| Package | Description |
|---|---|
| com.amazonaws.services.guardduty |
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following foundational
data sources - VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs,
EKS audit logs, DNS logs, Amazon EBS volume data, runtime activity belonging to container workloads, such as Amazon
EKS, Amazon ECS (including Amazon Web Services Fargate), and Amazon EC2 instances.
|
| com.amazonaws.services.guardduty.model |
| Class and Description |
|---|
| AcceptAdministratorInvitationRequest |
| AcceptAdministratorInvitationResult |
| AcceptInvitationRequest |
| AcceptInvitationResult
Deprecated.
|
| AccessControlList
Contains information on the current access control policies for the bucket.
|
| AccessDeniedException
An access denied exception object.
|
| AccessKeyDetails
Contains information about the access keys.
|
| AccountDetail
Contains information about the account.
|
| AccountFreeTrialInfo
Provides details of the GuardDuty member account that uses a free trial service.
|
| AccountLevelPermissions
Contains information about the account level permissions on the S3 bucket.
|
| Action
Contains information about actions.
|
| AddonDetails
Information about the installed EKS add-on (GuardDuty security agent).
|
| AdminAccount
The account within the organization specified as the GuardDuty delegated administrator.
|
| Administrator
Contains information about the administrator account and invitation.
|
| AdminStatus |
| AgentDetails
Information about the installed GuardDuty security agent.
|
| AmazonGuardDutyException
Base exception for all service exceptions thrown by Amazon GuardDuty
|
| Anomaly
Contains information about the anomalies.
|
| AnomalyObject
Contains information about the unusual anomalies.
|
| AnomalyUnusual
Contains information about the behavior of the anomaly that is new to GuardDuty.
|
| ArchiveFindingsRequest |
| ArchiveFindingsResult |
| AutoEnableMembers |
| AwsApiCallAction
Contains information about the API action.
|
| BadRequestException
A bad request exception object.
|
| BlockPublicAccess
Contains information on how the bucker owner's S3 Block Public Access settings are being applied to the S3 bucket.
|
| BucketLevelPermissions
Contains information about the bucket level permissions for the S3 bucket.
|
| BucketPolicy
Contains information on the current bucket policies for the S3 bucket.
|
| City
Contains information about the city associated with the IP address.
|
| CloudTrailConfigurationResult
Contains information on the status of CloudTrail as a data source for the detector.
|
| Condition
Contains information about the condition.
|
| ConflictException
A request conflict exception object.
|
| Container
Details of a container.
|
| ContainerInstanceDetails
Contains information about the Amazon EC2 instance that is running the Amazon ECS container.
|
| Country
Contains information about the country where the remote IP address is located.
|
| CoverageEc2InstanceDetails
Contains information about the Amazon EC2 instance runtime coverage details.
|
| CoverageEcsClusterDetails
Contains information about Amazon ECS cluster runtime coverage details.
|
| CoverageEksClusterDetails
Information about the EKS cluster that has a coverage status.
|
| CoverageFilterCondition
Represents a condition that when matched will be added to the response of the operation.
|
| CoverageFilterCriteria
Represents the criteria used in the filter.
|
| CoverageFilterCriterion
Represents a condition that when matched will be added to the response of the operation.
|
| CoverageFilterCriterionKey |
| CoverageResource
Information about the resource of the GuardDuty account.
|
| CoverageResourceDetails
Information about the resource for each individual EKS cluster.
|
| CoverageSortCriteria
Information about the sorting criteria used in the coverage statistics.
|
| CoverageSortKey |
| CoverageStatistics
Information about the coverage statistics for a resource.
|
| CoverageStatisticsType |
| CoverageStatus |
| CreateDetectorRequest |
| CreateDetectorResult |
| CreateFilterRequest |
| CreateFilterResult |
| CreateIPSetRequest |
| CreateIPSetResult |
| CreateMalwareProtectionPlanRequest |
| CreateMalwareProtectionPlanResult |
| CreateMembersRequest |
| CreateMembersResult |
| CreateProtectedResource
Information about the protected resource that is associated with the created Malware Protection plan.
