aws-cdk-lib

import * as cdk from "../../core/lib"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; import { DetectorReference, FilterReference, IDetectorRef, IFilterRef, IIPSetRef, IMalwareProtectionPlanRef, IMasterRef, IMemberRef, IPSetReference, IPublishingDestinationRef, IThreatEntitySetRef, IThreatIntelSetRef, ITrustedEntitySetRef, MalwareProtectionPlanReference, MasterReference, MemberReference, PublishingDestinationReference, ThreatEntitySetReference, ThreatIntelSetReference, TrustedEntitySetReference } from "../../interfaces/generated/aws-guardduty-interfaces.generated"; /** * The `AWS::GuardDuty::Detector` resource specifies a new GuardDuty detector. * * A detector is an object that represents the GuardDuty service. A detector is required for GuardDuty to become operational. * * Make sure you use either `DataSources` or `Features` in a one request, and not both. * * @cloudformationResource AWS::GuardDuty::Detector * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html */ export declare class CfnDetector extends cdk.CfnResource implements cdk.IInspectable, IDetectorRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnDetector from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnDetector; /** * Checks whether the given object is a CfnDetector */ static isCfnDetector(x: any): x is CfnDetector; /** * Creates a new IDetectorRef from a detectorId */ static fromDetectorId(scope: constructs.Construct, id: string, detectorId: string): IDetectorRef; static arnForDetector(resource: IDetectorRef): string; /** * Describes which data sources will be enabled for the detector. */ private _dataSources?; /** * Specifies whether the detector is to be enabled on creation. */ private _enable; /** * A list of features that will be configured for the detector. */ private _features?; /** * Specifies how frequently updated findings are exported. */ private _findingPublishingFrequency?; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * Specifies tags added to a new detector resource. */ private _tagsRaw?; protected readonly cfnPropertyNames: Record<string, string>; /** * Create a new `AWS::GuardDuty::Detector`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnDetectorProps); get detectorRef(): DetectorReference; /** * Describes which data sources will be enabled for the detector. */ get dataSources(): CfnDetector.CFNDataSourceConfigurationsProperty | cdk.IResolvable | undefined; /** * Describes which data sources will be enabled for the detector. */ set dataSources(value: CfnDetector.CFNDataSourceConfigurationsProperty | cdk.IResolvable | undefined); /** * Specifies whether the detector is to be enabled on creation. */ get enable(): boolean | cdk.IResolvable; /** * Specifies whether the detector is to be enabled on creation. */ set enable(value: boolean | cdk.IResolvable); /** * A list of features that will be configured for the detector. */ get features(): Array<CfnDetector.CFNFeatureConfigurationProperty | cdk.IResolvable> | cdk.IResolvable | undefined; /** * A list of features that will be configured for the detector. */ set features(value: Array<CfnDetector.CFNFeatureConfigurationProperty | cdk.IResolvable> | cdk.IResolvable | undefined); /** * Specifies how frequently updated findings are exported. */ get findingPublishingFrequency(): string | undefined; /** * Specifies how frequently updated findings are exported. */ set findingPublishingFrequency(value: string | undefined); /** * Specifies tags added to a new detector resource. */ get tagsRaw(): Array<CfnDetector.TagItemProperty> | undefined; /** * Specifies tags added to a new detector resource. */ set tagsRaw(value: Array<CfnDetector.TagItemProperty> | undefined); /** * The unique ID of the detector. * * @cloudformationAttribute Id */ get attrId(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnDetector { /** * Describes whether S3 data event logs, Kubernetes audit logs, or Malware Protection will be enabled as a data source when the detector is created. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html */ interface CFNDataSourceConfigurationsProperty { /** * Describes which Kubernetes data sources are enabled for a detector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-kubernetes */ readonly kubernetes?: CfnDetector.CFNKubernetesConfigurationProperty | cdk.IResolvable; /** * Describes whether Malware Protection will be enabled as a data source. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-malwareprotection */ readonly malwareProtection?: CfnDetector.CFNMalwareProtectionConfigurationProperty | cdk.IResolvable; /** * Describes whether S3 data event logs are enabled as a data source. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfndatasourceconfigurations.html#cfn-guardduty-detector-cfndatasourceconfigurations-s3logs */ readonly s3Logs?: CfnDetector.CFNS3LogsConfigurationProperty | cdk.IResolvable; } /** * Describes whether Malware Protection will be enabled as a data source. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnmalwareprotectionconfiguration.html */ interface CFNMalwareProtectionConfigurationProperty { /** * Describes the configuration of Malware Protection for EC2 instances with findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnmalwareprotectionconfiguration.html#cfn-guardduty-detector-cfnmalwareprotectionconfiguration-scanec2instancewithfindings */ readonly scanEc2InstanceWithFindings?: CfnDetector.CFNScanEc2InstanceWithFindingsConfigurationProperty | cdk.IResolvable; } /** * Describes whether Malware Protection for EC2 instances with findings will be enabled as a data source. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnscanec2instancewithfindingsconfiguration.html */ interface CFNScanEc2InstanceWithFindingsConfigurationProperty { /** * Describes the configuration for scanning EBS volumes as data source. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnscanec2instancewithfindingsconfiguration.html#cfn-guardduty-detector-cfnscanec2instancewithfindingsconfiguration-ebsvolumes */ readonly ebsVolumes?: boolean | cdk.IResolvable; } /** * Describes whether S3 data event logs will be enabled as a data source when the detector is created. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfns3logsconfiguration.html */ interface CFNS3LogsConfigurationProperty { /** * The status of S3 data event logs as a data source. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfns3logsconfiguration.html#cfn-guardduty-detector-cfns3logsconfiguration-enable */ readonly enable: boolean | cdk.IResolvable; } /** * Describes which Kubernetes protection data sources are enabled for the detector. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesconfiguration.html */ interface CFNKubernetesConfigurationProperty { /** * Describes whether Kubernetes audit logs are enabled as a data source for the detector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesconfiguration.html#cfn-guardduty-detector-cfnkubernetesconfiguration-auditlogs */ readonly auditLogs: CfnDetector.CFNKubernetesAuditLogsConfigurationProperty | cdk.IResolvable; } /** * Describes which optional data sources are enabled for a detector. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesauditlogsconfiguration.html */ interface CFNKubernetesAuditLogsConfigurationProperty { /** * Describes whether Kubernetes audit logs are enabled as a data source for the detector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnkubernetesauditlogsconfiguration.html#cfn-guardduty-detector-cfnkubernetesauditlogsconfiguration-enable */ readonly enable: boolean | cdk.IResolvable; } /** * Information about the configuration of a feature in your account. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html */ interface CFNFeatureConfigurationProperty { /** * Information about the additional configuration of a feature in your account. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-additionalconfiguration */ readonly additionalConfiguration?: Array<CfnDetector.CFNFeatureAdditionalConfigurationProperty | cdk.IResolvable> | cdk.IResolvable; /** * Name of the feature. * * For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-name */ readonly name: string; /** * Status of the feature configuration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureconfiguration.html#cfn-guardduty-detector-cfnfeatureconfiguration-status */ readonly status: string; } /** * Information about the additional configuration of a feature in your account. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureadditionalconfiguration.html */ interface CFNFeatureAdditionalConfigurationProperty { /** * Name of the additional configuration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureadditionalconfiguration.html#cfn-guardduty-detector-cfnfeatureadditionalconfiguration-name */ readonly name?: string; /** * Status of the additional configuration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-cfnfeatureadditionalconfiguration.html#cfn-guardduty-detector-cfnfeatureadditionalconfiguration-status */ readonly status?: string; } /** * Describes a tag. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-tagitem.html */ interface TagItemProperty { /** * The tag key. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-tagitem.html#cfn-guardduty-detector-tagitem-key */ readonly key: string; /** * The tag value. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-detector-tagitem.html#cfn-guardduty-detector-tagitem-value */ readonly value: string; } } /** * Properties for defining a `CfnDetector` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html */ export interface CfnDetectorProps { /** * Describes which data sources will be enabled for the detector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-datasources */ readonly dataSources?: CfnDetector.CFNDataSourceConfigurationsProperty | cdk.IResolvable; /** * Specifies whether the detector is to be enabled on creation. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-enable */ readonly enable: boolean | cdk.IResolvable; /** * A list of features that will be configured for the detector. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-features */ readonly features?: Array<CfnDetector.CFNFeatureConfigurationProperty | cdk.IResolvable> | cdk.IResolvable; /** * Specifies how frequently updated findings are exported. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-findingpublishingfrequency */ readonly findingPublishingFrequency?: string; /** * Specifies tags added to a new detector resource. * * Each tag consists of a key and an optional value, both of which you define. * * Currently, support is available only for creating and deleting a tag. No support exists for updating the tags. * * For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html#cfn-guardduty-detector-tags */ readonly tags?: Array<CfnDetector.TagItemProperty>; } /** * The `AWS::GuardDuty::Filter` resource specifies a new filter defined by the provided `findingCriteria` . * * @cloudformationResource AWS::GuardDuty::Filter * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html */ export declare class CfnFilter extends cdk.CfnResource implements cdk.IInspectable, IFilterRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnFilter from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnFilter; /** * Checks whether the given object is a CfnFilter */ static isCfnFilter(x: any): x is CfnFilter; /** * Specifies the action that is to be applied to the findings that match the filter. */ private _action?; /** * The description of the filter. */ private _description?; /** * The detector ID associated with the GuardDuty account for which you want to create a filter. */ private _detectorId; /** * Represents the criteria to be used in the filter for querying findings. */ private _findingCriteria; /** * The name of the filter. */ private _name; /** * Specifies the position of the filter in the list of current filters. */ private _rank?; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * The tags to be added to a new filter resource. */ private _tagsRaw?; protected readonly cfnPropertyNames: Record<string, string>; /** * Create a new `AWS::GuardDuty::Filter`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnFilterProps); get filterRef(): FilterReference; /** * Specifies the action that is to be applied to the findings that match the filter. */ get action(): string | undefined; /** * Specifies the action that is to be applied to the findings that match the filter. */ set action(value: string | undefined); /** * The description of the filter. */ get description(): string | undefined; /** * The description of the filter. */ set description(value: string | undefined); /** * The detector ID associated with the GuardDuty account for which you want to create a filter. */ get detectorId(): string; /** * The detector ID associated with the GuardDuty account for which you want to create a filter. */ set detectorId(value: string); /** * Represents the criteria to be used in the filter for querying findings. */ get findingCriteria(): CfnFilter.FindingCriteriaProperty | cdk.IResolvable; /** * Represents the criteria to be used in the filter for querying findings. */ set findingCriteria(value: CfnFilter.FindingCriteriaProperty | cdk.IResolvable); /** * The name of the filter. */ get name(): string; /** * The name of the filter. */ set name(value: string); /** * Specifies the position of the filter in the list of current filters. */ get rank(): number | undefined; /** * Specifies the position of the filter in the list of current filters. */ set rank(value: number | undefined); /** * The tags to be added to a new filter resource. */ get tagsRaw(): Array<cdk.CfnTag> | undefined; /** * The tags to be added to a new filter resource. */ set tagsRaw(value: Array<cdk.CfnTag> | undefined); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnFilter { /** * Represents a map of finding properties that match specified conditions and values when querying findings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-findingcriteria.html */ interface FindingCriteriaProperty { /** * Represents a map of finding properties that match specified conditions and values when querying findings. * * For information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion: * * - accountId * - id * - region * - severity * * To filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition: * * - *Low* : `["1", "2", "3"]` * - *Medium* : `["4", "5", "6"]` * - *High* : `["7", "8", "9"]` * * For more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* . * - type * - updatedAt * * Type: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds. * - resource.accessKeyDetails.accessKeyId * - resource.accessKeyDetails.principalId * - resource.accessKeyDetails.userName * - resource.accessKeyDetails.userType * - resource.instanceDetails.iamInstanceProfile.id * - resource.instanceDetails.imageId * - resource.instanceDetails.instanceId * - resource.instanceDetails.tags.key * - resource.instanceDetails.tags.value * - resource.instanceDetails.networkInterfaces.ipv6Addresses * - resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress * - resource.instanceDetails.networkInterfaces.publicDnsName * - resource.instanceDetails.networkInterfaces.publicIp * - resource.instanceDetails.networkInterfaces.securityGroups.groupId * - resource.instanceDetails.networkInterfaces.securityGroups.groupName * - resource.instanceDetails.networkInterfaces.subnetId * - resource.instanceDetails.networkInterfaces.vpcId * - resource.instanceDetails.outpostArn * - resource.resourceType * - resource.s3BucketDetails.publicAccess.effectivePermissions * - resource.s3BucketDetails.name * - resource.s3BucketDetails.tags.key * - resource.s3BucketDetails.tags.value * - resource.s3BucketDetails.type * - service.action.actionType * - service.action.awsApiCallAction.api * - service.action.awsApiCallAction.callerType * - service.action.awsApiCallAction.errorCode * - service.action.awsApiCallAction.remoteIpDetails.city.cityName * - service.action.awsApiCallAction.remoteIpDetails.country.countryName * - service.action.awsApiCallAction.remoteIpDetails.ipAddressV4 * - service.action.awsApiCallAction.remoteIpDetails.ipAddressV6 * - service.action.awsApiCallAction.remoteIpDetails.organization.asn * - service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg * - service.action.awsApiCallAction.serviceName * - service.action.dnsRequestAction.domain * - service.action.dnsRequestAction.domainWithSuffix * - service.action.networkConnectionAction.blocked * - service.action.networkConnectionAction.connectionDirection * - service.action.networkConnectionAction.localPortDetails.port * - service.action.networkConnectionAction.protocol * - service.action.networkConnectionAction.remoteIpDetails.city.cityName * - service.action.networkConnectionAction.remoteIpDetails.country.countryName * - service.action.networkConnectionAction.remoteIpDetails.ipAddressV4 * - service.action.networkConnectionAction.remoteIpDetails.ipAddressV6 * - service.action.networkConnectionAction.remoteIpDetails.organization.asn * - service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg * - service.action.networkConnectionAction.remotePortDetails.port * - service.action.awsApiCallAction.remoteAccountDetails.affiliated * - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4 * - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6 * - service.action.kubernetesApiCallAction.namespace * - service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn * - service.action.kubernetesApiCallAction.requestUri * - service.action.kubernetesApiCallAction.statusCode * - service.action.networkConnectionAction.localIpDetails.ipAddressV4 * - service.action.networkConnectionAction.localIpDetails.ipAddressV6 * - service.action.networkConnectionAction.protocol * - service.action.awsApiCallAction.serviceName * - service.action.awsApiCallAction.remoteAccountDetails.accountId * - service.additionalInfo.threatListName * - service.resourceRole * - resource.eksClusterDetails.name * - resource.kubernetesDetails.kubernetesWorkloadDetails.name * - resource.kubernetesDetails.kubernetesWorkloadDetails.namespace * - resource.kubernetesDetails.kubernetesUserDetails.username * - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image * - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix * - service.ebsVolumeScanDetails.scanId * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash * - service.malwareScanDetails.threats.name * - resource.ecsClusterDetails.name * - resource.ecsClusterDetails.taskDetails.containers.image * - resource.ecsClusterDetails.taskDetails.definitionArn * - resource.containerDetails.image * - resource.rdsDbInstanceDetails.dbInstanceIdentifier * - resource.rdsDbInstanceDetails.dbClusterIdentifier * - resource.rdsDbInstanceDetails.engine * - resource.rdsDbUserDetails.user * - resource.rdsDbInstanceDetails.tags.key * - resource.rdsDbInstanceDetails.tags.value * - service.runtimeDetails.process.executableSha256 * - service.runtimeDetails.process.name * - service.runtimeDetails.process.name * - resource.lambdaDetails.functionName * - resource.lambdaDetails.functionArn * - resource.lambdaDetails.tags.key * - resource.lambdaDetails.tags.value * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-findingcriteria.html#cfn-guardduty-filter-findingcriteria-criterion */ readonly criterion?: any | cdk.IResolvable; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-findingcriteria.html#cfn-guardduty-filter-findingcriteria-itemtype */ readonly itemType?: CfnFilter.ConditionProperty | cdk.IResolvable; } /** * Specifies the condition to apply to a single field when filtering through GuardDuty findings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html */ interface ConditionProperty { /** * Represents the equal condition to apply to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-eq */ readonly eq?: Array<string>; /** * Represents an *equal* ** condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-equals */ readonly equalTo?: Array<string>; /** * Represents a *greater than* condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-greaterthan */ readonly greaterThan?: number; /** * Represents a *greater than or equal* condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-greaterthanorequal */ readonly greaterThanOrEqual?: number; /** * Represents a *greater than* condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-gt */ readonly gt?: number; /** * Represents the greater than or equal condition to apply to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-gte */ readonly gte?: number; /** * Represents a *less than* condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lessthan */ readonly lessThan?: number; /** * Represents a *less than or equal* condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lessthanorequal */ readonly lessThanOrEqual?: number; /** * Represents the less than condition to apply to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lt */ readonly lt?: number; /** * Represents the less than or equal condition to apply to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-lte */ readonly lte?: number; /** * Represents the not equal condition to apply to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-neq */ readonly neq?: Array<string>; /** * Represents a *not equal* ** condition to be applied to a single field when querying for findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-guardduty-filter-condition.html#cfn-guardduty-filter-condition-notequals */ readonly notEquals?: Array<string>; } } /** * Properties for defining a `CfnFilter` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html */ export interface CfnFilterProps { /** * Specifies the action that is to be applied to the findings that match the filter. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-action */ readonly action?: string; /** * The description of the filter. * * Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-description */ readonly description?: string; /** * The detector ID associated with the GuardDuty account for which you want to create a filter. * * To find the `detectorId` in the current Region, see the * Settings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-detectorid */ readonly detectorId: string; /** * Represents the criteria to be used in the filter for querying findings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-findingcriteria */ readonly findingCriteria: CfnFilter.FindingCriteriaProperty | cdk.IResolvable; /** * The name of the filter. * * Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-name */ readonly name: string; /** * Specifies the position of the filter in the list of current filters. * * Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100. * * By default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `"DependsOn":[ "ObjectName" ]` . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-rank */ readonly rank?: number; /** * The tags to be added to a new filter resource. * * Each tag consists of a key and an optional value, both of which you define. * * For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-filter.html#cfn-guardduty-filter-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * The `AWS::GuardDuty::IPSet` resource helps you create a list of trusted IP addresses that you can use for secure communication with AWS infrastructure and applications. * * Once you activate this list, GuardDuty will not generate findings when there is an activity associated with these safe IP addresses. * * Only the users of the GuardDuty administrator account can manage this list. These settings are also applied to the member accounts. * * @cloudformationResource AWS::GuardDuty::IPSet * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html */ export declare class CfnIPSet extends cdk.CfnResource implements cdk.IInspectable, IIPSetRef, cdk.ITaggable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnIPSet from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnIPSet; /** * Checks whether the given object is a CfnIPSet */ static isCfnIPSet(x: any): x is CfnIPSet; /** * A boolean value that determines if GuardDuty can start using this list for custom threat detection. */ private _activate?; /** * The unique ID of the detector of the GuardDuty account for which you want to create an IPSet. */ private _detectorId?; /** * The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field. */ private _expectedBucketOwner?; /** * The format of the file that contains the IPSet. */ private _format; /** * The URI of the file that contains the IPSet. */ private _location; /** * The user-friendly name to identify the IPSet. */ private _name?; /** * Tag Manager which manages the tags for this resource */ readonly tags: cdk.TagManager; /** * The tags to be added to a new threat entity set resource. */ private _tagsRaw?; protected readonly cfnPropertyNames: Record<string, string>; /** * Create a new `AWS::GuardDuty::IPSet`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnIPSetProps); get ipSetRef(): IPSetReference; /** * A boolean value that determines if GuardDuty can start using this list for custom threat detection. */ get activate(): boolean | cdk.IResolvable | undefined; /** * A boolean value that determines if GuardDuty can start using this list for custom threat detection. */ set activate(value: boolean | cdk.IResolvable | undefined); /** * The unique ID of the detector of the GuardDuty account for which you want to create an IPSet. */ get detectorId(): string | undefined; /** * The unique ID of the detector of the GuardDuty account for which you want to create an IPSet. */ set detectorId(value: string | undefined); /** * The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field. */ get expectedBucketOwner(): string | undefined; /** * The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field. */ set expectedBucketOwner(value: string | undefined); /** * The format of the file that contains the IPSet. */ get format(): string; /** * The format of the file that contains the IPSet. */ set format(value: string); /** * The URI of the file that contains the IPSet. */ get location(): string; /** * The URI of the file that contains the IPSet. */ set location(value: string); /** * The user-friendly name to identify the IPSet. */ get name(): string | undefined; /** * The user-friendly name to identify the IPSet. */ set name(value: string | undefined); /** * The tags to be added to a new threat entity set resource. */ get tagsRaw(): Array<cdk.CfnTag> | undefined; /** * The tags to be added to a new threat entity set resource. */ set tagsRaw(value: Array<cdk.CfnTag> | undefined); /** * @cloudformationAttribute Id */ get attrId(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnIPSet` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html */ export interface CfnIPSetProps { /** * A boolean value that determines if GuardDuty can start using this list for custom threat detection. * * For GuardDuty to prevent generating findings based on an activity associated with these entries, this list must be active. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-activate */ readonly activate?: boolean | cdk.IResolvable; /** * The unique ID of the detector of the GuardDuty account for which you want to create an IPSet. * * To find the `detectorId` in the current Region, see the * Settings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-detectorid */ readonly detectorId?: string; /** * The AWS account ID that owns the Amazon S3 bucket specified in the *Location* field. * * When you provide this account ID, GuardDuty will validate that the S3 bucket belongs to this account. If you don't specify an account ID owner, GuardDuty doesn't perform any validation. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-expectedbucketowner */ readonly expectedBucketOwner?: string; /** * The format of the file that contains the IPSet. * * For information about supported formats, see [List formats](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_upload-lists.html#prepare_list) in the *Amazon GuardDuty User Guide* . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-format */ readonly format: string; /** * The URI of the file that contains the IPSet. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-location */ readonly location: string; /** * The user-friendly name to identify the IPSet. * * The name of your list must be unique within an AWS account and Region. Valid characters are alphanumeric, whitespace, dash (-), and underscores (_). * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-name */ readonly name?: string; /** * The tags to be added to a new threat entity set resource. * * Each tag consists of a key and an optional value, both of which you define. * * For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-ipset.html#cfn-guardduty-ipset-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * You can use the `AWS::GuardDuty::Master` resource in a GuardDuty member account to accept an invitation from a GuardDuty administrator account. * * The invitation to the member account must be sent prior to using the `AWS::GuardDuty::Master` resource to accept the administrator account's invitation. You can invite a member account by using the `InviteMembers` operation of the GuardDuty API, or by creating an `AWS::GuardDuty::Member` resource. * * @cloudformationResource AWS::GuardDuty::Master * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html */ export declare class CfnMaster extends cdk.CfnResource implements cdk.IInspectable, IMasterRef { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnMaster from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnMaster; /** * Checks whether the given object is a CfnMaster */ static isCfnMaster(x: any): x is CfnMaster; /** * The unique ID of the detector of the GuardDuty member account. */ private _detectorId; /** * The ID of the invitation that is sent to the account designated as a member account. */ private _invitationId?; /** * The AWS account ID of the account designated as the GuardDuty administrator account. */ private _masterId; protected readonly cfnPropertyNames: Record<string, string>; /** * Create a new `AWS::GuardDuty::Master`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnMasterProps); get masterRef(): MasterReference; /** * The unique ID of the detector of the GuardDuty member account. */ get detectorId(): string; /** * The unique ID of the detector of the GuardDuty member account. */ set detectorId(value: string); /** * The ID of the invitation that is sent to the account designated as a member account. */ get invitationId(): string | undefined; /** * The ID of the invitation that is sent to the account designated as a member account. */ set invitationId(value: string | undefined); /** * The AWS account ID of the account designated as the GuardDuty administrator account. */ get masterId(): string; /** * The AWS account ID of the account designated as the GuardDuty administrator account. */ set masterId(value: string); protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } /** * Properties for defining a `CfnMaster` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html */ export interface CfnMasterProps { /** * The unique ID of the detector of the GuardDuty member account. * * To find the `detectorId` in the current Region, see the * Settings page in the GuardDuty console, or run the [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html) API. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html#cfn-guardduty-master-detectorid */ readonly detectorId: string; /** * The ID of the invitation that is sent to the account designated as a member account. * * You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* . * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-master.html#cfn-guardduty-master-invitationid */ re