member#

State module for adding/deleting members from Guardduty.

async idem_aws.states.aws.guardduty.member.present(hub, ctx, name: str, detector_id: str, account_id: str, email: str, resource_id: str = None) Dict[str, Any][source]#

Add member to AWS Guardduty.

Creates a member account under Guardduty by specifying Amazon Web Services account ID for the member account. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization. When using Create Members as an organizations delegated administrator this action will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account, which must enable GuardDuty prior to being added as a member. If you are adding accounts by invitation use this action after GuardDuty has been enabled in potential member accounts and before using Invite Members .

Parameters:

  • name (str) – An Idem name of the resource.

  • detector_id (str) – AWS Guardduty detector ID

  • account_id (str) – The member account ID.

  • email (str) – The email address of the member account.

  • resource_id (str, Optional) – An identifier refers to an existing resource. The format is <detector_id>:<account_id>

Request Syntax:
Returns:

Dict[str, Any]

Examples

resource_is_present:
  aws.guardduty.member.present:
    - name: 'create_members'
    - detector_id: "68c25425ab84ea0dcae26311eddacd34"
    - resource_id: "68c25425ab84ea0dcae26311eddacd34:496603212238"
    - account_id: "496603212238"
    - email: "xyz@vmware.com"
async idem_aws.states.aws.guardduty.member.absent(hub, ctx, name: str, detector_id: str = None, account_id: str = None, resource_id: str = None) Dict[str, Any][source]#

Delete member from AWS Guardduty.

Deletes GuardDuty member account specified by the account ID.

Parameters:

  • name (str) – An Idem name of the resource.

  • detector_id (str, Optional) – AWS Guardduty Detector id

  • account_id (str, Optional) – AWS Guardduty member account id

  • resource_id (str, Optional) – An identifier refers to an existing resource. The format is <detector_id>:<account_id>

Request Syntax:
Returns:

Dict[str, Any]

Examples

resource_is_absent:
  aws.guardduty.member.absent:
    - name: test_delete_members
    - detector_id: '68c25425ab84ea0dcae26311eddacd34'
    - account_id: '106828723025'
    - resource_id: '68c25425ab84ea0dcae26311eddacd34:106828723025'
async idem_aws.states.aws.guardduty.member.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describe the resource in a way that can be recreated/managed with the corresponding “present” function.

List details about all member accounts for the current GuardDuty administrator account. Describe returns detector_id, master_id, relationship_status, invited_at, updated_at, administrator_id as additional params not used in present input

Returns:

Dict[str, Dict[str, Any]]

Examples

$ idem describe aws.guardduty.member