Top / Amazon Web Service / AWS GuardDuty / Member

AWS GuardDuty Member

This page shows how to write Terraform and CloudFormation for GuardDuty Member and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_guardduty_member (Terraform)

The Member in GuardDuty can be configured in Terraform with the resource name aws_guardduty_member. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

member.tf#L2
resource "aws_guardduty_member" "eu_west_3" {
  count              = length(var.accounts)
  account_id         = element(keys(var.accounts), count.index)
  detector_id        = aws_guardduty_detector.eu_west_3.id
  email              = var.accounts[element(keys(var.accounts), count.index)]
  invite             = true
guard_duty.tf#L11
resource "aws_guardduty_member" "root" {
  account_id  = "048191938814"
  detector_id = data.aws_guardduty_detector.audit_detector_enabled_by_delegation.id
  email       = "james.gumbley@cabinetoffice.gov.uk"
  invite      = false
}
guardduty.tf#L10
resource "aws_guardduty_member" "member" {
  count    = var.guardduty ? 1 : 0
  provider = aws.master

  account_id                 = aws_guardduty_detector.member[0].account_id
  detector_id                = try(var.guardduty_detector_id, aws_guardduty_detector.primary.id)
guardduty.tf#L7
resource "aws_guardduty_member" "member" {
  count = var.guardduty ? 1 : 0

  account_id                 = aws_guardduty_detector.member[0].account_id
  detector_id                = var.guardduty_detector_id
  email                      = var.email

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a resource to manage a GuardDuty member. To accept invitations in member accounts, see the aws_guardduty_invite_accepter resource.

>> from Terraform Registry

AWS::GuardDuty::Member (CloudFormation)

The Member in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::Member. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

You can use the AWS::GuardDuty::Member resource to add an AWS account as a GuardDuty member account to the current GuardDuty administrator account. If the value of the Status property is not provided or is set to Created, a member account is created but not invited. If the value of the Status property is set to Invited, a member account is created and invited. An AWS::GuardDuty::Member resource must be created with the Status property set to Invited before the AWS::GuardDuty::Master resource can be created in a GuardDuty member account.

>> from AWS CloudFormation Documentation

The Other Related AWS GuardDuty Resources

Frequently asked questions

What is AWS GuardDuty Member?

AWS GuardDuty Member is a resource for GuardDuty of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS GuardDuty Member?

For Terraform, the UKHomeOffice/acp-tf-GuardDuty-Masteraccount, tintulip/cla-organisation and DNXLabs/terraform-aws-security-baseline source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents