Provides information on whether the supplied account IDs are associated with a membership.
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be 123123123 which is nine digits, and with zero-prepend would be 000123123123. Not zero-prepending to 12 digits could result in errors.
Cancels an existing membership.
", "idempotent":true }, "CloseCase":{ "name":"CloseCase", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/close-case", "responseCode":200 }, "input":{"shape":"CloseCaseRequest"}, "output":{"shape":"CloseCaseResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Closes an existing case.
" }, "CreateCase":{ "name":"CreateCase", "http":{ "method":"POST", "requestUri":"/v1/create-case", "responseCode":201 }, "input":{"shape":"CreateCaseRequest"}, "output":{"shape":"CreateCaseResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Creates a new case.
", "idempotent":true }, "CreateCaseComment":{ "name":"CreateCaseComment", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/create-comment", "responseCode":201 }, "input":{"shape":"CreateCaseCommentRequest"}, "output":{"shape":"CreateCaseCommentResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Adds a comment to an existing case.
", "idempotent":true }, "CreateMembership":{ "name":"CreateMembership", "http":{ "method":"POST", "requestUri":"/v1/membership", "responseCode":201 }, "input":{"shape":"CreateMembershipRequest"}, "output":{"shape":"CreateMembershipResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Creates a new membership.
", "idempotent":true }, "GetCase":{ "name":"GetCase", "http":{ "method":"GET", "requestUri":"/v1/cases/{caseId}/get-case", "responseCode":200 }, "input":{"shape":"GetCaseRequest"}, "output":{"shape":"GetCaseResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns the attributes of a case.
", "readonly":true }, "GetCaseAttachmentDownloadUrl":{ "name":"GetCaseAttachmentDownloadUrl", "http":{ "method":"GET", "requestUri":"/v1/cases/{caseId}/get-presigned-url/{attachmentId}", "responseCode":201 }, "input":{"shape":"GetCaseAttachmentDownloadUrlRequest"}, "output":{"shape":"GetCaseAttachmentDownloadUrlResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns a Pre-Signed URL for uploading attachments into a case.
", "readonly":true }, "GetCaseAttachmentUploadUrl":{ "name":"GetCaseAttachmentUploadUrl", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/get-presigned-url", "responseCode":201 }, "input":{"shape":"GetCaseAttachmentUploadUrlRequest"}, "output":{"shape":"GetCaseAttachmentUploadUrlResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Uploads an attachment to a case.
", "idempotent":true }, "GetMembership":{ "name":"GetMembership", "http":{ "method":"GET", "requestUri":"/v1/membership/{membershipId}", "responseCode":200 }, "input":{"shape":"GetMembershipRequest"}, "output":{"shape":"GetMembershipResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns the attributes of a membership.
", "readonly":true }, "ListCaseEdits":{ "name":"ListCaseEdits", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/list-case-edits", "responseCode":200 }, "input":{"shape":"ListCaseEditsRequest"}, "output":{"shape":"ListCaseEditsResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Views the case history for edits made to a designated case.
", "readonly":true }, "ListCases":{ "name":"ListCases", "http":{ "method":"POST", "requestUri":"/v1/list-cases", "responseCode":200 }, "input":{"shape":"ListCasesRequest"}, "output":{"shape":"ListCasesResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Lists all cases the requester has access to.
", "readonly":true }, "ListComments":{ "name":"ListComments", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/list-comments", "responseCode":200 }, "input":{"shape":"ListCommentsRequest"}, "output":{"shape":"ListCommentsResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns comments for a designated case.
", "readonly":true }, "ListInvestigations":{ "name":"ListInvestigations", "http":{ "method":"GET", "requestUri":"/v1/cases/{caseId}/list-investigations", "responseCode":200 }, "input":{"shape":"ListInvestigationsRequest"}, "output":{"shape":"ListInvestigationsResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Investigation performed by an agent for a security incident...
", "readonly":true }, "ListMemberships":{ "name":"ListMemberships", "http":{ "method":"POST", "requestUri":"/v1/memberships", "responseCode":200 }, "input":{"shape":"ListMembershipsRequest"}, "output":{"shape":"ListMembershipsResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns the memberships that the calling principal can access.
", "readonly":true }, "ListTagsForResource":{ "name":"ListTagsForResource", "http":{ "method":"GET", "requestUri":"/v1/tags/{resourceArn}", "responseCode":200 }, "input":{"shape":"ListTagsForResourceInput"}, "output":{"shape":"ListTagsForResourceOutput"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"InvalidTokenException"} ], "documentation":"Returns currently configured tags on a resource.
", "readonly":true }, "SendFeedback":{ "name":"SendFeedback", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/feedback/{resultId}/send-feedback", "responseCode":200 }, "input":{"shape":"SendFeedbackRequest"}, "output":{"shape":"SendFeedbackResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Send feedback based on response investigation action
" }, "TagResource":{ "name":"TagResource", "http":{ "method":"POST", "requestUri":"/v1/tags/{resourceArn}", "responseCode":204 }, "input":{"shape":"TagResourceInput"}, "output":{"shape":"TagResourceOutput"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"InvalidTokenException"} ], "documentation":"Adds a tag(s) to a designated resource.
" }, "UntagResource":{ "name":"UntagResource", "http":{ "method":"DELETE", "requestUri":"/v1/tags/{resourceArn}", "responseCode":200 }, "input":{"shape":"UntagResourceInput"}, "output":{"shape":"UntagResourceOutput"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"InvalidTokenException"} ], "documentation":"Removes a tag(s) from a designate resource.
", "idempotent":true }, "UpdateCase":{ "name":"UpdateCase", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/update-case", "responseCode":200 }, "input":{"shape":"UpdateCaseRequest"}, "output":{"shape":"UpdateCaseResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Updates an existing case.
" }, "UpdateCaseComment":{ "name":"UpdateCaseComment", "http":{ "method":"PUT", "requestUri":"/v1/cases/{caseId}/update-case-comment/{commentId}", "responseCode":200 }, "input":{"shape":"UpdateCaseCommentRequest"}, "output":{"shape":"UpdateCaseCommentResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Updates an existing case comment.
", "idempotent":true }, "UpdateCaseStatus":{ "name":"UpdateCaseStatus", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/update-case-status", "responseCode":201 }, "input":{"shape":"UpdateCaseStatusRequest"}, "output":{"shape":"UpdateCaseStatusResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Updates the state transitions for a designated cases.
Self-managed: the following states are available for self-managed cases.
Submitted → Detection and Analysis
Detection and Analysis → Containment, Eradication, and Recovery
Detection and Analysis → Post-incident Activities
Containment, Eradication, and Recovery → Detection and Analysis
Containment, Eradication, and Recovery → Post-incident Activities
Post-incident Activities → Containment, Eradication, and Recovery
Post-incident Activities → Detection and Analysis
Any → Closed
AWS supported: You must use the CloseCase API to close.
