You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::Detective::Client

Inherits:
Seahorse::Client::Base show all
Defined in:
(unknown)

Overview

An API client for Amazon Detective. To construct a client, you need to configure a :region and :credentials.

detective = Aws::Detective::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

See #initialize for a full list of supported configuration options.

Region

You can configure a default region in the following locations:

  • ENV['AWS_REGION']
  • Aws.config[:region]

Go here for a list of supported regions.

Credentials

Default credentials are loaded automatically from the following locations:

  • ENV['AWS_ACCESS_KEY_ID'] and ENV['AWS_SECRET_ACCESS_KEY']
  • Aws.config[:credentials]
  • The shared credentials ini file at ~/.aws/credentials (more information)
  • From an instance profile when running on EC2

You can also construct a credentials object from one of the following classes:

Alternatively, you configure credentials with :access_key_id and :secret_access_key:

# load credentials from disk
creds = YAML.load(File.read('/path/to/secrets'))

Aws::Detective::Client.new(
  access_key_id: creds['access_key_id'],
  secret_access_key: creds['secret_access_key']
)

Always load your credentials from outside your application. Avoid configuring credentials statically and never commit them to source control.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

Constructor collapse

API Operations collapse

Instance Method Summary collapse

Methods inherited from Seahorse::Client::Base

add_plugin, api, #build_request, clear_plugins, define, new, #operation, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options = {}) ⇒ Aws::Detective::Client

Constructs an API client.

Options Hash (options):

  • :access_key_id (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :active_endpoint_cache (Boolean)

    When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false. See Plugins::EndpointDiscovery for more details.

  • :convert_params (Boolean) — default: true

    When true, an attempt is made to coerce request parameters into the required types. See Plugins::ParamConverter for more details.

  • :credentials (required, Credentials)

    Your AWS credentials. The following locations will be searched in order for credentials:

    • :access_key_id, :secret_access_key, and :session_token options
    • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
    • HOME/.aws/credentials shared credentials file
    • EC2 instance profile credentials See Plugins::RequestSigner for more details.
  • :disable_host_prefix_injection (Boolean)

    Set to true to disable SDK automatically adding host prefix to default service endpoint when available. See Plugins::EndpointPattern for more details.

  • :endpoint (String)

    A default endpoint is constructed from the :region. See Plugins::RegionalEndpoint for more details.

  • :endpoint_cache_max_entries (Integer)

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000. See Plugins::EndpointDiscovery for more details.

  • :endpoint_cache_max_threads (Integer)

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10. See Plugins::EndpointDiscovery for more details.

  • :endpoint_cache_poll_interval (Integer)

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec. See Plugins::EndpointDiscovery for more details.

  • :endpoint_discovery (Boolean)

    When set to true, endpoint discovery will be enabled for operations when available. Defaults to false. See Plugins::EndpointDiscovery for more details.

  • :http_continue_timeout (Float) — default: 1

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_idle_timeout (Integer) — default: 5

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_open_timeout (Integer) — default: 15

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_proxy (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_read_timeout (Integer) — default: 60

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :http_wire_trace (Boolean) — default: false

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the logger at. See Plugins::Logging for more details.

  • :log_formatter (Logging::LogFormatter)

    The log formatter. Defaults to Seahorse::Client::Logging::Formatter.default. See Plugins::Logging for more details.

  • :logger (Logger) — default: nil

    The Logger instance to send log messages to. If this option is not set, logging will be disabled. See Plugins::Logging for more details.

  • :profile (String)

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used. See Plugins::RequestSigner for more details.

  • :raise_response_errors (Boolean) — default: true

    When true, response errors are raised. See Seahorse::Client::Plugins::RaiseResponseErrors for more details.

  • :region (required, String)

    The AWS region to connect to. The region is used to construct the client endpoint. Defaults to ENV['AWS_REGION']. Also checks AMAZON_REGION and AWS_DEFAULT_REGION. See Plugins::RegionalEndpoint for more details.

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors and auth errors from expired credentials. See Plugins::RetryErrors for more details.

  • :secret_access_key (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :session_token (String)

    Used to set credentials statically. See Plugins::RequestSigner for more details.

