organization_configuration#

State module for managing Organization Configuration.

async idem_aws.states.aws.guardduty.organization_configuration.present(hub, ctx, name: str, auto_enable: bool, resource_id: str = None, data_sources: ~types.Describes which data sources will be enabled for the detector.DataSourceConfiguration = None) Dict[str, Any][source]#

Updates the delegated administrator account with the values provided.

Parameters:
  • name (str) – An Idem name of the resource.

  • auto_enable (bool) – Indicates whether to automatically enable member accounts in the organization.

  • resource_id (str, Optional) – The ID of the detector to update the delegated administrator for.

  • data_sources (dict, Optional) –

    Describes which data sources will be updated.

    • S3Logs (dict, Optional):

      Describes whether S3 data event logs are enabled as a data source.

      • Enable (bool): The status of S3 data event logs as a data source.

    • Kubernetes (dict, Optional):

      Describes whether any Kubernetes logs are enabled as data sources.

      • AuditLogs (dict):

        The status of Kubernetes audit logs as a data source.

        • Enable (bool):

          The status of Kubernetes audit logs as a data source.

    • MalwareProtection (dict, Optional):

      Describes whether Malware Protection is enabled as a data source.

      • ScanEc2InstanceWithFindings (dict, Optional):

        Describes the configuration of Malware Protection for EC2 instances with findings.

        EbsVolumes (bool, Optional):

        Describes the configuration for scanning EBS volumes as data source.

Request Syntax:

Using in a state:

aws.guardduty.organization_configuration.present:
   - name: 'string'
   - resource_id: 'string'
   - auto_enable: True|False
   - data_sources:
       S3Logs:
           Enable: True|False
       Kubernetes:
           AuditLogs:
               Enable: True|False
       MalwareProtection:
           ScanEc2InstanceWithFindings:
               EbsVolumes: True|False
Returns:

Dict[str, Any]

Examples

resource_is_present:
  aws.guardduty.organization_configuration.present:
    - name: 6ec3816a325af96978c683c9c81fdf0a
    - resource_id: 6ec3816a325af96978c683c9c81fdf0a
    - auto_enable: false
    - data_sources:
        Kubernetes:
            AuditLogs:
                AutoEnable: false
        MalwareProtection:
            ScanEc2InstanceWithFindings:
                EbsVolumes:
                    AutoEnable: false
        S3Logs:
            AutoEnable: false
async idem_aws.states.aws.guardduty.organization_configuration.absent(hub, ctx, name: str) Dict[str, Any][source]#

A No-Op function for aws.guardduty.organization_configuration.

This is a configuration resource of the aws.guardduty.organization_configuration resource. It’s not possible to delete aws.guardduty.organization_configuration. If you want to modify the aws.guardduty.organization_configuration resource, use the aws.guardduty.organization_configuration.present.

Parameters:

name – An Idem name of the resource.

Request Syntax:
[guardduty.organization_configuration_id]:
  aws.guardduty.organization_configuration.absent:
    - name: "string"
Returns:

Dict[str, Any]

async idem_aws.states.aws.guardduty.organization_configuration.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describe the resource in a way that can be recreated/managed with the corresponding “present” function.

Returns:

Dict[str, Dict[str, Any]]

Examples

Calling from the CLI:

$ idem describe aws.guardduty.organization_configuration