Interface DetectorEvents.GuardDutyFinding.Service
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
DetectorEvents.GuardDutyFinding.Service.Jsii$Proxy
- Enclosing class:
DetectorEvents.GuardDutyFinding
@Stability(Experimental)
public static interface DetectorEvents.GuardDutyFinding.Service
extends software.amazon.jsii.JsiiSerializable
(experimental) Type definition for Service.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.mixins.preview.services.guardduty.events.*;
Object additionalScannedPorts;
Object unusual;
Service service = Service.builder()
.action(Action.builder()
.actionType(List.of("actionType"))
.awsApiCallAction(AwsApiCallAction1.builder()
.affectedResources(AffectedResources1.builder()
.awsCloudTrailTrail(List.of("awsCloudTrailTrail"))
.awsEc2Instance(List.of("awsEc2Instance"))
.awsS3Bucket(List.of("awsS3Bucket"))
.build())
.api(List.of("api"))
.callerType(List.of("callerType"))
.errorCode(List.of("errorCode"))
.remoteAccountDetails(RemoteAccountDetails.builder()
.accountId(List.of("accountId"))
.affiliated(List.of("affiliated"))
.build())
.remoteIpDetails(RemoteIpDetails1.builder()
.city(City1.builder()
.cityName(List.of("cityName"))
.build())
.country(Country1.builder()
.countryName(List.of("countryName"))
.build())
.geoLocation(GeoLocation.builder()
.lat(List.of("lat"))
.lon(List.of("lon"))
.build())
.ipAddressV4(List.of("ipAddressV4"))
.organization(Organization1.builder()
.asn(List.of("asn"))
.asnOrg(List.of("asnOrg"))
.isp(List.of("isp"))
.org(List.of("org"))
.build())
.build())
.serviceName(List.of("serviceName"))
.build())
.dnsRequestAction(DnsRequestAction.builder()
.blocked(List.of("blocked"))
.domain(List.of("domain"))
.protocol(List.of("protocol"))
.build())
.kubernetesApiCallAction(KubernetesApiCallAction.builder()
.parameters(List.of("parameters"))
.remoteIpDetails(RemoteIpDetails2.builder()
.city(City2.builder()
.cityName(List.of("cityName"))
.build())
.country(Country2.builder()
.countryName(List.of("countryName"))
.build())
.geoLocation(GeoLocation.builder()
.lat(List.of("lat"))
.lon(List.of("lon"))
.build())
.ipAddressV4(List.of("ipAddressV4"))
.organization(Organization2.builder()
.asn(List.of("asn"))
.asnOrg(List.of("asnOrg"))
.isp(List.of("isp"))
.org(List.of("org"))
.build())
.build())
.requestUri(List.of("requestUri"))
.sourceIPs(List.of("sourceIPs"))
.statusCode(List.of("statusCode"))
.userAgent(List.of("userAgent"))
.verb(List.of("verb"))
.build())
.networkConnectionAction(NetworkConnectionAction.builder()
.blocked(List.of("blocked"))
.connectionDirection(List.of("connectionDirection"))
.localIpDetails(LocalIpDetails.builder()
.ipAddressV4(List.of("ipAddressV4"))
.build())
.localPortDetails(LocalPortDetails.builder()
.port(List.of("port"))
.portName(List.of("portName"))
.build())
.protocol(List.of("protocol"))
.remoteIpDetails(RemoteIpDetails3.builder()
.city(City3.builder()
.cityName(List.of("cityName"))
.build())
.country(Country3.builder()
.countryName(List.of("countryName"))
.build())
.geoLocation(GeoLocation.builder()
.lat(List.of("lat"))
.lon(List.of("lon"))
.build())
.ipAddressV4(List.of("ipAddressV4"))
.organization(Organization3.builder()
.asn(List.of("asn"))
.asnOrg(List.of("asnOrg"))
.isp(List.of("isp"))
.org(List.of("org"))
.build())
.build())
.remotePortDetails(RemotePortDetails.builder()
.port(List.of("port"))
.portName(List.of("portName"))
.build())
.build())
.portProbeAction(PortProbeAction.builder()
.blocked(List.of("blocked"))
.portProbeDetails(List.of(PortProbeActionItem.builder()
.localIpDetails(LocalIpDetails1.builder()
.ipAddressV4(List.of("ipAddressV4"))
.build())
