|
1349 | 1349 | "Session":{ |
1350 | 1350 | "shape":"Session", |
1351 | 1351 | "locationName":"session" |
| 1352 | + }, |
| 1353 | + "Process":{ |
| 1354 | + "shape":"ActorProcess", |
| 1355 | + "locationName":"process" |
1352 | 1356 | } |
1353 | 1357 | } |
1354 | 1358 | }, |
|
1357 | 1361 | "member":{"shape":"String"}, |
1358 | 1362 | "max":400 |
1359 | 1363 | }, |
| 1364 | + "ActorProcess":{ |
| 1365 | + "type":"structure", |
| 1366 | + "required":[ |
| 1367 | + "Name", |
| 1368 | + "Path" |
| 1369 | + ], |
| 1370 | + "members":{ |
| 1371 | + "Name":{ |
| 1372 | + "shape":"ProcessName", |
| 1373 | + "locationName":"name" |
| 1374 | + }, |
| 1375 | + "Path":{ |
| 1376 | + "shape":"ProcessPath", |
| 1377 | + "locationName":"path" |
| 1378 | + }, |
| 1379 | + "Sha256":{ |
| 1380 | + "shape":"ProcessSha256", |
| 1381 | + "locationName":"sha256" |
| 1382 | + } |
| 1383 | + } |
| 1384 | + }, |
1360 | 1385 | "Actors":{ |
1361 | 1386 | "type":"list", |
1362 | 1387 | "member":{"shape":"Actor"}, |
1363 | 1388 | "max":400 |
1364 | 1389 | }, |
| 1390 | + "AdditionalSequenceTypes":{ |
| 1391 | + "type":"list", |
| 1392 | + "member":{"shape":"FindingType"} |
| 1393 | + }, |
1365 | 1394 | "AddonDetails":{ |
1366 | 1395 | "type":"structure", |
1367 | 1396 | "members":{ |
|
1680 | 1709 | } |
1681 | 1710 | } |
1682 | 1711 | }, |
| 1712 | + "ClusterStatus":{ |
| 1713 | + "type":"string", |
| 1714 | + "enum":[ |
| 1715 | + "CREATING", |
| 1716 | + "ACTIVE", |
| 1717 | + "DELETING", |
| 1718 | + "FAILED", |
| 1719 | + "UPDATING", |
| 1720 | + "PENDING" |
| 1721 | + ] |
| 1722 | + }, |
1683 | 1723 | "Condition":{ |
1684 | 1724 | "type":"structure", |
1685 | 1725 | "members":{ |
|
1787 | 1827 | } |
1788 | 1828 | } |
1789 | 1829 | }, |
| 1830 | + "ContainerFindingResource":{ |
| 1831 | + "type":"structure", |
| 1832 | + "required":["Image"], |
| 1833 | + "members":{ |
| 1834 | + "Image":{ |
| 1835 | + "shape":"String", |
| 1836 | + "locationName":"image" |
| 1837 | + }, |
| 1838 | + "ImageUid":{ |
| 1839 | + "shape":"ContainerImageUid", |
| 1840 | + "locationName":"imageUid" |
| 1841 | + } |
| 1842 | + } |
| 1843 | + }, |
| 1844 | + "ContainerImageUid":{ |
| 1845 | + "type":"string", |
| 1846 | + "max":1024, |
| 1847 | + "min":1 |
| 1848 | + }, |
1790 | 1849 | "ContainerInstanceDetails":{ |
1791 | 1850 | "type":"structure", |
1792 | 1851 | "members":{ |
|
1800 | 1859 | } |
1801 | 1860 | } |
1802 | 1861 | }, |
| 1862 | + "ContainerUid":{ |
| 1863 | + "type":"string", |
| 1864 | + "max":256, |
| 1865 | + "min":0 |
| 1866 | + }, |
| 1867 | + "ContainerUids":{ |
| 1868 | + "type":"list", |
| 1869 | + "member":{"shape":"ContainerUid"} |
| 1870 | + }, |
1803 | 1871 | "Containers":{ |
1804 | 1872 | "type":"list", |
