software.amazon.awssdk.services.guardduty.model

Interface CreateFilterRequest.Builder

All Superinterfaces:

AwsRequest.Builder, Buildable, CopyableBuilder<CreateFilterRequest.Builder,CreateFilterRequest>, GuardDutyRequest.Builder, SdkBuilder<CreateFilterRequest.Builder,CreateFilterRequest>, SdkPojo, SdkRequest.Builder

Enclosing class:

CreateFilterRequest

public static interface CreateFilterRequest.Builder
extends GuardDutyRequest.Builder, SdkPojo, CopyableBuilder<CreateFilterRequest.Builder,CreateFilterRequest>

Method Summary

Modifier and Type	Method and Description
CreateFilterRequest.Builder	action(FilterAction action) Specifies the action that is to be applied to the findings that match the filter.
CreateFilterRequest.Builder	action(String action) Specifies the action that is to be applied to the findings that match the filter.
CreateFilterRequest.Builder	clientToken(String clientToken) The idempotency token for the create request.
CreateFilterRequest.Builder	description(String description) The description of the filter.
CreateFilterRequest.Builder	detectorId(String detectorId) The ID of the detector belonging to the GuardDuty account that you want to create a filter for.
default CreateFilterRequest.Builder	findingCriteria(Consumer<FindingCriteria.Builder> findingCriteria) Represents the criteria to be used in the filter for querying findings.
CreateFilterRequest.Builder	findingCriteria(FindingCriteria findingCriteria) Represents the criteria to be used in the filter for querying findings.
CreateFilterRequest.Builder	name(String name) The name of the filter.
CreateFilterRequest.Builder	overrideConfiguration(AwsRequestOverrideConfiguration overrideConfiguration)
CreateFilterRequest.Builder	overrideConfiguration(Consumer<AwsRequestOverrideConfiguration.Builder> builderConsumer)
CreateFilterRequest.Builder	rank(Integer rank) Specifies the position of the filter in the list of current filters.
CreateFilterRequest.Builder	tags(Map<String,String> tags) The tags to be added to a new filter resource.

Methods inherited from interface software.amazon.awssdk.services.guardduty.model.GuardDutyRequest.Builder

build

Methods inherited from interface software.amazon.awssdk.awscore.AwsRequest.Builder

overrideConfiguration

Methods inherited from interface software.amazon.awssdk.core.SdkPojo

equalsBySdkFields, sdkFields

Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder

copy

Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder

applyMutation, build

Method Detail

detectorId

CreateFilterRequest.Builder detectorId(String detectorId)

The ID of the detector belonging to the GuardDuty account that you want to create a filter for.

Parameters:

detectorId - The ID of the detector belonging to the GuardDuty account that you want to create a filter for.

Returns:

Returns a reference to this object so that method calls can be chained together.

name

CreateFilterRequest.Builder name(String name)

The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.

Parameters:

name - The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.

Returns:

Returns a reference to this object so that method calls can be chained together.

description

CreateFilterRequest.Builder description(String description)

The description of the filter.

Parameters:

description - The description of the filter.

Returns:

Returns a reference to this object so that method calls can be chained together.

action

CreateFilterRequest.Builder action(String action)

Specifies the action that is to be applied to the findings that match the filter.

Parameters:

action - Specifies the action that is to be applied to the findings that match the filter.

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

FilterAction, FilterAction

action

CreateFilterRequest.Builder action(FilterAction action)

Specifies the action that is to be applied to the findings that match the filter.

Parameters:

action - Specifies the action that is to be applied to the findings that match the filter.

