UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi.io

pulumi/pulumi-aws

115 lines 5.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.MemberDetectorFeature = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Provides a resource to manage a single Amazon GuardDuty [detector feature](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-features-activation-model.html#guardduty-features) for a member account. * * > **NOTE:** Deleting this resource does not disable the detector feature in the member account, the resource in simply removed from state instead. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.guardduty.Detector("example", {enable: true}); * const runtimeMonitoring = new aws.guardduty.MemberDetectorFeature("runtime_monitoring", { * detectorId: example.id, * accountId: "123456789012", * name: "S3_DATA_EVENTS", * status: "ENABLED", * }); * ``` * * ## Extended Threat Detection for EKS * * To enable GuardDuty [Extended Threat Detection](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html) for EKS, you need at least one of these features enabled: [EKS Protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html) or [Runtime Monitoring](https://docs.aws.amazon.com/guardduty/latest/ug/runtime-monitoring-configuration.html). For maximum detection coverage, enabling both is recommended to enhance detection capabilities. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.guardduty.Detector("example", {enable: true}); * const eksProtection = new aws.guardduty.DetectorFeature("eks_protection", { * detectorId: example.id, * accountId: "123456789012", * name: "EKS_AUDIT_LOGS", * status: "ENABLED", * }); * const eksRuntimeMonitoring = new aws.guardduty.DetectorFeature("eks_runtime_monitoring", { * detectorId: example.id, * accountId: "123456789012", * name: "EKS_RUNTIME_MONITORING", * status: "ENABLED", * additionalConfigurations: [{ * name: "EKS_ADDON_MANAGEMENT", * status: "ENABLED", * }], * }); * ``` */ class MemberDetectorFeature extends pulumi.CustomResource { /** * Get an existing MemberDetectorFeature resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new MemberDetectorFeature(name, state, { ...opts, id: id }); } /** * Returns true if the given object is an instance of MemberDetectorFeature. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === MemberDetectorFeature.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["accountId"] = state?.accountId; resourceInputs["additionalConfigurations"] = state?.additionalConfigurations; resourceInputs["detectorId"] = state?.detectorId; resourceInputs["name"] = state?.name; resourceInputs["region"] = state?.region; resourceInputs["status"] = state?.status; } else { const args = argsOrState; if (args?.accountId === undefined && !opts.urn) { throw new Error("Missing required property 'accountId'"); } if (args?.detectorId === undefined && !opts.urn) { throw new Error("Missing required property 'detectorId'"); } if (args?.status === undefined && !opts.urn) { throw new Error("Missing required property 'status'"); } resourceInputs["accountId"] = args?.accountId; resourceInputs["additionalConfigurations"] = args?.additionalConfigurations; resourceInputs["detectorId"] = args?.detectorId; resourceInputs["name"] = args?.name; resourceInputs["region"] = args?.region; resourceInputs["status"] = args?.status; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(MemberDetectorFeature.__pulumiType, name, resourceInputs, opts); } } exports.MemberDetectorFeature = MemberDetectorFeature; /** @internal */ MemberDetectorFeature.__pulumiType = 'aws:guardduty/memberDetectorFeature:MemberDetectorFeature'; //# sourceMappingURL=memberDetectorFeature.js.map