*
*
* @param getAdministratorAccountRequest
* @return Result of the GetAdministratorAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetAdministratorAccount
* @see AWS API Documentation
*/
GetAdministratorAccountResult getAdministratorAccount(GetAdministratorAccountRequest getAdministratorAccountRequest);
/**
*
* Retrieves aggregated statistics for your account. If you are a GuardDuty administrator, you can retrieve the
* statistics for all the resources associated with the active member accounts in your organization who have enabled
* Runtime Monitoring and have the GuardDuty security agent running on their resources.
*
*
* @param getCoverageStatisticsRequest
* @return Result of the GetCoverageStatistics operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetCoverageStatistics
* @see AWS API Documentation
*/
GetCoverageStatisticsResult getCoverageStatistics(GetCoverageStatisticsRequest getCoverageStatisticsRequest);
/**
*
* Retrieves an Amazon GuardDuty detector specified by the detectorId.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param getDetectorRequest
* @return Result of the GetDetector operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetDetector
* @see AWS API
* Documentation
*/
GetDetectorResult getDetector(GetDetectorRequest getDetectorRequest);
/**
*
* Returns the details of the filter specified by the filter name.
*
*
* @param getFilterRequest
* @return Result of the GetFilter operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetFilter
* @see AWS API
* Documentation
*/
GetFilterResult getFilter(GetFilterRequest getFilterRequest);
/**
*
* Describes Amazon GuardDuty findings specified by finding IDs.
*
*
* @param getFindingsRequest
* @return Result of the GetFindings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetFindings
* @see AWS API
* Documentation
*/
GetFindingsResult getFindings(GetFindingsRequest getFindingsRequest);
/**
*
* Lists Amazon GuardDuty findings statistics for the specified detector ID.
*
*
* @param getFindingsStatisticsRequest
* @return Result of the GetFindingsStatistics operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetFindingsStatistics
* @see AWS API Documentation
*/
GetFindingsStatisticsResult getFindingsStatistics(GetFindingsStatisticsRequest getFindingsStatisticsRequest);
/**
*
* Retrieves the IPSet specified by the ipSetId
.
*
*
* @param getIPSetRequest
* @return Result of the GetIPSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetIPSet
* @see AWS API
* Documentation
*/
GetIPSetResult getIPSet(GetIPSetRequest getIPSetRequest);
/**
*
* Returns the count of all GuardDuty membership invitations that were sent to the current member account except the
* currently accepted invitation.
*
*
* @param getInvitationsCountRequest
* @return Result of the GetInvitationsCount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetInvitationsCount
* @see AWS
* API Documentation
*/
GetInvitationsCountResult getInvitationsCount(GetInvitationsCountRequest getInvitationsCountRequest);
/**
*
* Returns the details of the malware scan settings.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param getMalwareScanSettingsRequest
* @return Result of the GetMalwareScanSettings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetMalwareScanSettings
* @see AWS API Documentation
*/
GetMalwareScanSettingsResult getMalwareScanSettings(GetMalwareScanSettingsRequest getMalwareScanSettingsRequest);
/**
*
* Provides the details for the GuardDuty administrator account associated with the current GuardDuty member
* account.
*
*
* @param getMasterAccountRequest
* @return Result of the GetMasterAccount operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetMasterAccount
* @see AWS API
* Documentation
*/
@Deprecated
GetMasterAccountResult getMasterAccount(GetMasterAccountRequest getMasterAccountRequest);
/**
*
* Describes which data sources are enabled for the member account's detector.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param getMemberDetectorsRequest
* @return Result of the GetMemberDetectors operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetMemberDetectors
* @see AWS
* API Documentation
*/
GetMemberDetectorsResult getMemberDetectors(GetMemberDetectorsRequest getMemberDetectorsRequest);
/**
*
* Retrieves GuardDuty member accounts (of the current GuardDuty administrator account) specified by the account
* IDs.
