API for Amazon GuardDuty¶
| ABAP Package | /AWS1/API_GDY_IMPL |
|---|---|
| ABAP SDK "TLA" | GDY |
| ABAP Interface | /AWS1/IF_GDY |
The "TLA" is a Three Letter Abbreviation that appears in ABAP class names, data dictionary
objects and other ABAP objects throughout the AWS SDK for SAP ABAP. The TLA for Amazon GuardDuty is GDY.
This TLA helps squeeze ABAP objects into the 30-character length limit of the ABAP data dictionary.
Installation¶
To install the AWS SDK for SAP ABAP, import the Core transport, along with the transport for the GuardDuty module and other API modules you are interested in. A few modules are included in the Core transport itself. For more information, see the Developer Guide guide.
About The Service¶
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following foundational data sources - VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs, EKS audit logs, DNS logs, Amazon EBS volume data, runtime activity belonging to container workloads, such as Amazon EKS, Amazon ECS (including Amazon Web Services Fargate), and Amazon EC2 instances. It uses threat intelligence feeds, such as lists of malicious IPs and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, domains, or presence of malware on your Amazon EC2 instances and container workloads. For example, GuardDuty can detect compromised EC2 instances and container workloads serving malware, or mining bitcoin.
GuardDuty also monitors Amazon Web Services account access behavior for signs of compromise, such as unauthorized infrastructure deployments like EC2 instances deployed in a Region that has never been used, or unusual API calls like a password policy change to reduce password strength.
GuardDuty informs you about the status of your Amazon Web Services environment by producing security findings that you can view in the GuardDuty console or through Amazon EventBridge. For more information, see the Amazon GuardDuty User Guide .
Using the SDK¶
In your code, create a client using the SDK module for Amazon GuardDuty, which is created with
factory method /AWS1/CL_GDY_FACTORY=>create().
In this example we will assume you have configured
an SDK profile in transaction /AWS1/IMG called ZFINANCE.
DATA(go_session) = /aws1/cl_rt_session_aws=>create( 'ZFINANCE' ).
DATA(go_gdy) = /aws1/cl_gdy_factory=>create( go_session ).
Your variable go_gdy is an instance of /AWS1/IF_GDY,
and all of the operations
in the Amazon GuardDuty service are accessed by calling methods in /AWS1/IF_GDY.
API Operations¶
For an overview of ABAP method calls corresponding to API operations in Amazon GuardDuty, see the Operation List.
Factory Method¶
/AWS1/CL_GDY_FACTORY=>create( )¶
Creates an object of type /AWS1/IF_GDY.
IMPORTING¶
Optional arguments:¶
IV_PROTOCOL TYPE /AWS1/RT_PROTOCOL /AWS1/RT_PROTOCOL¶
IO_SESSION TYPE REF TO /AWS1/CL_RT_SESSION_BASE /AWS1/CL_RT_SESSION_BASE¶
IV_REGION TYPE /AWS1/RT_REGION_ID /AWS1/RT_REGION_ID¶
IV_CUSTOM_ENDPOINT TYPE /AWS1/RT_ENDPOINT /AWS1/RT_ENDPOINT¶
RETURNING¶
OO_CLIENT TYPE REF TO /AWS1/IF_GDY /AWS1/IF_GDY¶
/AWS1/IF_GDYrepresents the ABAP client for the GuardDuty service, representing each operation as a method call. For more information see the API Page page.
Configuring Programmatically¶
DATA(lo_config) = DATA(go_gdy)->get_config( ).
lo_config is a variable of type /AWS1/CL_GDY_CONFIG. See the documentation for /AWS1/CL_GDY_CONFIG for
details on the settings that can be configured.
Paginators¶
Paginators for Amazon GuardDuty can be created via get_paginator() which returns a paginator object of type /AWS1/IF_GDY_PAGINATOR. The operation method that is being paginated is called using the paginator object, which accepts any necessary parameters to provide to the underlying API operation. This returns an iterator object which can be used to iterate over paginated results using has_next() and get_next() methods.
Details about the paginator methods available for service Amazon GuardDuty can be found in interface /AWS1/IF_GDY_PAGINATOR.