guardduty

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2020 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Detector 

type Detector struct {
	pulumi.CustomResourceState

	// The AWS account ID of the GuardDuty detector
	AccountId pulumi.StringOutput `pulumi:"accountId"`
	// Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
	Enable pulumi.BoolPtrOutput `pulumi:"enable"`
	// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
	FindingPublishingFrequency pulumi.StringOutput `pulumi:"findingPublishingFrequency"`
}

Provides a resource to manage a GuardDuty detector.

> **NOTE:** Deleting this resource is equivalent to "disabling" GuardDuty for an AWS region, which removes all existing findings. You can set the `enable` attribute to `false` to instead "suspend" monitoring and feedback reporting while keeping existing data. See the [Suspending or Disabling Amazon GuardDuty documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html) for more information.

func GetDetector 

func GetDetector(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *DetectorState, opts ...pulumi.ResourceOption) (*Detector, error)

GetDetector gets an existing Detector resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDetector 

func NewDetector(ctx *pulumi.Context,
	name string, args *DetectorArgs, opts ...pulumi.ResourceOption) (*Detector, error)

NewDetector registers a new resource with the given unique name, arguments, and options.

type DetectorArgs 

type DetectorArgs struct {
	// Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
	Enable pulumi.BoolPtrInput
	// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
	FindingPublishingFrequency pulumi.StringPtrInput
}

The set of arguments for constructing a Detector resource.

func (DetectorArgs) ElementType 

func (DetectorArgs) ElementType() reflect.Type

type DetectorState 

type DetectorState struct {
	// The AWS account ID of the GuardDuty detector
	AccountId pulumi.StringPtrInput
	// Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
	Enable pulumi.BoolPtrInput
	// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in this provider to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
	FindingPublishingFrequency pulumi.StringPtrInput
}

func (DetectorState) ElementType 

func (DetectorState) ElementType() reflect.Type

type IPSet 

type IPSet struct {
	pulumi.CustomResourceState

	// Specifies whether GuardDuty is to start using the uploaded IPSet.
	Activate pulumi.BoolOutput `pulumi:"activate"`
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringOutput `pulumi:"detectorId"`
	// The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringOutput `pulumi:"format"`
	// The URI of the file that contains the IPSet.
	Location pulumi.StringOutput `pulumi:"location"`
	// The friendly name to identify the IPSet.
	Name pulumi.StringOutput `pulumi:"name"`
}

Provides a resource to manage a GuardDuty IPSet.

> **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage IPSets. IPSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-ip-set.html)

func GetIPSet 

func GetIPSet(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IPSetState, opts ...pulumi.ResourceOption) (*IPSet, error)

GetIPSet gets an existing IPSet resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIPSet 

func NewIPSet(ctx *pulumi.Context,
	name string, args *IPSetArgs, opts ...pulumi.ResourceOption) (*IPSet, error)

NewIPSet registers a new resource with the given unique name, arguments, and options.

type IPSetArgs 

type IPSetArgs struct {
	// Specifies whether GuardDuty is to start using the uploaded IPSet.
	Activate pulumi.BoolInput
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringInput
	// The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringInput
	// The URI of the file that contains the IPSet.
	Location pulumi.StringInput
	// The friendly name to identify the IPSet.
	Name pulumi.StringPtrInput
}

The set of arguments for constructing a IPSet resource.

func (IPSetArgs) ElementType 

func (IPSetArgs) ElementType() reflect.Type

type IPSetState 

type IPSetState struct {
	// Specifies whether GuardDuty is to start using the uploaded IPSet.
	Activate pulumi.BoolPtrInput
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringPtrInput
	// The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringPtrInput
	// The URI of the file that contains the IPSet.
	Location pulumi.StringPtrInput
	// The friendly name to identify the IPSet.
	Name pulumi.StringPtrInput
}

func (IPSetState) ElementType 

func (IPSetState) ElementType() reflect.Type

type InviteAccepter 

type InviteAccepter struct {
	pulumi.CustomResourceState

	// The detector ID of the member GuardDuty account.
	DetectorId pulumi.StringOutput `pulumi:"detectorId"`
	// AWS account ID for master account.
	MasterAccountId pulumi.StringOutput `pulumi:"masterAccountId"`
}

Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct master account on read, and disassociate with the master account upon removal.

func GetInviteAccepter 

func GetInviteAccepter(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *InviteAccepterState, opts ...pulumi.ResourceOption) (*InviteAccepter, error)

GetInviteAccepter gets an existing InviteAccepter resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInviteAccepter 

func NewInviteAccepter(ctx *pulumi.Context,
	name string, args *InviteAccepterArgs, opts ...pulumi.ResourceOption) (*InviteAccepter, error)

NewInviteAccepter registers a new resource with the given unique name, arguments, and options.

type InviteAccepterArgs 

type InviteAccepterArgs struct {
	// The detector ID of the member GuardDuty account.
	DetectorId pulumi.StringInput
	// AWS account ID for master account.
	MasterAccountId pulumi.StringInput
}

The set of arguments for constructing a InviteAccepter resource.

func (InviteAccepterArgs) ElementType 

func (InviteAccepterArgs) ElementType() reflect.Type

type InviteAccepterState 

type InviteAccepterState struct {
	// The detector ID of the member GuardDuty account.
	DetectorId pulumi.StringPtrInput
	// AWS account ID for master account.
	MasterAccountId pulumi.StringPtrInput
}

func (InviteAccepterState) ElementType 

func (InviteAccepterState) ElementType() reflect.Type

type LookupDetectorArgs 

type LookupDetectorArgs struct {
	// The ID of the detector.
	Id *string `pulumi:"id"`
}

A collection of arguments for invoking getDetector.

type LookupDetectorResult 

type LookupDetectorResult struct {
	// The frequency of notifications sent about subsequent finding occurrences.
	FindingPublishingFrequency string  `pulumi:"findingPublishingFrequency"`
	Id                         *string `pulumi:"id"`
	// The service-linked role that grants GuardDuty access to the resources in the AWS account.
	ServiceRoleArn string `pulumi:"serviceRoleArn"`
	// The current status of the detector.
	Status string `pulumi:"status"`
}

A collection of values returned by getDetector.

func LookupDetector 

func LookupDetector(ctx *pulumi.Context, args *LookupDetectorArgs, opts ...pulumi.InvokeOption) (*LookupDetectorResult, error)

Retrieve information about a GuardDuty detector.

type Member 

type Member struct {
	pulumi.CustomResourceState

	// AWS account ID for member account.
	AccountId pulumi.StringOutput `pulumi:"accountId"`
	// The detector ID of the GuardDuty account where you want to create member accounts.
	DetectorId pulumi.StringOutput `pulumi:"detectorId"`
	// Boolean whether an email notification is sent to the accounts. Defaults to `false`.
	DisableEmailNotification pulumi.BoolPtrOutput `pulumi:"disableEmailNotification"`
	// Email address for member account.
	Email pulumi.StringOutput `pulumi:"email"`
	// Message for invitation.
	InvitationMessage pulumi.StringPtrOutput `pulumi:"invitationMessage"`
	// Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationshipStatus` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.
	Invite pulumi.BoolPtrOutput `pulumi:"invite"`
	// The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).
	RelationshipStatus pulumi.StringOutput `pulumi:"relationshipStatus"`
}

Provides a resource to manage a GuardDuty member. To accept invitations in member accounts, see the [`guardduty.InviteAccepter` resource](https://www.terraform.io/docs/providers/aws/r/guardduty_invite_accepter.html).

func GetMember 

func GetMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *MemberState, opts ...pulumi.ResourceOption) (*Member, error)

GetMember gets an existing Member resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMember 

func NewMember(ctx *pulumi.Context,
	name string, args *MemberArgs, opts ...pulumi.ResourceOption) (*Member, error)

NewMember registers a new resource with the given unique name, arguments, and options.

type MemberArgs 

type MemberArgs struct {
	// AWS account ID for member account.
	AccountId pulumi.StringInput
	// The detector ID of the GuardDuty account where you want to create member accounts.
	DetectorId pulumi.StringInput
	// Boolean whether an email notification is sent to the accounts. Defaults to `false`.
	DisableEmailNotification pulumi.BoolPtrInput
	// Email address for member account.
	Email pulumi.StringInput
	// Message for invitation.
	InvitationMessage pulumi.StringPtrInput
	// Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationshipStatus` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.
	Invite pulumi.BoolPtrInput
}

The set of arguments for constructing a Member resource.

func (MemberArgs) ElementType 

func (MemberArgs) ElementType() reflect.Type

type MemberState 

type MemberState struct {
	// AWS account ID for member account.
	AccountId pulumi.StringPtrInput
	// The detector ID of the GuardDuty account where you want to create member accounts.
	DetectorId pulumi.StringPtrInput
	// Boolean whether an email notification is sent to the accounts. Defaults to `false`.
	DisableEmailNotification pulumi.BoolPtrInput
	// Email address for member account.
	Email pulumi.StringPtrInput
	// Message for invitation.
	InvitationMessage pulumi.StringPtrInput
	// Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the this provider state value is `true` based on a `relationshipStatus` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.
	Invite pulumi.BoolPtrInput
	// The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).
	RelationshipStatus pulumi.StringPtrInput
}

func (MemberState) ElementType 

func (MemberState) ElementType() reflect.Type

type ThreatIntelSet 

type ThreatIntelSet struct {
	pulumi.CustomResourceState

	// Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
	Activate pulumi.BoolOutput `pulumi:"activate"`
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringOutput `pulumi:"detectorId"`
	// The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringOutput `pulumi:"format"`
	// The URI of the file that contains the ThreatIntelSet.
	Location pulumi.StringOutput `pulumi:"location"`
	// The friendly name to identify the ThreatIntelSet.
	Name pulumi.StringOutput `pulumi:"name"`
}

Provides a resource to manage a GuardDuty ThreatIntelSet.

> **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage ThreatIntelSets. ThreatIntelSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-threat-intel-set.html)

func GetThreatIntelSet 

func GetThreatIntelSet(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ThreatIntelSetState, opts ...pulumi.ResourceOption) (*ThreatIntelSet, error)

GetThreatIntelSet gets an existing ThreatIntelSet resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewThreatIntelSet 

func NewThreatIntelSet(ctx *pulumi.Context,
	name string, args *ThreatIntelSetArgs, opts ...pulumi.ResourceOption) (*ThreatIntelSet, error)

NewThreatIntelSet registers a new resource with the given unique name, arguments, and options.

type ThreatIntelSetArgs 

type ThreatIntelSetArgs struct {
	// Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
	Activate pulumi.BoolInput
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringInput
	// The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringInput
	// The URI of the file that contains the ThreatIntelSet.
	Location pulumi.StringInput
	// The friendly name to identify the ThreatIntelSet.
	Name pulumi.StringPtrInput
}

The set of arguments for constructing a ThreatIntelSet resource.

func (ThreatIntelSetArgs) ElementType 

func (ThreatIntelSetArgs) ElementType() reflect.Type

type ThreatIntelSetState 

type ThreatIntelSetState struct {
	// Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
	Activate pulumi.BoolPtrInput
	// The detector ID of the GuardDuty.
	DetectorId pulumi.StringPtrInput
	// The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format pulumi.StringPtrInput
	// The URI of the file that contains the ThreatIntelSet.
	Location pulumi.StringPtrInput
	// The friendly name to identify the ThreatIntelSet.
	Name pulumi.StringPtrInput
}

func (ThreatIntelSetState) ElementType 

func (ThreatIntelSetState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.