Updates membership configuration.
", "idempotent":true }, "UpdateResolverType":{ "name":"UpdateResolverType", "http":{ "method":"POST", "requestUri":"/v1/cases/{caseId}/update-resolver-type", "responseCode":200 }, "input":{"shape":"UpdateResolverTypeRequest"}, "output":{"shape":"UpdateResolverTypeResponse"}, "errors":[ {"shape":"ServiceQuotaExceededException"}, {"shape":"AccessDeniedException"}, {"shape":"ValidationException"}, {"shape":"SecurityIncidentResponseNotActiveException"}, {"shape":"InternalServerException"}, {"shape":"ThrottlingException"}, {"shape":"ConflictException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidTokenException"} ], "documentation":"Updates the resolver type for a case.
This is a one-way action and cannot be reversed.
The ID of the resource which lead to the access denial.
" } }, "documentation":"", "error":{ "httpStatusCode":403, "senderFault":true }, "exception":true }, "ActionType":{ "type":"string", "enum":[ "Evidence", "Investigation", "Summarization" ] }, "Arn":{ "type":"string", "max":1010, "min":12, "pattern":"arn:aws:security-ir:\\w+?-\\w+?-\\d+:[0-9]{12}:(membership/m-[a-z0-9]{10,32}|case/[0-9]{10})" }, "AttachmentId":{ "type":"string", "pattern":"[0-9a-fA-F]{8}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{4}\\b-[0-9a-fA-F]{12}" }, "AwsRegion":{ "type":"string", "enum":[ "af-south-1", "ap-east-1", "ap-east-2", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "ap-southeast-4", "ap-southeast-5", "ap-southeast-6", "ap-southeast-7", "ca-central-1", "ca-west-1", "cn-north-1", "cn-northwest-1", "eu-central-1", "eu-central-2", "eu-north-1", "eu-south-1", "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3", "il-central-1", "me-central-1", "me-south-1", "mx-central-1", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2" ] }, "AwsService":{ "type":"string", "max":50, "min":2, "pattern":"[a-zA-Z0-9 -.():]+" }, "BatchGetMemberAccountDetailsRequest":{ "type":"structure", "required":[ "membershipId", "accountIds" ], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"Required element used in combination with BatchGetMemberAccountDetails to identify the membership ID to query.
", "location":"uri", "locationName":"membershipId" }, "accountIds":{ "shape":"AWSAccountIds", "documentation":"Optional element to query the membership relationship status to a provided list of account IDs.
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be 123123123 which is nine digits, and with zero-prepend would be 000123123123. Not zero-prepending to 12 digits could result in errors.
The response element providing responses for requests to GetMembershipAccountDetails.
" }, "errors":{ "shape":"GetMembershipAccountDetailErrors", "documentation":"The response element providing error messages for requests to GetMembershipAccountDetails.
" } } }, "Boolean":{ "type":"boolean", "box":true }, "CancelMembershipRequest":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"Required element used in combination with CancelMembershipRequest to identify the membership ID to cancel.
", "location":"uri", "locationName":"membershipId" } } }, "CancelMembershipResponse":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"The response element providing responses for requests to CancelMembershipRequest.
" } } }, "CaseArn":{ "type":"string", "max":80, "min":12, "pattern":"arn:aws:security-ir:\\w+?-\\w+?-\\d+:[0-9]{12}:case/[0-9]{10}" }, "CaseAttachmentAttributes":{ "type":"structure", "required":[ "attachmentId", "fileName", "attachmentStatus", "creator", "createdDate" ], "members":{ "attachmentId":{ "shape":"AttachmentId", "documentation":"" }, "fileName":{ "shape":"FileName", "documentation":"" }, "attachmentStatus":{ "shape":"CaseAttachmentStatus", "documentation":"" }, "creator":{ "shape":"PrincipalId", "documentation":"" }, "createdDate":{ "shape":"Timestamp", "documentation":"" } }, "documentation":"" }, "CaseAttachmentStatus":{ "type":"string", "enum":[ "Verified", "Failed", "Pending" ] }, "CaseAttachmentsList":{ "type":"list", "member":{"shape":"CaseAttachmentAttributes"}, "max":50, "min":0 }, "CaseDescription":{ "type":"string", "max":8000, "min":1, "sensitive":true }, "CaseEditAction":{ "type":"string", "max":100, "min":1 }, "CaseEditItem":{ "type":"structure", "members":{ "eventTimestamp":{ "shape":"Timestamp", "documentation":"" }, "principal":{ "shape":"String", "documentation":"" }, "action":{ "shape":"CaseEditAction", "documentation":"" }, "message":{ "shape":"CaseEditMessage", "documentation":"" } }, "documentation":"" }, "CaseEditItems":{ "type":"list", "member":{"shape":"CaseEditItem"} }, "CaseEditMessage":{ "type":"string", "max":4096, "min":10 }, "CaseId":{ "type":"string", "max":32, "min":10, "pattern":"\\d{10,32}.*" }, "CaseMetadata":{ "type":"list", "member":{"shape":"CaseMetadataEntry"}, "max":30, "min":1 }, "CaseMetadataEntry":{ "type":"structure", "required":[ "key", "value" ], "members":{ "key":{ "shape":"CaseMetadataEntryKeyString", "documentation":"The identifier for the metadata field. This key uniquely identifies the type of metadata being stored, such as \"severity\", \"category\", or \"assignee\".
" }, "value":{ "shape":"CaseMetadataEntryValueString", "documentation":"The value associated with the metadata key. This contains the actual data for the metadata field identified by the key.
" } }, "documentation":"Represents a single metadata entry associated with a case. Each entry consists of a key-value pair that provides additional contextual information about the case, such as classification tags, custom attributes, or system-generated properties.
" }, "CaseMetadataEntryKeyString":{ "type":"string", "max":500, "min":1 }, "CaseMetadataEntryValueString":{ "type":"string", "max":2000, "min":1 }, "CaseStatus":{ "type":"string", "enum":[ "Submitted", "Acknowledged", "Detection and Analysis", "Containment, Eradication and Recovery", "Post-incident Activities", "Ready to Close", "Closed" ] }, "CaseTitle":{ "type":"string", "max":300, "min":1, "sensitive":true }, "CloseCaseRequest":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element used in combination with CloseCase to identify the case ID to close.
", "location":"uri", "locationName":"caseId" } } }, "CloseCaseResponse":{ "type":"structure", "members":{ "caseStatus":{ "shape":"CaseStatus", "documentation":"A response element providing responses for requests to CloseCase. This element responds Closed if successful.
A response element providing responses for requests to CloseCase. This element responds with the ISO-8601 formatted timestamp of the moment when the case was closed.
" } } }, "ClosureCode":{ "type":"string", "enum":[ "Investigation Completed", "Not Resolved", "False Positive", "Duplicate" ] }, "CommentBody":{ "type":"string", "max":12000, "min":1, "sensitive":true }, "CommentId":{ "type":"string", "max":6, "min":6, "pattern":"\\d{6}" }, "CommunicationPreferences":{ "type":"list", "member":{"shape":"CommunicationType"} }, "CommunicationType":{ "type":"string", "enum":[ "Case Created", "Case Updated", "Case Acknowledged", "Case Closed", "Case Updated To Service Managed", "Case Status Updated", "Case Pending Customer Action Reminder", "Case Attachment Url Uploaded", "Case Comment Added", "Case Comment Updated", "Membership Created", "Membership Updated", "Membership Cancelled", "Register Delegated Administrator", "Deregister Delegated Administrator", "Disable AWS Service Access" ] }, "ConflictException":{ "type":"structure", "required":[ "message", "resourceId", "resourceType" ], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" }, "resourceId":{ "shape":"String", "documentation":"The ID of the conflicting resource.
" }, "resourceType":{ "shape":"String", "documentation":"The type of the conflicting resource.
" } }, "documentation":"", "error":{ "httpStatusCode":409, "senderFault":true }, "exception":true }, "ContentLength":{ "type":"long", "box":true, "max":104857600, "min":1 }, "CreateCaseCommentRequest":{ "type":"structure", "required":[ "caseId", "body" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element used in combination with CreateCaseComment to specify a case ID.
", "location":"uri", "locationName":"caseId" }, "clientToken":{ "shape":"CreateCaseCommentRequestClientTokenString", "documentation":"The clientToken field is an idempotency key used to ensure that repeated attempts for a single action will be ignored by the server during retries. A caller supplied unique ID (typically a UUID) should be provided.
Required element used in combination with CreateCaseComment to add content for the new comment.
" } } }, "CreateCaseCommentRequestClientTokenString":{ "type":"string", "max":255, "min":1 }, "CreateCaseCommentResponse":{ "type":"structure", "required":["commentId"], "members":{ "commentId":{ "shape":"CommentId", "documentation":"Response element indicating the new comment ID.
" } } }, "CreateCaseRequest":{ "type":"structure", "required":[ "resolverType", "title", "description", "engagementType", "reportedIncidentStartDate", "impactedAccounts", "watchers" ], "members":{ "clientToken":{ "shape":"CreateCaseRequestClientTokenString", "documentation":"The clientToken field is an idempotency key used to ensure that repeated attempts for a single action will be ignored by the server during retries. A caller supplied unique ID (typically a UUID) should be provided.
Required element used in combination with CreateCase to identify the resolver type.
" }, "title":{ "shape":"CaseTitle", "documentation":"Required element used in combination with CreateCase to provide a title for the new case.
" }, "description":{ "shape":"CaseDescription", "documentation":"Required element used in combination with CreateCase
to provide a description for the new case.
" }, "engagementType":{ "shape":"EngagementType", "documentation":"Required element used in combination with CreateCase to provide an engagement type for the new cases. Available engagement types include Security Incident | Investigation
" }, "reportedIncidentStartDate":{ "shape":"Timestamp", "documentation":"Required element used in combination with CreateCase to provide an initial start date for the unauthorized activity.
" }, "impactedAccounts":{ "shape":"ImpactedAccounts", "documentation":"Required element used in combination with CreateCase to provide a list of impacted accounts.
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be 123123123 which is nine digits, and with zero-prepend would be 000123123123. Not zero-prepending to 12 digits could result in errors.
Required element used in combination with CreateCase to provide a list of entities to receive notifications for case updates.
" }, "threatActorIpAddresses":{ "shape":"ThreatActorIpList", "documentation":"An optional element used in combination with CreateCase to provide a list of suspicious internet protocol addresses associated with unauthorized activity.
" }, "impactedServices":{ "shape":"ImpactedServicesList", "documentation":"An optional element used in combination with CreateCase to provide a list of services impacted.
" }, "impactedAwsRegions":{ "shape":"ImpactedAwsRegionList", "documentation":"An optional element used in combination with CreateCase to provide a list of impacted regions.
" }, "tags":{ "shape":"TagMap", "documentation":"An optional element used in combination with CreateCase to add customer specified tags to a case.
" } } }, "CreateCaseRequestClientTokenString":{ "type":"string", "max":255, "min":1 }, "CreateCaseResponse":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"A response element providing responses for requests to CreateCase. This element responds with the case ID.
" } } }, "CreateMembershipRequest":{ "type":"structure", "required":[ "membershipName", "incidentResponseTeam" ], "members":{ "clientToken":{ "shape":"CreateMembershipRequestClientTokenString", "documentation":"The clientToken field is an idempotency key used to ensure that repeated attempts for a single action will be ignored by the server during retries. A caller supplied unique ID (typically a UUID) should be provided.
Required element used in combination with CreateMembership to create a name for the membership.
" }, "incidentResponseTeam":{ "shape":"IncidentResponseTeam", "documentation":"Required element used in combination with CreateMembership to add customer incident response team members and trusted partners to the membership.
" }, "optInFeatures":{ "shape":"OptInFeatures", "documentation":"Optional element to enable the monitoring and investigation opt-in features for the service.
" }, "tags":{ "shape":"TagMap", "documentation":"Optional element for customer configured tags.
" }, "coverEntireOrganization":{ "shape":"Boolean", "documentation":"The coverEntireOrganization parameter is a boolean flag that determines whether the membership should be applied to the entire Amazon Web Services Organization. When set to true, the membership will be created for all accounts within the organization. When set to false, the membership will only be created for specified accounts.
This parameter is optional. If not specified, the default value is false.
If set to true: The membership will automatically include all existing and future accounts in the Amazon Web Services Organization.
If set to false: The membership will only apply to explicitly specified accounts.
Response element for CreateMembership providing the newly created membership ID.
" } } }, "CustomerType":{ "type":"string", "enum":[ "Standalone", "Organization" ] }, "EmailAddress":{ "type":"string", "max":254, "min":6, "pattern":"[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*", "sensitive":true }, "EngagementType":{ "type":"string", "enum":[ "Security Incident", "Investigation" ] }, "ExecutionStatus":{ "type":"string", "enum":[ "Pending", "InProgress", "Waiting", "Completed", "Failed", "Cancelled" ] }, "FeedbackComment":{ "type":"string", "max":1000, "min":1 }, "FileName":{ "type":"string", "max":255, "min":1, "pattern":"[a-zA-Z0-9._-]+", "sensitive":true }, "GetCaseAttachmentDownloadUrlRequest":{ "type":"structure", "required":[ "caseId", "attachmentId" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for GetCaseAttachmentDownloadUrl to identify the case ID for downloading an attachment from.
