Documentation ¶
Index ¶
- func CfnDetector_CFN_RESOURCE_TYPE_NAME() *string
- func CfnDetector_IsCfnElement(x interface{}) *bool
- func CfnDetector_IsCfnResource(x interface{}) *bool
- func CfnDetector_IsConstruct(x interface{}) *bool
- func CfnFilter_CFN_RESOURCE_TYPE_NAME() *string
- func CfnFilter_IsCfnElement(x interface{}) *bool
- func CfnFilter_IsCfnResource(x interface{}) *bool
- func CfnFilter_IsConstruct(x interface{}) *bool
- func CfnIPSet_CFN_RESOURCE_TYPE_NAME() *string
- func CfnIPSet_IsCfnElement(x interface{}) *bool
- func CfnIPSet_IsCfnResource(x interface{}) *bool
- func CfnIPSet_IsConstruct(x interface{}) *bool
- func CfnMaster_CFN_RESOURCE_TYPE_NAME() *string
- func CfnMaster_IsCfnElement(x interface{}) *bool
- func CfnMaster_IsCfnResource(x interface{}) *bool
- func CfnMaster_IsConstruct(x interface{}) *bool
- func CfnMember_CFN_RESOURCE_TYPE_NAME() *string
- func CfnMember_IsCfnElement(x interface{}) *bool
- func CfnMember_IsCfnResource(x interface{}) *bool
- func CfnMember_IsConstruct(x interface{}) *bool
- func CfnThreatIntelSet_CFN_RESOURCE_TYPE_NAME() *string
- func CfnThreatIntelSet_IsCfnElement(x interface{}) *bool
- func CfnThreatIntelSet_IsCfnResource(x interface{}) *bool
- func CfnThreatIntelSet_IsConstruct(x interface{}) *bool
- func NewCfnDetector_Override(c CfnDetector, scope constructs.Construct, id *string, props *CfnDetectorProps)
- func NewCfnFilter_Override(c CfnFilter, scope constructs.Construct, id *string, props *CfnFilterProps)
- func NewCfnIPSet_Override(c CfnIPSet, scope constructs.Construct, id *string, props *CfnIPSetProps)
- func NewCfnMaster_Override(c CfnMaster, scope constructs.Construct, id *string, props *CfnMasterProps)
- func NewCfnMember_Override(c CfnMember, scope constructs.Construct, id *string, props *CfnMemberProps)
- func NewCfnThreatIntelSet_Override(c CfnThreatIntelSet, scope constructs.Construct, id *string, ...)
- type CfnDetector
- type CfnDetectorProps
- type CfnDetector_CFNDataSourceConfigurationsProperty
- type CfnDetector_CFNFeatureAdditionalConfigurationProperty
- type CfnDetector_CFNFeatureConfigurationProperty
- type CfnDetector_CFNKubernetesAuditLogsConfigurationProperty
- type CfnDetector_CFNKubernetesConfigurationProperty
- type CfnDetector_CFNMalwareProtectionConfigurationProperty
- type CfnDetector_CFNS3LogsConfigurationProperty
- type CfnDetector_CFNScanEc2InstanceWithFindingsConfigurationProperty
- type CfnDetector_TagItemProperty
- type CfnFilter
- type CfnFilterProps
- type CfnFilter_ConditionProperty
- type CfnFilter_FindingCriteriaProperty
- type CfnIPSet
- type CfnIPSetProps
- type CfnMaster
- type CfnMasterProps
- type CfnMember
- type CfnMemberProps
- type CfnThreatIntelSet
- type CfnThreatIntelSetProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CfnDetector_CFN_RESOURCE_TYPE_NAME ¶
func CfnDetector_CFN_RESOURCE_TYPE_NAME() *string
func CfnDetector_IsCfnElement ¶
func CfnDetector_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnDetector_IsCfnResource ¶
func CfnDetector_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnDetector_IsConstruct ¶
func CfnDetector_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnFilter_CFN_RESOURCE_TYPE_NAME ¶
func CfnFilter_CFN_RESOURCE_TYPE_NAME() *string
func CfnFilter_IsCfnElement ¶
func CfnFilter_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnFilter_IsCfnResource ¶
func CfnFilter_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnFilter_IsConstruct ¶
func CfnFilter_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnIPSet_CFN_RESOURCE_TYPE_NAME ¶
func CfnIPSet_CFN_RESOURCE_TYPE_NAME() *string
func CfnIPSet_IsCfnElement ¶
func CfnIPSet_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnIPSet_IsCfnResource ¶
func CfnIPSet_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnIPSet_IsConstruct ¶
func CfnIPSet_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnMaster_CFN_RESOURCE_TYPE_NAME ¶
func CfnMaster_CFN_RESOURCE_TYPE_NAME() *string
func CfnMaster_IsCfnElement ¶
func CfnMaster_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnMaster_IsCfnResource ¶
func CfnMaster_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnMaster_IsConstruct ¶
func CfnMaster_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnMember_CFN_RESOURCE_TYPE_NAME ¶
func CfnMember_CFN_RESOURCE_TYPE_NAME() *string
func CfnMember_IsCfnElement ¶
func CfnMember_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnMember_IsCfnResource ¶
func CfnMember_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnMember_IsConstruct ¶
func CfnMember_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnThreatIntelSet_CFN_RESOURCE_TYPE_NAME ¶
func CfnThreatIntelSet_CFN_RESOURCE_TYPE_NAME() *string
func CfnThreatIntelSet_IsCfnElement ¶
func CfnThreatIntelSet_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnThreatIntelSet_IsCfnResource ¶
func CfnThreatIntelSet_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnThreatIntelSet_IsConstruct ¶
func CfnThreatIntelSet_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NewCfnDetector_Override ¶
func NewCfnDetector_Override(c CfnDetector, scope constructs.Construct, id *string, props *CfnDetectorProps)
func NewCfnFilter_Override ¶
func NewCfnFilter_Override(c CfnFilter, scope constructs.Construct, id *string, props *CfnFilterProps)
func NewCfnIPSet_Override ¶
func NewCfnIPSet_Override(c CfnIPSet, scope constructs.Construct, id *string, props *CfnIPSetProps)
func NewCfnMaster_Override ¶
func NewCfnMaster_Override(c CfnMaster, scope constructs.Construct, id *string, props *CfnMasterProps)
func NewCfnMember_Override ¶
func NewCfnMember_Override(c CfnMember, scope constructs.Construct, id *string, props *CfnMemberProps)
func NewCfnThreatIntelSet_Override ¶
func NewCfnThreatIntelSet_Override(c CfnThreatIntelSet, scope constructs.Construct, id *string, props *CfnThreatIntelSetProps)
Types ¶
type CfnDetector ¶
type CfnDetector interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable AttrId() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // Describes which data sources will be enabled for the detector. DataSources() interface{} SetDataSources(val interface{}) // Specifies whether the detector is to be enabled on creation. Enable() interface{} SetEnable(val interface{}) // A list of features that will be configured for the detector. Features() interface{} SetFeatures(val interface{}) // Specifies how frequently updated findings are exported. FindingPublishingFrequency() *string SetFindingPublishingFrequency(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // Specifies tags added to a new detector resource. TagsRaw() *[]*CfnDetector_TagItemProperty SetTagsRaw(val *[]*CfnDetector_TagItemProperty) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
The `AWS::GuardDuty::Detector` resource specifies a new GuardDuty detector.
A detector is an object that represents the GuardDuty service. A detector is required for GuardDuty to become operational.
Make sure you use either `DataSources` or `Features` in a one request, and not both.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnDetector := awscdk.Aws_guardduty.NewCfnDetector(this, jsii.String("MyCfnDetector"), &CfnDetectorProps{ Enable: jsii.Boolean(false), // the properties below are optional DataSources: &CFNDataSourceConfigurationsProperty{ Kubernetes: &CFNKubernetesConfigurationProperty{ AuditLogs: &CFNKubernetesAuditLogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }, MalwareProtection: &CFNMalwareProtectionConfigurationProperty{ ScanEc2InstanceWithFindings: &CFNScanEc2InstanceWithFindingsConfigurationProperty{ EbsVolumes: jsii.Boolean(false), }, }, S3Logs: &CFNS3LogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }, Features: []interface{}{ &CFNFeatureConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), // the properties below are optional AdditionalConfiguration: []interface{}{ &CFNFeatureAdditionalConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), }, }, }, }, FindingPublishingFrequency: jsii.String("findingPublishingFrequency"), Tags: []tagItemProperty{ &tagItemProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, })
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html
func NewCfnDetector ¶
func NewCfnDetector(scope constructs.Construct, id *string, props *CfnDetectorProps) CfnDetector
type CfnDetectorProps ¶
type CfnDetectorProps struct { // Specifies whether the detector is to be enabled on creation. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-enable // Enable interface{} `field:"required" json:"enable" yaml:"enable"` // Describes which data sources will be enabled for the detector. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-datasources // DataSources interface{} `field:"optional" json:"dataSources" yaml:"dataSources"` // A list of features that will be configured for the detector. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-features // Features interface{} `field:"optional" json:"features" yaml:"features"` // Specifies how frequently updated findings are exported. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-findingpublishingfrequency // FindingPublishingFrequency *string `field:"optional" json:"findingPublishingFrequency" yaml:"findingPublishingFrequency"` // Specifies tags added to a new detector resource. // // Each tag consists of a key and an optional value, both of which you define. // // Currently, support is available only for creating and deleting a tag. No support exists for updating the tags. // // For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-tags // Tags *[]*CfnDetector_TagItemProperty `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnDetector`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnDetectorProps := &CfnDetectorProps{ Enable: jsii.Boolean(false), // the properties below are optional DataSources: &CFNDataSourceConfigurationsProperty{ Kubernetes: &CFNKubernetesConfigurationProperty{ AuditLogs: &CFNKubernetesAuditLogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }, MalwareProtection: &CFNMalwareProtectionConfigurationProperty{ ScanEc2InstanceWithFindings: &CFNScanEc2InstanceWithFindingsConfigurationProperty{ EbsVolumes: jsii.Boolean(false), }, }, S3Logs: &CFNS3LogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }, Features: []interface{}{ &CFNFeatureConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), // the properties below are optional AdditionalConfiguration: []interface{}{ &CFNFeatureAdditionalConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), }, }, }, }, FindingPublishingFrequency: jsii.String("findingPublishingFrequency"), Tags: []tagItemProperty{ &tagItemProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html
type CfnDetector_CFNDataSourceConfigurationsProperty ¶
type CfnDetector_CFNDataSourceConfigurationsProperty struct { // Describes which Kubernetes data sources are enabled for a detector. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-kubernetes // Kubernetes interface{} `field:"optional" json:"kubernetes" yaml:"kubernetes"` // Describes whether Malware Protection will be enabled as a data source. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-malwareprotection // MalwareProtection interface{} `field:"optional" json:"malwareProtection" yaml:"malwareProtection"` // Describes whether S3 data event logs are enabled as a data source. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-s3logs // S3Logs interface{} `field:"optional" json:"s3Logs" yaml:"s3Logs"` }
Describes whether S3 data event logs, Kubernetes audit logs, or Malware Protection will be enabled as a data source when the detector is created.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNDataSourceConfigurationsProperty := &CFNDataSourceConfigurationsProperty{ Kubernetes: &CFNKubernetesConfigurationProperty{ AuditLogs: &CFNKubernetesAuditLogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }, MalwareProtection: &CFNMalwareProtectionConfigurationProperty{ ScanEc2InstanceWithFindings: &CFNScanEc2InstanceWithFindingsConfigurationProperty{ EbsVolumes: jsii.Boolean(false), }, }, S3Logs: &CFNS3LogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }
type CfnDetector_CFNFeatureAdditionalConfigurationProperty ¶ added in v2.97.0
type CfnDetector_CFNFeatureAdditionalConfigurationProperty struct { // Name of the additional configuration. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureadditionalconfiguration.html#cfn-guardduty-detector-cfnfeatureadditionalconfiguration-name // Name *string `field:"optional" json:"name" yaml:"name"` // Status of the additional configuration. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureadditionalconfiguration.html#cfn-guardduty-detector-cfnfeatureadditionalconfiguration-status // Status *string `field:"optional" json:"status" yaml:"status"` }
Information about the additional configuration of a feature in your account.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNFeatureAdditionalConfigurationProperty := &CFNFeatureAdditionalConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), }
type CfnDetector_CFNFeatureConfigurationProperty ¶ added in v2.97.0
type CfnDetector_CFNFeatureConfigurationProperty struct { // Name of the feature. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-name // Name *string `field:"required" json:"name" yaml:"name"` // Status of the feature configuration. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-status // Status *string `field:"required" json:"status" yaml:"status"` // Information about the additional configuration of a feature in your account. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-additionalconfiguration // AdditionalConfiguration interface{} `field:"optional" json:"additionalConfiguration" yaml:"additionalConfiguration"` }
Information about the configuration of a feature in your account.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNFeatureConfigurationProperty := &CFNFeatureConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), // the properties below are optional AdditionalConfiguration: []interface{}{ &CFNFeatureAdditionalConfigurationProperty{ Name: jsii.String("name"), Status: jsii.String("status"), }, }, }
type CfnDetector_CFNKubernetesAuditLogsConfigurationProperty ¶ added in v2.11.0
type CfnDetector_CFNKubernetesAuditLogsConfigurationProperty struct { // Describes whether Kubernetes audit logs are enabled as a data source for the detector. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesauditlogsconfiguration.html#cfn-guardduty-detector-cfnkubernetesauditlogsconfiguration-enable // Enable interface{} `field:"required" json:"enable" yaml:"enable"` }
Describes which optional data sources are enabled for a detector.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNKubernetesAuditLogsConfigurationProperty := &CFNKubernetesAuditLogsConfigurationProperty{ Enable: jsii.Boolean(false), }
type CfnDetector_CFNKubernetesConfigurationProperty ¶ added in v2.11.0
type CfnDetector_CFNKubernetesConfigurationProperty struct { // Describes whether Kubernetes audit logs are enabled as a data source for the detector. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesconfiguration.html#cfn-guardduty-detector-cfnkubernetesconfiguration-auditlogs // AuditLogs interface{} `field:"required" json:"auditLogs" yaml:"auditLogs"` }
Describes which Kubernetes protection data sources are enabled for the detector.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNKubernetesConfigurationProperty := &CFNKubernetesConfigurationProperty{ AuditLogs: &CFNKubernetesAuditLogsConfigurationProperty{ Enable: jsii.Boolean(false), }, }
type CfnDetector_CFNMalwareProtectionConfigurationProperty ¶ added in v2.37.0
type CfnDetector_CFNMalwareProtectionConfigurationProperty struct { // Describes the configuration of Malware Protection for EC2 instances with findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnmalwareprotectionconfiguration.html#cfn-guardduty-detector-cfnmalwareprotectionconfiguration-scanec2instancewithfindings // ScanEc2InstanceWithFindings interface{} `field:"optional" json:"scanEc2InstanceWithFindings" yaml:"scanEc2InstanceWithFindings"` }
Describes whether Malware Protection will be enabled as a data source.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNMalwareProtectionConfigurationProperty := &CFNMalwareProtectionConfigurationProperty{ ScanEc2InstanceWithFindings: &CFNScanEc2InstanceWithFindingsConfigurationProperty{ EbsVolumes: jsii.Boolean(false), }, }
type CfnDetector_CFNS3LogsConfigurationProperty ¶
type CfnDetector_CFNS3LogsConfigurationProperty struct { // The status of S3 data event logs as a data source. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfns3logsconfiguration.html#cfn-guardduty-detector-cfns3logsconfiguration-enable // Enable interface{} `field:"required" json:"enable" yaml:"enable"` }
Describes whether S3 data event logs will be enabled as a data source when the detector is created.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNS3LogsConfigurationProperty := &CFNS3LogsConfigurationProperty{ Enable: jsii.Boolean(false), }
type CfnDetector_CFNScanEc2InstanceWithFindingsConfigurationProperty ¶ added in v2.37.0
type CfnDetector_CFNScanEc2InstanceWithFindingsConfigurationProperty struct { // Describes the configuration for scanning EBS volumes as data source. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnscanec2instancewithfindingsconfiguration.html#cfn-guardduty-detector-cfnscanec2instancewithfindingsconfiguration-ebsvolumes // EbsVolumes interface{} `field:"optional" json:"ebsVolumes" yaml:"ebsVolumes"` }
Describes whether Malware Protection for EC2 instances with findings will be enabled as a data source.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cFNScanEc2InstanceWithFindingsConfigurationProperty := &CFNScanEc2InstanceWithFindingsConfigurationProperty{ EbsVolumes: jsii.Boolean(false), }
type CfnDetector_TagItemProperty ¶ added in v2.97.0
type CfnDetector_TagItemProperty struct { // The tag value. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-tagitem.html#cfn-guardduty-detector-tagitem-key // Key *string `field:"required" json:"key" yaml:"key"` // The tag key. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-tagitem.html#cfn-guardduty-detector-tagitem-value // Value *string `field:"required" json:"value" yaml:"value"` }
Describes a tag.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" tagItemProperty := &TagItemProperty{ Key: jsii.String("key"), Value: jsii.String("value"), }
type CfnFilter ¶
type CfnFilter interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable // Specifies the action that is to be applied to the findings that match the filter. Action() *string SetAction(val *string) AttrId() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The description of the filter. Description() *string SetDescription(val *string) // The ID of the detector belonging to the GuardDuty account that you want to create a filter for. DetectorId() *string SetDetectorId(val *string) // Represents the criteria to be used in the filter for querying findings. FindingCriteria() interface{} SetFindingCriteria(val interface{}) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The name of the filter. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // Specifies the position of the filter in the list of current filters. Rank() *float64 SetRank(val *float64) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // The tags to be added to a new filter resource. TagsRaw() *[]*awscdk.CfnTag SetTagsRaw(val *[]*awscdk.CfnTag) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
The `AWS::GuardDuty::Filter` resource specifies a new filter defined by the provided `findingCriteria` .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var criterion interface{} cfnFilter := awscdk.Aws_guardduty.NewCfnFilter(this, jsii.String("MyCfnFilter"), &CfnFilterProps{ Action: jsii.String("action"), Description: jsii.String("description"), DetectorId: jsii.String("detectorId"), FindingCriteria: &FindingCriteriaProperty{ Criterion: criterion, ItemType: &ConditionProperty{ Eq: []*string{ jsii.String("eq"), }, EqualTo: []*string{ jsii.String("equalTo"), }, GreaterThan: jsii.Number(123), GreaterThanOrEqual: jsii.Number(123), Gt: jsii.Number(123), Gte: jsii.Number(123), LessThan: jsii.Number(123), LessThanOrEqual: jsii.Number(123), Lt: jsii.Number(123), Lte: jsii.Number(123), Neq: []*string{ jsii.String("neq"), }, NotEquals: []*string{ jsii.String("notEquals"), }, }, }, Name: jsii.String("name"), Rank: jsii.Number(123), // the properties below are optional Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, })
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html
func NewCfnFilter ¶
func NewCfnFilter(scope constructs.Construct, id *string, props *CfnFilterProps) CfnFilter
type CfnFilterProps ¶
type CfnFilterProps struct { // Specifies the action that is to be applied to the findings that match the filter. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-action // Action *string `field:"required" json:"action" yaml:"action"` // The description of the filter. // // Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-description // Description *string `field:"required" json:"description" yaml:"description"` // The ID of the detector belonging to the GuardDuty account that you want to create a filter for. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-detectorid // DetectorId *string `field:"required" json:"detectorId" yaml:"detectorId"` // Represents the criteria to be used in the filter for querying findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-findingcriteria // FindingCriteria interface{} `field:"required" json:"findingCriteria" yaml:"findingCriteria"` // The name of the filter. // // Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-name // Name *string `field:"required" json:"name" yaml:"name"` // Specifies the position of the filter in the list of current filters. // // Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100. // // By default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `"DependsOn":[ "ObjectName" ]` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-rank // Rank *float64 `field:"required" json:"rank" yaml:"rank"` // The tags to be added to a new filter resource. // // Each tag consists of a key and an optional value, both of which you define. // // For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnFilter`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var criterion interface{} cfnFilterProps := &CfnFilterProps{ Action: jsii.String("action"), Description: jsii.String("description"), DetectorId: jsii.String("detectorId"), FindingCriteria: &FindingCriteriaProperty{ Criterion: criterion, ItemType: &ConditionProperty{ Eq: []*string{ jsii.String("eq"), }, EqualTo: []*string{ jsii.String("equalTo"), }, GreaterThan: jsii.Number(123), GreaterThanOrEqual: jsii.Number(123), Gt: jsii.Number(123), Gte: jsii.Number(123), LessThan: jsii.Number(123), LessThanOrEqual: jsii.Number(123), Lt: jsii.Number(123), Lte: jsii.Number(123), Neq: []*string{ jsii.String("neq"), }, NotEquals: []*string{ jsii.String("notEquals"), }, }, }, Name: jsii.String("name"), Rank: jsii.Number(123), // the properties below are optional Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html
type CfnFilter_ConditionProperty ¶