*
*
* @param getMembersRequest
* @return Result of the GetMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetMembers
* @see AWS API
* Documentation
*/
GetMembersResult getMembers(GetMembersRequest getMembersRequest);
/**
*
* Retrieves how many active member accounts in your Amazon Web Services organization have each feature enabled
* within GuardDuty. Only a delegated GuardDuty administrator of an organization can run this API.
*
*
* When you create a new Amazon Web Services organization, it might take up to 24 hours to generate the statistics
* for the entire organization.
*
*
* @param getOrganizationStatisticsRequest
* @return Result of the GetOrganizationStatistics operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetOrganizationStatistics
* @see AWS API Documentation
*/
GetOrganizationStatisticsResult getOrganizationStatistics(GetOrganizationStatisticsRequest getOrganizationStatisticsRequest);
/**
*
* Provides the number of days left for each data source used in the free trial period.
*
*
* @param getRemainingFreeTrialDaysRequest
* @return Result of the GetRemainingFreeTrialDays operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetRemainingFreeTrialDays
* @see AWS API Documentation
*/
GetRemainingFreeTrialDaysResult getRemainingFreeTrialDays(GetRemainingFreeTrialDaysRequest getRemainingFreeTrialDaysRequest);
/**
*
* Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.
*
*
* @param getThreatIntelSetRequest
* @return Result of the GetThreatIntelSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetThreatIntelSet
* @see AWS
* API Documentation
*/
GetThreatIntelSetResult getThreatIntelSet(GetThreatIntelSetRequest getThreatIntelSetRequest);
/**
*
* Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID. For newly enabled
* detectors or data sources, the cost returned will include only the usage so far under 30 days. This may differ
* from the cost metrics in the console, which project usage over 30 days to provide a monthly cost estimate. For
* more information, see Understanding How
* Usage Costs are Calculated.
*
*
* @param getUsageStatisticsRequest
* @return Result of the GetUsageStatistics operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.GetUsageStatistics
* @see AWS
* API Documentation
*/
GetUsageStatisticsResult getUsageStatistics(GetUsageStatisticsRequest getUsageStatisticsRequest);
/**
*
* Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services
* account that invokes this API. If you are using Amazon Web Services Organizations to manage your GuardDuty
* environment, this step is not needed. For more information, see Managing accounts with
* organizations.
*
*
* To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the
* potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can
* either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account
* can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by
* invitation.
*
*
* After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers,
* including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers
* without the need to invoke CreateMembers again.
* To remove the details associated with a member account, you must also invoke DeleteMembers.
*
*
* @param inviteMembersRequest
* @return Result of the InviteMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.InviteMembers
* @see AWS API
* Documentation
*/
InviteMembersResult inviteMembers(InviteMembersRequest inviteMembersRequest);
/**
*
* Lists coverage details for your GuardDuty account. If you're a GuardDuty administrator, you can retrieve all
* resources associated with the active member accounts in your organization.
*
*
* Make sure the accounts have Runtime Monitoring enabled and GuardDuty agent running on their resources.
*
*
* @param listCoverageRequest
* @return Result of the ListCoverage operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListCoverage
* @see AWS API
* Documentation
*/
ListCoverageResult listCoverage(ListCoverageRequest listCoverageRequest);
/**
*
* Lists detectorIds of all the existing Amazon GuardDuty detector resources.
*
*
* @param listDetectorsRequest
* @return Result of the ListDetectors operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListDetectors
* @see AWS API
* Documentation
*/
ListDetectorsResult listDetectors(ListDetectorsRequest listDetectorsRequest);
/**
*
* Returns a paginated list of the current filters.
*
*
* @param listFiltersRequest
* @return Result of the ListFilters operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListFilters
* @see AWS API
* Documentation
*/
ListFiltersResult listFilters(ListFiltersRequest listFiltersRequest);
/**
*
* Lists Amazon GuardDuty findings for the specified detector ID.
*
*
* @param listFindingsRequest
* @return Result of the ListFindings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListFindings
* @see AWS API
* Documentation
*/
ListFindingsResult listFindings(ListFindingsRequest listFindingsRequest);
/**
*
* Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member
* account, the IPSets returned are the IPSets from the associated administrator account.