|
| CreatePublishingDestinationRequest |
| CreatePublishingDestinationResult |
| CreateS3BucketResource
Information about the protected S3 bucket resource.
|
| CreateSampleFindingsRequest |
| CreateSampleFindingsResult |
| CreateThreatIntelSetRequest |
| CreateThreatIntelSetResult |
| CriterionKey |
| DataSource |
| DataSourceConfigurations
Contains information about which data sources are enabled.
|
| DataSourceConfigurationsResult
Contains information on the status of data sources for the detector.
|
| DataSourceFreeTrial
Contains information about which data sources are enabled for the GuardDuty member account.
|
| DataSourcesFreeTrial
Contains information about which data sources are enabled for the GuardDuty member account.
|
| DataSourceStatus |
| DeclineInvitationsRequest |
| DeclineInvitationsResult |
| DefaultServerSideEncryption
Contains information on the server side encryption method used in the S3 bucket.
|
| DeleteDetectorRequest |
| DeleteDetectorResult |
| DeleteFilterRequest |
| DeleteFilterResult |
| DeleteInvitationsRequest |
| DeleteInvitationsResult |
| DeleteIPSetRequest |
| DeleteIPSetResult |
| DeleteMalwareProtectionPlanRequest |
| DeleteMalwareProtectionPlanResult |
| DeleteMembersRequest |
| DeleteMembersResult |
| DeletePublishingDestinationRequest |
| DeletePublishingDestinationResult |
| DeleteThreatIntelSetRequest |
| DeleteThreatIntelSetResult |
| DescribeMalwareScansRequest |
| DescribeMalwareScansResult |
| DescribeOrganizationConfigurationRequest |
| DescribeOrganizationConfigurationResult |
| DescribePublishingDestinationRequest |
| DescribePublishingDestinationResult |
| Destination
Contains information about the publishing destination, including the ID, type, and status.
|
| DestinationProperties
Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS
key to use to encrypt published findings.
|
| DestinationType |
| Detection
Contains information about the detected behavior.
|
| DetectorAdditionalConfiguration
Information about the additional configuration for a feature in your GuardDuty account.
|
| DetectorAdditionalConfigurationResult
Information about the additional configuration.
|
| DetectorFeature |
| DetectorFeatureConfiguration
Contains information about a GuardDuty feature.
|
| DetectorFeatureConfigurationResult
Contains information about a GuardDuty feature.
|
| DetectorFeatureResult |
| DetectorStatus |
| DisableOrganizationAdminAccountRequest |
| DisableOrganizationAdminAccountResult |
| DisassociateFromAdministratorAccountRequest |
| DisassociateFromAdministratorAccountResult |
| DisassociateFromMasterAccountRequest |
| DisassociateFromMasterAccountResult
Deprecated.
|
| DisassociateMembersRequest |
| DisassociateMembersResult |
| DNSLogsConfigurationResult
Contains information on the status of DNS logs as a data source.
|
| DnsRequestAction
Contains information about the DNS_REQUEST action described in this finding.
|
| DomainDetails
Contains information about the domain.
|
| EbsSnapshotPreservation |
| EbsVolumeDetails
Contains list of scanned and skipped EBS volumes with details.
|
| EbsVolumeScanDetails
Contains details from the malware scan that created a finding.
|
| EbsVolumesResult
Describes the configuration of scanning EBS volumes as a data source.
|
| EcsClusterDetails
Contains information about the details of the ECS Cluster.
|
| EcsTaskDetails
Contains information about the task in an ECS cluster.
|
| EksClusterDetails
Details about the EKS cluster involved in a Kubernetes finding.
|
| EnableOrganizationAdminAccountRequest |
| EnableOrganizationAdminAccountResult |
| Evidence
Contains information about the reason that the finding was generated.
|
| FargateDetails
Contains information about Amazon Web Services Fargate details associated with an Amazon ECS cluster.
|
| FeatureAdditionalConfiguration |
| FeatureStatus |
| Feedback |
| FilterAction |
| FilterCondition
Contains information about the condition.