.localPortDetails(LocalPortDetails1.builder()
.port(List.of("port"))
.portName(List.of("portName"))
.build())
.remoteIpDetails(RemoteIpDetails4.builder()
.city(City4.builder()
.cityName(List.of("cityName"))
.build())
.country(Country4.builder()
.countryName(List.of("countryName"))
.build())
.geoLocation(GeoLocation1.builder()
.lat(List.of("lat"))
.lon(List.of("lon"))
.build())
.ipAddressV4(List.of("ipAddressV4"))
.organization(Organization4.builder()
.asn(List.of("asn"))
.asnOrg(List.of("asnOrg"))
.isp(List.of("isp"))
.org(List.of("org"))
.build())
.build())
.build()))
.build())
.build())
.additionalInfo(AdditionalInfo.builder()
.additionalScannedPorts(List.of(additionalScannedPorts))
.anomalies(Anomalies.builder()
.anomalousApIs(List.of("anomalousApIs"))
.build())
.apiCalls(List.of(AdditionalInfoItem.builder()
.count(List.of("count"))
.firstSeen(List.of("firstSeen"))
.lastSeen(List.of("lastSeen"))
.name(List.of("name"))
.build()))
.domain(List.of("domain"))
.inBytes(List.of("inBytes"))
.localPort(List.of("localPort"))
.newPolicy(NewPolicy.builder()
.allowUsersToChangePassword(List.of("allowUsersToChangePassword"))
.hardExpiry(List.of("hardExpiry"))
.maxPasswordAge(List.of("maxPasswordAge"))
.minimumPasswordLength(List.of("minimumPasswordLength"))
.passwordReusePrevention(List.of("passwordReusePrevention"))
.requireLowercaseCharacters(List.of("requireLowercaseCharacters"))
.requireNumbers(List.of("requireNumbers"))
.requireSymbols(List.of("requireSymbols"))
.requireUppercaseCharacters(List.of("requireUppercaseCharacters"))
.build())
.oldPolicy(OldPolicy.builder()
.allowUsersToChangePassword(List.of("allowUsersToChangePassword"))
.hardExpiry(List.of("hardExpiry"))
.maxPasswordAge(List.of("maxPasswordAge"))
.minimumPasswordLength(List.of("minimumPasswordLength"))
.passwordReusePrevention(List.of("passwordReusePrevention"))
.requireLowercaseCharacters(List.of("requireLowercaseCharacters"))
.requireNumbers(List.of("requireNumbers"))
.requireSymbols(List.of("requireSymbols"))
.requireUppercaseCharacters(List.of("requireUppercaseCharacters"))
.build())
.outBytes(List.of("outBytes"))
.portsScannedSample(List.of(123))
.profiledBehavior(ProfiledBehavior.builder()
.frequentProfiledApIsAccountProfiling(List.of("frequentProfiledApIsAccountProfiling"))
.frequentProfiledApIsUserIdentityProfiling(List.of("frequentProfiledApIsUserIdentityProfiling"))
.frequentProfiledAsNsAccountProfiling(List.of("frequentProfiledAsNsAccountProfiling"))
.frequentProfiledAsNsBucketProfiling(List.of("frequentProfiledAsNsBucketProfiling"))
.frequentProfiledAsNsUserIdentityProfiling(List.of("frequentProfiledAsNsUserIdentityProfiling"))
.frequentProfiledBucketsAccountProfiling(List.of("frequentProfiledBucketsAccountProfiling"))
.frequentProfiledBucketsUserIdentityProfiling(List.of("frequentProfiledBucketsUserIdentityProfiling"))
.frequentProfiledUserAgentsAccountProfiling(List.of("frequentProfiledUserAgentsAccountProfiling"))
.frequentProfiledUserAgentsUserIdentityProfiling(List.of("frequentProfiledUserAgentsUserIdentityProfiling"))
.frequentProfiledUserNamesAccountProfiling(List.of("frequentProfiledUserNamesAccountProfiling"))
.frequentProfiledUserNamesBucketProfiling(List.of("frequentProfiledUserNamesBucketProfiling"))
.frequentProfiledUserTypesAccountProfiling(List.of("frequentProfiledUserTypesAccountProfiling"))
.infrequentProfiledApIsAccountProfiling(List.of("infrequentProfiledApIsAccountProfiling"))
.infrequentProfiledApIsUserIdentityProfiling(List.of("infrequentProfiledApIsUserIdentityProfiling"))
.infrequentProfiledAsNsAccountProfiling(List.of("infrequentProfiledAsNsAccountProfiling"))
