Docs
PackagesTry AWS Native preview for resources not in the classic version.
AWS Classic v6.32.0 published on Friday, Apr 19, 2024 by Pulumi
aws.guardduty.OrganizationConfiguration
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.32.0 published on Friday, Apr 19, 2024 by Pulumi
Manages the GuardDuty Organization Configuration in the current AWS Region. The AWS account utilizing this resource must have been assigned as a delegated Organization administrator account, e.g., via the aws.guardduty.OrganizationAdminAccount resource. More information about Organizations support in GuardDuty can be found in the GuardDuty User Guide.
NOTE: This is an advanced resource. The provider will automatically assume management of the GuardDuty Organization Configuration without import and perform no actions on removal from the resource configuration.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.guardduty.Detector("example", {enable: true});
const exampleOrganizationConfiguration = new aws.guardduty.OrganizationConfiguration("example", {
autoEnableOrganizationMembers: "ALL",
detectorId: example.id,
datasources: {
s3Logs: {
autoEnable: true,
},
kubernetes: {
auditLogs: {
enable: true,
},
},
malwareProtection: {
scanEc2InstanceWithFindings: {
ebsVolumes: {
autoEnable: true,
},
},
},
},
});
import pulumi
import pulumi_aws as aws
example = aws.guardduty.Detector("example", enable=True)
example_organization_configuration = aws.guardduty.OrganizationConfiguration("example",
auto_enable_organization_members="ALL",
detector_id=example.id,
datasources=aws.guardduty.OrganizationConfigurationDatasourcesArgs(
s3_logs=aws.guardduty.OrganizationConfigurationDatasourcesS3LogsArgs(
auto_enable=True,
),
kubernetes=aws.guardduty.OrganizationConfigurationDatasourcesKubernetesArgs(
audit_logs=aws.guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs(
enable=True,
),
),
malware_protection=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs(
scan_ec2_instance_with_findings=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs(
ebs_volumes=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs(
auto_enable=True,
),
),
),
))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := guardduty.NewDetector(ctx, "example", &guardduty.DetectorArgs{
Enable: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = guardduty.NewOrganizationConfiguration(ctx, "example", &guardduty.OrganizationConfigurationArgs{
AutoEnableOrganizationMembers: pulumi.String("ALL"),
DetectorId: example.ID(),
Datasources: &guardduty.OrganizationConfigurationDatasourcesArgs{
S3Logs: &guardduty.OrganizationConfigurationDatasourcesS3LogsArgs{
AutoEnable: pulumi.Bool(true),
},
Kubernetes: &guardduty.OrganizationConfigurationDatasourcesKubernetesArgs{
AuditLogs: &guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs{
Enable: pulumi.Bool(true),
},
},
MalwareProtection: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs{
ScanEc2InstanceWithFindings: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs{
EbsVolumes: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs{
AutoEnable: pulumi.Bool(true),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.GuardDuty.Detector("example", new()
{
Enable = true,
});
var exampleOrganizationConfiguration = new Aws.GuardDuty.OrganizationConfiguration("example", new()
{
AutoEnableOrganizationMembers = "ALL",
DetectorId = example.Id,
Datasources = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesArgs
{
S3Logs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesS3LogsArgs
{
AutoEnable = true,
},
Kubernetes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesArgs
{
AuditLogs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs
{
Enable = true,
},
},
MalwareProtection = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionArgs
{
ScanEc2InstanceWithFindings = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs
{
EbsVolumes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs
{
AutoEnable = true,
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.guardduty.Detector;
import com.pulumi.aws.guardduty.DetectorArgs;
import com.pulumi.aws.guardduty.OrganizationConfiguration;
import com.pulumi.aws.guardduty.OrganizationConfigurationArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesS3LogsArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesKubernetesArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Detector("example", DetectorArgs.builder()
.enable(true)
.build());
var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder()
.autoEnableOrganizationMembers("ALL")
.detectorId(example.id())
.datasources(OrganizationConfigurationDatasourcesArgs.builder()
.s3Logs(OrganizationConfigurationDatasourcesS3LogsArgs.builder()
.autoEnable(true)
.build())
.kubernetes(OrganizationConfigurationDatasourcesKubernetesArgs.builder()
.auditLogs(OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs.builder()
.enable(true)
.build())
.build())
.malwareProtection(OrganizationConfigurationDatasourcesMalwareProtectionArgs.builder()
.scanEc2InstanceWithFindings(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs.builder()
.ebsVolumes(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs.builder()
.autoEnable(true)
.build())
.build())
.build())
.build())
.build());
}
}
resources:
example:
type: aws:guardduty:Detector
properties:
enable: true
exampleOrganizationConfiguration:
type: aws:guardduty:OrganizationConfiguration
name: example
properties:
autoEnableOrganizationMembers: ALL
detectorId: ${example.id}
datasources:
s3Logs:
autoEnable: true
kubernetes:
auditLogs:
enable: true
malwareProtection:
scanEc2InstanceWithFindings:
ebsVolumes:
autoEnable: true
Create OrganizationConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OrganizationConfiguration(name: string, args: OrganizationConfigurationArgs, opts?: CustomResourceOptions);@overload
def OrganizationConfiguration(resource_name: str,
args: OrganizationConfigurationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OrganizationConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
detector_id: Optional[str] = None,
auto_enable: Optional[bool] = None,
auto_enable_organization_members: Optional[str] = None,
datasources: Optional[OrganizationConfigurationDatasourcesArgs] = None)func NewOrganizationConfiguration(ctx *Context, name string, args OrganizationConfigurationArgs, opts ...ResourceOption) (*OrganizationConfiguration, error)public OrganizationConfiguration(string name, OrganizationConfigurationArgs args, CustomResourceOptions? opts = null)
public OrganizationConfiguration(String name, OrganizationConfigurationArgs args)
public OrganizationConfiguration(String name, OrganizationConfigurationArgs args, CustomResourceOptions options)
type: aws:guardduty:OrganizationConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OrganizationConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OrganizationConfigurationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OrganizationConfigurationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OrganizationConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OrganizationConfigurationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var awsOrganizationConfigurationResource = new Aws.GuardDuty.OrganizationConfiguration("awsOrganizationConfigurationResource", new()
{
DetectorId = "string",
AutoEnableOrganizationMembers = "string",
Datasources = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesArgs
{
Kubernetes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesArgs
{
AuditLogs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs
{
Enable = false,
},
},
MalwareProtection = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionArgs
{
ScanEc2InstanceWithFindings = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs
{
EbsVolumes = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs
{
AutoEnable = false,
},
},
},
S3Logs = new Aws.GuardDuty.Inputs.OrganizationConfigurationDatasourcesS3LogsArgs
{
AutoEnable = false,
},
},
});
example, err := guardduty.NewOrganizationConfiguration(ctx, "awsOrganizationConfigurationResource", &guardduty.OrganizationConfigurationArgs{
DetectorId: pulumi.String("string"),
AutoEnableOrganizationMembers: pulumi.String("string"),
Datasources: &guardduty.OrganizationConfigurationDatasourcesArgs{
Kubernetes: &guardduty.OrganizationConfigurationDatasourcesKubernetesArgs{
AuditLogs: &guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs{
Enable: pulumi.Bool(false),
},
},
MalwareProtection: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs{
ScanEc2InstanceWithFindings: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs{
EbsVolumes: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs{
AutoEnable: pulumi.Bool(false),
},
},
},
S3Logs: &guardduty.OrganizationConfigurationDatasourcesS3LogsArgs{
AutoEnable: pulumi.Bool(false),
},
},
})
var awsOrganizationConfigurationResource = new OrganizationConfiguration("awsOrganizationConfigurationResource", OrganizationConfigurationArgs.builder()
.detectorId("string")
.autoEnableOrganizationMembers("string")
.datasources(OrganizationConfigurationDatasourcesArgs.builder()
.kubernetes(OrganizationConfigurationDatasourcesKubernetesArgs.builder()
.auditLogs(OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs.builder()
.enable(false)
.build())
.build())
.malwareProtection(OrganizationConfigurationDatasourcesMalwareProtectionArgs.builder()
.scanEc2InstanceWithFindings(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs.builder()
.ebsVolumes(OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs.builder()
.autoEnable(false)
.build())
.build())
.build())
.s3Logs(OrganizationConfigurationDatasourcesS3LogsArgs.builder()
.autoEnable(false)
.build())
.build())
.build());
aws_organization_configuration_resource = aws.guardduty.OrganizationConfiguration("awsOrganizationConfigurationResource",
detector_id="string",
auto_enable_organization_members="string",
datasources=aws.guardduty.OrganizationConfigurationDatasourcesArgs(
kubernetes=aws.guardduty.OrganizationConfigurationDatasourcesKubernetesArgs(
audit_logs=aws.guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs(
enable=False,
),
),
malware_protection=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs(
scan_ec2_instance_with_findings=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs(
ebs_volumes=aws.guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs(
auto_enable=False,
),
),
),
s3_logs=aws.guardduty.OrganizationConfigurationDatasourcesS3LogsArgs(
auto_enable=False,
),
))
const awsOrganizationConfigurationResource = new aws.guardduty.OrganizationConfiguration("awsOrganizationConfigurationResource", {
detectorId: "string",
autoEnableOrganizationMembers: "string",
datasources: {
kubernetes: {
auditLogs: {
enable: false,
},
},
malwareProtection: {
scanEc2InstanceWithFindings: {
ebsVolumes: {
autoEnable: false,
},
},
},
s3Logs: {
autoEnable: false,
},
},
});
type: aws:guardduty:OrganizationConfiguration
properties:
autoEnableOrganizationMembers: string
datasources:
kubernetes:
auditLogs:
enable: false
malwareProtection:
scanEc2InstanceWithFindings:
ebsVolumes:
autoEnable: false
s3Logs:
autoEnable: false
detectorId: string
OrganizationConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The OrganizationConfiguration resource accepts the following input properties:
- Detector
Id string - The detector ID of the GuardDuty account.
