detective

package module
v0.0.0-...-68f2935 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 24, 2024 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Overview

Package detective provides the API client, operations, and parameter types for Amazon Detective.

Detective uses machine learning and purpose-built visualizations to help you to analyze and investigate security issues across your Amazon Web Services (Amazon Web Services) workloads. Detective automatically extracts time-based events such as login attempts, API calls, and network traffic from CloudTrail and Amazon Virtual Private Cloud (Amazon VPC) flow logs. It also extracts findings detected by Amazon GuardDuty.

The Detective API primarily supports the creation and management of behavior graphs. A behavior graph contains the extracted data from a set of member accounts, and is created and managed by an administrator account.

To add a member account to the behavior graph, the administrator account sends an invitation to the account. When the account accepts the invitation, it becomes a member account in the behavior graph.

Detective is also integrated with Organizations. The organization management account designates the Detective administrator account for the organization. That account becomes the administrator account for the organization behavior graph. The Detective administrator account is also the delegated administrator account for Detective in Organizations.

The Detective administrator account can enable any organization account as a member account in the organization behavior graph. The organization accounts do not receive invitations. The Detective administrator account can also invite other accounts to the organization behavior graph.

Every behavior graph is specific to a Region. You can only use the API to manage behavior graphs that belong to the Region that is associated with the currently selected endpoint.

The administrator account for a behavior graph can use the Detective API to do the following:

  • Enable and disable Detective. Enabling Detective creates a new behavior graph.

  • View the list of member accounts in a behavior graph.

  • Add member accounts to a behavior graph.

  • Remove member accounts from a behavior graph.

  • Apply tags to a behavior graph.

The organization management account can use the Detective API to select the delegated administrator for Detective.

The Detective administrator account for an organization can use the Detective API to do the following:

  • Perform all of the functions of an administrator account.

  • Determine whether to automatically enable new organization accounts as member accounts in the organization behavior graph.

An invited member account can use the Detective API to do the following:

  • View the list of behavior graphs that they are invited to.

  • Accept an invitation to contribute to a behavior graph.

  • Decline an invitation to contribute to a behavior graph.

  • Remove their account from a behavior graph.

All API actions are logged as CloudTrail events. See Logging Detective API Calls with CloudTrail.

We replaced the term "master account" with the term "administrator account". An administrator account is used to centrally manage multiple accounts. In the case of Detective, the administrator account manages the accounts in their behavior graph.

Index

Constants

View Source 
const ServiceAPIVersion = "2018-10-26"
View Source 
const ServiceID = "Detective"

Variables

This section is empty.

Functions

func NewDefaultEndpointResolver 

func NewDefaultEndpointResolver() *internalendpoints.Resolver

NewDefaultEndpointResolver constructs a new service endpoint resolver

func WithAPIOptions 

func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options)

WithAPIOptions returns a functional option for setting the Client's APIOptions option.

func WithEndpointResolver deprecated 

func WithEndpointResolver(v EndpointResolver) func(*Options)

Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for this field will likely prevent you from using any endpoint-related service features released after the introduction of EndpointResolverV2 and BaseEndpoint.

To migrate an EndpointResolver implementation that uses a custom endpoint, set the client option BaseEndpoint instead.

func WithEndpointResolverV2 

func WithEndpointResolverV2(v EndpointResolverV2) func(*Options)

WithEndpointResolverV2 returns a functional option for setting the Client's EndpointResolverV2 option.

func WithSigV4SigningName 

func WithSigV4SigningName(name string) func(*Options)

WithSigV4SigningName applies an override to the authentication workflow to use the given signing name for SigV4-authenticated operations.

This is an advanced setting. The value here is FINAL, taking precedence over the resolved signing name from both auth scheme resolution and endpoint resolution.

func WithSigV4SigningRegion 

func WithSigV4SigningRegion(region string) func(*Options)

WithSigV4SigningRegion applies an override to the authentication workflow to use the given signing region for SigV4-authenticated operations.

This is an advanced setting. The value here is FINAL, taking precedence over the resolved signing region from both auth scheme resolution and endpoint resolution.

Types

type AcceptInvitationInput 

type AcceptInvitationInput struct {

	// The ARN of the behavior graph that the member account is accepting the
	// invitation for.
	//
	// The member account status in the behavior graph must be INVITED .
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type AcceptInvitationOutput 

type AcceptInvitationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type AuthResolverParameters 

type AuthResolverParameters struct {
	// The name of the operation being invoked.
	Operation string

	// The region in which the operation is being invoked.
	Region string
}

AuthResolverParameters contains the set of inputs necessary for auth scheme resolution.

type AuthSchemeResolver 

type AuthSchemeResolver interface {
	ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error)
}

AuthSchemeResolver returns a set of possible authentication options for an operation.

type BatchGetGraphMemberDatasourcesInput 

type BatchGetGraphMemberDatasourcesInput struct {

	// The list of Amazon Web Services accounts to get data source package information
	// on.
	//
	// This member is required.
	AccountIds []string

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type BatchGetGraphMemberDatasourcesOutput 

type BatchGetGraphMemberDatasourcesOutput struct {

	// Details on the status of data source packages for members of the behavior graph.
	MemberDatasources []types.MembershipDatasources

	// Accounts that data source package information could not be retrieved for.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type BatchGetMembershipDatasourcesInput 

type BatchGetMembershipDatasourcesInput struct {

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArns []string
	// contains filtered or unexported fields
}

type BatchGetMembershipDatasourcesOutput 

type BatchGetMembershipDatasourcesOutput struct {

	// Details on the data source package history for an member of the behavior graph.
	MembershipDatasources []types.MembershipDatasources

	// Graphs that data source package information could not be retrieved for.
	UnprocessedGraphs []types.UnprocessedGraph

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client provides the API client to make operations call for Amazon Detective.

func New 

func New(options Options, optFns ...func(*Options)) *Client

New returns an initialized Client based on the functional options. Provide additional functional options to further configure the behavior of the client, such as changing the client's endpoint or adding custom middleware behavior.

func NewFromConfig 

func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client

NewFromConfig returns a new client from the provided config.

func (*Client) AcceptInvitation 

func (c *Client) AcceptInvitation(ctx context.Context, params *AcceptInvitationInput, optFns ...func(*Options)) (*AcceptInvitationOutput, error)

Accepts an invitation for the member account to contribute data to a behavior graph. This operation can only be called by an invited member account.