  • :ssl_ca_bundle (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_ca_directory (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_ca_store (String)

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :ssl_verify_peer (Boolean) — default: true

    See Seahorse::Client::Plugins::NetHttp for more details.

  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled. See Plugins::StubResponses for more details.

  • :validate_params (Boolean) — default: true

    When true, request parameters are validated before sending the request. See Plugins::ParamValidator for more details.

Instance Method Details

#accept_invitation(options = {}) ⇒ Struct

Accepts an invitation for the member account to contribute data to a behavior graph. This operation can only be called by an invited member account.

The request provides the ARN of behavior graph.

The member account status in the graph must be INVITED.

Examples:

Request syntax with placeholder values


resp = client.accept_invitation({
  graph_arn: "GraphArn", # required
})

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph that the member account is accepting the invitation for.

    The member account status in the behavior graph must be INVITED.

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#create_graph(options = {}) ⇒ Types::CreateGraphResponse

Creates a new behavior graph for the calling account, and sets that account as the master account. This operation is called by the account that is enabling Detective.

Before you try to enable Detective, make sure that your account has been enrolled in Amazon GuardDuty for at least 48 hours. If you do not meet this requirement, you cannot enable Detective. If you do meet the GuardDuty prerequisite, then when you make the request to enable Detective, it checks whether your data volume is within the Detective quota. If it exceeds the quota, then you cannot enable Detective.

The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.

CreateGraph triggers a process to create the corresponding data tables for the new behavior graph.

An account can only be the master account for one behavior graph within a Region. If the same account calls CreateGraph with the same master account, it always returns the same behavior graph ARN. It does not create a new behavior graph.

Examples:

Request syntax with placeholder values


resp = client.create_graph()

Response structure


resp.graph_arn #=> String

Returns:

See Also:

#create_members(options = {}) ⇒ Types::CreateMembersResponse

Sends a request to invite the specified AWS accounts to be member accounts in the behavior graph. This operation can only be called by the master account for a behavior graph.

CreateMembers verifies the accounts and then sends invitations to the verified accounts.

The request provides the behavior graph ARN and the list of accounts to invite.

The response separates the requested accounts into two lists:

  • The accounts that CreateMembers was able to start the verification for. This list includes member accounts that are being verified, that have passed verification and are being sent an invitation, and that have failed verification.

  • The accounts that CreateMembers was unable to process. This list includes accounts that were already invited to be member accounts in the behavior graph.

Examples:

Request syntax with placeholder values


resp = client.create_members({
  graph_arn: "GraphArn", # required
  message: "EmailMessage",
  accounts: [ # required
    {
      account_id: "AccountId", # required
      email_address: "EmailAddress", # required
    },
  ],
})

Response structure


resp.members #=> Array
resp.members[0]. #=> String
resp.members[0].email_address #=> String
resp.members[0].graph_arn #=> String
resp.members[0].master_id #=> String
resp.members[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
resp.members[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
resp.members[0].invited_time #=> Time
resp.members[0].updated_time #=> Time
resp.members[0].percent_of_graph_utilization #=> Float
resp.members[0].percent_of_graph_utilization_updated_time #=> Time
resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].reason #=> String

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph to invite the member accounts to contribute their data to.

  • :message (String)

    Customized message text to include in the invitation email message to the invited member accounts.

  • :accounts (required, Array<Types::Account>)

    The list of AWS accounts to invite to become member accounts in the behavior graph. For each invited account, the account list contains the account identifier and the AWS account root user email address.

Returns:

See Also:

#delete_graph(options = {}) ⇒ Struct

Disables the specified behavior graph and queues it to be deleted. This operation removes the graph from each member account's list of behavior graphs.

DeleteGraph can only be called by the master account for a behavior graph.

Examples:

Request syntax with placeholder values


resp = client.delete_graph({
  graph_arn: "GraphArn", # required
})

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph to disable.

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#delete_members(options = {}) ⇒ Types::DeleteMembersResponse

Deletes one or more member accounts from the master account behavior graph. This operation can only be called by a Detective master account. That account cannot use DeleteMembers to delete their own account from the behavior graph. To disable a behavior graph, the master account uses the DeleteGraph API method.

