作者:白羊蓝色雨线 | 来源:互联网 | 2023-09-02 16:52
AWS has announced support for managing a new intelligent threat detection service called GuardDuty: https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-amazon-guardduty-intelligent-threat-detection/
Prerequisite: aws-sdk-go v1.12.36 (#2474)
Terraform Version
1
2
| terraform 0.10+
terraform-provider-aws 1.5.0 |
Affected Resource(s)
These are new resources.
1
| aws_guardduty_invite_accepter |
(similar to
1
| aws_vpc_peering_connection_accepter |
)
1
| aws_guardduty_threatintelset |
Expected Behavior
Create, update, delete, and import GuardDuty resources. e.g.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
| hcl
# Enable GuardDuty
resource "aws_guardduty_detector" "master" {
enable = true
}
# Manage IPSets/ThreatIntelSets
resource "aws_s3_bucket" "bucket" {
acl = "private"
}
resource "aws_s3_bucket_object" "MyIPSet" {
acl = "public-read"
content = "10.0.0.0/8\n"
bucket = "${aws_s3_bucket.bucket.id}"
key = "MyIPSet"
}
resource "aws_s3_bucket_object" "MyThreatIntelSet" {
acl = "public-read"
content = "192.168.1.1/32\n"
bucket = "${aws_s3_bucket.bucket.id}"
key = "MyThreatIntelSet"
}
resource "aws_guardduty_ipset" "MyIPSet" {
activate = true
detector_id = "${aws_guardduty_detector.master.id}"
format = "TXT"
location = "https://s3.amazonaws.com/${aws_s3_bucket_object.MyIPSet.bucket}/${aws_s3_bucket_object.MyIPSet.key}"
name = "MyIPSet"
}
resource "aws_guardduty_threatintelset" "MyThreatIntelSet" {
activate = true
detector_id = "${aws_guardduty_detector.master.id}"
format = "TXT"
location = "https://s3.amazonaws.com/${aws_s3_bucket_object.MyThreatIntelSet.bucket}/${aws_s3_bucket_object.MyThreatIntelSet.key}"
name = "MyThreatIntelSet"
}
# Monitor GuardDuty in another account
resource "aws_guardduty_detector" "member" {
provider = "aws.member_account"
enable = true
}
resource "aws_guardduty_member" "member" {
account_id = "${aws_guardduty_detector.member.account_id}"
detector_id = "${aws_guardduty_detector.master.id}"
email = "required.com"
}
resource "aws_guardduty_invite" "master_to_member" {
account_id = "${aws_guardduty_member.member.account_id}"
detector_id = "${aws_guardduty_member.member.detector_id}"
message = "optional"
}
resource "aws_guardduty_invite_accepter" "member_from_master" {
provider = "aws.member_account"
detector_id = "${aws_guardduty_detector.member.id}"
invite_id = "${aws_guardduty_invite.master_to_member.id}"
master_id = "${aws_guardduty_detector.master.account_id}"
} |
References
https://docs.aws.amazon.com/guardduty/latest/ug/
http://docs.aws.amazon.com/sdk-for-go/api/service/guardduty/
该提问来源于开源项目:hashicorp/terraform-provider-aws
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
京公网安备 11010802041100号