Package guarddutyiface provides an interface to enable mocking the Amazon GuardDuty service client for testing your code.

AdminStatus_Values returns all elements of the AdminStatus enum.

AutoEnableMembers_Values returns all elements of the AutoEnableMembers enum.

CoverageFilterCriterionKey_Values returns all elements of the CoverageFilterCriterionKey enum.

CoverageSortKey_Values returns all elements of the CoverageSortKey enum.

CoverageStatisticsType_Values returns all elements of the CoverageStatisticsType enum.

CoverageStatus_Values returns all elements of the CoverageStatus enum.

CriterionKey_Values returns all elements of the CriterionKey enum.

DataSource_Values returns all elements of the DataSource enum.

DataSourceStatus_Values returns all elements of the DataSourceStatus enum.

DestinationType_Values returns all elements of the DestinationType enum.

DetectorFeature_Values returns all elements of the DetectorFeature enum.

DetectorFeatureResult_Values returns all elements of the DetectorFeatureResult enum.

DetectorStatus_Values returns all elements of the DetectorStatus enum.

EbsSnapshotPreservation_Values returns all elements of the EbsSnapshotPreservation enum.

FeatureAdditionalConfiguration_Values returns all elements of the FeatureAdditionalConfiguration enum.

FeatureStatus_Values returns all elements of the FeatureStatus enum.

Feedback_Values returns all elements of the Feedback enum.

FilterAction_Values returns all elements of the FilterAction enum.

FindingPublishingFrequency_Values returns all elements of the FindingPublishingFrequency enum.

FindingStatisticType_Values returns all elements of the FindingStatisticType enum.

FreeTrialFeatureResult_Values returns all elements of the FreeTrialFeatureResult enum.

IpSetFormat_Values returns all elements of the IpSetFormat enum.

IpSetStatus_Values returns all elements of the IpSetStatus enum.

MalwareProtectionPlanStatus_Values returns all elements of the MalwareProtectionPlanStatus enum.

MalwareProtectionPlanTaggingActionStatus_Values returns all elements of the MalwareProtectionPlanTaggingActionStatus enum.

ManagementType_Values returns all elements of the ManagementType enum.

New creates a new instance of the GuardDuty client with a session.

OrderBy_Values returns all elements of the OrderBy enum.

OrgFeature_Values returns all elements of the OrgFeature enum.

OrgFeatureAdditionalConfiguration_Values returns all elements of the OrgFeatureAdditionalConfiguration enum.

OrgFeatureStatus_Values returns all elements of the OrgFeatureStatus enum.

ProfileSubtype_Values returns all elements of the ProfileSubtype enum.

ProfileType_Values returns all elements of the ProfileType enum.

PublishingStatus_Values returns all elements of the PublishingStatus enum.

ResourceType_Values returns all elements of the ResourceType enum.

ScanCriterionKey_Values returns all elements of the ScanCriterionKey enum.

ScanResult_Values returns all elements of the ScanResult enum.

ScanStatus_Values returns all elements of the ScanStatus enum.

ScanType_Values returns all elements of the ScanType enum.

ThreatIntelSetFormat_Values returns all elements of the ThreatIntelSetFormat enum.

ThreatIntelSetStatus_Values returns all elements of the ThreatIntelSetStatus enum.

UsageFeature_Values returns all elements of the UsageFeature enum.

UsageStatisticType_Values returns all elements of the UsageStatisticType enum.

AdminStatusDisableInProgress is a AdminStatus enum value.

AdminStatusEnabled is a AdminStatus enum value.

AutoEnableMembersAll is a AutoEnableMembers enum value.

AutoEnableMembersNew is a AutoEnableMembers enum value.

AutoEnableMembersNone is a AutoEnableMembers enum value.

CoverageFilterCriterionKeyAccountId is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyAddonVersion is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyAgentVersion is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyClusterArn is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyClusterName is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyCoverageStatus is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyEcsClusterName is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyEksClusterName is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyInstanceId is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyManagementType is a CoverageFilterCriterionKey enum value.

CoverageFilterCriterionKeyResourceType is a CoverageFilterCriterionKey enum value.

CoverageSortKeyAccountId is a CoverageSortKey enum value.

CoverageSortKeyAddonVersion is a CoverageSortKey enum value.

CoverageSortKeyClusterName is a CoverageSortKey enum value.

CoverageSortKeyCoverageStatus is a CoverageSortKey enum value.

