Module aws_sdk_detective::types

source ·
Expand description

Data structures used by operation inputs/outputs.

Modules§

  • builders
    Builders
  • error
    Error types that Amazon Detective can respond with.

Structs§

  • Account

    An Amazon Web Services account that is the administrator account of or a member of a behavior graph.

  • Administrator

    Information about the Detective administrator account for an organization.

  • DatasourcePackageIngestDetail

    Details about the data source packages ingested by your behavior graph.

  • DatasourcePackageUsageInfo

    Information on the usage of a data source package in the behavior graph.

  • DateFilter

    Contains details on the time range used to filter data.

  • FilterCriteria

    Details on the criteria used to define the filter for investigation results.

  • FlaggedIpAddressDetail

    Contains information on suspicious IP addresses identified as indicators of compromise. This indicator is derived from Amazon Web Services threat intelligence.

  • Graph

    A behavior graph in Detective.

  • ImpossibleTravelDetail

    Contains information on unusual and impossible travel in an account.

  • Indicator

    Detective investigations triages indicators of compromises such as a finding and surfaces only the most critical and suspicious issues, so you can focus on high-level investigations. An Indicator lets you determine if an Amazon Web Services resource is involved in unusual activity that could indicate malicious behavior and its impact.

  • IndicatorDetail

    Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.

  • InvestigationDetail

    Details about the investigation related to a potential security event identified by Detective.

  • MemberDetail

    Details about a member account in a behavior graph.

  • MembershipDatasources

    Details on data source packages for members of the behavior graph.

  • NewAsoDetail

    Details new Autonomous System Organizations (ASOs) used either at the resource or account level.

  • NewGeolocationDetail

    Details new geolocations used either at the resource or account level. For example, lists an observed geolocation that is an infrequent or unused location based on previous user activity.

  • NewUserAgentDetail

    Details new user agents used either at the resource or account level.

  • RelatedFindingDetail

    Details related activities associated with a potential security event. Lists all distinct categories of evidence that are connected to the resource or the finding group.

  • RelatedFindingGroupDetail

    Details multiple activities as they related to a potential security event. Detective uses graph analysis technique that infers relationships between findings and entities, and groups them together as a finding group.

  • SortCriteria

    Details about the criteria used for sorting investigations.

  • StringFilter

    A string for filtering Detective investigations.

  • TimestampForCollection

    Details on when data collection began for a source package.

  • TtPsObservedDetail

    Details tactics, techniques, and procedures (TTPs) used in a potential security event. Tactics are based on MITRE ATT&CK Matrix for Enterprise.

  • UnprocessedAccount

    A member account that was included in a request but for which the request could not be processed.

  • UnprocessedGraph

    Behavior graphs that could not be processed in the request.

Enums§

  • DatasourcePackage
    When writing a match expression against DatasourcePackage, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • DatasourcePackageIngestState
    When writing a match expression against DatasourcePackageIngestState, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • EntityType
    When writing a match expression against EntityType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • ErrorCode
    When writing a match expression against ErrorCode, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • Field
    When writing a match expression against Field, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • IndicatorType
    When writing a match expression against IndicatorType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • InvitationType
    When writing a match expression against InvitationType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • MemberDisabledReason
    When writing a match expression against MemberDisabledReason, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • MemberStatus
    When writing a match expression against MemberStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • Reason
    When writing a match expression against Reason, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • Severity
    When writing a match expression against Severity, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • SortOrder
    When writing a match expression against SortOrder, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • State
    When writing a match expression against State, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
  • Status
    When writing a match expression against Status, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.