AWS GuardDuty Organization ADMin Account
This page shows how to write Terraform and CloudFormation for GuardDuty Organization ADMin Account and write them securely.
aws_guardduty_organization_admin_account (Terraform)
The Organization ADMin Account in GuardDuty can be configured in Terraform with the resource name aws_guardduty_organization_admin_account
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_guardduty_organization_admin_account" "guardduty_organization_admin_account" {
# depends_on = [aws_organizations_organization.guardduty_detector]
admin_account_id = data.aws_caller_identity.current.account_id
}
resource "aws_guardduty_organization_configuration" "guardduty_organization_configuration" {
resource "aws_guardduty_organization_admin_account" "this" {
admin_account_id = var.admin_account_id
}
resource "aws_guardduty_organization_admin_account" "this" {
admin_account_id = var.guardduty_delegated_admin_account_id
}
resource "aws_guardduty_organization_admin_account" "root_delegates_to_audit" {
admin_account_id = var.audit_account_id
resource "aws_guardduty_organization_admin_account" "org_admin" {
count = length(var.admin_account_id) > 0 ? 1 : 0
#provider = aws.org_admin
admin_account_id = var.admin_account_id
depends_on = [
Parameters
-
admin_account_id
required - string -
id
optional computed - string
Explanation in Terraform Registry
Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in GuardDuty can be found in the GuardDuty User Guide.
AWS::GuardDuty::Master (CloudFormation)
The Master in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::Master
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
DetectorId
required - String -
MasterId
required - String -
InvitationId
optional - String
Explanation in CloudFormation Registry
You can use the
AWS::GuardDuty::Master
resource in a GuardDuty member account to accept an invitation from a GuardDuty administrator account. The invitation to the member account must be sent prior to using theAWS::GuardDuty::Master
resource to accept the administrator account's invitation. You can invite a member account by using theInviteMembers
operation of the Amazon GuardDuty API, or by creating anAWS::GuardDuty::Member
resource.
Frequently asked questions
What is AWS GuardDuty Organization ADMin Account?
AWS GuardDuty Organization ADMin Account is a resource for GuardDuty of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS GuardDuty Organization ADMin Account?
For Terraform, the cloudavail/snippets, niveklabs/aws and binbashar/terraform-aws-guardduty-multiaccount source code examples are useful. See the Terraform Example section for further details.