The request provides the ARN of behavior graph.

The member account status in the graph must be INVITED .

func (*Client) BatchGetGraphMemberDatasources 

func (c *Client) BatchGetGraphMemberDatasources(ctx context.Context, params *BatchGetGraphMemberDatasourcesInput, optFns ...func(*Options)) (*BatchGetGraphMemberDatasourcesOutput, error)

Gets data source package information for the behavior graph.

func (*Client) BatchGetMembershipDatasources 

func (c *Client) BatchGetMembershipDatasources(ctx context.Context, params *BatchGetMembershipDatasourcesInput, optFns ...func(*Options)) (*BatchGetMembershipDatasourcesOutput, error)

Gets information on the data source package history for an account.

func (*Client) CreateGraph 

func (c *Client) CreateGraph(ctx context.Context, params *CreateGraphInput, optFns ...func(*Options)) (*CreateGraphOutput, error)

Creates a new behavior graph for the calling account, and sets that account as the administrator account. This operation is called by the account that is enabling Detective.

The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.

CreateGraph triggers a process to create the corresponding data tables for the new behavior graph.

An account can only be the administrator account for one behavior graph within a Region. If the same account calls CreateGraph with the same administrator account, it always returns the same behavior graph ARN. It does not create a new behavior graph.

func (*Client) CreateMembers 

func (c *Client) CreateMembers(ctx context.Context, params *CreateMembersInput, optFns ...func(*Options)) (*CreateMembersOutput, error)

CreateMembers is used to send invitations to accounts. For the organization behavior graph, the Detective administrator account uses CreateMembers to enable organization accounts as member accounts.

For invited accounts, CreateMembers sends a request to invite the specified Amazon Web Services accounts to be member accounts in the behavior graph. This operation can only be called by the administrator account for a behavior graph.

CreateMembers verifies the accounts and then invites the verified accounts. The administrator can optionally specify to not send invitation emails to the member accounts. This would be used when the administrator manages their member accounts centrally.

For organization accounts in the organization behavior graph, CreateMembers attempts to enable the accounts. The organization accounts do not receive invitations.

The request provides the behavior graph ARN and the list of accounts to invite or to enable.

The response separates the requested accounts into two lists:

  • The accounts that CreateMembers was able to process. For invited accounts, includes member accounts that are being verified, that have passed verification and are to be invited, and that have failed verification. For organization accounts in the organization behavior graph, includes accounts that can be enabled and that cannot be enabled.

  • The accounts that CreateMembers was unable to process. This list includes accounts that were already invited to be member accounts in the behavior graph.

func (*Client) DeleteGraph 

func (c *Client) DeleteGraph(ctx context.Context, params *DeleteGraphInput, optFns ...func(*Options)) (*DeleteGraphOutput, error)

Disables the specified behavior graph and queues it to be deleted. This operation removes the behavior graph from each member account's list of behavior graphs.

DeleteGraph can only be called by the administrator account for a behavior graph.

func (*Client) DeleteMembers 

func (c *Client) DeleteMembers(ctx context.Context, params *DeleteMembersInput, optFns ...func(*Options)) (*DeleteMembersOutput, error)

Removes the specified member accounts from the behavior graph. The removed accounts no longer contribute data to the behavior graph. This operation can only be called by the administrator account for the behavior graph.

For invited accounts, the removed accounts are deleted from the list of accounts in the behavior graph. To restore the account, the administrator account must send another invitation.

For organization accounts in the organization behavior graph, the Detective administrator account can always enable the organization account again. Organization accounts that are not enabled as member accounts are not included in the ListMembers results for the organization behavior graph.

An administrator account cannot use DeleteMembers to remove their own account from the behavior graph. To disable a behavior graph, the administrator account uses the DeleteGraph API method.

func (*Client) DescribeOrganizationConfiguration 

func (c *Client) DescribeOrganizationConfiguration(ctx context.Context, params *DescribeOrganizationConfigurationInput, optFns ...func(*Options)) (*DescribeOrganizationConfigurationOutput, error)

Returns information about the configuration for the organization behavior graph. Currently indicates whether to automatically enable new organization accounts as member accounts.

Can only be called by the Detective administrator account for the organization.

func (*Client) DisableOrganizationAdminAccount 

func (c *Client) DisableOrganizationAdminAccount(ctx context.Context, params *DisableOrganizationAdminAccountInput, optFns ...func(*Options)) (*DisableOrganizationAdminAccountOutput, error)

Removes the Detective administrator account in the current Region. Deletes the organization behavior graph.

Can only be called by the organization management account.

Removing the Detective administrator account does not affect the delegated administrator account for Detective in Organizations.

To remove the delegated administrator account in Organizations, use the Organizations API. Removing the delegated administrator account also removes the Detective administrator account in all Regions, except for Regions where the Detective administrator account is the organization management account.

func (*Client) DisassociateMembership 

func (c *Client) DisassociateMembership(ctx context.Context, params *DisassociateMembershipInput, optFns ...func(*Options)) (*DisassociateMembershipOutput, error)

Removes the member account from the specified behavior graph. This operation can only be called by an invited member account that has the ENABLED status.

DisassociateMembership cannot be called by an organization account in the organization behavior graph. For the organization behavior graph, the Detective administrator account determines which organization accounts to enable or disable as member accounts.

func (*Client) EnableOrganizationAdminAccount 

func (c *Client) EnableOrganizationAdminAccount(ctx context.Context, params *EnableOrganizationAdminAccountInput, optFns ...func(*Options)) (*EnableOrganizationAdminAccountOutput, error)

Designates the Detective administrator account for the organization in the current Region.

If the account does not have Detective enabled, then enables Detective for that account and creates a new behavior graph.