", "location":"uri", "locationName":"caseId" }, "attachmentId":{ "shape":"AttachmentId", "documentation":"Required element for GetCaseAttachmentDownloadUrl to identify the attachment ID for downloading an attachment.
", "location":"uri", "locationName":"attachmentId" } } }, "GetCaseAttachmentDownloadUrlResponse":{ "type":"structure", "required":["attachmentPresignedUrl"], "members":{ "attachmentPresignedUrl":{ "shape":"Url", "documentation":"Response element providing the Amazon S3 presigned URL to download an attachment.
" } } }, "GetCaseAttachmentUploadUrlRequest":{ "type":"structure", "required":[ "caseId", "fileName", "contentLength" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for GetCaseAttachmentUploadUrl to identify the case ID for uploading an attachment.
", "location":"uri", "locationName":"caseId" }, "fileName":{ "shape":"FileName", "documentation":"Required element for GetCaseAttachmentUploadUrl to identify the file name of the attachment to upload.
" }, "contentLength":{ "shape":"ContentLength", "documentation":"Required element for GetCaseAttachmentUploadUrl to identify the size of the file attachment.
" }, "clientToken":{ "shape":"GetCaseAttachmentUploadUrlRequestClientTokenString", "documentation":"The clientToken field is an idempotency key used to ensure that repeated attempts for a single action will be ignored by the server during retries. A caller supplied unique ID (typically a UUID) should be provided.
Response element providing the Amazon S3 presigned URL to upload the attachment.
" } } }, "GetCaseRequest":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for GetCase to identify the requested case ID.
", "location":"uri", "locationName":"caseId" } } }, "GetCaseResponse":{ "type":"structure", "members":{ "title":{ "shape":"CaseTitle", "documentation":"Response element for GetCase that provides the case title.
" }, "caseArn":{ "shape":"CaseArn", "documentation":"Response element for GetCase that provides the case ARN
" }, "description":{ "shape":"CaseDescription", "documentation":"Response element for GetCase that provides contents of the case description.
" }, "caseStatus":{ "shape":"CaseStatus", "documentation":"Response element for GetCase that provides the case status. Options for statuses include Submitted | Detection and Analysis | Eradication, Containment and Recovery | Post-Incident Activities | Closed
Response element for GetCase that provides the engagement type. Options for engagement type include Active Security Event | Investigations
Response element for GetCase that provides the customer provided incident start date.
" }, "actualIncidentStartDate":{ "shape":"Timestamp", "documentation":"Response element for GetCase that provides the actual incident start date as identified by data analysis during the investigation.
" }, "impactedAwsRegions":{ "shape":"ImpactedAwsRegionList", "documentation":"Response element for GetCase that provides the impacted regions.
" }, "threatActorIpAddresses":{ "shape":"ThreatActorIpList", "documentation":"Response element for GetCase that provides a list of suspicious IP addresses associated with unauthorized activity.
" }, "pendingAction":{ "shape":"PendingAction", "documentation":"Response element for GetCase that identifies the case is waiting on customer input.
" }, "impactedAccounts":{ "shape":"ImpactedAccounts", "documentation":"Response element for GetCase that provides a list of impacted accounts.
" }, "watchers":{ "shape":"Watchers", "documentation":"Response element for GetCase that provides a list of Watchers added to the case.
" }, "createdDate":{ "shape":"Timestamp", "documentation":"Response element for GetCase that provides the date the case was created.
" }, "lastUpdatedDate":{ "shape":"Timestamp", "documentation":"Response element for GetCase that provides the date a case was last modified.
" }, "closureCode":{ "shape":"ClosureCode", "documentation":"Response element for GetCase that provides the summary code for why a case was closed.
" }, "resolverType":{ "shape":"ResolverType", "documentation":"Response element for GetCase that provides the current resolver types.
" }, "impactedServices":{ "shape":"ImpactedServicesList", "documentation":"Response element for GetCase that provides a list of impacted services.
" }, "caseAttachments":{ "shape":"CaseAttachmentsList", "documentation":"Response element for GetCase that provides a list of current case attachments.
" }, "closedDate":{ "shape":"Timestamp", "documentation":"Response element for GetCase that provides the date a specified case was closed.
" }, "caseMetadata":{ "shape":"CaseMetadata", "documentation":"Case response metadata
" } } }, "GetMembershipAccountDetailError":{ "type":"structure", "required":[ "accountId", "error", "message" ], "members":{ "accountId":{ "shape":"AWSAccountId", "documentation":"" }, "error":{ "shape":"String", "documentation":"" }, "message":{ "shape":"String", "documentation":"" } }, "documentation":"" }, "GetMembershipAccountDetailErrors":{ "type":"list", "member":{"shape":"GetMembershipAccountDetailError"}, "max":100, "min":0 }, "GetMembershipAccountDetailItem":{ "type":"structure", "members":{ "accountId":{ "shape":"AWSAccountId", "documentation":"" }, "relationshipStatus":{ "shape":"MembershipAccountRelationshipStatus", "documentation":"" }, "relationshipType":{ "shape":"MembershipAccountRelationshipType", "documentation":"" } }, "documentation":"" }, "GetMembershipAccountDetailItems":{ "type":"list", "member":{"shape":"GetMembershipAccountDetailItem"}, "max":100, "min":0 }, "GetMembershipRequest":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"Required element for GetMembership to identify the membership ID to query.
", "location":"uri", "locationName":"membershipId" } } }, "GetMembershipResponse":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"Response element for GetMembership that provides the queried membership ID.
" }, "accountId":{ "shape":"AWSAccountId", "documentation":"Response element for GetMembership that provides the account configured to manage the membership.
" }, "region":{ "shape":"AwsRegion", "documentation":"Response element for GetMembership that provides the region configured to manage the membership.
" }, "membershipName":{ "shape":"MembershipName", "documentation":"Response element for GetMembership that provides the configured membership name.
" }, "membershipArn":{ "shape":"MembershipArn", "documentation":"Response element for GetMembership that provides the membership ARN.
" }, "membershipStatus":{ "shape":"MembershipStatus", "documentation":"Response element for GetMembership that provides the current membership status.
" }, "membershipActivationTimestamp":{ "shape":"Timestamp", "documentation":"Response element for GetMembership that provides the configured membership activation timestamp.
" }, "membershipDeactivationTimestamp":{ "shape":"Timestamp", "documentation":"Response element for GetMembership that provides the configured membership name deactivation timestamp.
" }, "customerType":{ "shape":"CustomerType", "documentation":"Response element for GetMembership that provides the configured membership type. Options include Standalone | Organizations.
Response element for GetMembership that provides the number of accounts in the membership.
" }, "incidentResponseTeam":{ "shape":"IncidentResponseTeam", "documentation":"Response element for GetMembership that provides the configured membership incident response team members.
" }, "optInFeatures":{ "shape":"OptInFeatures", "documentation":"Response element for GetMembership that provides the if opt-in features have been enabled.