.infrequentProfiledAsNsBucketProfiling(List.of("infrequentProfiledAsNsBucketProfiling"))
.infrequentProfiledAsNsUserIdentityProfiling(List.of("infrequentProfiledAsNsUserIdentityProfiling"))
.infrequentProfiledBucketsAccountProfiling(List.of("infrequentProfiledBucketsAccountProfiling"))
.infrequentProfiledBucketsUserIdentityProfiling(List.of("infrequentProfiledBucketsUserIdentityProfiling"))
.infrequentProfiledUserAgentsAccountProfiling(List.of("infrequentProfiledUserAgentsAccountProfiling"))
.infrequentProfiledUserAgentsUserIdentityProfiling(List.of("infrequentProfiledUserAgentsUserIdentityProfiling"))
.infrequentProfiledUserNamesAccountProfiling(List.of("infrequentProfiledUserNamesAccountProfiling"))
.infrequentProfiledUserNamesBucketProfiling(List.of("infrequentProfiledUserNamesBucketProfiling"))
.infrequentProfiledUserTypesAccountProfiling(List.of("infrequentProfiledUserTypesAccountProfiling"))
.numberOfHistoricalDailyAvgApIsBucketProfiling(List.of("numberOfHistoricalDailyAvgApIsBucketProfiling"))
.numberOfHistoricalDailyAvgApIsBucketUserIdentityProfiling(List.of("numberOfHistoricalDailyAvgApIsBucketUserIdentityProfiling"))
.numberOfHistoricalDailyAvgApIsUserIdentityProfiling(List.of("numberOfHistoricalDailyAvgApIsUserIdentityProfiling"))
.numberOfHistoricalDailyMaxApIsBucketProfiling(List.of("numberOfHistoricalDailyMaxApIsBucketProfiling"))
.numberOfHistoricalDailyMaxApIsBucketUserIdentityProfiling(List.of("numberOfHistoricalDailyMaxApIsBucketUserIdentityProfiling"))
.numberOfHistoricalDailyMaxApIsUserIdentityProfiling(List.of("numberOfHistoricalDailyMaxApIsUserIdentityProfiling"))
.rareProfiledApIsAccountProfiling(List.of("rareProfiledApIsAccountProfiling"))
.rareProfiledApIsUserIdentityProfiling(List.of("rareProfiledApIsUserIdentityProfiling"))
.rareProfiledAsNsAccountProfiling(List.of("rareProfiledAsNsAccountProfiling"))
.rareProfiledAsNsBucketProfiling(List.of("rareProfiledAsNsBucketProfiling"))
.rareProfiledAsNsUserIdentityProfiling(List.of("rareProfiledAsNsUserIdentityProfiling"))
.rareProfiledBucketsAccountProfiling(List.of("rareProfiledBucketsAccountProfiling"))
.rareProfiledBucketsUserIdentityProfiling(List.of("rareProfiledBucketsUserIdentityProfiling"))
.rareProfiledUserAgentsAccountProfiling(List.of("rareProfiledUserAgentsAccountProfiling"))
.rareProfiledUserAgentsUserIdentityProfiling(List.of("rareProfiledUserAgentsUserIdentityProfiling"))
.rareProfiledUserNamesAccountProfiling(List.of("rareProfiledUserNamesAccountProfiling"))
.rareProfiledUserNamesBucketProfiling(List.of("rareProfiledUserNamesBucketProfiling"))
.rareProfiledUserTypesAccountProfiling(List.of("rareProfiledUserTypesAccountProfiling"))
.build())
.recentCredentials(List.of(AdditionalInfoItem1.builder()
.accessKeyId(List.of("accessKeyId"))
.ipAddressV4(List.of("ipAddressV4"))
.principalId(List.of("principalId"))
.build()))
.sample(List.of("sample"))
.scannedPort(List.of("scannedPort"))
.threatListName(List.of("threatListName"))
.threatName(List.of("threatName"))
.type(List.of("type"))
.unusual(unusual)
.unusualBehavior(UnusualBehavior.builder()
.isUnusualUserIdentity(List.of("isUnusualUserIdentity"))
.numberOfPast24HoursApIsBucketProfiling(List.of("numberOfPast24HoursApIsBucketProfiling"))
.numberOfPast24HoursApIsBucketUserIdentityProfiling(List.of("numberOfPast24HoursApIsBucketUserIdentityProfiling"))
.numberOfPast24HoursApIsUserIdentityProfiling(List.of("numberOfPast24HoursApIsUserIdentityProfiling"))
.unusualApIsAccountProfiling(List.of("unusualApIsAccountProfiling"))
.unusualApIsUserIdentityProfiling(List.of("unusualApIsUserIdentityProfiling"))
