detector#

State module for managing Amazon GuardDuty Detector.

async idem_aws.states.aws.guardduty.detector.present(hub, ctx, name: str, enable: bool = True, resource_id: str = None, client_token: str = None, finding_publishing_frequency: str = None, data_sources: ~types.Describes which data sources will be enabled for the detector.DataSourceConfiguration = None, tags: ~typing.Dict[str, str] = None) Dict[str, Any][source]#

Creates an Amazon GuardDuty detector.

A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default.

Parameters:
  • name (str) – An Idem name of the resource.

  • resource_id (str, Optional) – The ID of the detector in Amazon Web Services.

  • enable (bool, Optional) – A Boolean value that specifies whether the detector is to be enabled. Default value is True.

  • client_token (str, Optional) – The idempotency token for the create request. This field is auto_populated if not provided.

  • finding_publishing_frequency (str, Optional) – A value that specifies how frequently updated findings are exported. Valid values are FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS.

  • data_sources (dict, Optional) –

    Describes which data sources will be enabled for the detector.

    • S3Logs (dict, Optional):

      Describes whether S3 data event logs are enabled as a data source.

      • Enable (bool): The status of S3 data event logs as a data source.

    • Kubernetes (dict, Optional):

      Describes whether any Kubernetes logs are enabled as data sources.

      • AuditLogs (dict):

        The status of Kubernetes audit logs as a data source.

        • Enable (bool):

          The status of Kubernetes audit logs as a data source.

    • MalwareProtection (dict, Optional):

      Describes whether Malware Protection is enabled as a data source.

      • ScanEc2InstanceWithFindings (dict, Optional):

        Describes the configuration of Malware Protection for EC2 instances with findings.

        EbsVolumes (bool, Optional):

        Describes the configuration for scanning EBS volumes as data source.

  • tags (dict, Optional) – Dict in the format of {tag-key: tag-value} to associate with the detector.

Request Syntax:
[idem_test_aws_guardduty_detector]:
  aws.guaardduty.detector.present:
    - name: 'string'
    - enable: True|False
    - client_token: 'string'
    - finding_publishing_frequency: 'FIFTEEN_MINUTES|ONE_HOUR|SIX_HOURS'
    - data_sources:
        S3Logs:
          Enable: True|False
        Kubernetes:
          AuditLogs:
            Enable: True|False
        MalwareProtection:
          ScanEc2InstanceWithFindings:
            EbsVolumes: True|False
    - tags:
        'string': 'string'
Returns:

Dict[str, Any]

Examples

idem_test_aws_guardduty_detector:
  aws.guardduty.detector.present:
    - name: idem_test_guardduty_detector
    - enable: True
    - finding_publishing_frequency: 'ONE_HOUR'
    - data_sources:
        S3Logs:
          Enable: true
    - tags:
        provider: idem
async idem_aws.states.aws.guardduty.detector.absent(hub, ctx, name: str, resource_id: str = None) Dict[str, Any][source]#

Deletes an Amazon GuardDuty detector.

Parameters:
  • name (str) – An Idem name of the resource.

  • resource_id (str, Optional) – The ID of the detector in Amazon Web Services.

Request syntax:
[idem_test_aws_guardduty_detector]:
  aws.guardduty.detector.absent:
    - name: 'string'
    - resource_id: 'string'
Returns:

Dict[str, Any]

Examples

idem_test_aws_guardduty_detector:
  aws.guardduty.detector.absent:
    - name: idem_test_guardduty_detector
    - resource_id: cebf7ced6562d943d61f76a915e32563
async idem_aws.states.aws.guardduty.detector.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describes AWS GuardDuty detectors in a way that can be recreated/managed with the corresponding “present” function.

Returns:

Dict[str, Dict[str, Any]]

Examples

$ idem describe aws.guardduty.detector