Learn Idem

Learn Idem

Powered by Idem Project

aws.guardduty.detector

**Autogenerated function**

Deletes an Amazon GuardDuty detector that is specified by the detector ID.
Args:
    resource_id(Text): The AWS ID of the detector.
    name(Text): A Idem name of the detector.

Examples:

    .. code-block:: sls

        cebf7ced6562d943d61f76a915e32563:
          aws.guardduty.detector.absent:
            - name: value
**Autogenerated function**

Describe the resource in a way that can be recreated/managed with the corresponding "present" function

Lists detectorIds of all the existing Amazon GuardDuty detector resources.
Retrieves an Amazon GuardDuty detector specified by the detectorId.


Returns:
    Dict[str, Any]

Examples:

    .. code-block:: bash

        $ idem describe aws.guardduty.detector
**Autogenerated function**

Creates a single Amazon GuardDuty detector.
A detector is a resource that represents the GuardDuty service.
To start using GuardDuty, you must create a detector in each Region where you enable the service.
You can have only one detector per account per Region.
All data sources are enabled in a new detector by default.

Args:
    name(Text): An Idem name of the resource.
    resource_id(Text): AWS DETECTOR id to identify the resource
    enable(bool, Default: True): A Boolean value that specifies whether the detector is to be enabled.
    client_token(Text, Optional): The idempotency token for the create request.
                                 This field is auto_populated if not provided.
    finding_publishing_frequency(Text, Optional): A value that specifies how frequently updated findings are exported.
    data_sources(Dict[str, Any], optional): Describes which data sources will be enabled for the detector. Defaults to None.
        * S3Logs (Dict[str, Any], optional): Describes whether S3 data event logs are enabled as a data source.
            * Enable (bool):  The status of S3 data event logs as a data source.
        * Kubernetes (Dict[str, Any], optional): Describes whether any Kubernetes logs are enabled as data sources.
            * AuditLogs (Dict[str, Any]): The status of Kubernetes audit logs as a data source.
                * Enable (bool): The status of Kubernetes audit logs as a data source.
    tags(Dict[str, str], optional): The tags to be added to a new detector resource. Defaults to None.

Request Syntax:
    [detector-resource-id]:
      aws.guaardduty.detector.present:
      - enable: True
      - client_token: 'string'
      - finding_publishing_frequency: 'string'
      - data_sources: dict
      - tags:
        - string: 'string'

Returns:
    Dict[str, Any]

Examples:

    .. code-block:: sls

        cebf7ced6562d943d61f76a915e32563:
            aws.guardduty.detector.present:
                - enable: True
                - finding_publishing_frequency: ONE_HOUR
                - data_sources:
                    S3Logs:
                        Enable: true
                - tags:
                    detector: my_detector

Full plugin documentation is available on the Idem documentation site - aws.guardduty.detector .

Last updated on 20 Sep 2022
 Edit on GitHub