Can only be called by the organization management account.

If the organization has a delegated administrator account in Organizations, then the Detective administrator account must be either the delegated administrator account or the organization management account.

If the organization does not have a delegated administrator account in Organizations, then you can choose any account in the organization. If you choose an account other than the organization management account, Detective calls Organizations to make that account the delegated administrator account for Detective. The organization management account cannot be the delegated administrator account.

func (*Client) GetInvestigation 

func (c *Client) GetInvestigation(ctx context.Context, params *GetInvestigationInput, optFns ...func(*Options)) (*GetInvestigationOutput, error)

Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. GetInvestigation returns the investigation results of an investigation for a behavior graph.

func (*Client) GetMembers 

func (c *Client) GetMembers(ctx context.Context, params *GetMembersInput, optFns ...func(*Options)) (*GetMembersOutput, error)

Returns the membership details for specified member accounts for a behavior graph.

func (*Client) ListDatasourcePackages 

func (c *Client) ListDatasourcePackages(ctx context.Context, params *ListDatasourcePackagesInput, optFns ...func(*Options)) (*ListDatasourcePackagesOutput, error)

Lists data source packages in the behavior graph.

func (*Client) ListGraphs 

func (c *Client) ListGraphs(ctx context.Context, params *ListGraphsInput, optFns ...func(*Options)) (*ListGraphsOutput, error)

Returns the list of behavior graphs that the calling account is an administrator account of. This operation can only be called by an administrator account.

Because an account can currently only be the administrator of one behavior graph within a Region, the results always contain a single behavior graph.

func (*Client) ListIndicators 

func (c *Client) ListIndicators(ctx context.Context, params *ListIndicatorsInput, optFns ...func(*Options)) (*ListIndicatorsOutput, error)

Gets the indicators from an investigation. You can use the information from the indicators to determine if an IAM user and/or IAM role is involved in an unusual activity that could indicate malicious behavior and its impact.

func (*Client) ListInvestigations 

func (c *Client) ListInvestigations(ctx context.Context, params *ListInvestigationsInput, optFns ...func(*Options)) (*ListInvestigationsOutput, error)

Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. ListInvestigations lists all active Detective investigations.

func (*Client) ListInvitations 

func (c *Client) ListInvitations(ctx context.Context, params *ListInvitationsInput, optFns ...func(*Options)) (*ListInvitationsOutput, error)

Retrieves the list of open and accepted behavior graph invitations for the member account. This operation can only be called by an invited member account.

Open invitations are invitations that the member account has not responded to.

The results do not include behavior graphs for which the member account declined the invitation. The results also do not include behavior graphs that the member account resigned from or was removed from.

func (*Client) ListMembers 

func (c *Client) ListMembers(ctx context.Context, params *ListMembersInput, optFns ...func(*Options)) (*ListMembersOutput, error)

Retrieves the list of member accounts for a behavior graph.

For invited accounts, the results do not include member accounts that were removed from the behavior graph.

For the organization behavior graph, the results do not include organization accounts that the Detective administrator account has not enabled as member accounts.

func (*Client) ListOrganizationAdminAccounts 

func (c *Client) ListOrganizationAdminAccounts(ctx context.Context, params *ListOrganizationAdminAccountsInput, optFns ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)

Returns information about the Detective administrator account for an organization. Can only be called by the organization management account.

func (*Client) ListTagsForResource 

func (c *Client) ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error)

Returns the tag values that are assigned to a behavior graph.

func (*Client) Options 

func (c *Client) Options() Options

Options returns a copy of the client configuration.

Callers SHOULD NOT perform mutations on any inner structures within client config. Config overrides should instead be made on a per-operation basis through functional options.

func (*Client) RejectInvitation 

func (c *Client) RejectInvitation(ctx context.Context, params *RejectInvitationInput, optFns ...func(*Options)) (*RejectInvitationOutput, error)

Rejects an invitation to contribute the account data to a behavior graph. This operation must be called by an invited member account that has the INVITED status.

RejectInvitation cannot be called by an organization account in the organization behavior graph. In the organization behavior graph, organization accounts do not receive an invitation.

func (*Client) StartInvestigation 

func (c *Client) StartInvestigation(ctx context.Context, params *StartInvestigationInput, optFns ...func(*Options)) (*StartInvestigationOutput, error)

Detective investigations lets you investigate IAM users and IAM roles using indicators of compromise. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. StartInvestigation initiates an investigation on an entity in a behavior graph.

func (*Client) StartMonitoringMember 

func (c *Client) StartMonitoringMember(ctx context.Context, params *StartMonitoringMemberInput, optFns ...func(*Options)) (*StartMonitoringMemberOutput, error)

Sends a request to enable data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED .

For valid member accounts, the status is updated as follows.

  • If Detective enabled the member account, then the new status is ENABLED .

  • If Detective cannot enable the member account, the status remains ACCEPTED_BUT_DISABLED .

func (*Client) TagResource 

func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error)

Applies tag values to a behavior graph.

func (*Client) UntagResource 

func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error)

Removes tags from a behavior graph.

func (*Client) UpdateDatasourcePackages 

func (c *Client) UpdateDatasourcePackages(ctx context.Context, params *UpdateDatasourcePackagesInput, optFns ...func(*Options)) (*UpdateDatasourcePackagesOutput, error)

Starts a data source packages for the behavior graph.

func (*Client) UpdateInvestigationState 

func (c *Client) UpdateInvestigationState(ctx context.Context, params *UpdateInvestigationStateInput, optFns ...func(*Options)) (*UpdateInvestigationStateOutput, error)

Updates the state of an investigation.

func (*Client) UpdateOrganizationConfiguration 

func (c *Client) UpdateOrganizationConfiguration(ctx context.Context, params *UpdateOrganizationConfigurationInput, optFns ...func(*Options)) (*UpdateOrganizationConfigurationOutput, error)

Updates the configuration for the Organizations integration in the current Region. Can only be called by the Detective administrator account for the organization.

type CreateGraphInput 

type CreateGraphInput struct {

	// The tags to assign to the new behavior graph. You can add up to 50 tags. For
	// each tag, you provide the tag key and the tag value. Each tag key can contain up
	// to 128 characters. Each tag value can contain up to 256 characters.
	Tags map[string]string
	// contains filtered or unexported fields
}

type CreateGraphOutput 

type CreateGraphOutput struct {

	// The ARN of the new behavior graph.
	GraphArn *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type CreateMembersInput 

type CreateMembersInput struct {

	// The list of Amazon Web Services accounts to invite or to enable. You can invite
	// or enable up to 50 accounts at a time. For each invited account, the account
	// list contains the account identifier and the Amazon Web Services account root
	// user email address. For organization accounts in the organization behavior
	// graph, the email address is not required.
	//
	// This member is required.
	Accounts []types.Account

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// if set to true , then the invited accounts do not receive email notifications.
	// By default, this is set to false , and the invited accounts receive email
	// notifications.
	//
	// Organization accounts in the organization behavior graph do not receive email
	// notifications.
	DisableEmailNotification bool

	// Customized message text to include in the invitation email message to the
	// invited member accounts.
	Message *string
	// contains filtered or unexported fields
}

type CreateMembersOutput 

type CreateMembersOutput struct {

	// The set of member account invitation or enablement requests that Detective was
	// able to process. This includes accounts that are being verified, that failed
	// verification, and that passed verification and are being sent an invitation or
	// are being enabled.
	Members []types.MemberDetail

	// The list of accounts for which Detective was unable to process the invitation
	// or enablement request. For each account, the list provides the reason why the
	// request could not be processed. The list includes accounts that are already
	// member accounts in the behavior graph.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteGraphInput 

type DeleteGraphInput struct {

	// The ARN of the behavior graph to disable.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type DeleteGraphOutput 

type DeleteGraphOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DeleteMembersInput 

type DeleteMembersInput struct {

	// The list of Amazon Web Services account identifiers for the member accounts to
	// remove from the behavior graph. You can remove up to 50 member accounts at a
	// time.
	//
	// This member is required.
	AccountIds []string

	// The ARN of the behavior graph to remove members from.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type DeleteMembersOutput 

type DeleteMembersOutput struct {

	// The list of Amazon Web Services account identifiers for the member accounts
	// that Detective successfully removed from the behavior graph.
	AccountIds []string

	// The list of member accounts that Detective was not able to remove from the
	// behavior graph. For each member account, provides the reason that the deletion
	// could not be processed.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DescribeOrganizationConfigurationInput 

type DescribeOrganizationConfigurationInput struct {

	// The ARN of the organization behavior graph.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type DescribeOrganizationConfigurationOutput 

type DescribeOrganizationConfigurationOutput struct {

	// Indicates whether to automatically enable new organization accounts as member
	// accounts in the organization behavior graph.
	AutoEnable bool

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisableOrganizationAdminAccountInput 

type DisableOrganizationAdminAccountInput struct {
	// contains filtered or unexported fields
}

type DisableOrganizationAdminAccountOutput 

type DisableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type DisassociateMembershipInput 

type DisassociateMembershipInput struct {

	// The ARN of the behavior graph to remove the member account from.
	//
	// The member account's member status in the behavior graph must be ENABLED .
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type DisassociateMembershipOutput 

type DisassociateMembershipOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type EnableOrganizationAdminAccountInput 

type EnableOrganizationAdminAccountInput struct {

	// The Amazon Web Services account identifier of the account to designate as the
	// Detective administrator account for the organization.
	//
	// This member is required.
	AccountId *string
	// contains filtered or unexported fields
}

type EnableOrganizationAdminAccountOutput 

type EnableOrganizationAdminAccountOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type EndpointParameters 

type EndpointParameters struct {
	// The AWS region used to dispatch the request.
	//
	// Parameter is
	// required.
	//
	// AWS::Region
	Region *string

	// When true, use the dual-stack endpoint. If the configured endpoint does not
	// support dual-stack, dispatching the request MAY return an error.
	//
	// Defaults to
	// false if no value is provided.
	//
	// AWS::UseDualStack
	UseDualStack *bool

	// When true, send this request to the FIPS-compliant regional endpoint. If the
	// configured endpoint does not have a FIPS compliant endpoint, dispatching the
	// request will return an error.
	//
	// Defaults to false if no value is
	// provided.
	//
	// AWS::UseFIPS
	UseFIPS *bool

	// Override the endpoint used to send this request
	//
	// Parameter is
	// required.
	//
	// SDK::Endpoint
	Endpoint *string
}

EndpointParameters provides the parameters that influence how endpoints are resolved.

func (EndpointParameters) ValidateRequired 

func (p EndpointParameters) ValidateRequired() error

ValidateRequired validates required parameters are set.

func (EndpointParameters) WithDefaults 

func (p EndpointParameters) WithDefaults() EndpointParameters

WithDefaults returns a shallow copy of EndpointParameterswith default values applied to members where applicable.

type EndpointResolver 

type EndpointResolver interface {
	ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error)
}

EndpointResolver interface for resolving service endpoints.

func EndpointResolverFromURL 

func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver

EndpointResolverFromURL returns an EndpointResolver configured using the provided endpoint url. By default, the resolved endpoint resolver uses the client region as signing region, and the endpoint source is set to EndpointSourceCustom.You can provide functional options to configure endpoint values for the resolved endpoint.

type EndpointResolverFunc 

type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error)

EndpointResolverFunc is a helper utility that wraps a function so it satisfies the EndpointResolver interface. This is useful when you want to add additional endpoint resolving logic, or stub out specific endpoints with custom values.

func (EndpointResolverFunc) ResolveEndpoint 

func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error)

type EndpointResolverOptions 

type EndpointResolverOptions = internalendpoints.Options

EndpointResolverOptions is the service endpoint resolver options

type EndpointResolverV2 

type EndpointResolverV2 interface {
	// ResolveEndpoint attempts to resolve the endpoint with the provided options,
	// returning the endpoint if found. Otherwise an error is returned.
	ResolveEndpoint(ctx context.Context, params EndpointParameters) (
		smithyendpoints.Endpoint, error,
	)
}