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - Auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - Datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- Detector
Id string - The detector ID of the GuardDuty account.
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - Auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - Datasources
Organization
Configuration Datasources Args - Configuration for the collected datasources.
- detector
Id String - The detector ID of the GuardDuty account.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable StringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- detector
Id string - The detector ID of the GuardDuty account.
- auto
Enable boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- detector_
id str - The detector ID of the GuardDuty account.
- auto_
enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto_
enable_ strorganization_ members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources Args - Configuration for the collected datasources.
- detector
Id String - The detector ID of the GuardDuty account.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable StringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources Property Map
- Configuration for the collected datasources.
Outputs
All input properties are implicitly available as output properties. Additionally, the OrganizationConfiguration resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing OrganizationConfiguration Resource
Get an existing OrganizationConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OrganizationConfigurationState, opts?: CustomResourceOptions): OrganizationConfiguration@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auto_enable: Optional[bool] = None,
auto_enable_organization_members: Optional[str] = None,
datasources: Optional[OrganizationConfigurationDatasourcesArgs] = None,
detector_id: Optional[str] = None) -> OrganizationConfigurationfunc GetOrganizationConfiguration(ctx *Context, name string, id IDInput, state *OrganizationConfigurationState, opts ...ResourceOption) (*OrganizationConfiguration, error)public static OrganizationConfiguration Get(string name, Input<string> id, OrganizationConfigurationState? state, CustomResourceOptions? opts = null)public static OrganizationConfiguration get(String name, Output<String> id, OrganizationConfigurationState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - Auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - Datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- Detector
Id string - The detector ID of the GuardDuty account.
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - Auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - Datasources
Organization
Configuration Datasources Args - Configuration for the collected datasources.
- Detector
Id string - The detector ID of the GuardDuty account.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable StringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- detector
Id String - The detector ID of the GuardDuty account.
- auto
Enable boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable stringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources - Configuration for the collected datasources.
- detector
Id string - The detector ID of the GuardDuty account.
- auto_
enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto_
enable_ strorganization_ members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources
Organization
Configuration Datasources Args - Configuration for the collected datasources.
- detector_
id str - The detector ID of the GuardDuty account.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. - auto
Enable StringOrganization Members - Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are
ALL,NEW,NONE. - datasources Property Map
- Configuration for the collected datasources.
- detector
Id String - The detector ID of the GuardDuty account.
Supporting Types
OrganizationConfigurationDatasources, OrganizationConfigurationDatasourcesArgs
- Kubernetes
Organization
Configuration Datasources Kubernetes - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- Malware
Protection OrganizationConfiguration Datasources Malware Protection - Enable Malware Protection automatically for new member accounts.
- S3Logs
Organization
Configuration Datasources S3Logs - Enable S3 Protection automatically for new member accounts.
- Kubernetes
Organization
Configuration Datasources Kubernetes - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- Malware
Protection OrganizationConfiguration Datasources Malware Protection - Enable Malware Protection automatically for new member accounts.
- S3Logs
Organization
Configuration Datasources S3Logs - Enable S3 Protection automatically for new member accounts.
- kubernetes
Organization
Configuration Datasources Kubernetes - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- malware
Protection OrganizationConfiguration Datasources Malware Protection - Enable Malware Protection automatically for new member accounts.
- s3Logs
Organization
Configuration Datasources S3Logs - Enable S3 Protection automatically for new member accounts.
- kubernetes
Organization
Configuration Datasources Kubernetes - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- malware
Protection OrganizationConfiguration Datasources Malware Protection - Enable Malware Protection automatically for new member accounts.
