openapi-directory

Version:

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

github.com/httptoolkit/openapi-directory-js

1 lines • 333 kB

JSON

{"openapi":"3.0.0","info":{"version":"2017-11-28","x-release":"v4","title":"Amazon GuardDuty","description":"Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs, EKS audit logs, DNS logs, and Amazon EBS volume data. It uses threat intelligence feeds, such as lists of malicious IPs and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, domains, or presence of malware on your Amazon EC2 instances and container workloads. For example, GuardDuty can detect compromised EC2 instances and container workloads serving malware, or mining bitcoin. GuardDuty also monitors Amazon Web Services account access behavior for signs of compromise, such as unauthorized infrastructure deployments like EC2 instances deployed in a Region that has never been used, or unusual API calls like a password policy change to reduce password strength. GuardDuty informs you about the status of your Amazon Web Services environment by producing security findings that you can view in the GuardDuty console or through Amazon EventBridge. For more information, see the <a href=\"https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html\">Amazon GuardDuty User Guide</a> . ","x-logo":{"url":"https://twitter.com/awscloud/profile_image?size=original","backgroundColor":"#FFFFFF"},"termsOfService":"https://aws.amazon.com/service-terms/","contact":{"name":"Mike Ralphson","email":"mike.ralphson@gmail.com","url":"https://github.com/mermade/aws2openapi","x-twitter":"PermittedSoc"},"license":{"name":"Apache 2.0 License","url":"http://www.apache.org/licenses/"},"x-providerName":"amazonaws.com","x-serviceName":"guardduty","x-aws-signingName":"guardduty","x-origin":[{"contentType":"application/json","url":"https://raw.githubusercontent.com/aws/aws-sdk-js/master/apis/guardduty-2017-11-28.normal.json","converter":{"url":"https://github.com/mermade/aws2openapi","version":"1.0.0"},"x-apisguru-driver":"external"}],"x-apiClientRegistration":{"url":"https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?nc2=h_ct"},"x-apisguru-categories":["cloud"],"x-preferred":true},"externalDocs":{"description":"Amazon Web Services documentation","url":"https://docs.aws.amazon.com/guardduty/"},"servers":[{"url":"http://guardduty.{region}.amazonaws.com","variables":{"region":{"description":"The AWS region","enum":["us-east-1","us-east-2","us-west-1","us-west-2","us-gov-west-1","us-gov-east-1","ca-central-1","eu-north-1","eu-west-1","eu-west-2","eu-west-3","eu-central-1","eu-south-1","af-south-1","ap-northeast-1","ap-northeast-2","ap-northeast-3","ap-southeast-1","ap-southeast-2","ap-east-1","ap-south-1","sa-east-1","me-south-1"],"default":"us-east-1"}},"description":"The Amazon GuardDuty multi-region endpoint"},{"url":"https://guardduty.{region}.amazonaws.com","variables":{"region":{"description":"The AWS region","enum":["us-east-1","us-east-2","us-west-1","us-west-2","us-gov-west-1","us-gov-east-1","ca-central-1","eu-north-1","eu-west-1","eu-west-2","eu-west-3","eu-central-1","eu-south-1","af-south-1","ap-northeast-1","ap-northeast-2","ap-northeast-3","ap-southeast-1","ap-southeast-2","ap-east-1","ap-south-1","sa-east-1","me-south-1"],"default":"us-east-1"}},"description":"The Amazon GuardDuty multi-region endpoint"},{"url":"http://guardduty.{region}.amazonaws.com.cn","variables":{"region":{"description":"The AWS region","enum":["cn-north-1","cn-northwest-1"],"default":"cn-north-1"}},"description":"The Amazon GuardDuty endpoint for China (Beijing) and China (Ningxia)"},{"url":"https://guardduty.{region}.amazonaws.com.cn","variables":{"region":{"description":"The AWS region","enum":["cn-north-1","cn-northwest-1"],"default":"cn-north-1"}},"description":"The Amazon GuardDuty endpoint for China (Beijing) and China (Ningxia)"}],"x-hasEquivalentPaths":true,"paths":{"/detector/{detectorId}/administrator":{"post":{"operationId":"AcceptAdministratorInvitation","description":"Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AcceptAdministratorInvitationResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty member account.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["administratorId","invitationId"],"properties":{"administratorId":{"description":"The account ID of the GuardDuty administrator account whose invitation you're accepting.","type":"string"},"invitationId":{"description":"The value that is used to validate the administrator account to the member account.","type":"string"}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"GetAdministratorAccount","description":"Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GetAdministratorAccountResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty member account.","schema":{"type":"string","minLength":1,"maxLength":300}}]}},"/detector/{detectorId}/master":{"post":{"deprecated":true,"operationId":"AcceptInvitation","description":"Accepts the invitation to be monitored by a GuardDuty administrator account.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AcceptInvitationResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty member account.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["masterId","invitationId"],"properties":{"masterId":{"description":"The account ID of the GuardDuty administrator account whose invitation you're accepting.","type":"string"},"invitationId":{"description":"The value that is used to validate the administrator account to the member account.","type":"string"}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"deprecated":true,"operationId":"GetMasterAccount","description":"Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GetMasterAccountResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty member account.","schema":{"type":"string","minLength":1,"maxLength":300}}]}},"/detector/{detectorId}/findings/archive":{"post":{"operationId":"ArchiveFindings","description":"Archives GuardDuty findings that are specified by the list of finding IDs. <note> Only the administrator account can archive findings. Member accounts don't have permission to archive findings from their accounts. </note>","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ArchiveFindingsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The ID of the detector that specifies the GuardDuty service whose findings you want to archive.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["findingIds"],"properties":{"findingIds":{"description":"The IDs of the findings that you want to archive.","type":"array","items":{"$ref":"#/components/schemas/FindingId"},"minItems":0,"maxItems":50}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/detector":{"post":{"operationId":"CreateDetector","description":"Creates a single Amazon GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see <a href=\"https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html\">Regions and endpoints</a>.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateDetectorResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["enable"],"properties":{"enable":{"description":"A Boolean value that specifies whether the detector is to be enabled.","type":"boolean"},"clientToken":{"description":"The idempotency token for the create request.","type":"string","minLength":0,"maxLength":64},"findingPublishingFrequency":{"description":"A value that specifies how frequently updated findings are exported.","type":"string","enum":["FIFTEEN_MINUTES","ONE_HOUR","SIX_HOURS"]},"dataSources":{"description":"Contains information about which data sources are enabled.","type":"object","properties":{"S3Logs":{"allOf":[{"$ref":"#/components/schemas/S3LogsConfiguration"},{"xml":{"name":"s3Logs"},"description":"Describes whether S3 data event logs are enabled as a data source."}]},"Kubernetes":{"allOf":[{"$ref":"#/components/schemas/KubernetesConfiguration"},{"xml":{"name":"kubernetes"},"description":"Describes whether any Kubernetes logs are enabled as data sources."}]},"MalwareProtection":{"allOf":[{"$ref":"#/components/schemas/MalwareProtectionConfiguration"},{"xml":{"name":"malwareProtection"},"description":"Describes whether Malware Protection is enabled as a data source."}]}}},"tags":{"description":"The tags to be added to a new detector resource.","type":"object","minProperties":1,"maxProperties":200,"additionalProperties":{"$ref":"#/components/schemas/TagValue"}},"features":{"description":"A list of features that will be configured for the detector.","type":"array","items":{"$ref":"#/components/schemas/DetectorFeatureConfiguration"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListDetectors","description":"Lists detectorIds of all the existing Amazon GuardDuty detector resources.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListDetectorsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"maxResults","in":"query","required":false,"description":"You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 50. The maximum value is 50.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/detector/{detectorId}/filter":{"post":{"operationId":"CreateFilter","description":"Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services account per Region is 100. For more information, see <a href=\"https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html\">Quotas for GuardDuty</a>.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateFilterResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The ID of the detector belonging to the GuardDuty account that you want to create a filter for.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","findingCriteria"],"properties":{"name":{"description":"The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.","type":"string","minLength":3,"maxLength":64},"description":{"description":"The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses (<code>{ }</code>, <code>[ ]</code>, and <code>( )</code>), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.","type":"string","minLength":0,"maxLength":512},"action":{"description":"Specifies the action that is to be applied to the findings that match the filter.","type":"string","enum":["NOOP","ARCHIVE"],"minLength":1,"maxLength":300},"rank":{"description":"Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.","type":"integer","minimum":1,"maximum":100},"findingCriteria":{"description":"Contains information about the criteria used for querying findings.","type":"object","properties":{"Criterion":{"allOf":[{"$ref":"#/components/schemas/Criterion"},{"xml":{"name":"criterion"},"description":"Represents a map of finding properties that match specified conditions and values when querying findings."