AWS GuardDuty Filter
This page shows how to write Terraform and CloudFormation for GuardDuty Filter and write them securely.
aws_guardduty_filter (Terraform)
The Filter in GuardDuty can be configured in Terraform with the resource name aws_guardduty_filter
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_guardduty_filter" "suppress_low_level_findings" {
name = "SuppressAllLowLevelFindings"
action = "ARCHIVE" # When you set suppression rules, use 'ARCHIVE'
detector_id = aws_guardduty_detector.sample.id
rank = 2
resource "aws_guardduty_filter" "admin" {
count = length(local.filters)
detector_id = aws_guardduty_detector.admin.id
name = local.filters[count.index].name
action = "ARCHIVE"
rank = count.index + 1
Parameters
-
action
required - string -
arn
optional computed - string -
description
optional - string -
detector_id
required - string -
id
optional computed - string -
name
required - string -
rank
required - number -
tags
optional - map from string to string -
finding_criteria
list block-
criterion
set block-
equals
optional - list of string -
field
required - string -
greater_than
optional - string -
greater_than_or_equal
optional - string -
less_than
optional - string -
less_than_or_equal
optional - string -
not_equals
optional - list of string
-
-
Explanation in Terraform Registry
Provides a resource to manage a GuardDuty filter.
AWS::GuardDuty::Filter (CloudFormation)
The Filter in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::Filter
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
Action
required - String -
Description
required - String -
DetectorId
required - String -
FindingCriteria
required - FindingCriteria -
Rank
required - Integer -
Name
required - String
Explanation in CloudFormation Registry
The
AWS::GuardDuty::Filter
resource specifies a new filter defined by the providedfindingCriteria
.
Frequently asked questions
What is AWS GuardDuty Filter?
AWS GuardDuty Filter is a resource for GuardDuty of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS GuardDuty Filter?
For Terraform, the Jimon-s/terraform-example-guardduty and asannou/terraform-aws-guardduty-organization source code examples are useful. See the Terraform Example section for further details.