feat(client-guardduty): Add UnprocessedDataSources to CreateDetectorResponse which specifies the data sources that couldn't be enabled during the CreateDetector request. In addition, update documentations.

awstools · awstools · commit f64188c09901 · 2022-10-13T18:33:54.000Z
diff --git a/clients/client-guardduty/README.md b/clients/client-guardduty/README.md
@@ -10,7 +10,7 @@
 AWS SDK for JavaScript GuardDuty Client for Node.js, Browser and React Native.
 
 <p>Amazon GuardDuty is a continuous security monitoring service that analyzes and processes
-the following data sources: VPC Flow Logs, AWS CloudTrail management event logs, CloudTrail S3 data event
+the following data sources: VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event
 logs, EKS audit logs, and DNS logs.
 It uses threat intelligence
 feeds (such as lists of malicious IPs and domains) and machine learning to identify
diff --git a/clients/client-guardduty/src/GuardDuty.ts b/clients/client-guardduty/src/GuardDuty.ts
@@ -282,7 +282,7 @@ import { GuardDutyClient } from "./GuardDutyClient";
 
 /**
  * <p>Amazon GuardDuty is a continuous security monitoring service that analyzes and processes
- *       the following data sources: VPC Flow Logs, AWS CloudTrail management event logs, CloudTrail S3 data event
+ *       the following data sources: VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event
  *       logs, EKS audit logs, and DNS logs.
  *       It uses threat intelligence
  *       feeds (such as lists of malicious IPs and domains) and machine learning to identify
@@ -893,7 +893,8 @@ export class GuardDuty extends GuardDutyClient {
   }
 
   /**
-   * <p>Returns a list of malware scans.</p>
+   * <p>Returns a list of malware scans. Each member account can view the malware scans for their
+   *       own accounts. An administrator can view the malware scans for all the member accounts.</p>
    */
   public describeMalwareScans(
     args: DescribeMalwareScansCommandInput,
@@ -1090,8 +1091,7 @@ export class GuardDuty extends GuardDutyClient {
   }
 
   /**
-   * <p>Disassociates GuardDuty member accounts (to the current GuardDuty administrator account)
-   *       specified by the account IDs.</p>
+   * <p>Disassociates GuardDuty member accounts (to the current administrator account) specified by the account IDs.</p>
    */
   public disassociateMembers(
     args: DisassociateMembersCommandInput,
diff --git a/clients/client-guardduty/src/GuardDutyClient.ts b/clients/client-guardduty/src/GuardDutyClient.ts
@@ -502,7 +502,7 @@ export interface GuardDutyClientResolvedConfig extends GuardDutyClientResolvedCo
 
 /**
  * <p>Amazon GuardDuty is a continuous security monitoring service that analyzes and processes
- *       the following data sources: VPC Flow Logs, AWS CloudTrail management event logs, CloudTrail S3 data event
+ *       the following data sources: VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event
  *       logs, EKS audit logs, and DNS logs.
  *       It uses threat intelligence
  *       feeds (such as lists of malicious IPs and domains) and machine learning to identify
diff --git a/clients/client-guardduty/src/commands/DescribeMalwareScansCommand.ts b/clients/client-guardduty/src/commands/DescribeMalwareScansCommand.ts
@@ -28,7 +28,8 @@ export interface DescribeMalwareScansCommandInput extends DescribeMalwareScansRe
 export interface DescribeMalwareScansCommandOutput extends DescribeMalwareScansResponse, __MetadataBearer {}
 
 /**
- * <p>Returns a list of malware scans.</p>
+ * <p>Returns a list of malware scans. Each member account can view the malware scans for their
+ *       own accounts. An administrator can view the malware scans for all the member accounts.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-guardduty/src/commands/DisassociateMembersCommand.ts b/clients/client-guardduty/src/commands/DisassociateMembersCommand.ts
@@ -28,8 +28,7 @@ export interface DisassociateMembersCommandInput extends DisassociateMembersRequ
 export interface DisassociateMembersCommandOutput extends DisassociateMembersResponse, __MetadataBearer {}
 
 /**
- * <p>Disassociates GuardDuty member accounts (to the current GuardDuty administrator account)
- *       specified by the account IDs.</p>
+ * <p>Disassociates GuardDuty member accounts (to the current administrator account) specified by the account IDs.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
diff --git a/clients/client-guardduty/src/models/models_0.ts b/clients/client-guardduty/src/models/models_0.ts
@@ -193,7 +193,7 @@ export interface MalwareProtectionDataSourceFreeTrial {
  */
 export interface DataSourcesFreeTrial {
   /**
-   * <p>Describes whether any AWS CloudTrail management event logs are enabled as data sources.</p>
+   * <p>Describes whether any Amazon Web Services CloudTrail management event logs are enabled as data sources.</p>
    */
   CloudTrail?: DataSourceFreeTrial;
 