|
| FilterCriteria
Represents the criteria to be used in the filter for describing scan entries.
|
| FilterCriterion
Represents a condition that when matched will be added to the response of the operation.
|
| Finding
Contains information about the finding that is generated when abnormal or suspicious activity is detected.
|
| FindingCriteria
Contains information about the criteria used for querying findings.
|
| FindingPublishingFrequency |
| FindingStatistics
Contains information about finding statistics.
|
| FindingStatisticType |
| FlowLogsConfigurationResult
Contains information on the status of VPC flow logs as a data source.
|
| FreeTrialFeatureConfigurationResult
Contains information about the free trial period for a feature.
|
| FreeTrialFeatureResult |
| GeoLocation
Contains information about the location of the remote IP address.
|
| GetAdministratorAccountRequest |
| GetAdministratorAccountResult |
| GetCoverageStatisticsRequest |
| GetCoverageStatisticsResult |
| GetDetectorRequest |
| GetDetectorResult |
| GetFilterRequest |
| GetFilterResult |
| GetFindingsRequest |
| GetFindingsResult |
| GetFindingsStatisticsRequest |
| GetFindingsStatisticsResult |
| GetInvitationsCountRequest |
| GetInvitationsCountResult |
| GetIPSetRequest |
| GetIPSetResult |
| GetMalwareProtectionPlanRequest |
| GetMalwareProtectionPlanResult |
| GetMalwareScanSettingsRequest |
| GetMalwareScanSettingsResult |
| GetMasterAccountRequest |
| GetMasterAccountResult
Deprecated.
|
| GetMemberDetectorsRequest |
| GetMemberDetectorsResult |
| GetMembersRequest |
| GetMembersResult |
| GetOrganizationStatisticsRequest |
| GetOrganizationStatisticsResult |
| GetRemainingFreeTrialDaysRequest |
| GetRemainingFreeTrialDaysResult |
| GetThreatIntelSetRequest |
| GetThreatIntelSetResult |
| GetUsageStatisticsRequest |
| GetUsageStatisticsResult |
| HighestSeverityThreatDetails
Contains details of the highest severity threat detected during scan and number of infected files.
|
| HostPath
Represents a pre-existing file or directory on the host machine that the volume maps to.
|
| IamInstanceProfile
Contains information about the EC2 instance profile.
|
| ImpersonatedUser
Contains information about the impersonated user.
|
| InstanceDetails
Contains information about the details of an instance.
|
| InternalServerErrorException
An internal server error exception object.
|
| Invitation
Contains information about the invitation to become a member account.
|
| InviteMembersRequest |
| InviteMembersResult |
| IpSetFormat |
| IpSetStatus |
| ItemPath
Information about the nested item path and hash of the protected resource.
|
| KubernetesApiCallAction
Information about the Kubernetes API call action described in this finding.
|
| KubernetesAuditLogsConfiguration
Describes whether Kubernetes audit logs are enabled as a data source.
|
| KubernetesAuditLogsConfigurationResult
Describes whether Kubernetes audit logs are enabled as a data source.
|
| KubernetesConfiguration
Describes whether any Kubernetes data sources are enabled.
|
| KubernetesConfigurationResult
Describes whether any Kubernetes logs will be enabled as a data source.
|
| KubernetesDataSourceFreeTrial
Provides details about the Kubernetes resources when it is enabled as a data source.
|
| KubernetesDetails
Details about Kubernetes resources such as a Kubernetes user or workload resource involved in a Kubernetes finding.
|
| KubernetesPermissionCheckedDetails
Information about the Kubernetes API for which you check if you have permission to call.
|
| KubernetesRoleBindingDetails
Contains information about the role binding that grants the permission defined in a Kubernetes role.
|
| KubernetesRoleDetails
Information about the Kubernetes role name and role type.
|
| KubernetesUserDetails
Details about the Kubernetes user involved in a Kubernetes finding.
|
| KubernetesWorkloadDetails
Details about the Kubernetes workload involved in a Kubernetes finding.