" }, "membershipAccountsConfigurations":{ "shape":"MembershipAccountsConfigurations", "documentation":"The membershipAccountsConfigurations field contains the configuration details for member accounts within the Amazon Web Services Organizations membership structure.
This field returns a structure containing information about:
Account configurations for member accounts
Membership settings and preferences
Account-level permissions and roles
The exception message.
" }, "retryAfterSeconds":{ "shape":"Integer", "documentation":"The number of seconds after which to retry the request.
", "location":"header", "locationName":"Retry-After" } }, "documentation":"", "error":{"httpStatusCode":500}, "exception":true, "fault":true, "retryable":{"throttling":false} }, "InvalidTokenException":{ "type":"structure", "required":["message"], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" } }, "documentation":"", "error":{ "httpStatusCode":423, "senderFault":true }, "exception":true, "retryable":{"throttling":false} }, "InvestigationAction":{ "type":"structure", "required":[ "investigationId", "actionType", "title", "content", "status", "lastUpdated" ], "members":{ "investigationId":{ "shape":"InvestigationId", "documentation":"The unique identifier for this investigation action. This ID is used to track and reference the specific investigation throughout its lifecycle.
" }, "actionType":{ "shape":"ActionType", "documentation":"The type of investigation action being performed. This categorizes the investigation method or approach used in the case.
" }, "title":{ "shape":"InvestigationTitle", "documentation":"Human-readable summary of the investigation focus. This provides a brief description of what the investigation is examining or analyzing.
" }, "content":{ "shape":"InvestigationContent", "documentation":"Detailed investigation results in rich markdown format. This field contains the comprehensive findings, analysis, and conclusions from the investigation.
" }, "status":{ "shape":"ExecutionStatus", "documentation":"The current execution status of the investigation. This indicates whether the investigation is pending, in progress, completed, or failed.
" }, "lastUpdated":{ "shape":"Timestamp", "documentation":"ISO 8601 timestamp of the most recent status update. This indicates when the investigation was last modified or when its status last changed.
" }, "feedback":{ "shape":"InvestigationFeedback", "documentation":"User feedback for this investigation result. This contains the user's assessment and comments about the quality and usefulness of the investigation findings.
" } }, "documentation":"Represents an investigation action performed within a case. This structure captures the details of an automated or manual investigation, including its status, results, and user feedback.
" }, "InvestigationActionList":{ "type":"list", "member":{"shape":"InvestigationAction"} }, "InvestigationContent":{ "type":"string", "max":5000, "min":1 }, "InvestigationFeedback":{ "type":"structure", "members":{ "usefulness":{ "shape":"UsefulnessRating", "documentation":"User assessment of the investigation result's quality and helpfulness. This rating indicates how valuable the investigation findings were in addressing the case.
" }, "comment":{ "shape":"FeedbackComment", "documentation":"Optional user comments providing additional context about the investigation feedback. This allows users to explain their rating or provide suggestions for improvement.
" }, "submittedAt":{ "shape":"Timestamp", "documentation":"ISO 8601 timestamp when the feedback was submitted. This records when the user provided their assessment of the investigation results.
" } }, "documentation":"Represents user feedback for an investigation result. This structure captures the user's evaluation of the investigation's quality, usefulness, and any additional comments.
" }, "InvestigationId":{ "type":"string", "pattern":"inv-[a-z0-9]{10,32}" }, "InvestigationTitle":{ "type":"string", "max":200, "min":1 }, "JobTitle":{ "type":"string", "max":50, "min":1, "sensitive":true }, "ListCaseEditsRequest":{ "type":"structure", "required":["caseId"], "members":{ "nextToken":{ "shape":"ListCaseEditsRequestNextTokenString", "documentation":"An optional string that, if supplied, must be copied from the output of a previous call to ListCaseEdits. When provided in this manner, the API fetches the next page of results.
" }, "maxResults":{ "shape":"ListCaseEditsRequestMaxResultsInteger", "documentation":"Optional element to identify how many results to obtain. There is a maximum value of 25.
" }, "caseId":{ "shape":"CaseId", "documentation":"Required element used with ListCaseEdits to identify the case to query.
", "location":"uri", "locationName":"caseId" } } }, "ListCaseEditsRequestMaxResultsInteger":{ "type":"integer", "box":true, "max":25, "min":1 }, "ListCaseEditsRequestNextTokenString":{ "type":"string", "max":2000, "min":0 }, "ListCaseEditsResponse":{ "type":"structure", "members":{ "nextToken":{ "shape":"String", "documentation":"An optional string that, if supplied on subsequent calls to ListCaseEdits, allows the API to fetch the next page of results.
" }, "items":{ "shape":"CaseEditItems", "documentation":"Response element for ListCaseEdits that includes the action, event timestamp, message, and principal for the response.
" }, "total":{ "shape":"Integer", "documentation":"Response element for ListCaseEdits that identifies the total number of edits.
" } } }, "ListCasesItem":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"" }, "lastUpdatedDate":{ "shape":"Timestamp", "documentation":"" }, "title":{ "shape":"CaseTitle", "documentation":"" }, "caseArn":{ "shape":"CaseArn", "documentation":"" }, "engagementType":{ "shape":"EngagementType", "documentation":"" }, "caseStatus":{ "shape":"CaseStatus", "documentation":"" }, "createdDate":{ "shape":"Timestamp", "documentation":"" }, "closedDate":{ "shape":"Timestamp", "documentation":"" }, "resolverType":{ "shape":"ResolverType", "documentation":"" }, "pendingAction":{ "shape":"PendingAction", "documentation":"" } }, "documentation":"" }, "ListCasesItems":{ "type":"list", "member":{"shape":"ListCasesItem"} }, "ListCasesRequest":{ "type":"structure", "members":{ "nextToken":{ "shape":"ListCasesRequestNextTokenString", "documentation":"An optional string that, if supplied, must be copied from the output of a previous call to ListCases. When provided in this manner, the API fetches the next page of results.
" }, "maxResults":{ "shape":"ListCasesRequestMaxResultsInteger", "documentation":"Optional element for ListCases to limit the number of responses.
" } } }, "ListCasesRequestMaxResultsInteger":{ "type":"integer", "box":true, "max":25, "min":1 }, "ListCasesRequestNextTokenString":{ "type":"string", "max":2000, "min":0 }, "ListCasesResponse":{ "type":"structure", "members":{ "nextToken":{ "shape":"String", "documentation":"An optional string that, if supplied on subsequent calls to ListCases, allows the API to fetch the next page of results.
" }, "items":{ "shape":"ListCasesItems", "documentation":"Response element for ListCases that includes caseARN, caseID, caseStatus, closedDate, createdDate, engagementType, lastUpdatedDate, pendingAction, resolverType, and title for each response.
" }, "total":{ "shape":"Long", "documentation":"Response element for ListCases providing the total number of responses.