*
*
* @param listIPSetsRequest
* @return Result of the ListIPSets operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListIPSets
* @see AWS API
* Documentation
*/
ListIPSetsResult listIPSets(ListIPSetsRequest listIPSetsRequest);
/**
*
* Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.
*
*
* @param listInvitationsRequest
* @return Result of the ListInvitations operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListInvitations
* @see AWS API
* Documentation
*/
ListInvitationsResult listInvitations(ListInvitationsRequest listInvitationsRequest);
/**
*
* Lists details about all member accounts for the current GuardDuty administrator account.
*
*
* @param listMembersRequest
* @return Result of the ListMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListMembers
* @see AWS API
* Documentation
*/
ListMembersResult listMembers(ListMembersRequest listMembersRequest);
/**
*
* Lists the accounts designated as GuardDuty delegated administrators. Only the organization's management account
* can run this API operation.
*
*
* @param listOrganizationAdminAccountsRequest
* @return Result of the ListOrganizationAdminAccounts operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListOrganizationAdminAccounts
* @see AWS API Documentation
*/
ListOrganizationAdminAccountsResult listOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest listOrganizationAdminAccountsRequest);
/**
*
* Returns a list of publishing destinations associated with the specified detectorId
.
*
*
* @param listPublishingDestinationsRequest
* @return Result of the ListPublishingDestinations operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListPublishingDestinations
* @see AWS API Documentation
*/
ListPublishingDestinationsResult listPublishingDestinations(ListPublishingDestinationsRequest listPublishingDestinationsRequest);
/**
*
* Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel
* sets, and publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all
* assigned tags for a given resource.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws AccessDeniedException
* An access denied exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListTagsForResource
* @see AWS
* API Documentation
*/
ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest);
/**
*
* Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a
* member account, the ThreatIntelSets associated with the administrator account are returned.
*
*
* @param listThreatIntelSetsRequest
* @return Result of the ListThreatIntelSets operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.ListThreatIntelSets
* @see AWS
* API Documentation
*/
ListThreatIntelSetsResult listThreatIntelSets(ListThreatIntelSetsRequest listThreatIntelSetsRequest);
/**
*
* Initiates the malware scan. Invoking this API will automatically create the Service-linked
* role in the corresponding account.
*
*
* @param startMalwareScanRequest
* @return Result of the StartMalwareScan operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws ConflictException
* A request conflict exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.StartMalwareScan
* @see AWS API
* Documentation
*/
StartMalwareScanResult startMalwareScan(StartMalwareScanRequest startMalwareScanRequest);
/**
*
* Turns on GuardDuty monitoring of the specified member accounts. Use this operation to restart monitoring of
* accounts that you stopped monitoring with the StopMonitoringMembers operation.
*
*
* @param startMonitoringMembersRequest
* @return Result of the StartMonitoringMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.StartMonitoringMembers
* @see AWS API Documentation
*/
StartMonitoringMembersResult startMonitoringMembers(StartMonitoringMembersRequest startMonitoringMembersRequest);
/**
*
* Stops GuardDuty monitoring for the specified member accounts. Use the StartMonitoringMembers
* operation to restart monitoring for those accounts.
*
*
* With autoEnableOrganizationMembers
configuration for your organization set to ALL
,
* you'll receive an error if you attempt to stop monitoring the member accounts in your organization.
*
*
* @param stopMonitoringMembersRequest
* @return Result of the StopMonitoringMembers operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.StopMonitoringMembers
* @see AWS API Documentation
*/
StopMonitoringMembersResult stopMonitoringMembers(StopMonitoringMembersRequest stopMonitoringMembersRequest);
/**
*
* Adds tags to a resource.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws AccessDeniedException
* An access denied exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.TagResource
* @see AWS API
* Documentation
*/
TagResourceResult tagResource(TagResourceRequest tagResourceRequest);
/**
*
* Unarchives GuardDuty findings specified by the findingIds
.