@@ -1029,11 +1029,67 @@ export interface CreateDetectorRequest {
   Tags?: Record<string, string>;
 }
 
+/**
+ * <p>Describes the configuration of scanning EBS volumes as a data source.</p>
+ */
+export interface EbsVolumesResult {
+  /**
+   * <p>Describes whether scanning EBS volumes is enabled as a data source.</p>
+   */
+  Status?: DataSourceStatus | string;
+
+  /**
+   * <p>Specifies the reason why scanning EBS volumes (Malware Protection) was not enabled as a data source.</p>
+   */
+  Reason?: string;
+}
+
+/**
+ * <p>An object that contains information on the status of whether Malware Protection for EC2 instances with findings will be enabled as a data source.</p>
+ */
+export interface ScanEc2InstanceWithFindingsResult {
+  /**
+   * <p>Describes the configuration of scanning EBS volumes as a data source.</p>
+   */
+  EbsVolumes?: EbsVolumesResult;
+}
+
+/**
+ * <p>An object that contains information on the status of all Malware Protection data sources.</p>
+ */
+export interface MalwareProtectionConfigurationResult {
+  /**
+   * <p>Describes the configuration of Malware Protection for EC2 instances with findings.</p>
+   */
+  ScanEc2InstanceWithFindings?: ScanEc2InstanceWithFindingsResult;
+
+  /**
+   * <p>The GuardDuty Malware Protection service role.</p>
+   */
+  ServiceRole?: string;
+}
+
+/**
+ * <p>Specifies the names of the data sources that couldn't be enabled.</p>
+ */
+export interface UnprocessedDataSourcesResult {
+  /**
+   * <p>An object that contains information on the status of all Malware Protection data sources.</p>
+   */
+  MalwareProtection?: MalwareProtectionConfigurationResult;
+}
+
 export interface CreateDetectorResponse {
   /**
    * <p>The unique ID of the created detector.</p>
    */
   DetectorId?: string;
+
+  /**
+   * <p>Specifies the data sources that couldn't be enabled when GuardDuty was enabled for the
+   *     first time.</p>
+   */
+  UnprocessedDataSources?: UnprocessedDataSourcesResult;
 }
 
 export enum FilterAction {
@@ -1557,41 +1613,6 @@ export interface KubernetesConfigurationResult {
   AuditLogs: KubernetesAuditLogsConfigurationResult | undefined;
 }
 
-/**
- * <p>Describes the configuration of scanning EBS volumes as a data source.</p>
- */
-export interface EbsVolumesResult {
-  /**
-   * <p>Describes whether scanning EBS volumes is enabled as a data source.</p>
-   */
-  Status?: DataSourceStatus | string;
-}
-
-/**
- * <p>An object that contains information on the status of whether Malware Protection for EC2 instances with findings will be enabled as a data source.</p>
- */
-export interface ScanEc2InstanceWithFindingsResult {
-  /**
-   * <p>Describes the configuration of scanning EBS volumes as a data source.</p>
-   */
-  EbsVolumes?: EbsVolumesResult;
-}
-
-/**
- * <p>An object that contains information on the status of all Malware Protection data sources.</p>
- */
-export interface MalwareProtectionConfigurationResult {
-  /**
-   * <p>Describes the configuration of Malware Protection for EC2 instances with findings.</p>
-   */
-  ScanEc2InstanceWithFindings?: ScanEc2InstanceWithFindingsResult;
-
-  /**
-   * <p>The GuardDuty Malware Protection service role.</p>
-   */
-  ServiceRole?: string;
-}
-
 /**
  * <p>Describes whether S3 data event logs will be enabled as a data source.</p>
  */
@@ -1800,7 +1821,10 @@ export interface FilterCondition {
 }
 
 /**
- * <p>Represents a condition that when matched will be added to the response of the operation.</p>
+ * <p>Represents a condition that when matched will be added to the response of the operation.
+ *       Irrespective of using any filter criteria, an administrator account can view the scan
+ *       entries for all of its member accounts.
+ *       However, each member account can view the scan entries only for their own account.</p>
  */
 export interface FilterCriterion {
   /**
@@ -3569,7 +3593,7 @@ export interface GetMalwareScanSettingsResponse {
   ScanResourceCriteria?: ScanResourceCriteria;
 
   /**
-   * <p>An enum value representing possible snapshot preservations.</p>
+   * <p>An enum value representing possible snapshot preservation settings.</p>
    */
   EbsSnapshotPreservation?: EbsSnapshotPreservation | string;
 }
@@ -4366,7 +4390,12 @@ export interface ListMembersRequest {
 