Examples:

Request syntax with placeholder values


resp = client.delete_members({
  graph_arn: "GraphArn", # required
  account_ids: ["AccountId"], # required
})

Response structure


resp. #=> Array
resp.[0] #=> String
resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].reason #=> String

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph to delete members from.

  • :account_ids (required, Array<String>)

    The list of AWS account identifiers for the member accounts to delete from the behavior graph.

Returns:

See Also:

#disassociate_membership(options = {}) ⇒ Struct

Removes the member account from the specified behavior graph. This operation can only be called by a member account that has the ENABLED status.

Examples:

Request syntax with placeholder values


resp = client.disassociate_membership({
  graph_arn: "GraphArn", # required
})

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph to remove the member account from.

    The member account\'s member status in the behavior graph must be ENABLED.

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#get_members(options = {}) ⇒ Types::GetMembersResponse

Returns the membership details for specified member accounts for a behavior graph.

Examples:

Request syntax with placeholder values


resp = client.get_members({
  graph_arn: "GraphArn", # required
  account_ids: ["AccountId"], # required
})

Response structure


resp.member_details #=> Array
resp.member_details[0]. #=> String
resp.member_details[0].email_address #=> String
resp.member_details[0].graph_arn #=> String
resp.member_details[0].master_id #=> String
resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
resp.member_details[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
resp.member_details[0].invited_time #=> Time
resp.member_details[0].updated_time #=> Time
resp.member_details[0].percent_of_graph_utilization #=> Float
resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].reason #=> String

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph for which to request the member details.

  • :account_ids (required, Array<String>)

    The list of AWS account identifiers for the member account for which to return member details.

    You cannot use GetMembers to retrieve information about member accounts that were removed from the behavior graph.

Returns:

See Also:

#list_graphs(options = {}) ⇒ Types::ListGraphsResponse

Returns the list of behavior graphs that the calling account is a master of. This operation can only be called by a master account.

Because an account can currently only be the master of one behavior graph within a Region, the results always contain a single graph.

Examples:

Request syntax with placeholder values


resp = client.list_graphs({
  next_token: "PaginationToken",
  max_results: 1,
})

Response structure


resp.graph_list #=> Array
resp.graph_list[0].arn #=> String
resp.graph_list[0].created_time #=> Time
resp.next_token #=> String

Options Hash (options):

  • :next_token (String)

    For requests to get the next page of results, the pagination token that was returned with the previous set of results. The initial request does not include a pagination token.

  • :max_results (Integer)

    The maximum number of graphs to return at a time. The total must be less than the overall limit on the number of results to return, which is currently 200.

Returns:

See Also:

#list_invitations(options = {}) ⇒ Types::ListInvitationsResponse

Retrieves the list of open and accepted behavior graph invitations for the member account. This operation can only be called by a member account.

Open invitations are invitations that the member account has not responded to.

The results do not include behavior graphs for which the member account declined the invitation. The results also do not include behavior graphs that the member account resigned from or was removed from.

Examples:

Request syntax with placeholder values


resp = client.list_invitations({
  next_token: "PaginationToken",
  max_results: 1,
})

Response structure


resp.invitations #=> Array
resp.invitations[0]. #=> String
resp.invitations[0].email_address #=> String
resp.invitations[0].graph_arn #=> String
resp.invitations[0].master_id #=> String
resp.invitations[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
resp.invitations[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
resp.invitations[0].invited_time #=> Time
resp.invitations[0].updated_time #=> Time
resp.invitations[0].percent_of_graph_utilization #=> Float
resp.invitations[0].percent_of_graph_utilization_updated_time #=> Time
resp.next_token #=> String

Options Hash (options):

  • :next_token (String)

    For requests to retrieve the next page of results, the pagination token that was returned with the previous page of results. The initial request does not include a pagination token.

  • :max_results (Integer)

    The maximum number of behavior graph invitations to return in the response. The total must be less than the overall limit on the number of results to return, which is currently 200.

Returns:

See Also:

#list_members(options = {}) ⇒ Types::ListMembersResponse

Retrieves the list of member accounts for a behavior graph. Does not return member accounts that were removed from the behavior graph.

