guardduty

package
v0.18.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 5, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Detector 

type Detector struct {
	// contains filtered or unexported fields
}

Provides a resource to manage a GuardDuty detector.

> **NOTE:** Deleting this resource is equivalent to "disabling" GuardDuty for an AWS region, which removes all existing findings. You can set the `enable` attribute to `false` to instead "suspend" monitoring and feedback reporting while keeping existing data. See the [Suspending or Disabling Amazon GuardDuty documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_suspend-disable.html) for more information.

func GetDetector 

func GetDetector(ctx *pulumi.Context,
	name string, id pulumi.ID, state *DetectorState, opts ...pulumi.ResourceOpt) (*Detector, error)

GetDetector gets an existing Detector resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewDetector 

func NewDetector(ctx *pulumi.Context,
	name string, args *DetectorArgs, opts ...pulumi.ResourceOpt) (*Detector, error)

NewDetector registers a new resource with the given unique name, arguments, and options.

func (*Detector) AccountId 

func (r *Detector) AccountId() *pulumi.StringOutput

The AWS account ID of the GuardDuty detector

func (*Detector) Enable 

func (r *Detector) Enable() *pulumi.BoolOutput

Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.

func (*Detector) FindingPublishingFrequency added in v0.16.5 

func (r *Detector) FindingPublishingFrequency() *pulumi.StringOutput

Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.

func (*Detector) ID 

func (r *Detector) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Detector) URN 

func (r *Detector) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type DetectorArgs 

type DetectorArgs struct {
	// Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
	Enable interface{}
	// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
	FindingPublishingFrequency interface{}
}

The set of arguments for constructing a Detector resource.

type DetectorState 

type DetectorState struct {
	// The AWS account ID of the GuardDuty detector
	AccountId interface{}
	// Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
	Enable interface{}
	// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
	FindingPublishingFrequency interface{}
}

Input properties used for looking up and filtering Detector resources.

type IPSet 

type IPSet struct {
	// contains filtered or unexported fields
}

Provides a resource to manage a GuardDuty IPSet.

> **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage IPSets. IPSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-ip-set.html)

func GetIPSet 

func GetIPSet(ctx *pulumi.Context,
	name string, id pulumi.ID, state *IPSetState, opts ...pulumi.ResourceOpt) (*IPSet, error)

GetIPSet gets an existing IPSet resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIPSet 

func NewIPSet(ctx *pulumi.Context,
	name string, args *IPSetArgs, opts ...pulumi.ResourceOpt) (*IPSet, error)

NewIPSet registers a new resource with the given unique name, arguments, and options.

func (*IPSet) Activate 

func (r *IPSet) Activate() *pulumi.BoolOutput

Specifies whether GuardDuty is to start using the uploaded IPSet.

func (*IPSet) DetectorId 

func (r *IPSet) DetectorId() *pulumi.StringOutput

The detector ID of the GuardDuty.

func (*IPSet) Format 

func (r *IPSet) Format() *pulumi.StringOutput

The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`

func (*IPSet) ID 

func (r *IPSet) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*IPSet) Location 

func (r *IPSet) Location() *pulumi.StringOutput

The URI of the file that contains the IPSet.

func (*IPSet) Name 

func (r *IPSet) Name() *pulumi.StringOutput

The friendly name to identify the IPSet.

func (*IPSet) URN 

func (r *IPSet) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type IPSetArgs 

type IPSetArgs struct {
	// Specifies whether GuardDuty is to start using the uploaded IPSet.
	Activate interface{}
	// The detector ID of the GuardDuty.
	DetectorId interface{}
	// The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format interface{}
	// The URI of the file that contains the IPSet.
	Location interface{}
	// The friendly name to identify the IPSet.
	Name interface{}
}

The set of arguments for constructing a IPSet resource.

type IPSetState 

type IPSetState struct {
	// Specifies whether GuardDuty is to start using the uploaded IPSet.
	Activate interface{}
	// The detector ID of the GuardDuty.
	DetectorId interface{}
	// The format of the file that contains the IPSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format interface{}
	// The URI of the file that contains the IPSet.
	Location interface{}
	// The friendly name to identify the IPSet.
	Name interface{}
}

Input properties used for looking up and filtering IPSet resources.

