/AWS1/IF_GDY=>CREATETHREATENTITYSET()¶
About CreateThreatEntitySet¶
Creates a new threat entity set. In a threat entity set, you can provide known malicious IP addresses and domains for your Amazon Web Services environment. GuardDuty generates findings based on the entries in the threat entity sets. Only users of the administrator account can manage entity sets, which automatically apply to member accounts.
Method Signature¶
METHODS /AWS1/IF_GDY~CREATETHREATENTITYSET
IMPORTING
!IV_DETECTORID TYPE /AWS1/GDYDETECTORID OPTIONAL
!IV_NAME TYPE /AWS1/GDYNAME OPTIONAL
!IV_FORMAT TYPE /AWS1/GDYTHREATENTITYSETFORMAT OPTIONAL
!IV_LOCATION TYPE /AWS1/GDYLOCATION OPTIONAL
!IV_EXPECTEDBUCKETOWNER TYPE /AWS1/GDYEXPECTEDBUCKETOWNER OPTIONAL
!IV_ACTIVATE TYPE /AWS1/GDYBOOLEAN OPTIONAL
!IV_CLIENTTOKEN TYPE /AWS1/GDYCLIENTTOKEN OPTIONAL
!IT_TAGS TYPE /AWS1/CL_GDYTAGMAP_W=>TT_TAGMAP OPTIONAL
RETURNING
VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_gdycrethreatentsetrsp
RAISING
/AWS1/CX_GDYBADREQUESTEX
/AWS1/CX_GDYINTERNALSERVERER00
/AWS1/CX_GDYCLIENTEXC
/AWS1/CX_GDYSERVEREXC
/AWS1/CX_RT_TECHNICAL_GENERIC
/AWS1/CX_RT_SERVICE_GENERIC.
IMPORTING¶
Required arguments:¶
iv_detectorid TYPE /AWS1/GDYDETECTORID /AWS1/GDYDETECTORID¶
The unique ID of the detector of the GuardDuty account for which you want to create a threat entity set.
To find the
detectorIdin the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.
iv_name TYPE /AWS1/GDYNAME /AWS1/GDYNAME¶
A user-friendly name to identify the threat entity set.
The name of your list can include lowercase letters, uppercase letters, numbers, dash (-), and underscore (_).
iv_format TYPE /AWS1/GDYTHREATENTITYSETFORMAT /AWS1/GDYTHREATENTITYSETFORMAT¶
The format of the file that contains the threat entity set.
iv_location TYPE /AWS1/GDYLOCATION /AWS1/GDYLOCATION¶
The URI of the file that contains the threat entity set. The format of the
LocationURL must be a valid Amazon S3 URL format. Invalid URL formats will result in an error, regardless of whether you activate the entity set or not. For more information about format of the location URLs, see Format of location URL under Step 2: Adding trusted or threat intelligence data in the Amazon GuardDuty User Guide.
iv_activate TYPE /AWS1/GDYBOOLEAN /AWS1/GDYBOOLEAN¶
A boolean value that indicates whether GuardDuty should start using the uploaded threat entity set to generate findings.
Optional arguments:¶
iv_expectedbucketowner TYPE /AWS1/GDYEXPECTEDBUCKETOWNER /AWS1/GDYEXPECTEDBUCKETOWNER¶
The Amazon Web Services account ID that owns the Amazon S3 bucket specified in the location parameter.
iv_clienttoken TYPE /AWS1/GDYCLIENTTOKEN /AWS1/GDYCLIENTTOKEN¶
The idempotency token for the create request.
it_tags TYPE /AWS1/CL_GDYTAGMAP_W=>TT_TAGMAP TT_TAGMAP¶
The tags to be added to a new threat entity set resource.
RETURNING¶
oo_output TYPE REF TO /aws1/cl_gdycrethreatentsetrsp /AWS1/CL_GDYCRETHREATENTSETRSP¶
Domain /AWS1/RT_ACCOUNT_ID Primitive Type NUMC
Examples¶
Syntax Example¶
This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.
DATA(lo_result) = lo_client->createthreatentityset(
it_tags = VALUE /aws1/cl_gdytagmap_w=>tt_tagmap(
(
VALUE /aws1/cl_gdytagmap_w=>ts_tagmap_maprow(
key = |string|
value = new /aws1/cl_gdytagmap_w( |string| )
)
)
)
iv_activate = ABAP_TRUE
iv_clienttoken = |string|
iv_detectorid = |string|
iv_expectedbucketowner = |string|
iv_format = |string|
iv_location = |string|
iv_name = |string|
).
This is an example of reading all possible response values
lo_result = lo_result.
IF lo_result IS NOT INITIAL.
lv_string = lo_result->get_threatentitysetid( ).
ENDIF.