1805 | 1873 | "member":{"shape":"Container"} |
|
3330 | 3398 | } |
3331 | 3399 | } |
3332 | 3400 | }, |
| 3401 | + "Ec2InstanceUid":{ |
| 3402 | + "type":"string", |
| 3403 | + "max":256, |
| 3404 | + "min":0 |
| 3405 | + }, |
| 3406 | + "Ec2InstanceUids":{ |
| 3407 | + "type":"list", |
| 3408 | + "member":{"shape":"Ec2InstanceUid"}, |
| 3409 | + "max":25, |
| 3410 | + "min":0 |
| 3411 | + }, |
3333 | 3412 | "Ec2NetworkInterface":{ |
3334 | 3413 | "type":"structure", |
3335 | 3414 | "members":{ |
|
3449 | 3528 | } |
3450 | 3529 | } |
3451 | 3530 | }, |
| 3531 | + "EksCluster":{ |
| 3532 | + "type":"structure", |
| 3533 | + "members":{ |
| 3534 | + "Arn":{ |
| 3535 | + "shape":"String", |
| 3536 | + "locationName":"arn" |
| 3537 | + }, |
| 3538 | + "CreatedAt":{ |
| 3539 | + "shape":"Timestamp", |
| 3540 | + "locationName":"createdAt" |
| 3541 | + }, |
| 3542 | + "Status":{ |
| 3543 | + "shape":"ClusterStatus", |
| 3544 | + "locationName":"status" |
| 3545 | + }, |
| 3546 | + "VpcId":{ |
| 3547 | + "shape":"String", |
| 3548 | + "locationName":"vpcId" |
| 3549 | + }, |
| 3550 | + "Ec2InstanceUids":{ |
| 3551 | + "shape":"Ec2InstanceUids", |
| 3552 | + "locationName":"ec2InstanceUids" |
| 3553 | + } |
| 3554 | + } |
| 3555 | + }, |
3452 | 3556 | "EksClusterDetails":{ |
3453 | 3557 | "type":"structure", |
3454 | 3558 | "members":{ |
|
3481 | 3585 | "Email":{ |
3482 | 3586 | "type":"string", |
3483 | 3587 | "max":64, |
3484 | | - "min":1, |
| 3588 | + "min":6, |
| 3589 | + "pattern":"See rules in parameter description", |
3485 | 3590 | "sensitive":true |
3486 | 3591 | }, |
3487 | 3592 | "EnableOrganizationAdminAccountRequest":{ |
|
3750 | 3855 | "EC2_NETWORK_INTERFACE", |
3751 | 3856 | "S3_BUCKET", |
3752 | 3857 | "S3_OBJECT", |
3753 | | - "ACCESS_KEY" |
| 3858 | + "ACCESS_KEY", |
| 3859 | + "EKS_CLUSTER", |
| 3860 | + "KUBERNETES_WORKLOAD", |
| 3861 | + "CONTAINER" |
3754 | 3862 | ] |
3755 | 3863 | }, |
3756 | 3864 | "FindingStatisticType":{ |
|
4616 | 4724 | "ATTACK_TECHNIQUE", |
4617 | 4725 | "UNUSUAL_API_FOR_ACCOUNT", |
4618 | 4726 | "UNUSUAL_ASN_FOR_ACCOUNT", |
4619 | | - "UNUSUAL_ASN_FOR_USER" |
| 4727 | + "UNUSUAL_ASN_FOR_USER", |
| 4728 | + "SUSPICIOUS_PROCESS", |
| 4729 | + "MALICIOUS_DOMAIN", |
| 4730 | + "MALICIOUS_PROCESS", |
| 4731 | + "CRYPTOMINING_IP", |
| 4732 | + "CRYPTOMINING_DOMAIN", |
| 4733 | + "CRYPTOMINING_PROCESS" |
4620 | 4734 | ] |
4621 | 4735 | }, |
4622 | 4736 | "IndicatorValueString":{ |
|
4972 | 5086 | } |
4973 | 5087 | } |
4974 | 5088 | }, |
| 5089 | + "KubernetesResourcesTypes":{ |
| 5090 | + "type":"string", |
| 5091 | + "enum":[ |
| 5092 | + "PODS", |
| 5093 | + "JOBS", |
| 5094 | + "CRONJOBS", |
| 5095 | + "DEPLOYMENTS", |
