// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
/// <p>Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub CSPM, you must have GuardDuty enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.</p>
#[non_exhaustive]
#[derive(::std::clone::Clone, ::std::cmp::PartialEq, ::std::fmt::Debug)]
pub struct Sequence {
/// <p>Unique identifier of the attack sequence.</p>
pub uid: ::std::option::Option<::std::string::String>,
/// <p>Provides information about the actors involved in the attack sequence.</p>
pub actors: ::std::option::Option<::std::vec::Vec<crate::types::Actor>>,
/// <p>Contains information about the network endpoints that were used in the attack sequence.</p>
pub endpoints: ::std::option::Option<::std::vec::Vec<crate::types::NetworkEndpoint>>,
/// <p>Contains information about the signals involved in the attack sequence.</p>
pub signals: ::std::option::Option<::std::vec::Vec<crate::types::Signal>>,
/// <p>Contains information about the indicators observed in the attack sequence. The values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for these fields don't always match 1:1.</p>
pub sequence_indicators: ::std::option::Option<::std::vec::Vec<crate::types::Indicator>>,
}
impl Sequence {
/// <p>Unique identifier of the attack sequence.</p>
pub fn uid(&self) -> ::std::option::Option<&str> {
self.uid.as_deref()
}
/// <p>Provides information about the actors involved in the attack sequence.</p>
///
/// If no value was sent for this field, a default will be set. If you want to determine if no value was sent, use `.actors.is_none()`.
pub fn actors(&self) -> &[crate::types::Actor] {
self.actors.as_deref().unwrap_or_default()
}
/// <p>Contains information about the network endpoints that were used in the attack sequence.</p>
///
/// If no value was sent for this field, a default will be set. If you want to determine if no value was sent, use `.endpoints.is_none()`.
pub fn endpoints(&self) -> &[crate::types::NetworkEndpoint] {
self.endpoints.as_deref().unwrap_or_default()
}
/// <p>Contains information about the signals involved in the attack sequence.</p>
///
/// If no value was sent for this field, a default will be set. If you want to determine if no value was sent, use `.signals.is_none()`.
pub fn signals(&self) -> &[crate::types::Signal] {
self.signals.as_deref().unwrap_or_default()
}
/// <p>Contains information about the indicators observed in the attack sequence. The values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for these fields don't always match 1:1.</p>
///
/// If no value was sent for this field, a default will be set. If you want to determine if no value was sent, use `.sequence_indicators.is_none()`.
pub fn sequence_indicators(&self) -> &[crate::types::Indicator] {
self.sequence_indicators.as_deref().unwrap_or_default()
}
}
impl Sequence {
/// Creates a new builder-style object to manufacture [`Sequence`](crate::types::Sequence).
pub fn builder() -> crate::types::builders::SequenceBuilder {
crate::types::builders::SequenceBuilder::default()
}
}
/// A builder for [`Sequence`](crate::types::Sequence).
#[derive(::std::clone::Clone, ::std::cmp::PartialEq, ::std::default::Default, ::std::fmt::Debug)]
#[non_exhaustive]
pub struct SequenceBuilder {
pub(crate) uid: ::std::option::Option<::std::string::String>,
pub(crate) actors: ::std::option::Option<::std::vec::Vec<crate::types::Actor>>,
pub(crate) endpoints: ::std::option::Option<::std::vec::Vec<crate::types::NetworkEndpoint>>,
pub(crate) signals: ::std::option::Option<::std::vec::Vec<crate::types::Signal>>,
pub(crate) sequence_indicators: ::std::option::Option<::std::vec::Vec<crate::types::Indicator>>,
}
impl SequenceBuilder {
/// <p>Unique identifier of the attack sequence.</p>
pub fn uid(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.uid = ::std::option::Option::Some(input.into());
self
}
/// <p>Unique identifier of the attack sequence.</p>
pub fn set_uid(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.uid = input;
self
}
/// <p>Unique identifier of the attack sequence.</p>
pub fn get_uid(&self) -> &::std::option::Option<::std::string::String> {
&self.uid
}
/// Appends an item to `actors`.
///
/// To override the contents of this collection use [`set_actors`](Self::set_actors).
///
/// <p>Provides information about the actors involved in the attack sequence.</p>
pub fn actors(mut self, input: crate::types::Actor) -> Self {
let mut v = self.actors.unwrap_or_default();
v.push(input);
self.actors = ::std::option::Option::Some(v);
self
}
/// <p>Provides information about the actors involved in the attack sequence.</p>
pub fn set_actors(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::Actor>>) -> Self {
self.actors = input;
self
}
/// <p>Provides information about the actors involved in the attack sequence.</p>
pub fn get_actors(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::Actor>> {
&self.actors
}
/// Appends an item to `endpoints`.
///
/// To override the contents of this collection use [`set_endpoints`](Self::set_endpoints).
///
/// <p>Contains information about the network endpoints that were used in the attack sequence.</p>
pub fn endpoints(mut self, input: crate::types::NetworkEndpoint) -> Self {
let mut v = self.endpoints.unwrap_or_default();
v.push(input);
self.endpoints = ::std::option::Option::Some(v);
self
}
/// <p>Contains information about the network endpoints that were used in the attack sequence.</p>
pub fn set_endpoints(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::NetworkEndpoint>>) -> Self {
self.endpoints = input;
self
}
/// <p>Contains information about the network endpoints that were used in the attack sequence.</p>
pub fn get_endpoints(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::NetworkEndpoint>> {
&self.endpoints
}
/// Appends an item to `signals`.
///
/// To override the contents of this collection use [`set_signals`](Self::set_signals).
///
/// <p>Contains information about the signals involved in the attack sequence.</p>
pub fn signals(mut self, input: crate::types::Signal) -> Self {
let mut v = self.signals.unwrap_or_default();
v.push(input);
self.signals = ::std::option::Option::Some(v);
self
}
/// <p>Contains information about the signals involved in the attack sequence.</p>
pub fn set_signals(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::Signal>>) -> Self {
self.signals = input;
self
}
/// <p>Contains information about the signals involved in the attack sequence.</p>
pub fn get_signals(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::Signal>> {
&self.signals
}
/// Appends an item to `sequence_indicators`.
///
/// To override the contents of this collection use [`set_sequence_indicators`](Self::set_sequence_indicators).
///
/// <p>Contains information about the indicators observed in the attack sequence. The values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for these fields don't always match 1:1.</p>
pub fn sequence_indicators(mut self, input: crate::types::Indicator) -> Self {
let mut v = self.sequence_indicators.unwrap_or_default();
v.push(input);
self.sequence_indicators = ::std::option::Option::Some(v);
self
}
/// <p>Contains information about the indicators observed in the attack sequence. The values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for these fields don't always match 1:1.</p>
pub fn set_sequence_indicators(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::Indicator>>) -> Self {
self.sequence_indicators = input;
self
}
/// <p>Contains information about the indicators observed in the attack sequence. The values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for these fields don't always match 1:1.</p>
pub fn get_sequence_indicators(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::Indicator>> {
&self.sequence_indicators
}
/// Consumes the builder and constructs a [`Sequence`](crate::types::Sequence).
pub fn build(self) -> crate::types::Sequence {
crate::types::Sequence {
uid: self.uid,
actors: self.actors,
endpoints: self.endpoints,
signals: self.signals,
sequence_indicators: self.sequence_indicators,
}
}
}