AWS API Changes

2020/04/21 - Amazon GuardDuty - 5 new api methods

Changes Update guardduty client to latest version

DisableOrganizationAdminAccount (new)

Link ¶

Disables GuardDuty administrator permissions for an AWS account within the Organization.

Request Syntax

client.disable_organization_admin_account(
    AdminAccountId='string'
)

type AdminAccountId:

string

param AdminAccountId:

[REQUIRED]

The AWS Account ID for the Organizations account to be disabled as a GuardDuty delegated administrator.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

(dict) --

UpdateOrganizationConfiguration (new)

Link ¶

Updates the delegated administrator account with the values provided.

See also: AWS API Documentation

Request Syntax

client.update_organization_configuration(
    DetectorId='string',
    AutoEnable=True|False
)

type DetectorId:

string

param DetectorId:

[REQUIRED]

The ID of the detector to update the delegated administrator for.

type AutoEnable:

boolean

param AutoEnable:

[REQUIRED]

Indicates whether to automatically enable member accounts in the organization.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

(dict) --

DescribeOrganizationConfiguration (new)

Link ¶

Returns information about the account selected as the delegated administrator for GuardDuty.

See also: AWS API Documentation

Request Syntax

client.describe_organization_configuration(
    DetectorId='string'
)

type DetectorId:

string

param DetectorId:

[REQUIRED]

The ID of the detector to retrieve information about the delegated administrator from.

rtype:

dict

returns:

Response Syntax

{
    'AutoEnable': True|False,
    'MemberAccountLimitReached': True|False
}

Response Structure

(dict) --
- AutoEnable (boolean) --
  
  Indicates whether GuardDuty is automatically enabled for accounts added to the organization.
- MemberAccountLimitReached (boolean) --
  
  Indicates whether the maximum number of allowed member accounts are already associated with the delegated administrator master account.

ListOrganizationAdminAccounts (new)

Link ¶

Lists the accounts configured as AWS Organization delegated administrators.

See also: AWS API Documentation

Request Syntax

client.list_organization_admin_accounts(
    MaxResults=123,
    NextToken='string'
)

type MaxResults:

integer

param MaxResults:

The maximum number of results to return in the response.

type NextToken:

string

param NextToken:

A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use the NextToken value returned from the previous request to continue listing results after the first page.

rtype:

dict

returns:

Response Syntax

{
    'AdminAccounts': [
        {
            'AdminAccountId': 'string',
            'AdminStatus': 'ENABLED'|'DISABLE_IN_PROGRESS'
        },
    ],
    'NextToken': 'string'
}

Response Structure

(dict) --
- AdminAccounts (list) --
  
  An AdminAccounts object that includes a list of accounts configured as GuardDuty delegated administrators.
  - (dict) --
    
    The account within the organization specified as the GuardDuty delegated administrator.
    - AdminAccountId (string) --
      
      The AWS account ID for the account.
    - AdminStatus (string) --
      
      Indicates whether the account is enabled as the delegated administrator.
- NextToken (string) --
  
  The pagination parameter to be used on the next list operation to retrieve more items.

EnableOrganizationAdminAccount (new)

Link ¶

Enables GuardDuty administrator permissions for an AWS account within the organization.

See also: AWS API Documentation

Request Syntax

client.enable_organization_admin_account(
    AdminAccountId='string'
)

type AdminAccountId:

string

param AdminAccountId:

[REQUIRED]

The AWS Account ID for the Organizations account to be enabled as a GuardDuty delegated administrator.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

(dict) --