CoverageSortKeyEcsClusterName is a CoverageSortKey enum value.

CoverageSortKeyEksClusterName is a CoverageSortKey enum value.

CoverageSortKeyInstanceId is a CoverageSortKey enum value.

CoverageSortKeyIssue is a CoverageSortKey enum value.

CoverageSortKeyUpdatedAt is a CoverageSortKey enum value.

CoverageStatisticsTypeCountByCoverageStatus is a CoverageStatisticsType enum value.

CoverageStatisticsTypeCountByResourceType is a CoverageStatisticsType enum value.

CoverageStatusHealthy is a CoverageStatus enum value.

CoverageStatusUnhealthy is a CoverageStatus enum value.

CriterionKeyAccountId is a CriterionKey enum value.

CriterionKeyEc2InstanceArn is a CriterionKey enum value.

CriterionKeyGuarddutyFindingId is a CriterionKey enum value.

CriterionKeyScanId is a CriterionKey enum value.

CriterionKeyScanStartTime is a CriterionKey enum value.

CriterionKeyScanStatus is a CriterionKey enum value.

CriterionKeyScanType is a CriterionKey enum value.

DataSourceCloudTrail is a DataSource enum value.

DataSourceDnsLogs is a DataSource enum value.

DataSourceEc2MalwareScan is a DataSource enum value.

DataSourceFlowLogs is a DataSource enum value.

DataSourceKubernetesAuditLogs is a DataSource enum value.

DataSourceS3Logs is a DataSource enum value.

DataSourceStatusDisabled is a DataSourceStatus enum value.

DataSourceStatusEnabled is a DataSourceStatus enum value.

DestinationTypeS3 is a DestinationType enum value.

DetectorFeatureEbsMalwareProtection is a DetectorFeature enum value.

DetectorFeatureEksAuditLogs is a DetectorFeature enum value.

DetectorFeatureEksRuntimeMonitoring is a DetectorFeature enum value.

DetectorFeatureLambdaNetworkLogs is a DetectorFeature enum value.

DetectorFeatureRdsLoginEvents is a DetectorFeature enum value.

DetectorFeatureResultCloudTrail is a DetectorFeatureResult enum value.

DetectorFeatureResultDnsLogs is a DetectorFeatureResult enum value.

DetectorFeatureResultEbsMalwareProtection is a DetectorFeatureResult enum value.

DetectorFeatureResultEksAuditLogs is a DetectorFeatureResult enum value.

DetectorFeatureResultEksRuntimeMonitoring is a DetectorFeatureResult enum value.

DetectorFeatureResultFlowLogs is a DetectorFeatureResult enum value.

DetectorFeatureResultLambdaNetworkLogs is a DetectorFeatureResult enum value.

DetectorFeatureResultRdsLoginEvents is a DetectorFeatureResult enum value.

DetectorFeatureResultRuntimeMonitoring is a DetectorFeatureResult enum value.

DetectorFeatureResultS3DataEvents is a DetectorFeatureResult enum value.

DetectorFeatureRuntimeMonitoring is a DetectorFeature enum value.

DetectorFeatureS3DataEvents is a DetectorFeature enum value.

DetectorStatusDisabled is a DetectorStatus enum value.

DetectorStatusEnabled is a DetectorStatus enum value.

EbsSnapshotPreservationNoRetention is a EbsSnapshotPreservation enum value.

EbsSnapshotPreservationRetentionWithFinding is a EbsSnapshotPreservation enum value.

ID to lookup a service endpoint with.

ErrCodeAccessDeniedException for service response error code "AccessDeniedException".

ErrCodeBadRequestException for service response error code "BadRequestException".

ErrCodeConflictException for service response error code "ConflictException".

ErrCodeInternalServerErrorException for service response error code "InternalServerErrorException".

ErrCodeResourceNotFoundException for service response error code "ResourceNotFoundException".

FeatureAdditionalConfigurationEc2AgentManagement is a FeatureAdditionalConfiguration enum value.

FeatureAdditionalConfigurationEcsFargateAgentManagement is a FeatureAdditionalConfiguration enum value.

FeatureAdditionalConfigurationEksAddonManagement is a FeatureAdditionalConfiguration enum value.

FeatureStatusDisabled is a FeatureStatus enum value.

FeatureStatusEnabled is a FeatureStatus enum value.

FeedbackNotUseful is a Feedback enum value.

FeedbackUseful is a Feedback enum value.

FilterActionArchive is a FilterAction enum value.