.unusualAsNsAccountProfiling(List.of("unusualAsNsAccountProfiling"))
.unusualAsNsBucketProfiling(List.of("unusualAsNsBucketProfiling"))
.unusualAsNsUserIdentityProfiling(List.of("unusualAsNsUserIdentityProfiling"))
.unusualBucketsAccountProfiling(List.of("unusualBucketsAccountProfiling"))
.unusualBucketsUserIdentityProfiling(List.of("unusualBucketsUserIdentityProfiling"))
.unusualUserAgentsAccountProfiling(List.of("unusualUserAgentsAccountProfiling"))
.unusualUserAgentsUserIdentityProfiling(List.of("unusualUserAgentsUserIdentityProfiling"))
.unusualUserNamesAccountProfiling(List.of("unusualUserNamesAccountProfiling"))
.unusualUserNamesBucketProfiling(List.of("unusualUserNamesBucketProfiling"))
.unusualUserTypesAccountProfiling(List.of("unusualUserTypesAccountProfiling"))
.build())
.unusualProtocol(List.of("unusualProtocol"))
.userAgent(UserAgent.builder()
.fullUserAgent(List.of("fullUserAgent"))
.userAgentCategory(List.of("userAgentCategory"))
.build())
.value(List.of("value"))
.build())
.archived(List.of("archived"))
.awsApiCallAction(AwsApiCallAction.builder()
.affectedResources(List.of("affectedResources"))
.api(List.of("api"))
.callerType(List.of("callerType"))
.errorCode(List.of("errorCode"))
.remoteIpDetails(RemoteIpDetails.builder()
.city(City.builder()
.cityName(List.of("cityName"))
.build())
.country(Country.builder()
.countryName(List.of("countryName"))
.build())
.geoLocation(GeoLocation.builder()
.lat(List.of("lat"))
.lon(List.of("lon"))
.build())
.ipAddressV4(List.of("ipAddressV4"))
.organization(Organization.builder()
.asn(List.of("asn"))
.asnOrg(List.of("asnOrg"))
.isp(List.of("isp"))
.org(List.of("org"))
.build())
.build())
.serviceName(List.of("serviceName"))
.build())
.count(List.of("count"))
.detectorId(List.of("detectorId"))
.ebsVolumeScanDetails(EbsVolumeScanDetails.builder()
.scanCompletedAt(List.of("scanCompletedAt"))
.scanDetections(ScanDetections.builder()
.highestSeverityThreatDetails(HighestSeverityThreatDetails.builder()
.count(List.of("count"))
.severity(List.of("severity"))
.threatName(List.of("threatName"))
.build())
.scannedItemCount(ScannedItemCount.builder()
.files(List.of("files"))
.totalGb(List.of("totalGb"))
.volumes(List.of("volumes"))
.build())
.threatDetectedByName(ThreatDetectedByName.builder()
.itemCount(List.of("itemCount"))
.shortened(List.of("shortened"))
.threatNames(List.of(ThreatDetectedByNameItem.builder()
.filePaths(List.of(ThreatDetectedByNameItemItem.builder()
.fileName(List.of("fileName"))
.filePath(List.of("filePath"))
.hash(List.of("hash"))
.volumeArn(List.of("volumeArn"))
.build()))
.itemCount(List.of("itemCount"))
.name(List.of("name"))
.severity(List.of("severity"))
.build()))
.uniqueThreatNameCount(List.of("uniqueThreatNameCount"))
.build())
.threatsDetectedItemCount(ThreatsDetectedItemCount.builder()
.files(List.of("files"))
.build())
.build())
.scanId(List.of("scanId"))
.scanStartedAt(List.of("scanStartedAt"))
.sources(List.of("sources"))
.triggerFindingId(List.of("triggerFindingId"))
.build())
.eventFirstSeen(List.of("eventFirstSeen"))
.eventLastSeen(List.of("eventLastSeen"))
.evidence(Evidence.builder()
.threatIntelligenceDetails(List.of(EvidenceItem.builder()
.threatListName(List.of("threatListName"))
.threatNames(List.of("threatNames"))
.build()))
.build())
.featureName(List.of("featureName"))
.resourceRole(List.of("resourceRole"))
.serviceName(List.of("serviceName"))
.build();
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forDetectorEvents.GuardDutyFinding.Servicestatic final classAn implementation forDetectorEvents.GuardDutyFinding.Service -
Method Summary