EndpointResolverV2 provides the interface for resolving service endpoints.

func NewDefaultEndpointResolverV2 

func NewDefaultEndpointResolverV2() EndpointResolverV2

type GetInvestigationInput 

type GetInvestigationInput struct {

	// The Amazon Resource Name (ARN) of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// The investigation ID of the investigation report.
	//
	// This member is required.
	InvestigationId *string
	// contains filtered or unexported fields
}

type GetInvestigationOutput 

type GetInvestigationOutput struct {

	// The creation time of the investigation report in UTC time stamp format.
	CreatedTime *time.Time

	// The unique Amazon Resource Name (ARN). Detective supports IAM user ARNs and IAM
	// role ARNs.
	EntityArn *string

	// Type of entity. For example, Amazon Web Services accounts, such as an IAM user
	// and/or IAM role.
	EntityType types.EntityType

	// The Amazon Resource Name (ARN) of the behavior graph.
	GraphArn *string

	// The investigation ID of the investigation report.
	InvestigationId *string

	// The data and time when the investigation began. The value is an UTC ISO8601
	// formatted string. For example, 2021-08-18T16:35:56.284Z .
	ScopeEndTime *time.Time

	// The start date and time used to set the scope time within which you want to
	// generate the investigation report. The value is an UTC ISO8601 formatted string.
	// For example, 2021-08-18T16:35:56.284Z .
	ScopeStartTime *time.Time

	// The severity assigned is based on the likelihood and impact of the indicators
	// of compromise discovered in the investigation.
	Severity types.Severity

	// The current state of the investigation. An archived investigation indicates
	// that you have completed reviewing the investigation.
	State types.State

	// The status based on the completion status of the investigation.
	Status types.Status

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type GetMembersInput 

type GetMembersInput struct {

	// The list of Amazon Web Services account identifiers for the member account for
	// which to return member details. You can request details for up to 50 member
	// accounts at a time.
	//
	// You cannot use GetMembers to retrieve information about member accounts that
	// were removed from the behavior graph.
	//
	// This member is required.
	AccountIds []string

	// The ARN of the behavior graph for which to request the member details.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type GetMembersOutput 

type GetMembersOutput struct {

	// The member account details that Detective is returning in response to the
	// request.
	MemberDetails []types.MemberDetail

	// The requested member accounts for which Detective was unable to return member
	// details.
	//
	// For each account, provides the reason why the request could not be processed.
	UnprocessedAccounts []types.UnprocessedAccount

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

type HTTPSignerV4 

type HTTPSignerV4 interface {
	SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error
}

type ListDatasourcePackagesAPIClient 

type ListDatasourcePackagesAPIClient interface {
	ListDatasourcePackages(context.Context, *ListDatasourcePackagesInput, ...func(*Options)) (*ListDatasourcePackagesOutput, error)
}

ListDatasourcePackagesAPIClient is a client that implements the ListDatasourcePackages operation.

type ListDatasourcePackagesInput 

type ListDatasourcePackagesInput struct {

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// The maximum number of results to return.
	MaxResults *int32

	// For requests to get the next page of results, the pagination token that was
	// returned with the previous set of results. The initial request does not include
	// a pagination token.
	NextToken *string
	// contains filtered or unexported fields
}

type ListDatasourcePackagesOutput 

type ListDatasourcePackagesOutput struct {

	// Details on the data source packages active in the behavior graph.
	DatasourcePackages map[string]types.DatasourcePackageIngestDetail

	// For requests to get the next page of results, the pagination token that was
	// returned with the previous set of results. The initial request does not include
	// a pagination token.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListDatasourcePackagesPaginator 

type ListDatasourcePackagesPaginator struct {
	// contains filtered or unexported fields
}

ListDatasourcePackagesPaginator is a paginator for ListDatasourcePackages

func NewListDatasourcePackagesPaginator 

func NewListDatasourcePackagesPaginator(client ListDatasourcePackagesAPIClient, params *ListDatasourcePackagesInput, optFns ...func(*ListDatasourcePackagesPaginatorOptions)) *ListDatasourcePackagesPaginator

NewListDatasourcePackagesPaginator returns a new ListDatasourcePackagesPaginator

func (*ListDatasourcePackagesPaginator) HasMorePages 

func (p *ListDatasourcePackagesPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListDatasourcePackagesPaginator) NextPage 

func (p *ListDatasourcePackagesPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListDatasourcePackagesOutput, error)

NextPage retrieves the next ListDatasourcePackages page.

type ListDatasourcePackagesPaginatorOptions 

type ListDatasourcePackagesPaginatorOptions struct {
	// The maximum number of results to return.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListDatasourcePackagesPaginatorOptions is the paginator options for ListDatasourcePackages

type ListGraphsAPIClient 

type ListGraphsAPIClient interface {
	ListGraphs(context.Context, *ListGraphsInput, ...func(*Options)) (*ListGraphsOutput, error)
}

ListGraphsAPIClient is a client that implements the ListGraphs operation.

type ListGraphsInput 

type ListGraphsInput struct {

	// The maximum number of graphs to return at a time. The total must be less than
	// the overall limit on the number of results to return, which is currently 200.
	MaxResults *int32

	// For requests to get the next page of results, the pagination token that was
	// returned with the previous set of results. The initial request does not include
	// a pagination token.
	NextToken *string
	// contains filtered or unexported fields
}

type ListGraphsOutput 

type ListGraphsOutput struct {

	// A list of behavior graphs that the account is an administrator account for.
	GraphList []types.Graph

	// If there are more behavior graphs remaining in the results, then this is the
	// pagination token to use to request the next page of behavior graphs.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListGraphsPaginator 

type ListGraphsPaginator struct {
	// contains filtered or unexported fields
}

ListGraphsPaginator is a paginator for ListGraphs

func NewListGraphsPaginator 

func NewListGraphsPaginator(client ListGraphsAPIClient, params *ListGraphsInput, optFns ...func(*ListGraphsPaginatorOptions)) *ListGraphsPaginator

