AWS GuardDuty IPSet
This page shows how to write Terraform and CloudFormation for GuardDuty IPSet and write them securely.
undefined (Terraform)
The IPSet in GuardDuty can be configured in Terraform with the resource name undefined
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are supported:
activate
- (Required) Specifies whether GuardDuty is to start using the uploaded IPSet.detector_id
- (Required) The detector ID of the GuardDuty.format
- (Required) The format of the file that contains the IPSet. Valid values:TXT
|STIX
|OTX_CSV
|ALIEN_VAULT
|PROOF_POINT
|FIRE_EYE
location
- (Required) The URI of the file that contains the IPSet.name
- (Required) The friendly name to identify the IPSet.tags
- (Optional) Key-value map of resource tags. If configured with a providerdefault_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.
In addition to all arguments above, the following attributes are exported:
arn
- Amazon Resource Name (ARN) of the GuardDuty IPSet.id
- The ID of the GuardDuty IPSet.tags_all
- A map of tags assigned to the resource, including those inherited from the providerdefault_tags
configuration block.
Explanation in Terraform Registry
Provides a resource to manage a GuardDuty IPSet.
Note: Currently in GuardDuty, users from member accounts cannot upload and further manage IPSets. IPSets that are uploaded by the primary account are imposed on GuardDuty functionality in its member accounts. See the GuardDuty API Documentation
AWS::GuardDuty::IPSet (CloudFormation)
The IPSet in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::IPSet
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
Format
required - String -
Activate
required - Boolean -
DetectorId
required - String -
Name
optional - String -
Location
required - String
Explanation in CloudFormation Registry
The
AWS::GuardDuty::IPSet
resource specifies a newIPSet
. AnIPSet
is a list of trusted IP addresses from which secure communication is allowed with AWS infrastructure and applications.