type CfnFilter_ConditionProperty struct { // Represents the equal condition to apply to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-eq // Eq *[]*string `field:"optional" json:"eq" yaml:"eq"` // Represents an *equal* ** condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-equals // EqualTo *[]*string `field:"optional" json:"equalTo" yaml:"equalTo"` // Represents a *greater than* condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-greaterthan // GreaterThan *float64 `field:"optional" json:"greaterThan" yaml:"greaterThan"` // Represents a *greater than or equal* condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-greaterthanorequal // GreaterThanOrEqual *float64 `field:"optional" json:"greaterThanOrEqual" yaml:"greaterThanOrEqual"` // Represents a *greater than* condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-gt // Gt *float64 `field:"optional" json:"gt" yaml:"gt"` // Represents the greater than or equal condition to apply to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-gte // Gte *float64 `field:"optional" json:"gte" yaml:"gte"` // Represents a *less than* condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lessthan // LessThan *float64 `field:"optional" json:"lessThan" yaml:"lessThan"` // Represents a *less than or equal* condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lessthanorequal // LessThanOrEqual *float64 `field:"optional" json:"lessThanOrEqual" yaml:"lessThanOrEqual"` // Represents the less than condition to apply to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lt // Lt *float64 `field:"optional" json:"lt" yaml:"lt"` // Represents the less than or equal condition to apply to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lte // Lte *float64 `field:"optional" json:"lte" yaml:"lte"` // Represents the not equal condition to apply to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-neq // Neq *[]*string `field:"optional" json:"neq" yaml:"neq"` // Represents a *not equal* ** condition to be applied to a single field when querying for findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-notequals // NotEquals *[]*string `field:"optional" json:"notEquals" yaml:"notEquals"` }
Specifies the condition to apply to a single field when filtering through GuardDuty findings.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" conditionProperty := &ConditionProperty{ Eq: []*string{ jsii.String("eq"), }, EqualTo: []*string{ jsii.String("equalTo"), }, GreaterThan: jsii.Number(123), GreaterThanOrEqual: jsii.Number(123), Gt: jsii.Number(123), Gte: jsii.Number(123), LessThan: jsii.Number(123), LessThanOrEqual: jsii.Number(123), Lt: jsii.Number(123), Lte: jsii.Number(123), Neq: []*string{ jsii.String("neq"), }, NotEquals: []*string{ jsii.String("notEquals"), }, }
type CfnFilter_FindingCriteriaProperty ¶
type CfnFilter_FindingCriteriaProperty struct { // Represents a map of finding properties that match specified conditions and values when querying findings. // // For information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion: // // - accountId // - id // - region // - severity // // To filter on the basis of severity, API and CFN use the following input list for the condition: // // - *Low* : `["1", "2", "3"]` // - *Medium* : `["4", "5", "6"]` // - *High* : `["7", "8", "9"]` // // For more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) . // - type // - updatedAt // // Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds. // - resource.accessKeyDetails.accessKeyId // - resource.accessKeyDetails.principalId // - resource.accessKeyDetails.userName // - resource.accessKeyDetails.userType // - resource.instanceDetails.iamInstanceProfile.id // - resource.instanceDetails.imageId // - resource.instanceDetails.instanceId // - resource.instanceDetails.tags.key // - resource.instanceDetails.tags.value // - resource.instanceDetails.networkInterfaces.ipv6Addresses // - resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress // - resource.instanceDetails.networkInterfaces.publicDnsName // - resource.instanceDetails.networkInterfaces.publicIp // - resource.instanceDetails.networkInterfaces.securityGroups.groupId // - resource.instanceDetails.networkInterfaces.securityGroups.groupName // - resource.instanceDetails.networkInterfaces.subnetId // - resource.instanceDetails.networkInterfaces.vpcId // - resource.instanceDetails.outpostArn // - resource.resourceType // - resource.s3BucketDetails.publicAccess.effectivePermissions // - resource.s3BucketDetails.name // - resource.s3BucketDetails.tags.key // - resource.s3BucketDetails.tags.value // - resource.s3BucketDetails.type // - service.action.actionType // - service.action.awsApiCallAction.api // - service.action.awsApiCallAction.callerType // - service.action.awsApiCallAction.errorCode // - service.action.awsApiCallAction.remoteIpDetails.city.cityName // - service.action.awsApiCallAction.remoteIpDetails.country.countryName // - service.action.awsApiCallAction.remoteIpDetails.ipAddressV4 // - service.action.awsApiCallAction.remoteIpDetails.organization.asn // - service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg // - service.action.awsApiCallAction.serviceName // - service.action.dnsRequestAction.domain // - service.action.networkConnectionAction.blocked // - service.action.networkConnectionAction.connectionDirection // - service.action.networkConnectionAction.localPortDetails.port // - service.action.networkConnectionAction.protocol // - service.action.networkConnectionAction.remoteIpDetails.city.cityName // - service.action.networkConnectionAction.remoteIpDetails.country.countryName // - service.action.networkConnectionAction.remoteIpDetails.ipAddressV4 // - service.action.networkConnectionAction.remoteIpDetails.organization.asn // - service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg // - service.action.networkConnectionAction.remotePortDetails.port // - service.action.awsApiCallAction.remoteAccountDetails.affiliated // - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4 // - service.action.kubernetesApiCallAction.requestUri // - service.action.networkConnectionAction.localIpDetails.ipAddressV4 // - service.action.networkConnectionAction.protocol // - service.action.awsApiCallAction.serviceName // - service.action.awsApiCallAction.remoteAccountDetails.accountId // - service.additionalInfo.threatListName // - service.resourceRole // - resource.eksClusterDetails.name // - resource.kubernetesDetails.kubernetesWorkloadDetails.name // - resource.kubernetesDetails.kubernetesWorkloadDetails.namespace // - resource.kubernetesDetails.kubernetesUserDetails.username // - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image // - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix // - service.ebsVolumeScanDetails.scanId // - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name // - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity // - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash // - resource.ecsClusterDetails.name // - resource.ecsClusterDetails.taskDetails.containers.image // - resource.ecsClusterDetails.taskDetails.definitionArn // - resource.containerDetails.image // - resource.rdsDbInstanceDetails.dbInstanceIdentifier // - resource.rdsDbInstanceDetails.dbClusterIdentifier // - resource.rdsDbInstanceDetails.engine // - resource.rdsDbUserDetails.user // - resource.rdsDbInstanceDetails.tags.key // - resource.rdsDbInstanceDetails.tags.value // - service.runtimeDetails.process.executableSha256 // - service.runtimeDetails.process.name // - service.runtimeDetails.process.name // - resource.lambdaDetails.functionName // - resource.lambdaDetails.functionArn // - resource.lambdaDetails.tags.key // - resource.lambdaDetails.tags.value // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-findingcriteria.html#cfn-guardduty-filter-findingcriteria-criterion // Criterion interface{} `field:"optional" json:"criterion" yaml:"criterion"` // Specifies the condition to be applied to a single field when filtering through findings. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-findingcriteria.html#cfn-guardduty-filter-findingcriteria-itemtype // ItemType interface{} `field:"optional" json:"itemType" yaml:"itemType"` }
Represents a map of finding properties that match specified conditions and values when querying findings.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" var criterion interface{} findingCriteriaProperty := &FindingCriteriaProperty{ Criterion: criterion, ItemType: &ConditionProperty{ Eq: []*string{ jsii.String("eq"), }, EqualTo: []*string{ jsii.String("equalTo"), }, GreaterThan: jsii.Number(123), GreaterThanOrEqual: jsii.Number(123), Gt: jsii.Number(123), Gte: jsii.Number(123), LessThan: jsii.Number(123), LessThanOrEqual: jsii.Number(123), Lt: jsii.Number(123), Lte: jsii.Number(123), Neq: []*string{ jsii.String("neq"), }, NotEquals: []*string{ jsii.String("notEquals"), }, }, }
type CfnIPSet ¶
type CfnIPSet interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable // Indicates whether or not GuardDuty uses the `IPSet` . Activate() interface{} SetActivate(val interface{}) AttrId() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The unique ID of the detector of the GuardDuty account that you want to create an IPSet for. DetectorId() *string SetDetectorId(val *string) // The format of the file that contains the IPSet. Format() *string SetFormat(val *string) // The URI of the file that contains the IPSet. Location() *string SetLocation(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // The user-friendly name to identify the IPSet. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // The tags to be added to a new IP set resource. TagsRaw() *[]*awscdk.CfnTag SetTagsRaw(val *[]*awscdk.CfnTag) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
The `AWS::GuardDuty::IPSet` resource specifies a new `IPSet` .
An `IPSet` is a list of trusted IP addresses from which secure communication is allowed with AWS infrastructure and applications.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnIPSet := awscdk.Aws_guardduty.NewCfnIPSet(this, jsii.String("MyCfnIPSet"), &CfnIPSetProps{ Format: jsii.String("format"), Location: jsii.String("location"), Name: jsii.String("name"), // the properties below are optional Activate: jsii.Boolean(false), DetectorId: jsii.String("detectorId"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, })
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html
func NewCfnIPSet ¶
func NewCfnIPSet(scope constructs.Construct, id *string, props *CfnIPSetProps) CfnIPSet
type CfnIPSetProps ¶
type CfnIPSetProps struct { // The format of the file that contains the IPSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-format // Format *string `field:"required" json:"format" yaml:"format"` // The URI of the file that contains the IPSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-location // Location *string `field:"required" json:"location" yaml:"location"` // The user-friendly name to identify the IPSet. // // Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_). // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-name // Name *string `field:"required" json:"name" yaml:"name"` // Indicates whether or not GuardDuty uses the `IPSet` . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-activate // Activate interface{} `field:"optional" json:"activate" yaml:"activate"` // The unique ID of the detector of the GuardDuty account that you want to create an IPSet for. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-detectorid // DetectorId *string `field:"optional" json:"detectorId" yaml:"detectorId"` // The tags to be added to a new IP set resource. // // Each tag consists of a key and an optional value, both of which you define. // // For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnIPSet`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnIPSetProps := &CfnIPSetProps{ Format: jsii.String("format"), Location: jsii.String("location"), Name: jsii.String("name"), // the properties below are optional Activate: jsii.Boolean(false), DetectorId: jsii.String("detectorId"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html
type CfnMaster ¶
type CfnMaster interface { awscdk.CfnResource awscdk.IInspectable // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The unique ID of the detector of the GuardDuty member account. DetectorId() *string SetDetectorId(val *string) // The ID of the invitation that is sent to the account designated as a member account. InvitationId() *string SetInvitationId(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string MasterId() *string SetMasterId(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
You can use the `AWS::GuardDuty::Master` resource in a GuardDuty member account to accept an invitation from a GuardDuty administrator account.