|
| LambdaDetails
Information about the Lambda function involved in the finding.
|
| LineageObject
Information about the runtime process details.
|
| ListCoverageRequest |
| ListCoverageResult |
| ListDetectorsRequest |
| ListDetectorsResult |
| ListFiltersRequest |
| ListFiltersResult |
| ListFindingsRequest |
| ListFindingsResult |
| ListInvitationsRequest |
| ListInvitationsResult |
| ListIPSetsRequest |
| ListIPSetsResult |
| ListMalwareProtectionPlansRequest |
| ListMalwareProtectionPlansResult |
| ListMembersRequest |
| ListMembersResult |
| ListOrganizationAdminAccountsRequest |
| ListOrganizationAdminAccountsResult |
| ListPublishingDestinationsRequest |
| ListPublishingDestinationsResult |
| ListTagsForResourceRequest |
| ListTagsForResourceResult |
| ListThreatIntelSetsRequest |
| ListThreatIntelSetsResult |
| LocalIpDetails
Contains information about the local IP address of the connection.
|
| LocalPortDetails
Contains information about the port for the local connection.
|
| LoginAttribute
Information about the login attempts.
|
| MalwareProtectionConfiguration
Describes whether Malware Protection will be enabled as a data source.
|
| MalwareProtectionConfigurationResult
An object that contains information on the status of all Malware Protection data sources.
|
| MalwareProtectionDataSourceFreeTrial
Provides details about Malware Protection when it is enabled as a data source.
|
| MalwareProtectionPlanActions
Information about whether the tags will be added to the S3 object after scanning.
|
| MalwareProtectionPlanStatus |
| MalwareProtectionPlanStatusReason
Information about the issue code and message associated to the status of your Malware Protection plan.
|
| MalwareProtectionPlanSummary
Information about the Malware Protection plan resource.
|
| MalwareProtectionPlanTaggingAction
Information about adding tags to the scanned S3 object after the scan result.
|
| MalwareProtectionPlanTaggingActionStatus |
| MalwareScanDetails
Information about the malware scan that generated a GuardDuty finding.
|
| ManagementType |
| Master
Contains information about the administrator account and invitation.
|
| Member
Contains information about the member account.
|
| MemberAdditionalConfiguration
Information about the additional configuration for the member account.
|
| MemberAdditionalConfigurationResult
Information about the additional configuration for the member account.
|
| MemberDataSourceConfiguration
Contains information on which data sources are enabled for a member account.
|
| MemberFeaturesConfiguration
Contains information about the features for the member account.
|
| MemberFeaturesConfigurationResult
Contains information about the features for the member account.
|
| NetworkConnectionAction
Contains information about the NETWORK_CONNECTION action described in the finding.
|
| NetworkInterface
Contains information about the elastic network interface of the EC2 instance.
|
| Observations
Contains information about the observed behavior.
|
| OrderBy |
| Organization
Contains information about the ISP organization of the remote IP address.
|
| OrganizationAdditionalConfiguration
A list of additional configurations which will be configured for the organization.
|
| OrganizationAdditionalConfigurationResult
A list of additional configuration which will be configured for the organization.
|
| OrganizationDataSourceConfigurations
An object that contains information on which data sources will be configured to be automatically enabled for new
members within the organization.
|
| OrganizationDataSourceConfigurationsResult
An object that contains information on which data sources are automatically enabled for new members within the
organization.
|
| OrganizationDetails
Information about GuardDuty coverage statistics for members in your Amazon Web Services organization.
|
| OrganizationEbsVolumes
Organization-wide EBS volumes scan configuration.
|
| OrganizationEbsVolumesResult
An object that contains information on the status of whether EBS volumes scanning will be enabled as a data source
for an organization.
|
| OrganizationFeatureConfiguration
A list of features which will be configured for the organization.
|
| OrganizationFeatureConfigurationResult
A list of features which will be configured for the organization.
|
| OrganizationFeatureStatistics
Information about the number of accounts that have enabled a specific feature.