| 5096 | + "DAEMONSETS", |
| 5097 | + "STATEFULSETS", |
| 5098 | + "REPLICASETS", |
| 5099 | + "REPLICATIONCONTROLLERS" |
| 5100 | + ] |
| 5101 | + }, |
4975 | 5102 | "KubernetesRoleBindingDetails":{ |
4976 | 5103 | "type":"structure", |
4977 | 5104 | "members":{ |
|
5039 | 5166 | } |
5040 | 5167 | } |
5041 | 5168 | }, |
| 5169 | + "KubernetesWorkload":{ |
| 5170 | + "type":"structure", |
| 5171 | + "members":{ |
| 5172 | + "ContainerUids":{ |
| 5173 | + "shape":"ContainerUids", |
| 5174 | + "locationName":"containerUids" |
| 5175 | + }, |
| 5176 | + "Namespace":{ |
| 5177 | + "shape":"String", |
| 5178 | + "locationName":"namespace" |
| 5179 | + }, |
| 5180 | + "KubernetesResourcesTypes":{ |
| 5181 | + "shape":"KubernetesResourcesTypes", |
| 5182 | + "locationName":"kubernetesResourcesTypes" |
| 5183 | + } |
| 5184 | + } |
| 5185 | + }, |
5042 | 5186 | "KubernetesWorkloadDetails":{ |
5043 | 5187 | "type":"structure", |
5044 | 5188 | "members":{ |
|
6633 | 6777 | } |
6634 | 6778 | } |
6635 | 6779 | }, |
| 6780 | + "ProcessName":{ |
| 6781 | + "type":"string", |
| 6782 | + "max":4096, |
| 6783 | + "min":0 |
| 6784 | + }, |
| 6785 | + "ProcessPath":{ |
| 6786 | + "type":"string", |
| 6787 | + "max":4096, |
| 6788 | + "min":0 |
| 6789 | + }, |
| 6790 | + "ProcessSha256":{ |
| 6791 | + "type":"string", |
| 6792 | + "max":1024, |
| 6793 | + "min":0 |
| 6794 | + }, |
6636 | 6795 | "ProductCode":{ |
6637 | 6796 | "type":"structure", |
6638 | 6797 | "members":{ |
|
6964 | 7123 | "S3Object":{ |
6965 | 7124 | "shape":"S3Object", |
6966 | 7125 | "locationName":"s3Object" |
| 7126 | + }, |
| 7127 | + "EksCluster":{ |
| 7128 | + "shape":"EksCluster", |
| 7129 | + "locationName":"eksCluster" |
| 7130 | + }, |
| 7131 | + "KubernetesWorkload":{ |
| 7132 | + "shape":"KubernetesWorkload", |
| 7133 | + "locationName":"kubernetesWorkload" |
| 7134 | + }, |
| 7135 | + "Container":{ |
| 7136 | + "shape":"ContainerFindingResource", |
| 7137 | + "locationName":"container" |
6967 | 7138 | } |
6968 | 7139 | } |
6969 | 7140 | }, |
|
7679 | 7850 | "SequenceIndicators":{ |
7680 | 7851 | "shape":"Indicators", |
7681 | 7852 | "locationName":"sequenceIndicators" |
| 7853 | + }, |
| 7854 | + "AdditionalSequenceTypes":{ |
| 7855 | + "shape":"AdditionalSequenceTypes", |
| 7856 | + "locationName":"additionalSequenceTypes" |
7682 | 7857 | } |
7683 | 7858 | } |
7684 | 7859 | }, |
|
7890 | 8065 | "enum":[ |
7891 | 8066 | "FINDING", |
7892 | 8067 | "CLOUD_TRAIL", |
7893 | | - "S3_DATA_EVENTS" |
| 8068 | + "S3_DATA_EVENTS", |
| 8069 | + "EKS_AUDIT_LOGS", |
| 8070 | + "FLOW_LOGS", |
| 8071 | + "DNS_LOGS", |
| 8072 | + "RUNTIME_MONITORING" |
7894 | 8073 | ] |
7895 | 8074 | }, |
7896 | 8075 | "Signals":{ |
|
0 commit comments