NewListGraphsPaginator returns a new ListGraphsPaginator

func (*ListGraphsPaginator) HasMorePages 

func (p *ListGraphsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListGraphsPaginator) NextPage 

func (p *ListGraphsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListGraphsOutput, error)

NextPage retrieves the next ListGraphs page.

type ListGraphsPaginatorOptions 

type ListGraphsPaginatorOptions struct {
	// The maximum number of graphs to return at a time. The total must be less than
	// the overall limit on the number of results to return, which is currently 200.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListGraphsPaginatorOptions is the paginator options for ListGraphs

type ListIndicatorsInput 

type ListIndicatorsInput struct {

	// The Amazon Resource Name (ARN) of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// The investigation ID of the investigation report.
	//
	// This member is required.
	InvestigationId *string

	// For the list of indicators of compromise that are generated by Detective
	// investigations, see [Detective investigations].
	//
	// [Detective investigations]: https://docs.aws.amazon.com/detective/latest/userguide/detective-investigations.html
	IndicatorType types.IndicatorType

	// Lists the maximum number of indicators in a page.
	MaxResults *int32

	// Lists if there are more results available. The value of nextToken is a unique
	// pagination token for each page. Repeat the call using the returned token to
	// retrieve the next page. Keep all other arguments unchanged.
	//
	// Each pagination token expires after 24 hours. Using an expired pagination token
	// will return a Validation Exception error.
	NextToken *string
	// contains filtered or unexported fields
}

type ListIndicatorsOutput 

type ListIndicatorsOutput struct {

	// The Amazon Resource Name (ARN) of the behavior graph.
	GraphArn *string

	// Lists the indicators of compromise.
	Indicators []types.Indicator

	// The investigation ID of the investigation report.
	InvestigationId *string

	// Lists if there are more results available. The value of nextToken is a unique
	// pagination token for each page. Repeat the call using the returned token to
	// retrieve the next page. Keep all other arguments unchanged.
	//
	// Each pagination token expires after 24 hours. Using an expired pagination token
	// will return a Validation Exception error.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListInvestigationsInput 

type ListInvestigationsInput struct {

	// The Amazon Resource Name (ARN) of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// Filters the investigation results based on a criteria.
	FilterCriteria *types.FilterCriteria

	// Lists the maximum number of investigations in a page.
	MaxResults *int32

	// Lists if there are more results available. The value of nextToken is a unique
	// pagination token for each page. Repeat the call using the returned token to
	// retrieve the next page. Keep all other arguments unchanged.
	//
	// Each pagination token expires after 24 hours. Using an expired pagination token
	// will return a Validation Exception error.
	NextToken *string

	// Sorts the investigation results based on a criteria.
	SortCriteria *types.SortCriteria
	// contains filtered or unexported fields
}

type ListInvestigationsOutput 

type ListInvestigationsOutput struct {

	// Lists the summary of uncommon behavior or malicious activity which indicates a
	// compromise.
	InvestigationDetails []types.InvestigationDetail

	// Lists if there are more results available. The value of nextToken is a unique
	// pagination token for each page. Repeat the call using the returned token to
	// retrieve the next page. Keep all other arguments unchanged.
	//
	// Each pagination token expires after 24 hours.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListInvitationsAPIClient 

type ListInvitationsAPIClient interface {
	ListInvitations(context.Context, *ListInvitationsInput, ...func(*Options)) (*ListInvitationsOutput, error)
}

ListInvitationsAPIClient is a client that implements the ListInvitations operation.

type ListInvitationsInput 

type ListInvitationsInput struct {

	// The maximum number of behavior graph invitations to return in the response. The
	// total must be less than the overall limit on the number of results to return,
	// which is currently 200.
	MaxResults *int32

	// For requests to retrieve the next page of results, the pagination token that
	// was returned with the previous page of results. The initial request does not
	// include a pagination token.
	NextToken *string
	// contains filtered or unexported fields
}

type ListInvitationsOutput 

type ListInvitationsOutput struct {

	// The list of behavior graphs for which the member account has open or accepted
	// invitations.
	Invitations []types.MemberDetail

	// If there are more behavior graphs remaining in the results, then this is the
	// pagination token to use to request the next page of behavior graphs.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListInvitationsPaginator 

type ListInvitationsPaginator struct {
	// contains filtered or unexported fields
}

ListInvitationsPaginator is a paginator for ListInvitations

func NewListInvitationsPaginator 

func NewListInvitationsPaginator(client ListInvitationsAPIClient, params *ListInvitationsInput, optFns ...func(*ListInvitationsPaginatorOptions)) *ListInvitationsPaginator

NewListInvitationsPaginator returns a new ListInvitationsPaginator

func (*ListInvitationsPaginator) HasMorePages 

func (p *ListInvitationsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListInvitationsPaginator) NextPage 

func (p *ListInvitationsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListInvitationsOutput, error)

NextPage retrieves the next ListInvitations page.

type ListInvitationsPaginatorOptions 

type ListInvitationsPaginatorOptions struct {
	// The maximum number of behavior graph invitations to return in the response. The
	// total must be less than the overall limit on the number of results to return,
	// which is currently 200.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListInvitationsPaginatorOptions is the paginator options for ListInvitations

type ListMembersAPIClient 

type ListMembersAPIClient interface {
	ListMembers(context.Context, *ListMembersInput, ...func(*Options)) (*ListMembersOutput, error)
}

ListMembersAPIClient is a client that implements the ListMembers operation.

type ListMembersInput 

type ListMembersInput struct {

	// The ARN of the behavior graph for which to retrieve the list of member accounts.
	//
	// This member is required.
	GraphArn *string

	// The maximum number of member accounts to include in the response. The total
	// must be less than the overall limit on the number of results to return, which is
	// currently 200.
	MaxResults *int32