}]}}},"clientToken":{"description":"The idempotency token for the create request.","type":"string","minLength":0,"maxLength":64},"tags":{"description":"The tags to be added to a new filter resource.","type":"object","minProperties":1,"maxProperties":200,"additionalProperties":{"$ref":"#/components/schemas/TagValue"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListFilters","description":"Returns a paginated list of the current filters.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListFiltersResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that the filter is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"maxResults","in":"query","required":false,"description":"You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 50. The maximum value is 50.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/detector/{detectorId}/ipset":{"post":{"operationId":"CreateIPSet","description":"Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this operation.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateIPSetResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","format","location","activate"],"properties":{"name":{"description":"The user-friendly name to identify the IPSet. Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_).","type":"string","minLength":1,"maxLength":300},"format":{"description":"The format of the file that contains the IPSet.","type":"string","enum":["TXT","STIX","OTX_CSV","ALIEN_VAULT","PROOF_POINT","FIRE_EYE"],"minLength":1,"maxLength":300},"location":{"description":"The URI of the file that contains the IPSet. ","type":"string","minLength":1,"maxLength":300},"activate":{"description":"A Boolean value that indicates whether GuardDuty is to start using the uploaded IPSet.","type":"boolean"},"clientToken":{"description":"The idempotency token for the create request.","type":"string","minLength":0,"maxLength":64},"tags":{"description":"The tags to be added to a new IP set resource.","type":"object","minProperties":1,"maxProperties":200,"additionalProperties":{"$ref":"#/components/schemas/TagValue"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListIPSets","description":"Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the IPSets returned are the IPSets from the associated administrator account.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListIPSetsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that the IPSet is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"maxResults","in":"query","required":false,"description":"You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/detector/{detectorId}/member":{"post":{"operationId":"CreateMembers","description":"Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization. As a delegated administrator, using <code>CreateMembers</code> will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account. A delegated administrator must enable GuardDuty prior to being added as a member. If you are adding accounts by invitation, before using <a href=\"https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html\">InviteMembers</a>, use <code>CreateMembers</code> after GuardDuty has been enabled in potential member accounts. If you disassociate a member from a GuardDuty delegated administrator, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the <a href=\"https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html\">InviteMembers</a> API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the <a href=\"https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html\">DeleteMembers</a> API. ","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateMembersResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty account that you want to associate member accounts with.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["accountDetails"],"properties":{"accountDetails":{"description":"A list of account ID and email address pairs of the accounts that you want to associate with the GuardDuty administrator account.","type":"array","items":{"$ref":"#/components/schemas/AccountDetail"},"minItems":1,"maxItems":50}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListMembers","description":"Lists details about all member accounts for the current GuardDuty administrator account.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListMembersResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector the member is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"maxResults","in":"query","required":false,"description":"You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.","schema":{"type":"string"}},{"name":"onlyAssociated","in":"query","required":false,"description":"Specifies whether to only return associated members or to return all members (including members who haven't been invited yet or have been disassociated). Member accounts must have been previously associated with the GuardDuty administrator account using <a href=\"https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html\"> <code>Create Members</code> </a>. ","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/detector/{detectorId}/publishingDestination":{"post":{"operationId":"CreatePublishingDestination","description":"Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreatePublishingDestinationResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The ID of the GuardDuty detector associated with the publishing destination.