Crate aws_sdk_securitylake
source ·Expand description
Amazon Security Lake is a fully managed security data lake service. You can use Security Lake to automatically centralize security data from cloud, on-premises, and custom sources into a data lake that’s stored in your Amazon Web Services account. Amazon Web Services Organizations is an account management service that lets you consolidate multiple Amazon Web Services accounts into an organization that you create and centrally manage. With Organizations, you can create member accounts and invite existing accounts to join your organization. Security Lake helps you analyze security data for a more complete understanding of your security posture across the entire organization. It can also help you improve the protection of your workloads, applications, and data.
The data lake is backed by Amazon Simple Storage Service (Amazon S3) buckets, and you retain ownership over your data.
Amazon Security Lake integrates with CloudTrail, a service that provides a record of actions taken by a user, role, or an Amazon Web Services service. In Security Lake, CloudTrail captures API calls for Security Lake as events. The calls captured include calls from the Security Lake console and code calls to the Security Lake API operations. If you create a trail, you can enable continuous delivery of CloudTrail events to an Amazon S3 bucket, including events for Security Lake. If you don’t configure a trail, you can still view the most recent events in the CloudTrail console in Event history. Using the information collected by CloudTrail you can determine the request that was made to Security Lake, the IP address from which the request was made, who made the request, when it was made, and additional details. To learn more about Security Lake information in CloudTrail, see the Amazon Security Lake User Guide.
Security Lake automates the collection of security-related log and event data from integrated Amazon Web Services and third-party services. It also helps you manage the lifecycle of data with customizable retention and replication settings. Security Lake converts ingested data into Apache Parquet format and a standard open-source schema called the Open Cybersecurity Schema Framework (OCSF).
Other Amazon Web Services and third-party services can subscribe to the data that’s stored in Security Lake for incident response and security data analytics.
§Getting Started
Examples are available for many services and operations, check out the examples folder in GitHub.
The SDK provides one crate per AWS service. You must add Tokio
as a dependency within your Rust project to execute asynchronous code. To add aws-sdk-securitylake to
your project, add the following to your Cargo.toml file:
[dependencies]
aws-config = { version = "1.1.7", features = ["behavior-version-latest"] }
aws-sdk-securitylake = "1.25.0"
tokio = { version = "1", features = ["full"] }
Then in code, a client can be created with the following:
use aws_sdk_securitylake as securitylake;
#[::tokio::main]
async fn main() -> Result<(), securitylake::Error> {
let config = aws_config::load_from_env().await;
let client = aws_sdk_securitylake::Client::new(&config);
// ... make some calls with the client
Ok(())
}See the client documentation for information on what calls can be made, and the inputs and outputs for each of those calls.
§Using the SDK
Until the SDK is released, we will be adding information about using the SDK to the Developer Guide. Feel free to suggest additional sections for the guide by opening an issue and describing what you are trying to do.
§Getting Help
- GitHub discussions - For ideas, RFCs & general questions
- GitHub issues - For bug reports & feature requests
- Generated Docs (latest version)
- Usage examples
§Crate Organization
The entry point for most customers will be Client, which exposes one method for each API
offered by Amazon Security Lake. The return value of each of these methods is a “fluent builder”,
where the different inputs for that API are added by builder-style function call chaining,
followed by calling send() to get a Future that will result in
either a successful output or a SdkError.
Some of these API inputs may be structs or enums to provide more complex structured information.
These structs and enums live in types. There are some simpler types for
representing data such as date times or binary blobs that live in primitives.
All types required to configure a client via the Config struct live
in config.
The operation module has a submodule for every API, and in each submodule
is the input, output, and error type for that API, as well as builders to construct each of those.
There is a top-level Error type that encompasses all the errors that the
client can return. Any other error type can be converted to this Error type via the
From trait.
The other modules within this crate are not required for normal usage.
Modules§
- Client for calling Amazon Security Lake.
- Configuration for Amazon Security Lake.
- Common errors and error handling utilities.
- Information about this crate.
- All operations that this crate can perform.
- Primitives such as
BloborDateTimeused by other types. - Data structures used by operation inputs/outputs.
Structs§
- Client for Amazon Security Lake
- Configuration for a aws_sdk_securitylake service client.
Enums§
- All possible error types for this service.