type InviteAccepter added in v0.18.0 

type InviteAccepter struct {
	// contains filtered or unexported fields
}

Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct master account on read, and disassociate with the master account upon removal.

func GetInviteAccepter added in v0.18.0 

func GetInviteAccepter(ctx *pulumi.Context,
	name string, id pulumi.ID, state *InviteAccepterState, opts ...pulumi.ResourceOpt) (*InviteAccepter, error)

GetInviteAccepter gets an existing InviteAccepter resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewInviteAccepter added in v0.18.0 

func NewInviteAccepter(ctx *pulumi.Context,
	name string, args *InviteAccepterArgs, opts ...pulumi.ResourceOpt) (*InviteAccepter, error)

NewInviteAccepter registers a new resource with the given unique name, arguments, and options.

func (*InviteAccepter) DetectorId added in v0.18.0 

func (r *InviteAccepter) DetectorId() *pulumi.StringOutput

The detector ID of the member GuardDuty account.

func (*InviteAccepter) ID added in v0.18.0 

func (r *InviteAccepter) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*InviteAccepter) MasterAccountId added in v0.18.0 

func (r *InviteAccepter) MasterAccountId() *pulumi.StringOutput

AWS account ID for master account.

func (*InviteAccepter) URN added in v0.18.0 

func (r *InviteAccepter) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type InviteAccepterArgs added in v0.18.0 

type InviteAccepterArgs struct {
	// The detector ID of the member GuardDuty account.
	DetectorId interface{}
	// AWS account ID for master account.
	MasterAccountId interface{}
}

The set of arguments for constructing a InviteAccepter resource.

type InviteAccepterState added in v0.18.0 

type InviteAccepterState struct {
	// The detector ID of the member GuardDuty account.
	DetectorId interface{}
	// AWS account ID for master account.
	MasterAccountId interface{}
}

Input properties used for looking up and filtering InviteAccepter resources.

type Member 

type Member struct {
	// contains filtered or unexported fields
}

Provides a resource to manage a GuardDuty member.

> **NOTE:** Currently after using this resource, you must manually accept member account invitations before GuardDuty will begin sending cross-account events. More information for how to accomplish this via the AWS Console or API can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_accounts.html). Terraform implementation of the member acceptance resource can be tracked in [Github](https://github.com/terraform-providers/terraform-provider-aws/issues/2489).

func GetMember 

func GetMember(ctx *pulumi.Context,
	name string, id pulumi.ID, state *MemberState, opts ...pulumi.ResourceOpt) (*Member, error)

GetMember gets an existing Member resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewMember 

func NewMember(ctx *pulumi.Context,
	name string, args *MemberArgs, opts ...pulumi.ResourceOpt) (*Member, error)

NewMember registers a new resource with the given unique name, arguments, and options.

func (*Member) AccountId 

func (r *Member) AccountId() *pulumi.StringOutput

AWS account ID for member account.

func (*Member) DetectorId 

func (r *Member) DetectorId() *pulumi.StringOutput

The detector ID of the GuardDuty account where you want to create member accounts.

func (*Member) DisableEmailNotification 

func (r *Member) DisableEmailNotification() *pulumi.BoolOutput

Boolean whether an email notification is sent to the accounts. Defaults to `false`.

func (*Member) Email 

func (r *Member) Email() *pulumi.StringOutput

Email address for member account.

func (*Member) ID 

func (r *Member) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*Member) InvitationMessage 

func (r *Member) InvitationMessage() *pulumi.StringOutput

Message for invitation.

func (*Member) Invite 

func (r *Member) Invite() *pulumi.BoolOutput

Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the Terraform state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.

func (*Member) RelationshipStatus 

func (r *Member) RelationshipStatus() *pulumi.StringOutput

The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).

func (*Member) URN 

func (r *Member) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type MemberArgs 

type MemberArgs struct {
	// AWS account ID for member account.
	AccountId interface{}
	// The detector ID of the GuardDuty account where you want to create member accounts.
	DetectorId interface{}
	// Boolean whether an email notification is sent to the accounts. Defaults to `false`.
	DisableEmailNotification interface{}
	// Email address for member account.
	Email interface{}
	// Message for invitation.
	InvitationMessage interface{}
	// Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the Terraform state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.
	Invite interface{}
}