The invitation to the member account must be sent prior to using the `AWS::GuardDuty::Master` resource to accept the administrator account's invitation. You can invite a member account by using the `InviteMembers` operation of the GuardDuty API, or by creating an `AWS::GuardDuty::Member` resource.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnMaster := awscdk.Aws_guardduty.NewCfnMaster(this, jsii.String("MyCfnMaster"), &CfnMasterProps{ DetectorId: jsii.String("detectorId"), MasterId: jsii.String("masterId"), // the properties below are optional InvitationId: jsii.String("invitationId"), })
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html
func NewCfnMaster ¶
func NewCfnMaster(scope constructs.Construct, id *string, props *CfnMasterProps) CfnMaster
type CfnMasterProps ¶
type CfnMasterProps struct { // The unique ID of the detector of the GuardDuty member account. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html#cfn-guardduty-master-detectorid // DetectorId *string `field:"required" json:"detectorId" yaml:"detectorId"` // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html#cfn-guardduty-master-masterid // MasterId *string `field:"required" json:"masterId" yaml:"masterId"` // The ID of the invitation that is sent to the account designated as a member account. // // You can find the invitation ID by using the ListInvitation action of the GuardDuty API. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html#cfn-guardduty-master-invitationid // InvitationId *string `field:"optional" json:"invitationId" yaml:"invitationId"` }
Properties for defining a `CfnMaster`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnMasterProps := &CfnMasterProps{ DetectorId: jsii.String("detectorId"), MasterId: jsii.String("masterId"), // the properties below are optional InvitationId: jsii.String("invitationId"), }
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html
type CfnMember ¶
type CfnMember interface { awscdk.CfnResource awscdk.IInspectable // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The ID of the detector associated with the GuardDuty service to add the member to. DetectorId() *string SetDetectorId(val *string) // Specifies whether or not to disable email notification for the member account that you invite. DisableEmailNotification() interface{} SetDisableEmailNotification(val interface{}) // The email address associated with the member account. Email() *string SetEmail(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string MemberId() *string SetMemberId(val *string) // The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members. Message() *string SetMessage(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Status() *string SetStatus(val *string) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
You can use the `AWS::GuardDuty::Member` resource to add an AWS account as a GuardDuty member account to the current GuardDuty administrator account.
If the value of the `Status` property is not provided or is set to `Created` , a member account is created but not invited. If the value of the `Status` property is set to `Invited` , a member account is created and invited. An `AWS::GuardDuty::Member` resource must be created with the `Status` property set to `Invited` before the `AWS::GuardDuty::Master` resource can be created in a GuardDuty member account.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnMember := awscdk.Aws_guardduty.NewCfnMember(this, jsii.String("MyCfnMember"), &CfnMemberProps{ DetectorId: jsii.String("detectorId"), Email: jsii.String("email"), MemberId: jsii.String("memberId"), // the properties below are optional DisableEmailNotification: jsii.Boolean(false), Message: jsii.String("message"), Status: jsii.String("status"), })
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html
func NewCfnMember ¶
func NewCfnMember(scope constructs.Construct, id *string, props *CfnMemberProps) CfnMember
type CfnMemberProps ¶
type CfnMemberProps struct { // The ID of the detector associated with the GuardDuty service to add the member to. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-detectorid // DetectorId *string `field:"required" json:"detectorId" yaml:"detectorId"` // The email address associated with the member account. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-email // Email *string `field:"required" json:"email" yaml:"email"` // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-memberid // MemberId *string `field:"required" json:"memberId" yaml:"memberId"` // Specifies whether or not to disable email notification for the member account that you invite. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-disableemailnotification // DisableEmailNotification interface{} `field:"optional" json:"disableEmailNotification" yaml:"disableEmailNotification"` // The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-message // Message *string `field:"optional" json:"message" yaml:"message"` // You can use the `Status` property to update the status of the relationship between the member account and its administrator account. // // Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html#cfn-guardduty-member-status // Status *string `field:"optional" json:"status" yaml:"status"` }
Properties for defining a `CfnMember`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnMemberProps := &CfnMemberProps{ DetectorId: jsii.String("detectorId"), Email: jsii.String("email"), MemberId: jsii.String("memberId"), // the properties below are optional DisableEmailNotification: jsii.Boolean(false), Message: jsii.String("message"), Status: jsii.String("status"), }
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-member.html
type CfnThreatIntelSet ¶