   /**
    * <p>Specifies whether to only return associated members or to return all members (including
-   *       members who haven't been invited yet or have been disassociated).</p>
+   *       members who haven't been invited yet or have been disassociated).
+   *       Member accounts must have been previously associated with the GuardDuty administrator account using <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html">
+   *                <code>Create
+   *         Members</code>
+   *             </a>.
+   *     </p>
    */
   OnlyAssociated?: string;
 }
@@ -4713,7 +4742,7 @@ export interface UpdateMalwareScanSettingsRequest {
   ScanResourceCriteria?: ScanResourceCriteria;
 
   /**
-   * <p>An enum value representing possible snapshot preservations.</p>
+   * <p>An enum value representing possible snapshot preservation settings.</p>
    */
   EbsSnapshotPreservation?: EbsSnapshotPreservation | string;
 }
@@ -5249,6 +5278,36 @@ export const CreateDetectorRequestFilterSensitiveLog = (obj: CreateDetectorReque
   ...obj,
 });
 
+/**
+ * @internal
+ */
+export const EbsVolumesResultFilterSensitiveLog = (obj: EbsVolumesResult): any => ({
+  ...obj,
+});
+
+/**
+ * @internal
+ */
+export const ScanEc2InstanceWithFindingsResultFilterSensitiveLog = (obj: ScanEc2InstanceWithFindingsResult): any => ({
+  ...obj,
+});
+
+/**
+ * @internal
+ */
+export const MalwareProtectionConfigurationResultFilterSensitiveLog = (
+  obj: MalwareProtectionConfigurationResult
+): any => ({
+  ...obj,
+});
+
+/**
+ * @internal
+ */
+export const UnprocessedDataSourcesResultFilterSensitiveLog = (obj: UnprocessedDataSourcesResult): any => ({
+  ...obj,
+});
+
 /**
  * @internal
  */
@@ -5393,29 +5452,6 @@ export const KubernetesConfigurationResultFilterSensitiveLog = (obj: KubernetesC
   ...obj,
 });
 
-/**
- * @internal
- */
-export const EbsVolumesResultFilterSensitiveLog = (obj: EbsVolumesResult): any => ({
-  ...obj,
-});
-
-/**
- * @internal
- */
-export const ScanEc2InstanceWithFindingsResultFilterSensitiveLog = (obj: ScanEc2InstanceWithFindingsResult): any => ({
-  ...obj,
-});
-
-/**
- * @internal
- */
-export const MalwareProtectionConfigurationResultFilterSensitiveLog = (
-  obj: MalwareProtectionConfigurationResult
-): any => ({
-  ...obj,
-});
-
 /**
  * @internal
  */
diff --git a/clients/client-guardduty/src/protocols/Aws_restJson1.ts b/clients/client-guardduty/src/protocols/Aws_restJson1.ts
@@ -307,6 +307,7 @@ import {
   Total,
   TriggerDetails,
   UnprocessedAccount,
+  UnprocessedDataSourcesResult,
   UsageAccountResult,
   UsageCriteria,
   UsageDataSourceResult,
@@ -2197,6 +2198,12 @@ export const deserializeAws_restJson1CreateDetectorCommand = async (
   if (data.detectorId != null) {
     contents.DetectorId = __expectString(data.detectorId);
   }
+  if (data.unprocessedDataSources != null) {
+    contents.UnprocessedDataSources = deserializeAws_restJson1UnprocessedDataSourcesResult(
+      data.unprocessedDataSources,
+      context
+    );
+  }
   return contents;
 };
 
@@ -5828,6 +5835,7 @@ const deserializeAws_restJson1EbsVolumeScanDetails = (output: any, context: __Se
 
 const deserializeAws_restJson1EbsVolumesResult = (output: any, context: __SerdeContext): EbsVolumesResult => {
   return {
+    Reason: __expectString(output.reason),
     Status: __expectString(output.status),
   } as any;
 };
@@ -7084,6 +7092,18 @@ const deserializeAws_restJson1UnprocessedAccounts = (output: any, context: __Ser
   return retVal;
 };
 
+const deserializeAws_restJson1UnprocessedDataSourcesResult = (
+  output: any,
+  context: __SerdeContext
+): UnprocessedDataSourcesResult => {
+  return {
+    MalwareProtection:
+      output.malwareProtection != null
+        ? deserializeAws_restJson1MalwareProtectionConfigurationResult(output.malwareProtection, context)
+        : undefined,
+  } as any;
+};
+
 const deserializeAws_restJson1UsageAccountResult = (output: any, context: __SerdeContext): UsageAccountResult => {
   return {
     AccountId: __expectString(output.accountId),
diff --git a/codegen/sdk-codegen/aws-models/guardduty.json b/codegen/sdk-codegen/aws-models/guardduty.json