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["destinationType","destinationProperties"],"properties":{"destinationType":{"description":"The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported.","type":"string","enum":["S3"],"minLength":1,"maxLength":300},"destinationProperties":{"description":"Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.","type":"object","properties":{"DestinationArn":{"allOf":[{"$ref":"#/components/schemas/String"},{"xml":{"name":"destinationArn"},"description":"The ARN of the resource to publish to. To specify an S3 bucket folder use the following format: <code>arn:aws:s3:::DOC-EXAMPLE-BUCKET/myFolder/</code> "}]},"KmsKeyArn":{"allOf":[{"$ref":"#/components/schemas/String"},{"xml":{"name":"kmsKeyArn"},"description":"The ARN of the KMS key to use for encryption."}]}}},"clientToken":{"description":"The idempotency token for the request.","type":"string","minLength":0,"maxLength":64}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListPublishingDestinations","description":"Returns a list of publishing destinations associated with the specified <code>detectorId</code>.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListPublishingDestinationsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The ID of the detector to retrieve publishing destinations for.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"maxResults","in":"query","required":false,"description":"The maximum number of results to return in the response.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the <code>NextToken</code> value returned from the previous request to continue listing results after the first page.","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/detector/{detectorId}/findings/create":{"post":{"operationId":"CreateSampleFindings","description":"Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for <code>findingTypes</code>, the API generates sample findings of all supported finding types.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateSampleFindingsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The ID of the detector to create sample findings for.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"findingTypes":{"description":"The types of sample findings to generate.","type":"array","items":{"$ref":"#/components/schemas/FindingType"},"minItems":0,"maxItems":50}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/detector/{detectorId}/threatintelset":{"post":{"operationId":"CreateThreatIntelSet","description":"Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator account can use this operation.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateThreatIntelSetResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","format","location","activate"],"properties":{"name":{"description":"A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.","type":"string","minLength":1,"maxLength":300},"format":{"description":"The format of the file that contains the ThreatIntelSet.","type":"string","enum":["TXT","STIX","OTX_CSV","ALIEN_VAULT","PROOF_POINT","FIRE_EYE"],"minLength":1,"maxLength":300},"location":{"description":"The URI of the file that contains the ThreatIntelSet. ","type":"string","minLength":1,"maxLength":300},"activate":{"description":"A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.","type":"boolean"},"clientToken":{"description":"The idempotency token for the create request.","type":"string","minLength":0,"maxLength":64},"tags":{"description":"The tags to be added to a new threat list resource.","type":"object","minProperties":1,"maxProperties":200,"additionalProperties":{"$ref":"#/components/schemas/TagValue"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"ListThreatIntelSets","description":"Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account, the ThreatIntelSets associated with the administrator account are returned.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListThreatIntelSetsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that the threatIntelSet is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"maxResults","in":"query","required":false,"description":"You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 50. The maximum value is 50.","schema":{"type":"integer","minimum":1,"maximum":50}},{"name":"nextToken","in":"query","required":false,"description":"You can use this parameter to paginate results in the response. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.","schema":{"type":"string"}},{"name":"MaxResults","in":"query","schema":{"type":"string"},"description":"Pagination limit","required":false},{"name":"NextToken","in":"query","schema":{"type":"string"},"description":"Pagination token","required":false}]}},"/invitation/decline":{"post":{"operationId":"DeclineInvitations","description":"Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeclineInvitationsResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["accountIds"],"properties":{"accountIds":{"description":"A list of account IDs of the Amazon Web Services accounts that sent invitations to the current member account that you want to decline invitations from.","type":"array","items":{"$ref":"#/components/schemas/AccountId"},"minItems":1,"maxItems":50}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/detector/{detectorId}":{"delete":{"operationId":"DeleteDetector","description":"Deletes an Amazon GuardDuty detector that is specified by the detector ID.