	// For requests to retrieve the next page of member account results, the
	// pagination token that was returned with the previous page of results. The
	// initial request does not include a pagination token.
	NextToken *string
	// contains filtered or unexported fields
}

type ListMembersOutput 

type ListMembersOutput struct {

	// The list of member accounts in the behavior graph.
	//
	// For invited accounts, the results include member accounts that did not pass
	// verification and member accounts that have not yet accepted the invitation to
	// the behavior graph. The results do not include member accounts that were removed
	// from the behavior graph.
	//
	// For the organization behavior graph, the results do not include organization
	// accounts that the Detective administrator account has not enabled as member
	// accounts.
	MemberDetails []types.MemberDetail

	// If there are more member accounts remaining in the results, then use this
	// pagination token to request the next page of member accounts.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListMembersPaginator 

type ListMembersPaginator struct {
	// contains filtered or unexported fields
}

ListMembersPaginator is a paginator for ListMembers

func NewListMembersPaginator 

func NewListMembersPaginator(client ListMembersAPIClient, params *ListMembersInput, optFns ...func(*ListMembersPaginatorOptions)) *ListMembersPaginator

NewListMembersPaginator returns a new ListMembersPaginator

func (*ListMembersPaginator) HasMorePages 

func (p *ListMembersPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListMembersPaginator) NextPage 

func (p *ListMembersPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListMembersOutput, error)

NextPage retrieves the next ListMembers page.

type ListMembersPaginatorOptions 

type ListMembersPaginatorOptions struct {
	// The maximum number of member accounts to include in the response. The total
	// must be less than the overall limit on the number of results to return, which is
	// currently 200.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListMembersPaginatorOptions is the paginator options for ListMembers

type ListOrganizationAdminAccountsAPIClient 

type ListOrganizationAdminAccountsAPIClient interface {
	ListOrganizationAdminAccounts(context.Context, *ListOrganizationAdminAccountsInput, ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)
}

ListOrganizationAdminAccountsAPIClient is a client that implements the ListOrganizationAdminAccounts operation.

type ListOrganizationAdminAccountsInput 

type ListOrganizationAdminAccountsInput struct {

	// The maximum number of results to return.
	MaxResults *int32

	// For requests to get the next page of results, the pagination token that was
	// returned with the previous set of results. The initial request does not include
	// a pagination token.
	NextToken *string
	// contains filtered or unexported fields
}

type ListOrganizationAdminAccountsOutput 

type ListOrganizationAdminAccountsOutput struct {

	// The list of Detective administrator accounts.
	Administrators []types.Administrator

	// If there are more accounts remaining in the results, then this is the
	// pagination token to use to request the next page of accounts.
	NextToken *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ListOrganizationAdminAccountsPaginator 

type ListOrganizationAdminAccountsPaginator struct {
	// contains filtered or unexported fields
}

ListOrganizationAdminAccountsPaginator is a paginator for ListOrganizationAdminAccounts

func NewListOrganizationAdminAccountsPaginator 

func NewListOrganizationAdminAccountsPaginator(client ListOrganizationAdminAccountsAPIClient, params *ListOrganizationAdminAccountsInput, optFns ...func(*ListOrganizationAdminAccountsPaginatorOptions)) *ListOrganizationAdminAccountsPaginator

NewListOrganizationAdminAccountsPaginator returns a new ListOrganizationAdminAccountsPaginator

func (*ListOrganizationAdminAccountsPaginator) HasMorePages 

func (p *ListOrganizationAdminAccountsPaginator) HasMorePages() bool

HasMorePages returns a boolean indicating whether more pages are available

func (*ListOrganizationAdminAccountsPaginator) NextPage 

func (p *ListOrganizationAdminAccountsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListOrganizationAdminAccountsOutput, error)

NextPage retrieves the next ListOrganizationAdminAccounts page.

type ListOrganizationAdminAccountsPaginatorOptions 

type ListOrganizationAdminAccountsPaginatorOptions struct {
	// The maximum number of results to return.
	Limit int32

	// Set to true if pagination should stop if the service returns a pagination token
	// that matches the most recent token provided to the service.
	StopOnDuplicateToken bool
}

ListOrganizationAdminAccountsPaginatorOptions is the paginator options for ListOrganizationAdminAccounts

type ListTagsForResourceInput 

type ListTagsForResourceInput struct {

	// The ARN of the behavior graph for which to retrieve the tag values.
	//
	// This member is required.
	ResourceArn *string
	// contains filtered or unexported fields
}

type ListTagsForResourceOutput 

type ListTagsForResourceOutput struct {

	// The tag values that are assigned to the behavior graph. The request returns up
	// to 50 tag values.
	Tags map[string]string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type Options 

type Options struct {
	// Set of options to modify how an operation is invoked. These apply to all
	// operations invoked for this client. Use functional options on operation call to
	// modify this list for per operation behavior.
	APIOptions []func(*middleware.Stack) error

	// The optional application specific identifier appended to the User-Agent header.
	AppID string

	// This endpoint will be given as input to an EndpointResolverV2. It is used for
	// providing a custom base endpoint that is subject to modifications by the
	// processing EndpointResolverV2.
	BaseEndpoint *string

	// Configures the events that will be sent to the configured logger.
	ClientLogMode aws.ClientLogMode

	// The credentials object to use when signing requests.
	Credentials aws.CredentialsProvider

	// The configuration DefaultsMode that the SDK should use when constructing the
	// clients initial default settings.
	DefaultsMode aws.DefaultsMode

	// The endpoint options to be used when attempting to resolve an endpoint.
	EndpointOptions EndpointResolverOptions

	// The service endpoint resolver.
	//
	// Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a
	// value for this field will likely prevent you from using any endpoint-related
	// service features released after the introduction of EndpointResolverV2 and
	// BaseEndpoint.
	//
	// To migrate an EndpointResolver implementation that uses a custom endpoint, set
	// the client option BaseEndpoint instead.
	EndpointResolver EndpointResolver

	// Resolves the endpoint used for a particular service operation. This should be
	// used over the deprecated EndpointResolver.
	EndpointResolverV2 EndpointResolverV2

	// Signature Version 4 (SigV4) Signer
	HTTPSignerV4 HTTPSignerV4

	// The logger writer interface to write logging messages to.
	Logger logging.Logger