The set of arguments for constructing a Member resource.

type MemberState 

type MemberState struct {
	// AWS account ID for member account.
	AccountId interface{}
	// The detector ID of the GuardDuty account where you want to create member accounts.
	DetectorId interface{}
	// Boolean whether an email notification is sent to the accounts. Defaults to `false`.
	DisableEmailNotification interface{}
	// Email address for member account.
	Email interface{}
	// Message for invitation.
	InvitationMessage interface{}
	// Boolean whether to invite the account to GuardDuty as a member. Defaults to `false`. To detect if an invitation needs to be (re-)sent, the Terraform state value is `true` based on a `relationship_status` of `Disabled`, `Enabled`, `Invited`, or `EmailVerificationInProgress`.
	Invite interface{}
	// The status of the relationship between the member account and its master account. More information can be found in [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/ug/get-members.html).
	RelationshipStatus interface{}
}

Input properties used for looking up and filtering Member resources.

type ThreatIntelSet 

type ThreatIntelSet struct {
	// contains filtered or unexported fields
}

Provides a resource to manage a GuardDuty ThreatIntelSet.

> **Note:** Currently in GuardDuty, users from member accounts cannot upload and further manage ThreatIntelSets. ThreatIntelSets that are uploaded by the master account are imposed on GuardDuty functionality in its member accounts. See the [GuardDuty API Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/create-threat-intel-set.html)

func GetThreatIntelSet 

func GetThreatIntelSet(ctx *pulumi.Context,
	name string, id pulumi.ID, state *ThreatIntelSetState, opts ...pulumi.ResourceOpt) (*ThreatIntelSet, error)

GetThreatIntelSet gets an existing ThreatIntelSet resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewThreatIntelSet 

func NewThreatIntelSet(ctx *pulumi.Context,
	name string, args *ThreatIntelSetArgs, opts ...pulumi.ResourceOpt) (*ThreatIntelSet, error)

NewThreatIntelSet registers a new resource with the given unique name, arguments, and options.

func (*ThreatIntelSet) Activate 

func (r *ThreatIntelSet) Activate() *pulumi.BoolOutput

Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.

func (*ThreatIntelSet) DetectorId 

func (r *ThreatIntelSet) DetectorId() *pulumi.StringOutput

The detector ID of the GuardDuty.

func (*ThreatIntelSet) Format 

func (r *ThreatIntelSet) Format() *pulumi.StringOutput

The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`

func (*ThreatIntelSet) ID 

func (r *ThreatIntelSet) ID() *pulumi.IDOutput

ID is this resource's unique identifier assigned by its provider.

func (*ThreatIntelSet) Location 

func (r *ThreatIntelSet) Location() *pulumi.StringOutput

The URI of the file that contains the ThreatIntelSet.

func (*ThreatIntelSet) Name 

func (r *ThreatIntelSet) Name() *pulumi.StringOutput

The friendly name to identify the ThreatIntelSet.

func (*ThreatIntelSet) URN 

func (r *ThreatIntelSet) URN() *pulumi.URNOutput

URN is this resource's unique name assigned by Pulumi.

type ThreatIntelSetArgs 

type ThreatIntelSetArgs struct {
	// Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
	Activate interface{}
	// The detector ID of the GuardDuty.
	DetectorId interface{}
	// The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format interface{}
	// The URI of the file that contains the ThreatIntelSet.
	Location interface{}
	// The friendly name to identify the ThreatIntelSet.
	Name interface{}
}

The set of arguments for constructing a ThreatIntelSet resource.

type ThreatIntelSetState 

type ThreatIntelSetState struct {
	// Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
	Activate interface{}
	// The detector ID of the GuardDuty.
	DetectorId interface{}
	// The format of the file that contains the ThreatIntelSet. Valid values: `TXT` | `STIX` | `OTX_CSV` | `ALIEN_VAULT` | `PROOF_POINT` | `FIRE_EYE`
	Format interface{}
	// The URI of the file that contains the ThreatIntelSet.
	Location interface{}
	// The friendly name to identify the ThreatIntelSet.
	Name interface{}
}

Input properties used for looking up and filtering ThreatIntelSet resources.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.