type CfnThreatIntelSet interface { awscdk.CfnResource awscdk.IInspectable awscdk.ITaggable // A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet. Activate() interface{} SetActivate(val interface{}) AttrId() *string // Options for this resource, such as condition, update policy etc. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. CreationStack() *[]*string // The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for. DetectorId() *string SetDetectorId(val *string) // The format of the file that contains the ThreatIntelSet. Format() *string SetFormat(val *string) // The URI of the file that contains the ThreatIntelSet. Location() *string SetLocation(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. LogicalId() *string // A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet. Name() *string SetName(val *string) // The tree node. Node() constructs.Node // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). Stack() awscdk.Stack // Tag Manager which manages the tags for this resource. Tags() awscdk.TagManager // The tags to be added to a new threat list resource. TagsRaw() *[]*awscdk.CfnTag SetTagsRaw(val *[]*awscdk.CfnTag) // Deprecated. // Deprecated: use `updatedProperties` // // Return properties modified after initiation // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperites() *map[string]interface{} // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. UpdatedProperties() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. AddDependency(target awscdk.CfnResource) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // Deprecated: use addDependency. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some // cases, a snapshot can be taken of the resource prior to deletion // (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy // can be found in the following link:. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options // ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Retrieves an array of resources this resource depends on. // // This assembles dependencies on resources across stacks (including nested stacks) // automatically. ObtainDependencies() *[]interface{} // Get a shallow copy of dependencies between this resource and other resources in the same stack. ObtainResourceDependencies() *[]awscdk.CfnResource // Overrides the auto-generated logical ID with a specific ID. OverrideLogicalId(newLogicalId *string) // Indicates that this resource no longer depends on another resource. // // This can be used for resources across stacks (including nested stacks) // and the dependency will automatically be removed from the relevant scope. RemoveDependency(target awscdk.CfnResource) RenderProperties(props *map[string]interface{}) *map[string]interface{} // Replaces one dependency with another. ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource) // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. ShouldSynthesize() *bool // Returns a string representation of this construct. // // Returns: a string representation of this resource. ToString() *string ValidateProperties(_properties interface{}) }
The `AWS::GuardDuty::ThreatIntelSet` resource specifies a new `ThreatIntelSet` .
A `ThreatIntelSet` consists of known malicious IP addresses. GuardDuty generates findings based on the `ThreatIntelSet` when it is activated.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnThreatIntelSet := awscdk.Aws_guardduty.NewCfnThreatIntelSet(this, jsii.String("MyCfnThreatIntelSet"), &CfnThreatIntelSetProps{ Format: jsii.String("format"), Location: jsii.String("location"), Name: jsii.String("name"), // the properties below are optional Activate: jsii.Boolean(false), DetectorId: jsii.String("detectorId"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, })
func NewCfnThreatIntelSet ¶
func NewCfnThreatIntelSet(scope constructs.Construct, id *string, props *CfnThreatIntelSetProps) CfnThreatIntelSet
type CfnThreatIntelSetProps ¶
type CfnThreatIntelSetProps struct { // The format of the file that contains the ThreatIntelSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-format // Format *string `field:"required" json:"format" yaml:"format"` // The URI of the file that contains the ThreatIntelSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-location // Location *string `field:"required" json:"location" yaml:"location"` // A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-name // Name *string `field:"required" json:"name" yaml:"name"` // A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-activate // Activate interface{} `field:"optional" json:"activate" yaml:"activate"` // The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for. // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-detectorid // DetectorId *string `field:"optional" json:"detectorId" yaml:"detectorId"` // The tags to be added to a new threat list resource. // // Each tag consists of a key and an optional value, both of which you define. // // For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . // See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-threatintelset.html#cfn-guardduty-threatintelset-tags // Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnThreatIntelSet`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnThreatIntelSetProps := &CfnThreatIntelSetProps{ Format: jsii.String("format"), Location: jsii.String("location"), Name: jsii.String("name"), // the properties below are optional Activate: jsii.Boolean(false), DetectorId: jsii.String("detectorId"), Tags: []cfnTag{ &cfnTag{ Key: jsii.String("key"), Value: jsii.String("value"), }, }, }
Source Files ¶
- CfnDetector.go
- CfnDetectorProps.go
- CfnDetector_CFNDataSourceConfigurationsProperty.go
- CfnDetector_CFNFeatureAdditionalConfigurationProperty.go
- CfnDetector_CFNFeatureConfigurationProperty.go
- CfnDetector_CFNKubernetesAuditLogsConfigurationProperty.go
- CfnDetector_CFNKubernetesConfigurationProperty.go
- CfnDetector_CFNMalwareProtectionConfigurationProperty.go
- CfnDetector_CFNS3LogsConfigurationProperty.go
- CfnDetector_CFNScanEc2InstanceWithFindingsConfigurationProperty.go
- CfnDetector_TagItemProperty.go
- CfnDetector__checks.go
- CfnFilter.go
- CfnFilterProps.go
- CfnFilter_ConditionProperty.go
- CfnFilter_FindingCriteriaProperty.go
- CfnFilter__checks.go
- CfnIPSet.go
- CfnIPSetProps.go
- CfnIPSet__checks.go
- CfnMaster.go
- CfnMasterProps.go
- CfnMaster__checks.go
- CfnMember.go
- CfnMemberProps.go
- CfnMember__checks.go
- CfnThreatIntelSet.go
- CfnThreatIntelSetProps.go
- CfnThreatIntelSet__checks.go
- main.go