Class | Description |
---|---|
AcceptInvitationRequest | |
AcceptInvitationResponse | |
AccessControlList |
Contains information on the current access control policies for the bucket.
|
AccessKeyDetails |
Contains information about the access keys.
|
AccountDetail |
Contains information about the account.
|
AccountLevelPermissions |
Contains information about the account level permissions on the S3 bucket.
|
Action |
Contains information about actions.
|
AdminAccount |
The account within the organization specified as the GuardDuty delegated administrator.
|
ArchiveFindingsRequest | |
ArchiveFindingsResponse | |
AwsApiCallAction |
Contains information about the API action.
|
BlockPublicAccess |
Contains information on how the bucker owner's S3 Block Public Access settings are being applied to the S3 bucket.
|
BucketLevelPermissions |
Contains information about the bucket level permissions for the S3 bucket.
|
BucketPolicy |
Contains information on the current bucket policies for the S3 bucket.
|
City |
Contains information about the city associated with the IP address.
|
CloudTrailConfigurationResult |
Contains information on the status of CloudTrail as a data source for the detector.
|
Condition |
Contains information about the condition.
|
Country |
Contains information about the country where the remote IP address is located.
|
CreateDetectorRequest | |
CreateDetectorResponse | |
CreateFilterRequest | |
CreateFilterResponse | |
CreateIpSetRequest | |
CreateIpSetResponse | |
CreateMembersRequest | |
CreateMembersResponse | |
CreatePublishingDestinationRequest | |
CreatePublishingDestinationResponse | |
CreateSampleFindingsRequest | |
CreateSampleFindingsResponse | |
CreateThreatIntelSetRequest | |
CreateThreatIntelSetResponse | |
DataSourceConfigurations |
Contains information about which data sources are enabled.
|
DataSourceConfigurationsResult |
Contains information on the status of data sources for the detector.
|
DeclineInvitationsRequest | |
DeclineInvitationsResponse | |
DefaultServerSideEncryption |
Contains information on the server side encryption method used in the S3 bucket.
|
DeleteDetectorRequest | |
DeleteDetectorResponse | |
DeleteFilterRequest | |
DeleteFilterResponse | |
DeleteInvitationsRequest | |
DeleteInvitationsResponse | |
DeleteIpSetRequest | |
DeleteIpSetResponse | |
DeleteMembersRequest | |
DeleteMembersResponse | |
DeletePublishingDestinationRequest | |
DeletePublishingDestinationResponse | |
DeleteThreatIntelSetRequest | |
DeleteThreatIntelSetResponse | |
DescribeOrganizationConfigurationRequest | |
DescribeOrganizationConfigurationResponse | |
DescribePublishingDestinationRequest | |
DescribePublishingDestinationResponse | |
Destination |
Contains information about the publishing destination, including the ID, type, and status.
|
DestinationProperties |
Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS
key to use to encrypt published findings.
|
DisableOrganizationAdminAccountRequest | |
DisableOrganizationAdminAccountResponse | |
DisassociateFromMasterAccountRequest | |
DisassociateFromMasterAccountResponse | |
DisassociateMembersRequest | |
DisassociateMembersResponse | |
DNSLogsConfigurationResult |
Contains information on the status of DNS logs as a data source.
|
DnsRequestAction |
Contains information about the DNS_REQUEST action described in this finding.
|
DomainDetails |
Contains information about the domain.
|
EnableOrganizationAdminAccountRequest | |
EnableOrganizationAdminAccountResponse | |
Evidence |
Contains information about the reason that the finding was generated.
|
Finding |
Contains information about the finding, which is generated when abnormal or suspicious activity is detected.
|
FindingCriteria |
Contains information about the criteria used for querying findings.
|
FindingStatistics |
Contains information about finding statistics.
|
FlowLogsConfigurationResult |
Contains information on the status of VPC flow logs as a data source.
|
GeoLocation |
Contains information about the location of the remote IP address.
|
GetDetectorRequest | |
GetDetectorResponse | |
GetFilterRequest | |
GetFilterResponse | |
GetFindingsRequest | |
GetFindingsResponse | |
GetFindingsStatisticsRequest | |
GetFindingsStatisticsResponse | |
GetInvitationsCountRequest | |
GetInvitationsCountResponse | |
GetIpSetRequest | |
GetIpSetResponse | |
GetMasterAccountRequest | |
GetMasterAccountResponse | |
GetMemberDetectorsRequest | |
GetMemberDetectorsResponse | |
GetMembersRequest | |
GetMembersResponse | |
GetThreatIntelSetRequest | |
GetThreatIntelSetResponse | |
GetUsageStatisticsRequest | |
GetUsageStatisticsResponse | |
GuardDutyRequest | |
GuardDutyResponse | |
GuardDutyResponseMetadata | |
IamInstanceProfile |
Contains information about the EC2 instance profile.
|
InstanceDetails |
Contains information about the details of an instance.
|
Invitation |
Contains information about the invitation to become a member account.
|
InviteMembersRequest | |
InviteMembersResponse | |
ListDetectorsRequest | |
ListDetectorsResponse | |
ListFiltersRequest | |
ListFiltersResponse | |
ListFindingsRequest | |
ListFindingsResponse | |
ListInvitationsRequest | |
ListInvitationsResponse | |
ListIpSetsRequest | |
ListIpSetsResponse | |
ListMembersRequest | |
ListMembersResponse | |
ListOrganizationAdminAccountsRequest | |
ListOrganizationAdminAccountsResponse | |
ListPublishingDestinationsRequest | |
ListPublishingDestinationsResponse | |
ListTagsForResourceRequest | |
ListTagsForResourceResponse | |
ListThreatIntelSetsRequest | |
ListThreatIntelSetsResponse | |
LocalIpDetails |
Contains information about the local IP address of the connection.
|
LocalPortDetails |
Contains information about the port for the local connection.
|
Master |
Contains information about the administrator account and invitation.
|
Member |
Contains information about the member account.
|
MemberDataSourceConfiguration |
Contains information on which data sources are enabled for a member account.
|
NetworkConnectionAction |
Contains information about the NETWORK_CONNECTION action described in the finding.
|
NetworkInterface |
Contains information about the elastic network interface of the EC2 instance.
|
Organization |
Contains information about the ISP organization of the remote IP address.
|
OrganizationDataSourceConfigurations |
An object that contains information on which data sources will be configured to be automatically enabled for new
members within the organization.
|
OrganizationDataSourceConfigurationsResult |
An object that contains information on which data sources are automatically enabled for new members within the
organization.
|
OrganizationS3LogsConfiguration |
Describes whether S3 data event logs will be automatically enabled for new members of the organization.
|
OrganizationS3LogsConfigurationResult |
The current configuration of S3 data event logs as a data source for the organization.
|
Owner |
Contains information on the owner of the bucket.
|
PermissionConfiguration |
Contains information about how permissions are configured for the S3 bucket.
|
PortProbeAction |
Contains information about the PORT_PROBE action described in the finding.
|
PortProbeDetail |
Contains information about the port probe details.
|
PrivateIpAddressDetails |
Contains other private IP address information of the EC2 instance.
|
ProductCode |
Contains information about the product code for the EC2 instance.
|
PublicAccess |
Describes the public access policies that apply to the S3 bucket.
|
RemoteIpDetails |
Contains information about the remote IP address of the connection.
|
RemotePortDetails |
Contains information about the remote port.
|
Resource |
Contains information about the AWS resource associated with the activity that prompted GuardDuty to generate a
finding.
|
S3BucketDetail |
Contains information on the S3 bucket.
|
S3LogsConfiguration |
Describes whether S3 data event logs will be enabled as a data source.
|
S3LogsConfigurationResult |
Describes whether S3 data event logs will be enabled as a data source.
|
SecurityGroup |
Contains information about the security groups associated with the EC2 instance.
|
Service |
Contains additional information about the generated finding.
|
SortCriteria |
Contains information about the criteria used for sorting findings.
|
StartMonitoringMembersRequest | |
StartMonitoringMembersResponse | |
StopMonitoringMembersRequest | |
StopMonitoringMembersResponse | |
Tag |
Contains information about a tag associated with the EC2 instance.
|
TagResourceRequest | |
TagResourceResponse | |
ThreatIntelligenceDetail |
An instance of a threat intelligence detail that constitutes evidence for the finding.
|
Total |
Contains the total usage with the corresponding currency unit for that value.
|
UnarchiveFindingsRequest | |
UnarchiveFindingsResponse | |
UnprocessedAccount |
Contains information about the accounts that weren't processed.
|
UntagResourceRequest | |
UntagResourceResponse | |
UpdateDetectorRequest | |
UpdateDetectorResponse | |
UpdateFilterRequest | |
UpdateFilterResponse | |
UpdateFindingsFeedbackRequest | |
UpdateFindingsFeedbackResponse | |
UpdateIpSetRequest | |
UpdateIpSetResponse | |
UpdateMemberDetectorsRequest | |
UpdateMemberDetectorsResponse | |
UpdateOrganizationConfigurationRequest | |
UpdateOrganizationConfigurationResponse | |
UpdatePublishingDestinationRequest | |
UpdatePublishingDestinationResponse | |
UpdateThreatIntelSetRequest | |
UpdateThreatIntelSetResponse | |
UsageAccountResult |
Contains information on the total of usage based on account IDs.
|
UsageCriteria |
Contains information about the criteria used to query usage statistics.
|
UsageDataSourceResult |
Contains information on the result of usage based on data source type.
|
UsageResourceResult |
Contains information on the sum of usage based on an AWS resource.
|
UsageStatistics |
Contains the result of GuardDuty usage.
|
Exception | Description |
---|---|
BadRequestException |
A bad request exception object.
|
GuardDutyException | |
InternalServerErrorException |
An internal server error exception object.
|
Copyright © 2021 Amazon Web Services, Inc. All Rights Reserved.