*
*
* @param unarchiveFindingsRequest
* @return Result of the UnarchiveFindings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UnarchiveFindings
* @see AWS
* API Documentation
*/
UnarchiveFindingsResult unarchiveFindings(UnarchiveFindingsRequest unarchiveFindingsRequest);
/**
*
* Removes tags from a resource.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws AccessDeniedException
* An access denied exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UntagResource
* @see AWS API
* Documentation
*/
UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest);
/**
*
* Updates the Amazon GuardDuty detector specified by the detectorId.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param updateDetectorRequest
* @return Result of the UpdateDetector operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateDetector
* @see AWS API
* Documentation
*/
UpdateDetectorResult updateDetector(UpdateDetectorRequest updateDetectorRequest);
/**
*
* Updates the filter specified by the filter name.
*
*
* @param updateFilterRequest
* @return Result of the UpdateFilter operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateFilter
* @see AWS API
* Documentation
*/
UpdateFilterResult updateFilter(UpdateFilterRequest updateFilterRequest);
/**
*
* Marks the specified GuardDuty findings as useful or not useful.
*
*
* @param updateFindingsFeedbackRequest
* @return Result of the UpdateFindingsFeedback operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateFindingsFeedback
* @see AWS API Documentation
*/
UpdateFindingsFeedbackResult updateFindingsFeedback(UpdateFindingsFeedbackRequest updateFindingsFeedbackRequest);
/**
*
* Updates the IPSet specified by the IPSet ID.
*
*
* @param updateIPSetRequest
* @return Result of the UpdateIPSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateIPSet
* @see AWS API
* Documentation
*/
UpdateIPSetResult updateIPSet(UpdateIPSetRequest updateIPSetRequest);
/**
*
* Updates the malware scan settings.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param updateMalwareScanSettingsRequest
* @return Result of the UpdateMalwareScanSettings operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateMalwareScanSettings
* @see AWS API Documentation
*/
UpdateMalwareScanSettingsResult updateMalwareScanSettings(UpdateMalwareScanSettingsRequest updateMalwareScanSettingsRequest);
/**
*
* Contains information on member accounts to be updated.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param updateMemberDetectorsRequest
* @return Result of the UpdateMemberDetectors operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateMemberDetectors
* @see AWS API Documentation
*/
UpdateMemberDetectorsResult updateMemberDetectors(UpdateMemberDetectorsRequest updateMemberDetectorsRequest);
/**
*
* Configures the delegated administrator account with the provided values. You must provide a value for either
* autoEnableOrganizationMembers
or autoEnable
, but not both.
*
*
* There might be regional differences because some data sources might not be available in all the Amazon Web
* Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
*
*
* @param updateOrganizationConfigurationRequest
* @return Result of the UpdateOrganizationConfiguration operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateOrganizationConfiguration
* @see AWS API Documentation
*/
UpdateOrganizationConfigurationResult updateOrganizationConfiguration(UpdateOrganizationConfigurationRequest updateOrganizationConfigurationRequest);
/**
*
* Updates information about the publishing destination specified by the destinationId
.
*
*
* @param updatePublishingDestinationRequest
* @return Result of the UpdatePublishingDestination operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdatePublishingDestination
* @see AWS API Documentation
*/
UpdatePublishingDestinationResult updatePublishingDestination(UpdatePublishingDestinationRequest updatePublishingDestinationRequest);
/**
*
* Updates the ThreatIntelSet specified by the ThreatIntelSet ID.
*
*
* @param updateThreatIntelSetRequest
* @return Result of the UpdateThreatIntelSet operation returned by the service.
* @throws BadRequestException
* A bad request exception object.
* @throws InternalServerErrorException
* An internal server error exception object.
* @sample AmazonGuardDuty.UpdateThreatIntelSet
* @see AWS
* API Documentation
*/
UpdateThreatIntelSetResult updateThreatIntelSet(UpdateThreatIntelSetRequest updateThreatIntelSetRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}