FilterActionNoop is a FilterAction enum value.

FindingPublishingFrequencyFifteenMinutes is a FindingPublishingFrequency enum value.

FindingPublishingFrequencyOneHour is a FindingPublishingFrequency enum value.

FindingPublishingFrequencySixHours is a FindingPublishingFrequency enum value.

FindingStatisticTypeCountBySeverity is a FindingStatisticType enum value.

FreeTrialFeatureResultCloudTrail is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultDnsLogs is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultEbsMalwareProtection is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultEc2RuntimeMonitoring is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultEksAuditLogs is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultEksRuntimeMonitoring is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultFargateRuntimeMonitoring is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultFlowLogs is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultLambdaNetworkLogs is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultRdsLoginEvents is a FreeTrialFeatureResult enum value.

FreeTrialFeatureResultS3DataEvents is a FreeTrialFeatureResult enum value.

IpSetFormatAlienVault is a IpSetFormat enum value.

IpSetFormatFireEye is a IpSetFormat enum value.

IpSetFormatOtxCsv is a IpSetFormat enum value.

IpSetFormatProofPoint is a IpSetFormat enum value.

IpSetFormatStix is a IpSetFormat enum value.

IpSetFormatTxt is a IpSetFormat enum value.

IpSetStatusActivating is a IpSetStatus enum value.

IpSetStatusActive is a IpSetStatus enum value.

IpSetStatusDeactivating is a IpSetStatus enum value.

IpSetStatusDeleted is a IpSetStatus enum value.

IpSetStatusDeletePending is a IpSetStatus enum value.

IpSetStatusError is a IpSetStatus enum value.

IpSetStatusInactive is a IpSetStatus enum value.

MalwareProtectionPlanStatusActive is a MalwareProtectionPlanStatus enum value.

MalwareProtectionPlanStatusError is a MalwareProtectionPlanStatus enum value.

MalwareProtectionPlanStatusWarning is a MalwareProtectionPlanStatus enum value.

MalwareProtectionPlanTaggingActionStatusDisabled is a MalwareProtectionPlanTaggingActionStatus enum value.

MalwareProtectionPlanTaggingActionStatusEnabled is a MalwareProtectionPlanTaggingActionStatus enum value.

ManagementTypeAutoManaged is a ManagementType enum value.

ManagementTypeDisabled is a ManagementType enum value.

ManagementTypeManual is a ManagementType enum value.

OrderByAsc is a OrderBy enum value.

OrderByDesc is a OrderBy enum value.

OrgFeatureAdditionalConfigurationEc2AgentManagement is a OrgFeatureAdditionalConfiguration enum value.

OrgFeatureAdditionalConfigurationEcsFargateAgentManagement is a OrgFeatureAdditionalConfiguration enum value.

OrgFeatureAdditionalConfigurationEksAddonManagement is a OrgFeatureAdditionalConfiguration enum value.

OrgFeatureEbsMalwareProtection is a OrgFeature enum value.

OrgFeatureEksAuditLogs is a OrgFeature enum value.

OrgFeatureEksRuntimeMonitoring is a OrgFeature enum value.

OrgFeatureLambdaNetworkLogs is a OrgFeature enum value.

OrgFeatureRdsLoginEvents is a OrgFeature enum value.

OrgFeatureRuntimeMonitoring is a OrgFeature enum value.

OrgFeatureS3DataEvents is a OrgFeature enum value.

OrgFeatureStatusAll is a OrgFeatureStatus enum value.

OrgFeatureStatusNew is a OrgFeatureStatus enum value.

OrgFeatureStatusNone is a OrgFeatureStatus enum value.

ProfileSubtypeFrequent is a ProfileSubtype enum value.

ProfileSubtypeInfrequent is a ProfileSubtype enum value.

ProfileSubtypeRare is a ProfileSubtype enum value.

ProfileSubtypeUnseen is a ProfileSubtype enum value.

ProfileTypeFrequency is a ProfileType enum value.

PublishingStatusPendingVerification is a PublishingStatus enum value.

PublishingStatusPublishing is a PublishingStatus enum value.

PublishingStatusStopped is a PublishingStatus enum value.

PublishingStatusUnableToPublishFixDestinationProperty is a PublishingStatus enum value.

ResourceTypeEc2 is a ResourceType enum value.

ResourceTypeEcs is a ResourceType enum value.

ResourceTypeEks is a ResourceType enum value.