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

FilterAction, FilterAction

rank

CreateFilterRequest.Builder rank(Integer rank)

Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Parameters:

rank - Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Returns:

Returns a reference to this object so that method calls can be chained together.

findingCriteria

CreateFilterRequest.Builder findingCriteria(FindingCriteria findingCriteria)

Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

• accountId

• region

• confidence

• id

• resource.accessKeyDetails.accessKeyId

• resource.accessKeyDetails.principalId

• resource.accessKeyDetails.userName

• resource.accessKeyDetails.userType

• resource.instanceDetails.iamInstanceProfile.id

• resource.instanceDetails.imageId

• resource.instanceDetails.instanceId

• resource.instanceDetails.outpostArn

• resource.instanceDetails.networkInterfaces.ipv6Addresses

• resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

• resource.instanceDetails.networkInterfaces.publicDnsName

• resource.instanceDetails.networkInterfaces.publicIp

• resource.instanceDetails.networkInterfaces.securityGroups.groupId

• resource.instanceDetails.networkInterfaces.securityGroups.groupName

• resource.instanceDetails.networkInterfaces.subnetId

• resource.instanceDetails.networkInterfaces.vpcId

• resource.instanceDetails.tags.key

• resource.instanceDetails.tags.value

• resource.resourceType

• service.action.actionType

• service.action.awsApiCallAction.api

• service.action.awsApiCallAction.callerType

• service.action.awsApiCallAction.errorCode

• service.action.awsApiCallAction.remoteIpDetails.city.cityName

• service.action.awsApiCallAction.remoteIpDetails.country.countryName

• service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

• service.action.awsApiCallAction.remoteIpDetails.organization.asn

• service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

• service.action.awsApiCallAction.serviceName

• service.action.dnsRequestAction.domain

• service.action.networkConnectionAction.blocked

• service.action.networkConnectionAction.connectionDirection

• service.action.networkConnectionAction.localPortDetails.port

• service.action.networkConnectionAction.protocol

• service.action.networkConnectionAction.localIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.city.cityName

• service.action.networkConnectionAction.remoteIpDetails.country.countryName

• service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.organization.asn

• service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

• service.action.networkConnectionAction.remotePortDetails.port

• service.additionalInfo.threatListName

• resource.s3BucketDetails.publicAccess.effectivePermissions

• resource.s3BucketDetails.name

• resource.s3BucketDetails.tags.key

• resource.s3BucketDetails.tags.value

• resource.s3BucketDetails.type

• service.archived

  When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.

• service.resourceRole

• severity

• type

• updatedAt

  Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

Parameters:

findingCriteria - Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

• accountId

• region

• confidence

• id

• resource.accessKeyDetails.accessKeyId

• resource.accessKeyDetails.principalId

• resource.accessKeyDetails.userName

• resource.accessKeyDetails.userType

• resource.instanceDetails.iamInstanceProfile.id

• resource.instanceDetails.imageId

• resource.instanceDetails.instanceId

• resource.instanceDetails.outpostArn

• resource.instanceDetails.networkInterfaces.ipv6Addresses

• resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

• resource.instanceDetails.networkInterfaces.publicDnsName

• resource.instanceDetails.networkInterfaces.publicIp

• resource.instanceDetails.networkInterfaces.securityGroups.groupId

• resource.instanceDetails.networkInterfaces.securityGroups.groupName

• resource.instanceDetails.networkInterfaces.subnetId

• resource.instanceDetails.networkInterfaces.vpcId

• resource.instanceDetails.tags.key

• resource.instanceDetails.tags.value

• resource.resourceType

• service.action.actionType

• service.action.awsApiCallAction.api

• service.action.awsApiCallAction.callerType

• service.action.awsApiCallAction.errorCode

• service.action.awsApiCallAction.remoteIpDetails.city.cityName

• service.action.awsApiCallAction.remoteIpDetails.country.countryName

• service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

• service.action.awsApiCallAction.remoteIpDetails.organization.asn

• service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

• service.action.awsApiCallAction.serviceName

• service.action.dnsRequestAction.domain

• service.action.networkConnectionAction.blocked

• service.action.networkConnectionAction.connectionDirection

• service.action.networkConnectionAction.localPortDetails.port

• service.action.networkConnectionAction.protocol

• service.action.networkConnectionAction.localIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.city.cityName

• service.action.networkConnectionAction.remoteIpDetails.country.countryName

• service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.organization.asn

• service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

• service.action.networkConnectionAction.remotePortDetails.port

• service.additionalInfo.threatListName

• resource.s3BucketDetails.publicAccess.effectivePermissions

• resource.s3BucketDetails.name

• resource.s3BucketDetails.tags.key

• resource.s3BucketDetails.tags.value

• resource.s3BucketDetails.type

• service.archived

  When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.