Examples:

Request syntax with placeholder values


resp = client.list_members({
  graph_arn: "GraphArn", # required
  next_token: "PaginationToken",
  max_results: 1,
})

Response structure


resp.member_details #=> Array
resp.member_details[0]. #=> String
resp.member_details[0].email_address #=> String
resp.member_details[0].graph_arn #=> String
resp.member_details[0].master_id #=> String
resp.member_details[0].status #=> String, one of "INVITED", "VERIFICATION_IN_PROGRESS", "VERIFICATION_FAILED", "ENABLED", "ACCEPTED_BUT_DISABLED"
resp.member_details[0].disabled_reason #=> String, one of "VOLUME_TOO_HIGH", "VOLUME_UNKNOWN"
resp.member_details[0].invited_time #=> Time
resp.member_details[0].updated_time #=> Time
resp.member_details[0].percent_of_graph_utilization #=> Float
resp.member_details[0].percent_of_graph_utilization_updated_time #=> Time
resp.next_token #=> String

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph for which to retrieve the list of member accounts.

  • :next_token (String)

    For requests to retrieve the next page of member account results, the pagination token that was returned with the previous page of results. The initial request does not include a pagination token.

  • :max_results (Integer)

    The maximum number of member accounts to include in the response. The total must be less than the overall limit on the number of results to return, which is currently 200.

Returns:

See Also:

#reject_invitation(options = {}) ⇒ Struct

Rejects an invitation to contribute the account data to a behavior graph. This operation must be called by a member account that has the INVITED status.

Examples:

Request syntax with placeholder values


resp = client.reject_invitation({
  graph_arn: "GraphArn", # required
})

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph to reject the invitation to.

    The member account\'s current member status in the behavior graph must be INVITED.

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#start_monitoring_member(options = {}) ⇒ Struct

Sends a request to enable data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED.

For valid member accounts, the status is updated as follows.

  • If Detective enabled the member account, then the new status is ENABLED.

  • If Detective cannot enable the member account, the status remains ACCEPTED_BUT_DISABLED.

Examples:

Request syntax with placeholder values


resp = client.start_monitoring_member({
  graph_arn: "GraphArn", # required
  account_id: "AccountId", # required
})

Options Hash (options):

  • :graph_arn (required, String)

    The ARN of the behavior graph.

  • :account_id (required, String)

    The account ID of the member account to try to enable.

    The account must be an invited member account with a status of ACCEPTED_BUT_DISABLED.

Returns:

  • (Struct)

    Returns an empty response.

See Also:

#wait_until(waiter_name, params = {}) {|waiter| ... } ⇒ Boolean

Waiters polls an API operation until a resource enters a desired state.

Basic Usage

Waiters will poll until they are succesful, they fail by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop, sleeping between attempts client.waiter_until(waiter_name, params)

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. You configure waiters by passing a block to #wait_until:

# poll for ~25 seconds
client.wait_until(...) do |w|
  w.max_attempts = 5
  w.delay = 5
end

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
client.wait_until(...) do |w|

  # disable max attempts
  w.max_attempts = nil

  # poll for 1 hour, instead of a number of attempts
  w.before_wait do |attempts, response|
    throw :failure if Time.now - started_at > 3600
  end

end

Handling Errors

When a waiter is successful, it returns true. When a waiter fails, it raises an error. All errors raised extend from Waiters::Errors::WaiterFailed.

begin
  client.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

Parameters:

  • waiter_name (Symbol)

    The name of the waiter. See #waiter_names for a full list of supported waiters.

  • params (Hash) (defaults to: {})

    Additional request parameters. See the #waiter_names for a list of supported waiters and what request they call. The called request determines the list of accepted parameters.

Yield Parameters:

Returns:

  • (Boolean)

    Returns true if the waiter was successful.

Raises:

  • (Errors::FailureStateError)

    Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

  • (Errors::TooManyAttemptsError)

    Raised when the configured maximum number of attempts have been made, and the waiter is not yet successful.

  • (Errors::UnexpectedError)

    Raised when an error is encounted while polling for a resource that is not expected.

  • (Errors::NoSuchWaiterError)

    Raised when you request to wait for an unknown state.

#waiter_namesArray<Symbol>

Returns the list of supported waiters. The following table lists the supported waiters and the client method they call:

Waiter NameClient MethodDefault Delay:Default Max Attempts:

Returns:

  • (Array<Symbol>)

    the list of supported waiters.