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeleteDetectorResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that you want to delete.","schema":{"type":"string","minLength":1,"maxLength":300}}]},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"GetDetector","description":"Retrieves an Amazon GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see <a href=\"https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html\">Regions and endpoints</a>.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GetDetectorResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that you want to get.","schema":{"type":"string","minLength":1,"maxLength":300}}]},"post":{"operationId":"UpdateDetector","description":"Updates the Amazon GuardDuty detector specified by the detectorId. There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see <a href=\"https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html\">Regions and endpoints</a>.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UpdateDetectorResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector to update.","schema":{"type":"string","minLength":1,"maxLength":300}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"enable":{"description":"Specifies whether the detector is enabled or not enabled.","type":"boolean"},"findingPublishingFrequency":{"description":"An enum value that specifies how frequently findings are exported, such as to CloudWatch Events.","type":"string","enum":["FIFTEEN_MINUTES","ONE_HOUR","SIX_HOURS"]},"dataSources":{"description":"Contains information about which data sources are enabled.","type":"object","properties":{"S3Logs":{"allOf":[{"$ref":"#/components/schemas/S3LogsConfiguration"},{"xml":{"name":"s3Logs"},"description":"Describes whether S3 data event logs are enabled as a data source."}]},"Kubernetes":{"allOf":[{"$ref":"#/components/schemas/KubernetesConfiguration"},{"xml":{"name":"kubernetes"},"description":"Describes whether any Kubernetes logs are enabled as data sources."}]},"MalwareProtection":{"allOf":[{"$ref":"#/components/schemas/MalwareProtectionConfiguration"},{"xml":{"name":"malwareProtection"},"description":"Describes whether Malware Protection is enabled as a data source."}]}}},"features":{"description":"Provides the features that will be updated for the detector.","type":"array","items":{"$ref":"#/components/schemas/DetectorFeatureConfiguration"}}}}}}}}},"/detector/{detectorId}/filter/{filterName}":{"delete":{"operationId":"DeleteFilter","description":"Deletes the filter specified by the filter name.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeleteFilterResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that the filter is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"filterName","in":"path","required":true,"description":"The name of the filter that you want to delete.","schema":{"type":"string"}}]},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}],"get":{"operationId":"GetFilter","description":"Returns the details of the filter specified by the filter name.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/GetFilterResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that the filter is associated with.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"filterName","in":"path","required":true,"description":"The name of the filter you want to get.","schema":{"type":"string"}}]},"post":{"operationId":"UpdateFilter","description":"Updates the filter specified by the filter name.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UpdateFilterResponse"}}}},"480":{"description":"BadRequestException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BadRequestException"}}}},"481":{"description":"InternalServerErrorException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InternalServerErrorException"}}}}},"parameters":[{"name":"detectorId","in":"path","required":true,"description":"The unique ID of the detector that specifies the GuardDuty service where you want to update a filter.","schema":{"type":"string","minLength":1,"maxLength":300}},{"name":"filterName","in":"path","required":true,"description":"The name of the filter.","schema":{"type":"string"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"description":{"description":"The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses (<code>{ }</code>, <code>[ ]</code>, and <code>( )</code>), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.","type":"string","minLength":0,"maxLength":512},"action":{"description":"Specifies the action that is to be applied to the findings that match the filter.","type":"string","enum":["NOOP","ARCHIVE"],"minLength":1,"maxLength":300},"rank":{"description":"Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.","type":"integer","minimum":1,"maximum":100},"findingCriteria":{"description":"Contains information about the criteria used for querying findings.","type":"object","properties":{"Criterion":{"allOf":[{"$ref":"#/components/schemas/Criterion"},{"xml"