|
| OrganizationFeatureStatisticsAdditionalConfiguration
Information about the coverage statistic for the additional configuration of the feature.
|
| OrganizationKubernetesAuditLogsConfiguration
Organization-wide Kubernetes audit logs configuration.
|
| OrganizationKubernetesAuditLogsConfigurationResult
The current configuration of Kubernetes audit logs as a data source for the organization.
|
| OrganizationKubernetesConfiguration
Organization-wide Kubernetes data sources configurations.
|
| OrganizationKubernetesConfigurationResult
The current configuration of all Kubernetes data sources for the organization.
|
| OrganizationMalwareProtectionConfiguration
Organization-wide Malware Protection configurations.
|
| OrganizationMalwareProtectionConfigurationResult
An object that contains information on the status of all Malware Protection data source for an organization.
|
| OrganizationS3LogsConfiguration
Describes whether S3 data event logs will be automatically enabled for new members of the organization.
|
| OrganizationS3LogsConfigurationResult
The current configuration of S3 data event logs as a data source for the organization.
|
| OrganizationScanEc2InstanceWithFindings
Organization-wide EC2 instances with findings scan configuration.
|
| OrganizationScanEc2InstanceWithFindingsResult
An object that contains information on the status of scanning EC2 instances with findings for an organization.
|
| OrganizationStatistics
Information about the coverage statistics of the features for the entire Amazon Web Services organization.
|
| OrgFeature |
| OrgFeatureAdditionalConfiguration |
| OrgFeatureStatus |
| Owner
Contains information on the owner of the bucket.
|
| PermissionConfiguration
Contains information about how permissions are configured for the S3 bucket.
|
| PortProbeAction
Contains information about the PORT_PROBE action described in the finding.
|
| PortProbeDetail
Contains information about the port probe details.
|
| PrivateIpAddressDetails
Contains other private IP address information of the EC2 instance.
|
| ProcessDetails
Information about the observed process.
|
| ProductCode
Contains information about the product code for the EC2 instance.
|
| ProfileSubtype |
| ProfileType |
| PublicAccess
Describes the public access policies that apply to the S3 bucket.
|
| PublishingStatus |
| RdsDbInstanceDetails
Contains information about the resource type
RDSDBInstance involved in a GuardDuty finding. |
| RdsDbUserDetails
Contains information about the user and authentication details for a database instance involved in the finding.
|
| RdsLoginAttemptAction
Indicates that a login attempt was made to the potentially compromised database from a remote IP address.
|
| RemoteAccountDetails
Contains details about the remote Amazon Web Services account that made the API call.
|
| RemoteIpDetails
Contains information about the remote IP address of the connection.
|
| RemotePortDetails
Contains information about the remote port.
|
| Resource
Contains information about the Amazon Web Services resource associated with the activity that prompted GuardDuty to
generate a finding.
|
| ResourceDetails
Represents the resources that were scanned in the scan entry.
|
| ResourceNotFoundException
The requested resource can't be found.
|
| ResourceType |
| RuntimeContext
Additional information about the suspicious activity.
|
| RuntimeDetails
Information about the process and any required context values for a specific finding.
|
| S3BucketDetail
Contains information on the S3 bucket.
|
| S3LogsConfiguration
Describes whether S3 data event logs will be enabled as a data source.
|
| S3LogsConfigurationResult
Describes whether S3 data event logs will be enabled as a data source.
|
| S3ObjectDetail
Information about the S3 object that was scanned
|
| Scan
Contains information about a malware scan.
|
| ScanCondition
Contains information about the condition.
|
| ScanConditionPair
Represents the
key:value pair to be matched against given resource property. |
| ScanCriterionKey
An enum value representing possible resource properties to match with given scan condition.
|
| ScanDetections
Contains a complete view providing malware scan result details.
|
| ScanEc2InstanceWithFindings
Describes whether Malware Protection for EC2 instances with findings will be enabled as a data source.
|
| ScanEc2InstanceWithFindingsResult
An object that contains information on the status of whether Malware Protection for EC2 instances with findings will
be enabled as a data source.