ScanCriterionKeyEc2InstanceTag is a ScanCriterionKey enum value.

ScanResultClean is a ScanResult enum value.

ScanResultInfected is a ScanResult enum value.

ScanStatusCompleted is a ScanStatus enum value.

ScanStatusFailed is a ScanStatus enum value.

ScanStatusRunning is a ScanStatus enum value.

ScanStatusSkipped is a ScanStatus enum value.

ScanTypeGuarddutyInitiated is a ScanType enum value.

ScanTypeOnDemand is a ScanType enum value.

ServiceID is a unique identifier of a specific service.

Name of service.

ThreatIntelSetFormatAlienVault is a ThreatIntelSetFormat enum value.

ThreatIntelSetFormatFireEye is a ThreatIntelSetFormat enum value.

ThreatIntelSetFormatOtxCsv is a ThreatIntelSetFormat enum value.

ThreatIntelSetFormatProofPoint is a ThreatIntelSetFormat enum value.

ThreatIntelSetFormatStix is a ThreatIntelSetFormat enum value.

ThreatIntelSetFormatTxt is a ThreatIntelSetFormat enum value.

ThreatIntelSetStatusActivating is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusActive is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusDeactivating is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusDeleted is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusDeletePending is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusError is a ThreatIntelSetStatus enum value.

ThreatIntelSetStatusInactive is a ThreatIntelSetStatus enum value.

UsageFeatureCloudTrail is a UsageFeature enum value.

UsageFeatureDnsLogs is a UsageFeature enum value.

UsageFeatureEbsMalwareProtection is a UsageFeature enum value.

UsageFeatureEc2RuntimeMonitoring is a UsageFeature enum value.

UsageFeatureEksAuditLogs is a UsageFeature enum value.

UsageFeatureEksRuntimeMonitoring is a UsageFeature enum value.

UsageFeatureFargateRuntimeMonitoring is a UsageFeature enum value.

UsageFeatureFlowLogs is a UsageFeature enum value.

UsageFeatureLambdaNetworkLogs is a UsageFeature enum value.

UsageFeatureRdsDbiProtectionProvisioned is a UsageFeature enum value.

UsageFeatureRdsDbiProtectionServerless is a UsageFeature enum value.

UsageFeatureRdsLoginEvents is a UsageFeature enum value.

UsageFeatureS3DataEvents is a UsageFeature enum value.

UsageStatisticTypeSumByAccount is a UsageStatisticType enum value.

UsageStatisticTypeSumByDataSource is a UsageStatisticType enum value.

UsageStatisticTypeSumByFeatures is a UsageStatisticType enum value.

UsageStatisticTypeSumByResource is a UsageStatisticType enum value.

UsageStatisticTypeTopAccountsByFeature is a UsageStatisticType enum value.

UsageStatisticTypeTopResources is a UsageStatisticType enum value.

Deprecated: This input is deprecated, use AcceptAdministratorInvitationRequest instead.

Deprecated: This output is deprecated, use AcceptAdministratorInvitationResponse instead.

Contains information on the current access control policies for the bucket.

An access denied exception object.

Contains information about the access keys.

Contains information about the account.

Provides details of the GuardDuty member account that uses a free trial service.

Contains information about the account level permissions on the S3 bucket.

Contains information about actions.

Information about the installed EKS add-on (GuardDuty security agent).

The account within the organization specified as the GuardDuty delegated administrator.

Contains information about the administrator account and invitation.

Information about the installed GuardDuty security agent.

Contains information about the anomalies.

Contains information about the unusual anomalies.

Contains information about the behavior of the anomaly that is new to GuardDuty.

Contains information about the API action.

A bad request exception object.

Contains information on how the bucker owner's S3 Block Public Access settings are being applied to the S3 bucket.

Contains information about the bucket level permissions for the S3 bucket.

Contains information on the current bucket policies for the S3 bucket.

Contains information about the city associated with the IP address.

Contains information on the status of CloudTrail as a data source for the detector.

Contains information about the condition.

A request conflict exception object.

Details of a container.

Contains information about the Amazon EC2 instance that is running the Amazon ECS container.

Contains information about the country where the remote IP address is located.

Contains information about the Amazon EC2 instance runtime coverage details.

Contains information about Amazon ECS cluster runtime coverage details.

Information about the EKS cluster that has a coverage status.

Represents a condition that when matched will be added to the response of the operation.

Represents the criteria used in the filter.