- s3Logs
Organization
Configuration Datasources S3Logs - Enable S3 Protection automatically for new member accounts.
- kubernetes
Organization
Configuration Datasources Kubernetes - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- malware_
protection OrganizationConfiguration Datasources Malware Protection - Enable Malware Protection automatically for new member accounts.
- s3_
logs OrganizationConfiguration Datasources S3Logs - Enable S3 Protection automatically for new member accounts.
- kubernetes Property Map
- Enable Kubernetes Audit Logs Monitoring automatically for new member accounts.
- malware
Protection Property Map - Enable Malware Protection automatically for new member accounts.
- s3Logs Property Map
- Enable S3 Protection automatically for new member accounts.
OrganizationConfigurationDatasourcesKubernetes, OrganizationConfigurationDatasourcesKubernetesArgs
- Audit
Logs OrganizationConfiguration Datasources Kubernetes Audit Logs - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
- Audit
Logs OrganizationConfiguration Datasources Kubernetes Audit Logs - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
- audit
Logs OrganizationConfiguration Datasources Kubernetes Audit Logs - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
- audit
Logs OrganizationConfiguration Datasources Kubernetes Audit Logs - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
- audit_
logs OrganizationConfiguration Datasources Kubernetes Audit Logs - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
- audit
Logs Property Map - Enable Kubernetes Audit Logs Monitoring automatically for new member accounts. Kubernetes protection. See Kubernetes Audit Logs below for more details.
OrganizationConfigurationDatasourcesKubernetesAuditLogs, OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs
- Enable bool
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
- Enable bool
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
- enable Boolean
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
- enable boolean
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
- enable bool
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
- enable Boolean
- If true, enables Kubernetes audit logs as a data source for Kubernetes protection.
Defaults to
true.
OrganizationConfigurationDatasourcesMalwareProtection, OrganizationConfigurationDatasourcesMalwareProtectionArgs
- Scan
Ec2Instance OrganizationWith Findings Configuration Datasources Malware Protection Scan Ec2Instance With Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
- Scan
Ec2Instance OrganizationWith Findings Configuration Datasources Malware Protection Scan Ec2Instance With Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
- scan
Ec2Instance OrganizationWith Findings Configuration Datasources Malware Protection Scan Ec2Instance With Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
- scan
Ec2Instance OrganizationWith Findings Configuration Datasources Malware Protection Scan Ec2Instance With Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
- scan_
ec2_ Organizationinstance_ with_ findings Configuration Datasources Malware Protection Scan Ec2Instance With Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
- scan
Ec2Instance Property MapWith Findings - Configure whether Malware Protection for EC2 instances with findings should be auto-enabled for new members joining the organization. See Scan EC2 instance with findings below for more details.
OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindings, OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs
- Ebs
Volumes OrganizationConfiguration Datasources Malware Protection Scan Ec2Instance With Findings Ebs Volumes - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
- Ebs
Volumes OrganizationConfiguration Datasources Malware Protection Scan Ec2Instance With Findings Ebs Volumes - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
- ebs
Volumes OrganizationConfiguration Datasources Malware Protection Scan Ec2Instance With Findings Ebs Volumes - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
- ebs
Volumes OrganizationConfiguration Datasources Malware Protection Scan Ec2Instance With Findings Ebs Volumes - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
- ebs_
volumes OrganizationConfiguration Datasources Malware Protection Scan Ec2Instance With Findings Ebs Volumes - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
- ebs
Volumes Property Map - Configure whether scanning EBS volumes should be auto-enabled for new members joining the organization See EBS volumes below for more details.
OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumes, OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs
- Auto
Enable bool - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
- Auto
Enable bool - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
- auto
Enable Boolean - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
- auto
Enable boolean - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
- auto_
enable bool - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
- auto
Enable Boolean - If true, enables Malware Protection for all new accounts joining the organization.
Defaults to
true.
OrganizationConfigurationDatasourcesS3Logs, OrganizationConfigurationDatasourcesS3LogsArgs
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
- Auto
Enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
- auto
Enable boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
- auto_
enable bool - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
- auto
Enable Boolean - Deprecated: Use
auto_enable_organization_membersinstead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region.
Import
Using pulumi import, import GuardDuty Organization Configurations using the GuardDuty Detector ID. For example:
$ pulumi import aws:guardduty/organizationConfiguration:OrganizationConfiguration example 00b00fd5aecc0ab60a708659477e9617
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.32.0 published on Friday, Apr 19, 2024 by Pulumi