" } } }, "ListCommentsItem":{ "type":"structure", "required":["commentId"], "members":{ "commentId":{ "shape":"CommentId", "documentation":"" }, "createdDate":{ "shape":"Timestamp", "documentation":"" }, "lastUpdatedDate":{ "shape":"Timestamp", "documentation":"" }, "creator":{ "shape":"PrincipalId", "documentation":"" }, "lastUpdatedBy":{ "shape":"PrincipalId", "documentation":"" }, "body":{ "shape":"CommentBody", "documentation":"" } }, "documentation":"" }, "ListCommentsItems":{ "type":"list", "member":{"shape":"ListCommentsItem"} }, "ListCommentsRequest":{ "type":"structure", "required":["caseId"], "members":{ "nextToken":{ "shape":"ListCommentsRequestNextTokenString", "documentation":"An optional string that, if supplied, must be copied from the output of a previous call to ListComments. When provided in this manner, the API fetches the next page of results.
" }, "maxResults":{ "shape":"ListCommentsRequestMaxResultsInteger", "documentation":"Optional element for ListComments to limit the number of responses.
" }, "caseId":{ "shape":"CaseId", "documentation":"Required element for ListComments to designate the case to query.
", "location":"uri", "locationName":"caseId" } } }, "ListCommentsRequestMaxResultsInteger":{ "type":"integer", "box":true, "max":25, "min":1 }, "ListCommentsRequestNextTokenString":{ "type":"string", "max":2000, "min":0 }, "ListCommentsResponse":{ "type":"structure", "members":{ "nextToken":{ "shape":"String", "documentation":"An optional string that, if supplied on subsequent calls to ListComments, allows the API to fetch the next page of results.
" }, "items":{ "shape":"ListCommentsItems", "documentation":"Response element for ListComments providing the body, commentID, createDate, creator, lastUpdatedBy and lastUpdatedDate for each response.
" }, "total":{ "shape":"Integer", "documentation":"Response element for ListComments identifying the number of responses.
" } } }, "ListInvestigationsRequest":{ "type":"structure", "required":["caseId"], "members":{ "nextToken":{ "shape":"ListInvestigationsRequestNextTokenString", "documentation":"Investigation performed by an agent for a security incident request
", "location":"querystring", "locationName":"nextToken" }, "maxResults":{ "shape":"ListInvestigationsRequestMaxResultsInteger", "documentation":"Investigation performed by an agent for a security incident request, returning max results
", "location":"querystring", "locationName":"maxResults" }, "caseId":{ "shape":"CaseId", "documentation":"Investigation performed by an agent for a security incident per caseID
", "location":"uri", "locationName":"caseId" } } }, "ListInvestigationsRequestMaxResultsInteger":{ "type":"integer", "box":true, "max":25, "min":1 }, "ListInvestigationsRequestNextTokenString":{ "type":"string", "max":2000, "min":0 }, "ListInvestigationsResponse":{ "type":"structure", "required":["investigationActions"], "members":{ "nextToken":{ "shape":"String", "documentation":"Investigation performed by an agent for a security incident for next Token
" }, "investigationActions":{ "shape":"InvestigationActionList", "documentation":"Investigation performed by an agent for a security incid…Unique identifier for the specific investigation>
" } } }, "ListMembershipItem":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"" }, "accountId":{ "shape":"AWSAccountId", "documentation":"" }, "region":{ "shape":"AwsRegion", "documentation":"" }, "membershipArn":{ "shape":"MembershipArn", "documentation":"" }, "membershipStatus":{ "shape":"MembershipStatus", "documentation":"" } }, "documentation":"" }, "ListMembershipItems":{ "type":"list", "member":{"shape":"ListMembershipItem"} }, "ListMembershipsRequest":{ "type":"structure", "members":{ "nextToken":{ "shape":"ListMembershipsRequestNextTokenString", "documentation":"An optional string that, if supplied, must be copied from the output of a previous call to ListMemberships. When provided in this manner, the API fetches the next page of results.
" }, "maxResults":{ "shape":"ListMembershipsRequestMaxResultsInteger", "documentation":"Request element for ListMemberships to limit the number of responses.
" } } }, "ListMembershipsRequestMaxResultsInteger":{ "type":"integer", "box":true, "max":25, "min":1 }, "ListMembershipsRequestNextTokenString":{ "type":"string", "max":2000, "min":0 }, "ListMembershipsResponse":{ "type":"structure", "members":{ "nextToken":{ "shape":"String", "documentation":"An optional string that, if supplied on subsequent calls to ListMemberships, allows the API to fetch the next page of results.
" }, "items":{ "shape":"ListMembershipItems", "documentation":"Request element for ListMemberships including the accountID, membershipARN, membershipID, membershipStatus, and region for each response.
" } } }, "ListTagsForResourceInput":{ "type":"structure", "required":["resourceArn"], "members":{ "resourceArn":{ "shape":"Arn", "documentation":"Required element for ListTagsForResource to provide the ARN to identify a specific resource.
", "location":"uri", "locationName":"resourceArn" } } }, "ListTagsForResourceOutput":{ "type":"structure", "required":["tags"], "members":{ "tags":{ "shape":"TagMap", "documentation":"Response element for ListTagsForResource providing content for each configured tag.
" } } }, "Long":{ "type":"long", "box":true }, "MembershipAccountRelationshipStatus":{ "type":"string", "enum":[ "Associated", "Disassociated", "Unassociated" ] }, "MembershipAccountRelationshipType":{ "type":"string", "enum":[ "Organization", "Unrelated" ] }, "MembershipAccountsConfigurations":{ "type":"structure", "members":{ "coverEntireOrganization":{ "shape":"Boolean", "documentation":"The coverEntireOrganization field is a boolean value that determines whether the membership configuration applies to all accounts within an Amazon Web Services Organization.
When set to true, the configuration will be applied across all accounts in the organization. When set to false, the configuration will only apply to specifically designated accounts under the AWS Organizational Units specificied.
A list of organizational unit IDs that follow the pattern ou-[0-9a-z]{4,32}-[a-z0-9]{8,32}. These IDs represent the organizational units within an Amazon Web Services Organizations structure that are covered by the membership.
Each organizational unit ID in the list must:
Begin with the prefix 'ou-'
Contain between 4 and 32 alphanumeric characters in the first segment
Contain between 8 and 32 alphanumeric characters in the second segment
The MembershipAccountsConfigurations structure defines the configuration settings for managing membership accounts withinAmazon Web Services.
This structure contains settings that determine how member accounts are configured and managed within your organization, including:
Account configuration preferences
Membership validation rules
Account access settings
You can use this structure to define and maintain standardized configurations across multiple member accounts in your organization.
" }, "MembershipAccountsConfigurationsUpdate":{ "type":"structure", "members":{ "coverEntireOrganization":{ "shape":"Boolean", "documentation":"The coverEntireOrganization field is a boolean value that determines whether the membership configuration should be applied across the entire Amazon Web Services Organization.
