2024/12/02 - Security Incident Response - 22 new api methods
Changes AWS Security Incident Response is a purpose-built security incident solution designed to help customers prepare for, respond to, and recover from security incidents.
Grants permission to update an existing case.
See also: AWS API Documentation
Request Syntax
client.update_case(
caseId='string',
title='string',
description='string',
reportedIncidentStartDate=datetime(2015, 1, 1),
actualIncidentStartDate=datetime(2015, 1, 1),
engagementType='Security Incident'|'Investigation',
watchersToAdd=[
{
'email': 'string',
'name': 'string',
'jobTitle': 'string'
},
],
watchersToDelete=[
{
'email': 'string',
'name': 'string',
'jobTitle': 'string'
},
],
threatActorIpAddressesToAdd=[
{
'ipAddress': 'string',
'userAgent': 'string'
},
],
threatActorIpAddressesToDelete=[
{
'ipAddress': 'string',
'userAgent': 'string'
},
],
impactedServicesToAdd=[
'string',
],
impactedServicesToDelete=[
'string',
],
impactedAwsRegionsToAdd=[
{
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'
},
],
impactedAwsRegionsToDelete=[
{
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'
},
],
impactedAccountsToAdd=[
'string',
],
impactedAccountsToDelete=[
'string',
]
)
string
[REQUIRED]
Required element for UpdateCase to identify the case ID for updates.
string
Optional element for UpdateCase to provide content for the title field.
string
Optional element for UpdateCase to provide content for the description field.
datetime
Optional element for UpdateCase to provide content for the customer reported incident start date field.
datetime
Optional element for UpdateCase to provide content for the incident start date field.
string
Optional element for UpdateCase to provide content for the engagement type field. Available engagement types include Security Incident | Investigation.
list
Optional element for UpdateCase to provide content to add additional watchers to a case.
(dict) --
email (string) -- [REQUIRED]
name (string) --
jobTitle (string) --
list
Optional element for UpdateCase to provide content to remove existing watchers from a case.
(dict) --
email (string) -- [REQUIRED]
name (string) --
jobTitle (string) --
list
Optional element for UpdateCase to provide content to add additional suspicious IP addresses related to a case.
(dict) --
ipAddress (string) -- [REQUIRED]
userAgent (string) --
list
Optional element for UpdateCase to provide content to remove suspicious IP addresses from a case.
(dict) --
ipAddress (string) -- [REQUIRED]
userAgent (string) --
list
Optional element for UpdateCase to provide content to add services impacted.
(string) --
list
Optional element for UpdateCase to provide content to remove services impacted.
(string) --
list
Optional element for UpdateCase to provide content to add regions impacted.
(dict) --
region (string) -- [REQUIRED]
list
Optional element for UpdateCase to provide content to remove regions impacted.
(dict) --
region (string) -- [REQUIRED]
list
Optional element for UpdateCase to provide content to add accounts impacted.
(string) --
list
Optional element for UpdateCase to provide content to add accounts impacted.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Grants permission to get details of a designated service membership.
See also: AWS API Documentation
Request Syntax
client.get_membership(
membershipId='string'
)
string
[REQUIRED]
Required element for GetMembership to identify the membership ID to query.
dict
Response Syntax
{
'membershipId': 'string',
'accountId': 'string',
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2',
'membershipName': 'string',
'membershipArn': 'string',
'membershipStatus': 'Active'|'Cancelled'|'Terminated',
'membershipActivationTimestamp': datetime(2015, 1, 1),
'membershipDeactivationTimestamp': datetime(2015, 1, 1),
'customerType': 'Standalone'|'Organization',
'numberOfAccountsCovered': 123,
'incidentResponseTeam': [
{
'name': 'string',
'jobTitle': 'string',
'email': 'string'
},
],
'optInFeatures': [
{
'featureName': 'Triage',
'isEnabled': True|False
},
]
}
Response Structure
(dict) --
membershipId (string) --
Response element for GetMembership that provides the queried membership ID.
accountId (string) --
Response element for GetMembership that provides the configured account for managing the membership.
region (string) --
Response element for GetMembership that provides the configured region for managing the membership.
membershipName (string) --
Response element for GetMembership that provides the configured membership name.
membershipArn (string) --
Response element for GetMembership that provides the membership ARN.
membershipStatus (string) --
Response element for GetMembership that provides the current membership status.
membershipActivationTimestamp (datetime) --
Response element for GetMembership that provides the configured membership activation timestamp.
membershipDeactivationTimestamp (datetime) --
Response element for GetMembership that provides the configured membership name deactivation timestamp.
customerType (string) --
Response element for GetMembership that provides the configured membership type. Options include Standalone | Organizations.
numberOfAccountsCovered (integer) --
Response element for GetMembership that provides the number of accounts in the membership.
incidentResponseTeam (list) --
Response element for GetMembership that provides the configured membership incident response team members.
(dict) --
name (string) --
jobTitle (string) --
email (string) --
optInFeatures (list) --
Response element for GetMembership that provides the if opt-in features have been enabled.
(dict) --
featureName (string) --
isEnabled (boolean) --
Grants permission to query the memberships a principal has access to.
See also: AWS API Documentation
Request Syntax
client.list_memberships(
nextToken='string',
maxResults=123
)
string
Optional element.
integer
Request element for ListMemberships to limit the number of responses.
dict
Response Syntax
{
'nextToken': 'string',
'items': [
{
'membershipId': 'string',
'accountId': 'string',
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2',
'membershipArn': 'string',
'membershipStatus': 'Active'|'Cancelled'|'Terminated'
},
]
}
Response Structure
(dict) --
nextToken (string) --
Optional element.
items (list) --
Request element for ListMemberships including the accountID, membershipARN, membershipID, membershipStatus, and region for each response.
(dict) --
membershipId (string) --
accountId (string) --
region (string) --
membershipArn (string) --
membershipStatus (string) --
Grants permission to add a tag(s) to a designated resource.
See also: AWS API Documentation
Request Syntax
client.tag_resource(
resourceArn='string',
tags={
'string': 'string'
}
)
string
[REQUIRED]
Required element for TagResource to identify the ARN for the resource to add a tag to.
dict
[REQUIRED]
Required element for ListTagsForResource to provide the content for a tag.
(string) --
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Grants permission to view currently configured tags on a resource.
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
resourceArn='string'
)
string
[REQUIRED]
Required element for ListTagsForResource to provide the ARN to identify a specific resource.
dict
Response Syntax
{
'tags': {
'string': 'string'
}
}
Response Structure
(dict) --
tags (dict) --
Response element for ListTagsForResource providing content for each configured tag.
(string) --
(string) --
Grant permission to view a designated case.
See also: AWS API Documentation
Request Syntax
client.get_case(
caseId='string'
)
string
[REQUIRED]
Required element for GetCase to identify the requested case ID.
dict
Response Syntax
{
'title': 'string',
'caseArn': 'string',
'description': 'string',
'caseStatus': 'Submitted'|'Acknowledged'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'|'Ready to Close'|'Closed',
'engagementType': 'Security Incident'|'Investigation',
'reportedIncidentStartDate': datetime(2015, 1, 1),
'actualIncidentStartDate': datetime(2015, 1, 1),
'impactedAwsRegions': [
{
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'
},
],
'threatActorIpAddresses': [
{
'ipAddress': 'string',
'userAgent': 'string'
},
],
'pendingAction': 'Customer'|'None',
'impactedAccounts': [
'string',
],
'watchers': [
{
'email': 'string',
'name': 'string',
'jobTitle': 'string'
},
],
'createdDate': datetime(2015, 1, 1),
'lastUpdatedDate': datetime(2015, 1, 1),
'closureCode': 'Investigation Completed'|'Not Resolved'|'False Positive'|'Duplicate',
'resolverType': 'AWS'|'Self',
'impactedServices': [
'string',
],
'caseAttachments': [
{
'attachmentId': 'string',
'fileName': 'string',
'attachmentStatus': 'Verified'|'Failed'|'Pending',
'creator': 'string',
'createdDate': datetime(2015, 1, 1)
},
],
'closedDate': datetime(2015, 1, 1)
}
Response Structure
(dict) --
title (string) --
Response element for GetCase that provides the case title.
caseArn (string) --
Response element for GetCase that provides the case ARN
description (string) --
Response element for GetCase that provides contents of the case description.
caseStatus (string) --
Response element for GetCase that provides the case status. Options for statuses include Submitted | Detection and Analysis | Eradication, Containment and Recovery | Post-Incident Activities | Closed
engagementType (string) --
Response element for GetCase that provides the engagement type. Options for engagement type include Active Security Event | Investigations
reportedIncidentStartDate (datetime) --
Response element for GetCase that provides the customer provided incident start date.
actualIncidentStartDate (datetime) --
Response element for GetCase that provides the actual incident start date as identified by data analysis during the investigation.
impactedAwsRegions (list) --
Response element for GetCase that provides the impacted regions.
(dict) --
region (string) --
threatActorIpAddresses (list) --
Response element for GetCase that provides a list of suspicious IP addresses associated with unauthorized activity.
(dict) --
ipAddress (string) --
userAgent (string) --
pendingAction (string) --
Response element for GetCase that provides identifies the case is waiting on customer input.
impactedAccounts (list) --
Response element for GetCase that provides a list of impacted accounts.
(string) --
watchers (list) --
Response element for GetCase that provides a list of Watchers added to the case.
(dict) --
email (string) --
name (string) --
jobTitle (string) --
createdDate (datetime) --
Response element for GetCase that provides the date the case was created.
lastUpdatedDate (datetime) --
Response element for GetCase that provides the date a case was last modified.
closureCode (string) --
Response element for GetCase that provides the summary code for why a case was closed.
resolverType (string) --
Response element for GetCase that provides the current resolver types. Options include self-supported | AWS-supported.
impactedServices (list) --
Response element for GetCase that provides a list of impacted services.
(string) --
caseAttachments (list) --
Response element for GetCase that provides a list of current case attachments.
(dict) --
attachmentId (string) --
fileName (string) --
attachmentStatus (string) --
creator (string) --
createdDate (datetime) --
closedDate (datetime) --
Response element for GetCase that provides the date a specified case was closed.
Grants access to UpdateMembership to change membership configuration.
See also: AWS API Documentation
Request Syntax
client.update_membership(
membershipId='string',
membershipName='string',
incidentResponseTeam=[
{
'name': 'string',
'jobTitle': 'string',
'email': 'string'
},
],
optInFeatures=[
{
'featureName': 'Triage',
'isEnabled': True|False
},
]
)
string
[REQUIRED]
Required element for UpdateMembership to identify the membership to update.
string
Optional element for UpdateMembership to update the membership name.
list
Optional element for UpdateMembership to update the membership name.
(dict) --
name (string) -- [REQUIRED]
jobTitle (string) -- [REQUIRED]
email (string) -- [REQUIRED]
list
Optional element for UpdateMembership to enable or disable opt-in features for the service.
(dict) --
featureName (string) -- [REQUIRED]
isEnabled (boolean) -- [REQUIRED]
dict
Response Syntax
{}
Response Structure
(dict) --
Grants permission to create a new case.
See also: AWS API Documentation
Request Syntax
client.create_case(
clientToken='string',
resolverType='AWS'|'Self',
title='string',
description='string',
engagementType='Security Incident'|'Investigation',
reportedIncidentStartDate=datetime(2015, 1, 1),
impactedAccounts=[
'string',
],
watchers=[
{
'email': 'string',
'name': 'string',
'jobTitle': 'string'
},
],
threatActorIpAddresses=[
{
'ipAddress': 'string',
'userAgent': 'string'
},
],
impactedServices=[
'string',
],
impactedAwsRegions=[
{
'region': 'af-south-1'|'ap-east-1'|'ap-northeast-1'|'ap-northeast-2'|'ap-northeast-3'|'ap-south-1'|'ap-south-2'|'ap-southeast-1'|'ap-southeast-2'|'ap-southeast-3'|'ap-southeast-4'|'ap-southeast-5'|'ca-central-1'|'ca-west-1'|'cn-north-1'|'cn-northwest-1'|'eu-central-1'|'eu-central-2'|'eu-north-1'|'eu-south-1'|'eu-south-2'|'eu-west-1'|'eu-west-2'|'eu-west-3'|'il-central-1'|'me-central-1'|'me-south-1'|'sa-east-1'|'us-east-1'|'us-east-2'|'us-west-1'|'us-west-2'
},
],
tags={
'string': 'string'
}
)
string
Required element used in combination with CreateCase.
This field is autopopulated if not provided.
string
[REQUIRED]
Required element used in combination with CreateCase to identify the resolver type. Available resolvers include self-supported | aws-supported.
string
[REQUIRED]
Required element used in combination with CreateCase to provide a title for the new case.
string
[REQUIRED]
Required element used in combination with CreateCase to provide a description for the new case.
string
[REQUIRED]
Required element used in combination with CreateCase to provide an engagement type for the new cases. Available engagement types include Security Incident | Investigation
datetime
[REQUIRED]
Required element used in combination with CreateCase to provide an initial start date for the unauthorized activity.
list
[REQUIRED]
Required element used in combination with CreateCase to provide a list of impacted accounts.
(string) --
list
[REQUIRED]
Required element used in combination with CreateCase to provide a list of entities to receive notifications for case updates.
(dict) --
email (string) -- [REQUIRED]
name (string) --
jobTitle (string) --
list
An optional element used in combination with CreateCase to provide a list of suspicious internet protocol addresses associated with unauthorized activity.
(dict) --
ipAddress (string) -- [REQUIRED]
userAgent (string) --
list
An optional element used in combination with CreateCase to provide a list of services impacted.
(string) --
list
An optional element used in combination with CreateCase to provide a list of impacted regions.
(dict) --
region (string) -- [REQUIRED]
dict
An optional element used in combination with CreateCase to add customer specified tags to a case.
(string) --
(string) --
dict
Response Syntax
{
'caseId': 'string'
}
Response Structure
(dict) --
caseId (string) --
A response element providing responses for requests to CreateCase. This element responds with the case ID.
Grants permission to update the status for a designated cases. Options include Submitted | Detection and Analysis | Eradication, Containment and Recovery | Post-Incident Activities | Closed.
See also: AWS API Documentation
Request Syntax
client.update_case_status(
caseId='string',
caseStatus='Submitted'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'
)
string
[REQUIRED]
Required element for UpdateCaseStatus to identify the case to update.
string
[REQUIRED]
Required element for UpdateCaseStatus to identify the status for a case. Options include Submitted | Detection and Analysis | Containment, Eradication and Recovery | Post-incident Activities.
dict
Response Syntax
{
'caseStatus': 'Submitted'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'
}
Response Structure
(dict) --
caseStatus (string) --
Response element for UpdateCaseStatus showing the newly configured status.
Grants permission to upload an attachment to a case.
See also: AWS API Documentation
Request Syntax
client.get_case_attachment_upload_url(
caseId='string',
fileName='string',
contentLength=123,
clientToken='string'
)
string
[REQUIRED]
Required element for GetCaseAttachmentUploadUrl to identify the case ID for uploading an attachment to.
string
[REQUIRED]
Required element for GetCaseAttachmentUploadUrl to identify the file name of the attachment to upload.
integer
[REQUIRED]
Required element for GetCaseAttachmentUploadUrl to identify the size od the file attachment.
string
Optional element for customer provided token.
This field is autopopulated if not provided.
dict
Response Syntax
{
'attachmentPresignedUrl': 'string'
}
Response Structure
(dict) --
attachmentPresignedUrl (string) --
Response element providing the Amazon S3 presigned UTL to upload the attachment.
Grants permission to update the resolver type for a case.
Options include self-supported > AWS-supported.
See also: AWS API Documentation
Request Syntax
client.update_resolver_type(
caseId='string',
resolverType='AWS'|'Self'
)
string
[REQUIRED]
Required element for UpdateResolverType to identify the case to update.
string
[REQUIRED]
Required element for UpdateResolverType to identify the new resolver.
dict
Response Syntax
{
'caseId': 'string',
'caseStatus': 'Submitted'|'Acknowledged'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'|'Ready to Close'|'Closed',
'resolverType': 'AWS'|'Self'
}
Response Structure
(dict) --
caseId (string) --
Response element for UpdateResolver identifying the case ID being updated.
caseStatus (string) --
Response element for UpdateResolver identifying the current status of the case.
resolverType (string) --
Response element for UpdateResolver identifying the current resolver of the case.
Grants permissions to create a new membership.
See also: AWS API Documentation
Request Syntax
client.create_membership(
clientToken='string',
membershipName='string',
incidentResponseTeam=[
{
'name': 'string',
'jobTitle': 'string',
'email': 'string'
},
],
optInFeatures=[
{
'featureName': 'Triage',
'isEnabled': True|False
},
],
tags={
'string': 'string'
}
)
string
An optional element used in combination with CreateMembership.
This field is autopopulated if not provided.
string
[REQUIRED]
Required element use in combination with CreateMembership to create a name for the membership.
list
[REQUIRED]
Required element use in combination with CreateMembership to add customer incident response team members and trusted partners to the membership.
(dict) --
name (string) -- [REQUIRED]
jobTitle (string) -- [REQUIRED]
email (string) -- [REQUIRED]
list
Optional element to enable the monitoring and investigation opt-in features for the service.
(dict) --
featureName (string) -- [REQUIRED]
isEnabled (boolean) -- [REQUIRED]
dict
Optional element for customer configured tags.
(string) --
(string) --
dict
Response Syntax
{
'membershipId': 'string'
}
Response Structure
(dict) --
membershipId (string) --
Response element for CreateMembership providing the newly created membership ID.
Grants permissions to cancel an existing membership.
See also: AWS API Documentation
Request Syntax
client.cancel_membership(
membershipId='string'
)
string
[REQUIRED]
Required element used in combination with CancelMembershipRequest to identify the membership ID to cancel.
dict
Response Syntax
{
'membershipId': 'string'
}
Response Structure
(dict) --
membershipId (string) --
The response element providing responses for requests to CancelMembershipRequest.
Grants permission to update an existing case comment.
See also: AWS API Documentation
Request Syntax
client.update_case_comment(
caseId='string',
commentId='string',
body='string'
)
string
[REQUIRED]
Required element for UpdateCaseComment to identify the case ID containing the comment to be updated.
string
[REQUIRED]
Required element for UpdateCaseComment to identify the case ID to be updated.
string
[REQUIRED]
Required element for UpdateCaseComment to identify the content for the comment to be updated.
dict
Response Syntax
{
'commentId': 'string',
'body': 'string'
}
Response Structure
(dict) --
commentId (string) --
Response element for UpdateCaseComment providing the updated comment ID.
body (string) --
Response element for UpdateCaseComment providing the updated comment content.
Grants permission to add a comment to an existing case.
See also: AWS API Documentation
Request Syntax
client.create_case_comment(
caseId='string',
clientToken='string',
body='string'
)
string
[REQUIRED]
Required element used in combination with CreateCaseComment to specify a case ID.
string
An optional element used in combination with CreateCaseComment.
This field is autopopulated if not provided.
string
[REQUIRED]
Required element used in combination with CreateCaseComment to add content for the new comment.
dict
Response Syntax
{
'commentId': 'string'
}
Response Structure
(dict) --
commentId (string) --
Response element indicating the new comment ID.
Grants permission to list all cases the requester has access to.
See also: AWS API Documentation
Request Syntax
client.list_cases(
nextToken='string',
maxResults=123
)
string
Optional element.
integer
Optional element for ListCases to limit the number of responses.
dict
Response Syntax
{
'nextToken': 'string',
'items': [
{
'caseId': 'string',
'lastUpdatedDate': datetime(2015, 1, 1),
'title': 'string',
'caseArn': 'string',
'engagementType': 'Security Incident'|'Investigation',
'caseStatus': 'Submitted'|'Acknowledged'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'|'Ready to Close'|'Closed',
'createdDate': datetime(2015, 1, 1),
'closedDate': datetime(2015, 1, 1),
'resolverType': 'AWS'|'Self',
'pendingAction': 'Customer'|'None'
},
],
'total': 123
}
Response Structure
(dict) --
nextToken (string) --
Optional element.
items (list) --
Response element for ListCases that includes caseARN, caseID, caseStatus, closedDate, createdDate, engagementType, lastUpdatedDate, pendingAction, resolverType, and title for each response.
(dict) --
caseId (string) --
lastUpdatedDate (datetime) --
title (string) --
caseArn (string) --
engagementType (string) --
caseStatus (string) --
createdDate (datetime) --
closedDate (datetime) --
resolverType (string) --
pendingAction (string) --
total (integer) --
Response element for ListCases providing the total number of responses.
Grants permissions to list and view comments for a designated case.
See also: AWS API Documentation
Request Syntax
client.list_comments(
nextToken='string',
maxResults=123,
caseId='string'
)
string
Optional element.
integer
Optional element for ListComments to limit the number of responses.
string
[REQUIRED]
Required element for ListComments to designate the case to query.
dict
Response Syntax
{
'nextToken': 'string',
'items': [
{
'commentId': 'string',
'createdDate': datetime(2015, 1, 1),
'lastUpdatedDate': datetime(2015, 1, 1),
'creator': 'string',
'lastUpdatedBy': 'string',
'body': 'string'
},
],
'total': 123
}
Response Structure
(dict) --
nextToken (string) --
Optional request elements.
items (list) --
Response element for ListComments providing the body, commentID, createDate, creator, lastUpdatedBy and lastUpdatedDate for each response.
(dict) --
commentId (string) --
createdDate (datetime) --
lastUpdatedDate (datetime) --
creator (string) --
lastUpdatedBy (string) --
body (string) --
total (integer) --
Response element for ListComments identifying the number of responses.
Grants permission to view an existing membership.
See also: AWS API Documentation
Request Syntax
client.batch_get_member_account_details(
membershipId='string',
accountIds=[
'string',
]
)
string
[REQUIRED]
Required element used in combination with BatchGetMemberAccountDetails to identify the membership ID to query.
list
[REQUIRED]
Optional element to query the membership relationship status to a provided list of account IDs.
(string) --
dict
Response Syntax
{
'items': [
{
'accountId': 'string',
'relationshipStatus': 'Associated'|'Disassociated',
'relationshipType': 'Organization'
},
],
'errors': [
{
'accountId': 'string',
'error': 'string',
'message': 'string'
},
]
}
Response Structure
(dict) --
items (list) --
The response element providing responses for requests to GetMembershipAccountDetails.
(dict) --
accountId (string) --
relationshipStatus (string) --
relationshipType (string) --
errors (list) --
The response element providing errors messages for requests to GetMembershipAccountDetails.
(dict) --
accountId (string) --
error (string) --
message (string) --
Grants permission to obtain an Amazon S3 presigned URL to download an attachment.
See also: AWS API Documentation
Request Syntax
client.get_case_attachment_download_url(
caseId='string',
attachmentId='string'
)
string
[REQUIRED]
Required element for GetCaseAttachmentDownloadUrl to identify the case ID for downloading an attachment from.
string
[REQUIRED]
Required element for GetCaseAttachmentDownloadUrl to identify the attachment ID for downloading an attachment.
dict
Response Syntax
{
'attachmentPresignedUrl': 'string'
}
Response Structure
(dict) --
attachmentPresignedUrl (string) --
Response element providing the Amazon S3 presigned URL to download an attachment.
Grants permission to remove a tag(s) from a designate resource.
See also: AWS API Documentation
Request Syntax
client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
string
[REQUIRED]
Required element for UnTagResource to identify the ARN for the resource to remove a tag from.
list
[REQUIRED]
Required element for UnTagResource to identify tag to remove.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Grants permission to close an existing case.
See also: AWS API Documentation
Request Syntax
client.close_case(
caseId='string'
)
string
[REQUIRED]
Required element used in combination with CloseCase to identify the case ID to close.
dict
Response Syntax
{
'caseStatus': 'Submitted'|'Acknowledged'|'Detection and Analysis'|'Containment, Eradication and Recovery'|'Post-incident Activities'|'Ready to Close'|'Closed',
'closedDate': datetime(2015, 1, 1)
}
Response Structure
(dict) --
caseStatus (string) --
A response element providing responses for requests to CloseCase. This element responds with the case status following the action.
closedDate (datetime) --
A response element providing responses for requests to CloseCase. This element responds with the case closure date following the action.
Grants permissions to view the aidt log for edits made to a designated case.
See also: AWS API Documentation
Request Syntax
client.list_case_edits(
nextToken='string',
maxResults=123,
caseId='string'
)
string
Optional element for a customer provided token.
integer
Optional element to identify how many results to obtain. There is a maximum value of 25.
string
[REQUIRED]
Required element used with ListCaseEdits to identify the case to query.
dict
Response Syntax
{
'nextToken': 'string',
'items': [
{
'eventTimestamp': datetime(2015, 1, 1),
'principal': 'string',
'action': 'string',
'message': 'string'
},
],
'total': 123
}
Response Structure
(dict) --
nextToken (string) --
Optional element.
items (list) --
Response element for ListCaseEdits that includes the action, eventtimestamp, message, and principal for the response.
(dict) --
eventTimestamp (datetime) --
principal (string) --
action (string) --
message (string) --
total (integer) --
Response element for ListCaseEdits that identifies the total number of edits.