|
| ScanFilePath
Contains details of infected file including name, file path and hash.
|
| ScannedItemCount
Total number of scanned files.
|
| ScanResourceCriteria
Contains information about criteria used to filter resources before triggering malware scan.
|
| ScanResult |
| ScanResultDetails
Represents the result of the scan.
|
| ScanStatus |
| ScanThreatName
Contains files infected with the given threat providing details of malware name and severity.
|
| ScanType |
| SecurityContext
Container security context.
|
| SecurityGroup
Contains information about the security groups associated with the EC2 instance.
|
| Service
Contains additional information about the generated finding.
|
| ServiceAdditionalInfo
Additional information about the generated finding.
|
| SortCriteria
Contains information about the criteria used for sorting findings.
|
| StartMalwareScanRequest |
| StartMalwareScanResult |
| StartMonitoringMembersRequest |
| StartMonitoringMembersResult |
| StopMonitoringMembersRequest |
| StopMonitoringMembersResult |
| Tag
Contains information about a tag associated with the EC2 instance.
|
| TagResourceRequest |
| TagResourceResult |
| Threat
Information about the detected threats associated with the generated finding.
|
| ThreatDetectedByName
Contains details about identified threats organized by threat name.
|
| ThreatIntelligenceDetail
An instance of a threat intelligence detail that constitutes evidence for the finding.
|
| ThreatIntelSetFormat |
| ThreatIntelSetStatus |
| ThreatsDetectedItemCount
Contains total number of infected files.
|
| Total
Contains the total usage with the corresponding currency unit for that value.
|
| TriggerDetails
Represents the reason the scan was triggered.
|
| UnarchiveFindingsRequest |
| UnarchiveFindingsResult |
| UnprocessedAccount
Contains information about the accounts that weren't processed.
|
| UnprocessedDataSourcesResult
Specifies the names of the data sources that couldn't be enabled.
|
| UntagResourceRequest |
| UntagResourceResult |
| UpdateDetectorRequest |
| UpdateDetectorResult |
| UpdateFilterRequest |
| UpdateFilterResult |
| UpdateFindingsFeedbackRequest |
| UpdateFindingsFeedbackResult |
| UpdateIPSetRequest |
| UpdateIPSetResult |
| UpdateMalwareProtectionPlanRequest |
| UpdateMalwareProtectionPlanResult |
| UpdateMalwareScanSettingsRequest |
| UpdateMalwareScanSettingsResult |
| UpdateMemberDetectorsRequest |
| UpdateMemberDetectorsResult |
| UpdateOrganizationConfigurationRequest |
| UpdateOrganizationConfigurationResult |
| UpdateProtectedResource
Information about the protected resource that is associated with the created Malware Protection plan.
|
| UpdatePublishingDestinationRequest |
| UpdatePublishingDestinationResult |
| UpdateS3BucketResource
Information about the protected S3 bucket resource.
|
| UpdateThreatIntelSetRequest |
| UpdateThreatIntelSetResult |
| UsageAccountResult
Contains information on the total of usage based on account IDs.
|
| UsageCriteria
Contains information about the criteria used to query usage statistics.
|
| UsageDataSourceResult
Contains information on the result of usage based on data source type.
|
| UsageFeature |
| UsageFeatureResult
Contains information about the result of the total usage based on the feature.
|
| UsageResourceResult
Contains information on the sum of usage based on an Amazon Web Services resource.
|
| UsageStatistics
Contains the result of GuardDuty usage.
|
| UsageStatisticType |
| UsageTopAccountResult
Contains information on the total of usage based on the topmost 50 account IDs.
|
| UsageTopAccountsResult
Information about the usage statistics, calculated by top accounts by feature.
|
| Volume
Volume used by the Kubernetes workload.
|
| VolumeDetail
Contains EBS volume details.
|
| VolumeMount
Container volume mount.
|
| VpcConfig
Amazon Virtual Private Cloud configuration details associated with your Lambda function.
|
Copyright © 2025. All rights reserved.