When set to true, the configuration will be applied to all accounts within the organization. When set to false, the configuration will only apply to specifically designated accounts.
A list of organizational unit IDs to add to the membership configuration. Each organizational unit ID must match the pattern ou-[0-9a-z]{4,32}-[a-z0-9]{8,32}.
The list must contain between 1 and 5 organizational unit IDs.
" }, "organizationalUnitsToRemove":{ "shape":"MembershipAccountsConfigurationsUpdateOrganizationalUnitsToRemoveList", "documentation":"A list of organizational unit IDs to remove from the membership configuration. Each organizational unit ID must match the pattern ou-[0-9a-z]{4,32}-[a-z0-9]{8,32}.
The list must contain between 1 and 5 organizational unit IDs per invocation of the API request.
" } }, "documentation":"The MembershipAccountsConfigurationsUpdatestructure represents the configuration updates for member accounts within an Amazon Web Services organization.
This structure is used to modify existing account configurations and settings for members in the organization. When applying updates, ensure all required fields are properly specified to maintain account consistency.
Key considerations when using this structure:
All configuration changes are validated before being applied
Updates are processed asynchronously in the background
Configuration changes may take several minutes to propagate across all affected accounts
The exception message.
" } }, "documentation":"", "error":{ "httpStatusCode":404, "senderFault":true }, "exception":true }, "ResultId":{ "type":"string", "pattern":"inv-[a-z0-9]{10,32}" }, "SecurityIncidentResponseNotActiveException":{ "type":"structure", "required":["message"], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" } }, "documentation":"", "error":{ "httpStatusCode":400, "senderFault":true }, "exception":true }, "SelfManagedCaseStatus":{ "type":"string", "enum":[ "Submitted", "Detection and Analysis", "Containment, Eradication and Recovery", "Post-incident Activities" ] }, "SendFeedbackRequest":{ "type":"structure", "required":[ "caseId", "resultId", "usefulness" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Send feedback based on request caseID
", "location":"uri", "locationName":"caseId" }, "resultId":{ "shape":"ResultId", "documentation":"Send feedback based on request result ID
", "location":"uri", "locationName":"resultId" }, "usefulness":{ "shape":"UsefulnessRating", "documentation":"Required enum value indicating user assessment of result q.....
" }, "comment":{ "shape":"FeedbackComment", "documentation":"Send feedback based on request comments
" } } }, "SendFeedbackResponse":{ "type":"structure", "members":{} }, "ServiceQuotaExceededException":{ "type":"structure", "required":[ "message", "resourceId", "resourceType", "serviceCode", "quotaCode" ], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" }, "resourceId":{ "shape":"String", "documentation":"The ID of the requested resource which lead to the service quota exception.
" }, "resourceType":{ "shape":"String", "documentation":"The type of the requested resource which lead to the service quota exception.
" }, "serviceCode":{ "shape":"String", "documentation":"The service code of the quota.
" }, "quotaCode":{ "shape":"String", "documentation":"The code of the quota.
" } }, "documentation":"", "error":{ "httpStatusCode":402, "senderFault":true }, "exception":true }, "String":{"type":"string"}, "TagKey":{ "type":"string", "max":128, "min":1 }, "TagKeys":{ "type":"list", "member":{"shape":"TagKey"} }, "TagMap":{ "type":"map", "key":{"shape":"TagKey"}, "value":{"shape":"TagValue"}, "max":200, "min":0 }, "TagResourceInput":{ "type":"structure", "required":[ "resourceArn", "tags" ], "members":{ "resourceArn":{ "shape":"Arn", "documentation":"Required element for TagResource to identify the ARN for the resource to add a tag to.
", "location":"uri", "locationName":"resourceArn" }, "tags":{ "shape":"TagMap", "documentation":"Required element for ListTagsForResource to provide the content for a tag.
" } } }, "TagResourceOutput":{ "type":"structure", "members":{} }, "TagValue":{ "type":"string", "max":256, "min":0 }, "ThreatActorIp":{ "type":"structure", "required":["ipAddress"], "members":{ "ipAddress":{ "shape":"IPAddress", "documentation":"" }, "userAgent":{ "shape":"UserAgent", "documentation":"" } }, "documentation":"" }, "ThreatActorIpList":{ "type":"list", "member":{"shape":"ThreatActorIp"}, "max":200, "min":0 }, "ThrottlingException":{ "type":"structure", "required":["message"], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" }, "serviceCode":{ "shape":"String", "documentation":"The service code of the exception.
" }, "quotaCode":{ "shape":"String", "documentation":"The quota code of the exception.
" }, "retryAfterSeconds":{ "shape":"Integer", "documentation":"The number of seconds after which to retry the request.
", "location":"header", "locationName":"Retry-After" } }, "documentation":"", "error":{ "httpStatusCode":429, "senderFault":true }, "exception":true, "retryable":{"throttling":true} }, "Timestamp":{"type":"timestamp"}, "UntagResourceInput":{ "type":"structure", "required":[ "resourceArn", "tagKeys" ], "members":{ "resourceArn":{ "shape":"Arn", "documentation":"Required element for UnTagResource to identify the ARN for the resource to remove a tag from.
", "location":"uri", "locationName":"resourceArn" }, "tagKeys":{ "shape":"TagKeys", "documentation":"Required element for UnTagResource to identify tag to remove.
", "location":"querystring", "locationName":"tagKeys" } } }, "UntagResourceOutput":{ "type":"structure", "members":{} }, "UpdateCaseCommentRequest":{ "type":"structure", "required":[ "caseId", "commentId", "body" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for UpdateCaseComment to identify the case ID containing the comment to be updated.
", "location":"uri", "locationName":"caseId" }, "commentId":{ "shape":"CommentId", "documentation":"Required element for UpdateCaseComment to identify the case ID to be updated.
", "location":"uri", "locationName":"commentId" }, "body":{ "shape":"CommentBody", "documentation":"Required element for UpdateCaseComment to identify the content for the comment to be updated.
" } } }, "UpdateCaseCommentResponse":{ "type":"structure", "required":["commentId"], "members":{ "commentId":{ "shape":"CommentId", "documentation":"Response element for UpdateCaseComment providing the updated comment ID.
" }, "body":{ "shape":"CommentBody", "documentation":"Response element for UpdateCaseComment providing the updated comment content.
" } } }, "UpdateCaseRequest":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for UpdateCase to identify the case ID for updates.
", "location":"uri", "locationName":"caseId" }, "title":{ "shape":"CaseTitle", "documentation":"Optional element for UpdateCase to provide content for the title field.
" }, "description":{ "shape":"CaseDescription", "documentation":"Optional element for UpdateCase to provide content for the description field.