	// The region to send requests to. (Required)
	Region string

	// RetryMaxAttempts specifies the maximum number attempts an API client will call
	// an operation that fails with a retryable error. A value of 0 is ignored, and
	// will not be used to configure the API client created default retryer, or modify
	// per operation call's retry max attempts.
	//
	// If specified in an operation call's functional options with a value that is
	// different than the constructed client's Options, the Client's Retryer will be
	// wrapped to use the operation's specific RetryMaxAttempts value.
	RetryMaxAttempts int

	// RetryMode specifies the retry mode the API client will be created with, if
	// Retryer option is not also specified.
	//
	// When creating a new API Clients this member will only be used if the Retryer
	// Options member is nil. This value will be ignored if Retryer is not nil.
	//
	// Currently does not support per operation call overrides, may in the future.
	RetryMode aws.RetryMode

	// Retryer guides how HTTP requests should be retried in case of recoverable
	// failures. When nil the API client will use a default retryer. The kind of
	// default retry created by the API client can be changed with the RetryMode
	// option.
	Retryer aws.Retryer

	// The RuntimeEnvironment configuration, only populated if the DefaultsMode is set
	// to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You
	// should not populate this structure programmatically, or rely on the values here
	// within your applications.
	RuntimeEnvironment aws.RuntimeEnvironment

	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
	// implementation if nil.
	HTTPClient HTTPClient

	// The auth scheme resolver which determines how to authenticate for each
	// operation.
	AuthSchemeResolver AuthSchemeResolver

	// The list of auth schemes supported by the client.
	AuthSchemes []smithyhttp.AuthScheme
	// contains filtered or unexported fields
}

func (Options) Copy 

func (o Options) Copy() Options

Copy creates a clone where the APIOptions list is deep copied.

func (Options) GetIdentityResolver 

func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver

type RejectInvitationInput 

type RejectInvitationInput struct {

	// The ARN of the behavior graph to reject the invitation to.
	//
	// The member account's current member status in the behavior graph must be INVITED
	// .
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type RejectInvitationOutput 

type RejectInvitationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type ResolveEndpoint 

type ResolveEndpoint struct {
	Resolver EndpointResolver
	Options  EndpointResolverOptions
}

func (*ResolveEndpoint) HandleSerialize 

func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
	out middleware.SerializeOutput, metadata middleware.Metadata, err error,
)

func (*ResolveEndpoint) ID 

func (*ResolveEndpoint) ID() string

type StartInvestigationInput 

type StartInvestigationInput struct {

	// The unique Amazon Resource Name (ARN) of the IAM user and IAM role.
	//
	// This member is required.
	EntityArn *string

	// The Amazon Resource Name (ARN) of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// The data and time when the investigation ended. The value is an UTC ISO8601
	// formatted string. For example, 2021-08-18T16:35:56.284Z .
	//
	// This member is required.
	ScopeEndTime *time.Time

	// The data and time when the investigation began. The value is an UTC ISO8601
	// formatted string. For example, 2021-08-18T16:35:56.284Z .
	//
	// This member is required.
	ScopeStartTime *time.Time
	// contains filtered or unexported fields
}

type StartInvestigationOutput 

type StartInvestigationOutput struct {

	// The investigation ID of the investigation report.
	InvestigationId *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type StartMonitoringMemberInput 

type StartMonitoringMemberInput struct {

	// The account ID of the member account to try to enable.
	//
	// The account must be an invited member account with a status of
	// ACCEPTED_BUT_DISABLED .
	//
	// This member is required.
	AccountId *string

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type StartMonitoringMemberOutput 

type StartMonitoringMemberOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type TagResourceInput 

type TagResourceInput struct {

	// The ARN of the behavior graph to assign the tags to.
	//
	// This member is required.
	ResourceArn *string

	// The tags to assign to the behavior graph. You can add up to 50 tags. For each
	// tag, you provide the tag key and the tag value. Each tag key can contain up to
	// 128 characters. Each tag value can contain up to 256 characters.
	//
	// This member is required.
	Tags map[string]string
	// contains filtered or unexported fields
}

type TagResourceOutput 

type TagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UntagResourceInput 

type UntagResourceInput struct {

	// The ARN of the behavior graph to remove the tags from.
	//
	// This member is required.
	ResourceArn *string

	// The tag keys of the tags to remove from the behavior graph. You can remove up
	// to 50 tags at a time.
	//
	// This member is required.
	TagKeys []string
	// contains filtered or unexported fields
}

type UntagResourceOutput 

type UntagResourceOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateDatasourcePackagesInput 

type UpdateDatasourcePackagesInput struct {

	// The data source package start for the behavior graph.
	//
	// This member is required.
	DatasourcePackages []types.DatasourcePackage

	// The ARN of the behavior graph.
	//
	// This member is required.
	GraphArn *string
	// contains filtered or unexported fields
}

type UpdateDatasourcePackagesOutput 

type UpdateDatasourcePackagesOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateInvestigationStateInput 

type UpdateInvestigationStateInput struct {

	// The Amazon Resource Name (ARN) of the behavior graph.
	//
	// This member is required.
	GraphArn *string

	// The investigation ID of the investigation report.
	//
	// This member is required.
	InvestigationId *string

	// The current state of the investigation. An archived investigation indicates you
	// have completed reviewing the investigation.
	//
	// This member is required.
	State types.State
	// contains filtered or unexported fields
}

type UpdateInvestigationStateOutput 

type UpdateInvestigationStateOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

type UpdateOrganizationConfigurationInput 

type UpdateOrganizationConfigurationInput struct {

	// The ARN of the organization behavior graph.
	//
	// This member is required.
	GraphArn *string

	// Indicates whether to automatically enable new organization accounts as member
	// accounts in the organization behavior graph.
	AutoEnable bool
	// contains filtered or unexported fields
}

type UpdateOrganizationConfigurationOutput 

type UpdateOrganizationConfigurationOutput struct {
	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis
internal
endpoints

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.