• service.resourceRole

• severity

• type

• updatedAt

  Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

Returns:

Returns a reference to this object so that method calls can be chained together.

findingCriteria

default CreateFilterRequest.Builder findingCriteria(Consumer<FindingCriteria.Builder> findingCriteria)

Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

• accountId

• region

• confidence

• id

• resource.accessKeyDetails.accessKeyId

• resource.accessKeyDetails.principalId

• resource.accessKeyDetails.userName

• resource.accessKeyDetails.userType

• resource.instanceDetails.iamInstanceProfile.id

• resource.instanceDetails.imageId

• resource.instanceDetails.instanceId

• resource.instanceDetails.outpostArn

• resource.instanceDetails.networkInterfaces.ipv6Addresses

• resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

• resource.instanceDetails.networkInterfaces.publicDnsName

• resource.instanceDetails.networkInterfaces.publicIp

• resource.instanceDetails.networkInterfaces.securityGroups.groupId

• resource.instanceDetails.networkInterfaces.securityGroups.groupName

• resource.instanceDetails.networkInterfaces.subnetId

• resource.instanceDetails.networkInterfaces.vpcId

• resource.instanceDetails.tags.key

• resource.instanceDetails.tags.value

• resource.resourceType

• service.action.actionType

• service.action.awsApiCallAction.api

• service.action.awsApiCallAction.callerType

• service.action.awsApiCallAction.errorCode

• service.action.awsApiCallAction.remoteIpDetails.city.cityName

• service.action.awsApiCallAction.remoteIpDetails.country.countryName

• service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

• service.action.awsApiCallAction.remoteIpDetails.organization.asn

• service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

• service.action.awsApiCallAction.serviceName

• service.action.dnsRequestAction.domain

• service.action.networkConnectionAction.blocked

• service.action.networkConnectionAction.connectionDirection

• service.action.networkConnectionAction.localPortDetails.port

• service.action.networkConnectionAction.protocol

• service.action.networkConnectionAction.localIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.city.cityName

• service.action.networkConnectionAction.remoteIpDetails.country.countryName

• service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.organization.asn

• service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

• service.action.networkConnectionAction.remotePortDetails.port

• service.additionalInfo.threatListName

• resource.s3BucketDetails.publicAccess.effectivePermissions

• resource.s3BucketDetails.name

• resource.s3BucketDetails.tags.key

• resource.s3BucketDetails.tags.value

• resource.s3BucketDetails.type

• service.archived

  When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.

• service.resourceRole

• severity

• type

• updatedAt

  Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

This is a convenience method that creates an instance of the FindingCriteria.Builder avoiding the need to create one manually via FindingCriteria.builder(). When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to findingCriteria(FindingCriteria).

Parameters:

findingCriteria - a consumer that will call methods on FindingCriteria.Builder

Returns:

Returns a reference to this object so that method calls can be chained together.

See Also:

findingCriteria(FindingCriteria)

clientToken

CreateFilterRequest.Builder clientToken(String clientToken)

The idempotency token for the create request.

Parameters:

clientToken - The idempotency token for the create request.

Returns:

Returns a reference to this object so that method calls can be chained together.

tags

CreateFilterRequest.Builder tags(Map<String,String> tags)

The tags to be added to a new filter resource.

Parameters:

tags - The tags to be added to a new filter resource.

Returns:

Returns a reference to this object so that method calls can be chained together.

overrideConfiguration

CreateFilterRequest.Builder overrideConfiguration(AwsRequestOverrideConfiguration overrideConfiguration)

Specified by:

overrideConfiguration in interface AwsRequest.Builder

overrideConfiguration

CreateFilterRequest.Builder overrideConfiguration(Consumer<AwsRequestOverrideConfiguration.Builder> builderConsumer)

Specified by:

overrideConfiguration in interface AwsRequest.Builder