AWS GuardDuty Threatintelset

undefined (Terraform)

The Threatintelset in GuardDuty can be configured in Terraform with the resource name undefined. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

The following arguments are supported:

• activate - (Required) Specifies whether GuardDuty is to start using the uploaded ThreatIntelSet.
• detector_id - (Required) The detector ID of the GuardDuty.
• format - (Required) The format of the file that contains the ThreatIntelSet. Valid values: TXT | STIX | OTX_CSV | ALIEN_VAULT | PROOF_POINT | FIRE_EYE
• location - (Required) The URI of the file that contains the ThreatIntelSet.
• name - (Required) The friendly name to identify the ThreatIntelSet.
• tags - (Optional) Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

In addition to all arguments above, the following attributes are exported:

• arn - Amazon Resource Name (ARN) of the GuardDuty ThreatIntelSet.
• id - The ID of the GuardDuty ThreatIntelSet and the detector ID. Format: <DetectorID>:<ThreatIntelSetID>
• tags_all - A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Explanation in Terraform Registry

Provides a resource to manage a GuardDuty ThreatIntelSet.

Note: Currently in GuardDuty, users from member accounts cannot upload and further manage ThreatIntelSets. ThreatIntelSets that are uploaded by the primary account are imposed on GuardDuty functionality in its member accounts. See the GuardDuty API Documentation