Represents a condition that when matched will be added to the response of the operation.

Information about the resource of the GuardDuty account.

Information about the resource for each individual EKS cluster.

Information about the sorting criteria used in the coverage statistics.

Information about the coverage statistics for a resource.

Information about the protected resource that is associated with the created Malware Protection plan.

Information about the protected S3 bucket resource.

Contains information about which data sources are enabled.

Contains information on the status of data sources for the detector.

Contains information about which data sources are enabled for the GuardDuty member account.

Contains information about which data sources are enabled for the GuardDuty member account.

Contains information on the server side encryption method used in the S3 bucket.

Contains information about the publishing destination, including the ID, type, and status.

Contains the Amazon Resource Name (ARN) of the resource to publish to, such as an S3 bucket, and the ARN of the KMS key to use to encrypt published findings.

Contains information about the detected behavior.

Information about the additional configuration for a feature in your GuardDuty account.

Information about the additional configuration.

Contains information about a GuardDuty feature.

Contains information about a GuardDuty feature.

Deprecated: This input is deprecated, use DisassociateFromAdministratorAccountRequest instead.

Deprecated: This output is deprecated, use DisassociateFromAdministratorAccountResponse instead.

Contains information on the status of DNS logs as a data source.

Contains information about the DNS_REQUEST action described in this finding.

Contains information about the domain.

Contains list of scanned and skipped EBS volumes with details.

Contains details from the malware scan that created a finding.

Describes the configuration of scanning EBS volumes as a data source.

Contains information about the details of the ECS Cluster.

Contains information about the task in an ECS cluster.

Details about the EKS cluster involved in a Kubernetes finding.

Contains information about the reason that the finding was generated.

Contains information about Amazon Web Services Fargate details associated with an Amazon ECS cluster.

Contains information about the condition.

Represents the criteria to be used in the filter for describing scan entries.

Represents a condition that when matched will be added to the response of the operation.

Contains information about the finding that is generated when abnormal or suspicious activity is detected.

Contains information about the criteria used for querying findings.

Contains information about finding statistics.

Contains information on the status of VPC flow logs as a data source.

Contains information about the free trial period for a feature.

Contains information about the location of the remote IP address.

Deprecated: This input is deprecated, use GetAdministratorAccountRequest instead.

Deprecated: This output is deprecated, use GetAdministratorAccountResponse instead.

GuardDuty provides the API operation methods for making requests to Amazon GuardDuty.

Contains details of the highest severity threat detected during scan and number of infected files.

Represents a pre-existing file or directory on the host machine that the volume maps to.

Contains information about the EC2 instance profile.

Contains information about the impersonated user.

Contains information about the details of an instance.

An internal server error exception object.

Contains information about the invitation to become a member account.

Information about the nested item path and hash of the protected resource.

Information about the Kubernetes API call action described in this finding.

Describes whether Kubernetes audit logs are enabled as a data source.

Describes whether Kubernetes audit logs are enabled as a data source.

Describes whether any Kubernetes data sources are enabled.

Describes whether any Kubernetes logs will be enabled as a data source.

Provides details about the Kubernetes resources when it is enabled as a data source.

Details about Kubernetes resources such as a Kubernetes user or workload resource involved in a Kubernetes finding.

Information about the Kubernetes API for which you check if you have permission to call.

Contains information about the role binding that grants the permission defined in a Kubernetes role.

Information about the Kubernetes role name and role type.

Details about the Kubernetes user involved in a Kubernetes finding.

Details about the Kubernetes workload involved in a Kubernetes finding.

Information about the Lambda function involved in the finding.

Information about the runtime process details.

Contains information about the local IP address of the connection.

Contains information about the port for the local connection.

Information about the login attempts.

Describes whether Malware Protection will be enabled as a data source.

An object that contains information on the status of all Malware Protection data sources.

Provides details about Malware Protection when it is enabled as a data source.

Information about whether the tags will be added to the S3 object after scanning.

Information about the issue code and message associated to the status of your Malware Protection plan.

Information about the Malware Protection plan resource.

Information about adding tags to the scanned S3 object after the scan result.

Information about the malware scan that generated a GuardDuty finding.

Contains information about the administrator account and invitation.

Contains information about the member account.

Information about the additional configuration for the member account.

Information about the additional configuration for the member account.

Contains information on which data sources are enabled for a member account.

Contains information about the features for the member account.

Contains information about the features for the member account.

Contains information about the NETWORK_CONNECTION action described in the finding.