" }, "reportedIncidentStartDate":{ "shape":"Timestamp", "documentation":"Optional element for UpdateCase to provide content for the customer reported incident start date field.
" }, "actualIncidentStartDate":{ "shape":"Timestamp", "documentation":"Optional element for UpdateCase to provide content for the incident start date field.
" }, "engagementType":{ "shape":"EngagementType", "documentation":"Optional element for UpdateCase to provide content for the engagement type field. Available engagement types include Security Incident | Investigation.
Optional element for UpdateCase to provide content to add additional watchers to a case.
" }, "watchersToDelete":{ "shape":"Watchers", "documentation":"Optional element for UpdateCase to provide content to remove existing watchers from a case.
" }, "threatActorIpAddressesToAdd":{ "shape":"ThreatActorIpList", "documentation":"Optional element for UpdateCase to provide content to add additional suspicious IP addresses related to a case.
" }, "threatActorIpAddressesToDelete":{ "shape":"ThreatActorIpList", "documentation":"Optional element for UpdateCase to provide content to remove suspicious IP addresses from a case.
" }, "impactedServicesToAdd":{ "shape":"ImpactedServicesList", "documentation":"Optional element for UpdateCase to provide content to add services impacted.
" }, "impactedServicesToDelete":{ "shape":"ImpactedServicesList", "documentation":"Optional element for UpdateCase to provide content to remove services impacted.
" }, "impactedAwsRegionsToAdd":{ "shape":"ImpactedAwsRegionList", "documentation":"Optional element for UpdateCase to provide content to add regions impacted.
" }, "impactedAwsRegionsToDelete":{ "shape":"ImpactedAwsRegionList", "documentation":"Optional element for UpdateCase to provide content to remove regions impacted.
" }, "impactedAccountsToAdd":{ "shape":"ImpactedAccounts", "documentation":"Optional element for UpdateCase to provide content to add accounts impacted.
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be 123123123 which is nine digits, and with zero-prepend would be 000123123123. Not zero-prepending to 12 digits could result in errors.
Optional element for UpdateCase to provide content to add accounts impacted.
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be 123123123 which is nine digits, and with zero-prepend would be 000123123123. Not zero-prepending to 12 digits could result in errors.
Update the case request with case metadata
" } } }, "UpdateCaseResponse":{ "type":"structure", "members":{} }, "UpdateCaseStatusRequest":{ "type":"structure", "required":[ "caseId", "caseStatus" ], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Required element for UpdateCaseStatus to identify the case to update.
", "location":"uri", "locationName":"caseId" }, "caseStatus":{ "shape":"SelfManagedCaseStatus", "documentation":"Required element for UpdateCaseStatus to identify the status for a case. Options include Submitted | Detection and Analysis | Containment, Eradication and Recovery | Post-incident Activities.
Response element for UpdateCaseStatus showing the newly configured status.
" } } }, "UpdateMembershipRequest":{ "type":"structure", "required":["membershipId"], "members":{ "membershipId":{ "shape":"MembershipId", "documentation":"Required element for UpdateMembership to identify the membership to update.
", "location":"uri", "locationName":"membershipId" }, "membershipName":{ "shape":"MembershipName", "documentation":"Optional element for UpdateMembership to update the membership name.
" }, "incidentResponseTeam":{ "shape":"IncidentResponseTeam", "documentation":"Optional element for UpdateMembership to update the membership name.
" }, "optInFeatures":{ "shape":"OptInFeatures", "documentation":"Optional element for UpdateMembership to enable or disable opt-in features for the service.
" }, "membershipAccountsConfigurationsUpdate":{ "shape":"MembershipAccountsConfigurationsUpdate", "documentation":"The membershipAccountsConfigurationsUpdate field in the UpdateMembershipRequest structure allows you to update the configuration settings for accounts within a membership.
This field is optional and contains a structure of type MembershipAccountsConfigurationsUpdate that specifies the updated account configurations for the membership.
The undoMembershipCancellation parameter is a boolean flag that indicates whether to reverse a previously requested membership cancellation. When set to true, this will revoke the cancellation request and maintain the membership status.
This parameter is optional and can be used in scenarios where you need to restore a membership that was marked for cancellation but hasn't been fully terminated yet.
If set to true, the cancellation request will be revoked
If set to false the service will throw a ValidationException.
Required element for UpdateResolverType to identify the case to update.
", "location":"uri", "locationName":"caseId" }, "resolverType":{ "shape":"ResolverType", "documentation":"Required element for UpdateResolverType to identify the new resolver.
" } } }, "UpdateResolverTypeResponse":{ "type":"structure", "required":["caseId"], "members":{ "caseId":{ "shape":"CaseId", "documentation":"Response element for UpdateResolver identifying the case ID being updated.
" }, "caseStatus":{ "shape":"CaseStatus", "documentation":"Response element for UpdateResolver identifying the current status of the case.
" }, "resolverType":{ "shape":"ResolverType", "documentation":"Response element for UpdateResolver identifying the current resolver of the case.
" } } }, "Url":{ "type":"string", "pattern":"https?://(?:www.)?[a-zA-Z0-9@:._+~#=-]{2,256}\\.[a-z]{2,6}\\b(?:[-a-zA-Z0-9@:%_+.~#?&/=]{0,2048})", "sensitive":true }, "UsefulnessRating":{ "type":"string", "enum":[ "USEFUL", "NOT_USEFUL" ] }, "UserAgent":{ "type":"string", "max":500, "min":1 }, "ValidationException":{ "type":"structure", "required":[ "message", "reason" ], "members":{ "message":{ "shape":"String", "documentation":"The exception message.
" }, "reason":{ "shape":"ValidationExceptionReason", "documentation":"The reason for the exception.
" }, "fieldList":{ "shape":"ValidationExceptionFieldList", "documentation":"The fields which lead to the exception.
" } }, "documentation":"", "error":{ "httpStatusCode":400, "senderFault":true }, "exception":true }, "ValidationExceptionField":{ "type":"structure", "required":[ "name", "message" ], "members":{ "name":{ "shape":"String", "documentation":"" }, "message":{ "shape":"String", "documentation":"" } }, "documentation":"" }, "ValidationExceptionFieldList":{ "type":"list", "member":{"shape":"ValidationExceptionField"} }, "ValidationExceptionReason":{ "type":"string", "enum":[ "UNKNOWN_OPERATION", "CANNOT_PARSE", "FIELD_VALIDATION_FAILED", "OTHER" ] }, "Watcher":{ "type":"structure", "required":["email"], "members":{ "email":{ "shape":"EmailAddress", "documentation":"" }, "name":{ "shape":"PersonName", "documentation":"" }, "jobTitle":{ "shape":"JobTitle", "documentation":"" } }, "documentation":"" }, "Watchers":{ "type":"list", "member":{"shape":"Watcher"}, "max":30, "min":0 } }, "documentation":"This guide documents the action and response elements for use of the service.
" }