CfnThreatIntelSetProps
- class aws_cdk.aws_guardduty.CfnThreatIntelSetProps(*, format, location, activate=None, detector_id=None, expected_bucket_owner=None, name=None, tags=None)
Bases:
objectProperties for defining a
CfnThreatIntelSet.- Parameters:
format (
str) – The format of the file that contains theThreatIntelSet. For information about supported formats, see List formats in the Amazon GuardDuty User Guide .location (
str) – The URI of the file that contains the ThreatIntelSet.activate (
Union[bool,IResolvable,None]) – A boolean value that determines if GuardDuty can start using this list for custom threat detection. For GuardDuty to be able to generate findings based on an activity associated with these entries, this list must be active.detector_id (
Optional[str]) – The unique ID of the detector of the GuardDuty account for which you want to create athreatIntelSet. To find thedetectorIdin the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.expected_bucket_owner (
Optional[str]) – The AWS account ID that owns the Amazon S3 bucket specified in the Location field. When you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don’t specify an account ID owner, GuardDuty doesn’t perform any validation.name (
Optional[str]) – The user-friendly name to identify the ThreatIntelSet. The name of your list must be unique within an AWS account and Region. Valid characters are alphanumeric, whitespace, dash (-), and underscores (_).tags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]]) – The tags to be added to a new threat entity set resource. Each tag consists of a key and an optional value, both of which you define. For more information, see Tag .
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_guardduty as guardduty cfn_threat_intel_set_props = guardduty.CfnThreatIntelSetProps( format="format", location="location", # the properties below are optional activate=False, detector_id="detectorId", expected_bucket_owner="expectedBucketOwner", name="name", tags=[CfnTag( key="key", value="value" )] )
Attributes
- activate
A boolean value that determines if GuardDuty can start using this list for custom threat detection.
For GuardDuty to be able to generate findings based on an activity associated with these entries, this list must be active.
- detector_id
The unique ID of the detector of the GuardDuty account for which you want to create a
threatIntelSet.To find the
detectorIdin the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.
- expected_bucket_owner
The AWS account ID that owns the Amazon S3 bucket specified in the Location field.
When you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don’t specify an account ID owner, GuardDuty doesn’t perform any validation.
- format
The format of the file that contains the
ThreatIntelSet.For information about supported formats, see List formats in the Amazon GuardDuty User Guide .
- location
The URI of the file that contains the ThreatIntelSet.
- name
The user-friendly name to identify the ThreatIntelSet.
The name of your list must be unique within an AWS account and Region. Valid characters are alphanumeric, whitespace, dash (-), and underscores (_).