StartMonitoringMember - Amazon Detective

StartMonitoringMember

Sends a request to enable data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED.

For valid member accounts, the status is updated as follows.

  • If Detective enabled the member account, then the new status is ENABLED.

  • If Detective cannot enable the member account, the status remains ACCEPTED_BUT_DISABLED.

Request Syntax

POST /graph/member/monitoringstate HTTP/1.1 Content-type: application/json { "AccountId": "string", "GraphArn": "string" }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

AccountId

The account ID of the member account to try to enable.

The account must be an invited member account with a status of ACCEPTED_BUT_DISABLED.

Type: String

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]+$

Required: Yes

GraphArn

The ARN of the behavior graph.

Type: String

Pattern: ^arn:aws[-\w]{0,10}?:detective:[-\w]{2,20}?:\d{12}?:graph:[abcdef\d]{32}?$

Required: Yes

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

ConflictException

The request attempted an invalid action.

HTTP Status Code: 409

InternalServerException

The request was valid but failed because of a problem with the service.

HTTP Status Code: 500

ResourceNotFoundException

The request refers to a nonexistent resource.

HTTP Status Code: 404

ServiceQuotaExceededException

This request cannot be completed for one of the following reasons.

  • The request would cause the number of member accounts in the behavior graph to exceed the maximum allowed. A behavior graph cannot have more than 1000 member accounts.

  • The request would cause the data rate for the behavior graph to exceed the maximum allowed.

  • Detective is unable to verify the data rate for the member account. This is usually because the member account is not enrolled in Amazon GuardDuty.

HTTP Status Code: 402

ValidationException

The request parameters are invalid.

HTTP Status Code: 400

Examples

Example

Sample Request

POST /graph/member/monitoringstate HTTP/1.1 Host: api.detective.us-west-2.amazonaws.com Accept-Encoding: identity Content-Length: 127 Authorization: AUTHPARAMS X-Amz-Date: 20200127T193018Z User-Agent: aws-cli/1.14.29 Python/2.7.9 Windows/8 botocore/1.8.33 { "AccountId": "444455556666", "GraphArn": "arn:aws:detective:us-east-1:111122223333:graph:027c7c4610ea4aacaf0b883093cab899" }

Example

Sample Response

HTTP/1.1 200 OK Content-Length: 0 Date: Thu, 21 Feb 2020 23:07:46 GMT x-amzn-RequestId: 397d0549-0092-11e8-a0ee-a7f9aa6e7572 Connection: Keep-alive

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: