Amazon Detective List Indicators Request Structure

{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-detective/refs/heads/main/json-structure/amazon-detective-list-indicators-request-structure.json",
  "description": "Request to list indicators from an investigation",
  "type": "object",
  "properties": {
    "GraphArn": {
      "type": "string",
      "description": "The ARN of the behavior graph.",
      "example": "arn:aws:detective:us-east-1:123456789012:graph:abc123def456"
    },
    "InvestigationId": {
      "type": "string",
      "description": "The investigation ID of the investigation report.",
      "example": "invest-abc123def456"
    },
    "IndicatorType": {
      "type": "string",
      "description": "For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.",
      "enum": [
        "TTP_OBSERVED",
        "IMPOSSIBLE_TRAVEL",
        "FLAGGED_IP_ADDRESS",
        "NEW_GEOLOCATION",
        "NEW_ASO",
        "NEW_USER_AGENT",
        "RELATED_FINDING",
        "RELATED_FINDING_GROUP"
      ],
      "example": "FLAGGED_IP_ADDRESS"
    },
    "NextToken": {
      "type": "string",
      "description": "List if there are more results available.",
      "example": "abc123token"
    },
    "MaxResults": {
      "type": "integer",
      "description": "The maximum number of results to return.",
      "example": 100
    }
  },
  "required": [
    "GraphArn",
    "InvestigationId"
  ],
  "name": "ListIndicatorsRequest"
}