Contains information about the elastic network interface of the EC2 instance.

Contains information about the observed behavior.

Contains information about the ISP organization of the remote IP address.

A list of additional configurations which will be configured for the organization.

A list of additional configuration which will be configured for the organization.

An object that contains information on which data sources will be configured to be automatically enabled for new members within the organization.

An object that contains information on which data sources are automatically enabled for new members within the organization.

Information about GuardDuty coverage statistics for members in your Amazon Web Services organization.

Organization-wide EBS volumes scan configuration.

An object that contains information on the status of whether EBS volumes scanning will be enabled as a data source for an organization.

A list of features which will be configured for the organization.

A list of features which will be configured for the organization.

Information about the number of accounts that have enabled a specific feature.

Information about the coverage statistic for the additional configuration of the feature.

Organization-wide Kubernetes audit logs configuration.

The current configuration of Kubernetes audit logs as a data source for the organization.

Organization-wide Kubernetes data sources configurations.

The current configuration of all Kubernetes data sources for the organization.

Organization-wide Malware Protection configurations.

An object that contains information on the status of all Malware Protection data source for an organization.

Describes whether S3 data event logs will be automatically enabled for new members of the organization.

The current configuration of S3 data event logs as a data source for the organization.

Organization-wide EC2 instances with findings scan configuration.

An object that contains information on the status of scanning EC2 instances with findings for an organization.

Information about the coverage statistics of the features for the entire Amazon Web Services organization.

Contains information on the owner of the bucket.

Contains information about how permissions are configured for the S3 bucket.

Contains information about the PORT_PROBE action described in the finding.

Contains information about the port probe details.

Contains other private IP address information of the EC2 instance.

Information about the observed process.

Contains information about the product code for the EC2 instance.

Describes the public access policies that apply to the S3 bucket.

Contains information about the resource type RDSDBInstance involved in a GuardDuty finding.

Contains information about the user and authentication details for a database instance involved in the finding.

Indicates that a login attempt was made to the potentially compromised database from a remote IP address.

Contains details about the remote Amazon Web Services account that made the API call.

Contains information about the remote IP address of the connection.

Contains information about the remote port.

Contains information about the Amazon Web Services resource associated with the activity that prompted GuardDuty to generate a finding.

Represents the resources that were scanned in the scan entry.

The requested resource can't be found.

Additional information about the suspicious activity.

Information about the process and any required context values for a specific finding.

Contains information on the S3 bucket.

Describes whether S3 data event logs will be enabled as a data source.

Describes whether S3 data event logs will be enabled as a data source.

Information about the S3 object that was scanned.

Contains information about a malware scan.

Contains information about the condition.

Represents the key:value pair to be matched against given resource property.

Contains a complete view providing malware scan result details.

Describes whether Malware Protection for EC2 instances with findings will be enabled as a data source.

An object that contains information on the status of whether Malware Protection for EC2 instances with findings will be enabled as a data source.

Contains details of infected file including name, file path and hash.

Total number of scanned files.

Contains information about criteria used to filter resources before triggering malware scan.

Represents the result of the scan.

Contains files infected with the given threat providing details of malware name and severity.

Container security context.

Contains information about the security groups associated with the EC2 instance.

Contains additional information about the generated finding.

Additional information about the generated finding.

Contains information about the criteria used for sorting findings.

Contains information about a tag associated with the EC2 instance.

Information about the detected threats associated with the generated finding.

Contains details about identified threats organized by threat name.

An instance of a threat intelligence detail that constitutes evidence for the finding.

Contains total number of infected files.

Contains the total usage with the corresponding currency unit for that value.

Represents the reason the scan was triggered.

Contains information about the accounts that weren't processed.

Specifies the names of the data sources that couldn't be enabled.

Information about the protected resource that is associated with the created Malware Protection plan.

Information about the protected S3 bucket resource.

Contains information on the total of usage based on account IDs.

Contains information about the criteria used to query usage statistics.

Contains information on the result of usage based on data source type.

Contains information about the result of the total usage based on the feature.

Contains information on the sum of usage based on an Amazon Web Services resource.

Contains the result of GuardDuty usage.

Contains information on the total of usage based on the topmost 50 account IDs.

Information about the usage statistics, calculated by top accounts by feature.

Volume used by the Kubernetes workload.

Contains EBS volume details.

Container volume mount.

Amazon Virtual Private Cloud configuration details associated with your Lambda function.