Modifier and TypeMethodDescriptionbuilder()(experimental) action property.(experimental) additionalInfo property.(experimental) archived property.(experimental) awsApiCallAction property.getCount()(experimental) count property.(experimental) detectorId property.(experimental) ebsVolumeScanDetails property.(experimental) eventFirstSeen property.(experimental) eventLastSeen property.(experimental) evidence property.(experimental) featureName property.(experimental) resourceRole property.(experimental) serviceName property.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getAction
(experimental) action property.Specify an array of string values to match this event if the actual value of action is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getAdditionalInfo
@Stability(Experimental) @Nullable default DetectorEvents.GuardDutyFinding.AdditionalInfo getAdditionalInfo()(experimental) additionalInfo property.Specify an array of string values to match this event if the actual value of additionalInfo is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getArchived
(experimental) archived property.Specify an array of string values to match this event if the actual value of archived is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getAwsApiCallAction
@Stability(Experimental) @Nullable default DetectorEvents.GuardDutyFinding.AwsApiCallAction getAwsApiCallAction()(experimental) awsApiCallAction property.Specify an array of string values to match this event if the actual value of awsApiCallAction is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getCount
(experimental) count property.Specify an array of string values to match this event if the actual value of count is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getDetectorId
(experimental) detectorId property.Specify an array of string values to match this event if the actual value of detectorId is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Filter with the Detector reference
-
getEbsVolumeScanDetails
@Stability(Experimental) @Nullable default DetectorEvents.GuardDutyFinding.EbsVolumeScanDetails getEbsVolumeScanDetails()(experimental) ebsVolumeScanDetails property.Specify an array of string values to match this event if the actual value of ebsVolumeScanDetails is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getEventFirstSeen
(experimental) eventFirstSeen property.Specify an array of string values to match this event if the actual value of eventFirstSeen is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getEventLastSeen
(experimental) eventLastSeen property.Specify an array of string values to match this event if the actual value of eventLastSeen is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getEvidence
(experimental) evidence property.Specify an array of string values to match this event if the actual value of evidence is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getFeatureName
(experimental) featureName property.Specify an array of string values to match this event if the actual value of featureName is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getResourceRole
(experimental) resourceRole property.Specify an array of string values to match this event if the actual value of resourceRole is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
getServiceName
(experimental) serviceName property.Specify an array of string values to match this event if the actual value of serviceName is one of the values in the array. Use one of the constructors on the
aws_events.Matchfor more advanced matching options.Default: - Do not filter on this field
-
builder
-