Docs Home
AWS v6.78.0 published on Thursday, Apr 24, 2025 by Pulumi
aws.guardduty.Filter
Explore with Pulumi AI
Provides a resource to manage a GuardDuty filter.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const myFilter = new aws.guardduty.Filter("MyFilter", {
name: "MyFilter",
action: "ARCHIVE",
detectorId: example.id,
rank: 1,
findingCriteria: {
criterions: [
{
field: "region",
equals: ["eu-west-1"],
},
{
field: "service.additionalInfo.threatListName",
notEquals: [
"some-threat",
"another-threat",
],
},
{
field: "updatedAt",
greaterThan: "2020-01-01T00:00:00Z",
lessThan: "2020-02-01T00:00:00Z",
},
{
field: "severity",
greaterThanOrEqual: "4",
},
],
},
});
import pulumi
import pulumi_aws as aws
my_filter = aws.guardduty.Filter("MyFilter",
name="MyFilter",
action="ARCHIVE",
detector_id=example["id"],
rank=1,
finding_criteria={
"criterions": [
{
"field": "region",
"equals": ["eu-west-1"],
},
{
"field": "service.additionalInfo.threatListName",
"not_equals": [
"some-threat",
"another-threat",
],
},
{
"field": "updatedAt",
"greater_than": "2020-01-01T00:00:00Z",
"less_than": "2020-02-01T00:00:00Z",
},
{
"field": "severity",
"greater_than_or_equal": "4",
},
],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := guardduty.NewFilter(ctx, "MyFilter", &guardduty.FilterArgs{
Name: pulumi.String("MyFilter"),
Action: pulumi.String("ARCHIVE"),
DetectorId: pulumi.Any(example.Id),
Rank: pulumi.Int(1),
FindingCriteria: &guardduty.FilterFindingCriteriaArgs{
Criterions: guardduty.FilterFindingCriteriaCriterionArray{
&guardduty.FilterFindingCriteriaCriterionArgs{
Field: pulumi.String("region"),
Equals: pulumi.StringArray{
pulumi.String("eu-west-1"),
},
},
&guardduty.FilterFindingCriteriaCriterionArgs{
Field: pulumi.String("service.additionalInfo.threatListName"),
NotEquals: pulumi.StringArray{
pulumi.String("some-threat"),
pulumi.String("another-threat"),
},
},
&guardduty.FilterFindingCriteriaCriterionArgs{
Field: pulumi.String("updatedAt"),
GreaterThan: pulumi.String("2020-01-01T00:00:00Z"),
LessThan: pulumi.String("2020-02-01T00:00:00Z"),
},
&guardduty.FilterFindingCriteriaCriterionArgs{
Field: pulumi.String("severity"),
GreaterThanOrEqual: pulumi.String("4"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var myFilter = new Aws.GuardDuty.Filter("MyFilter", new()
{
Name = "MyFilter",
Action = "ARCHIVE",
DetectorId = example.Id,
Rank = 1,
FindingCriteria = new Aws.GuardDuty.Inputs.FilterFindingCriteriaArgs
{
Criterions = new[]
{
new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs
{
Field = "region",
Equals = new[]
{
"eu-west-1",
},
},
new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs
{
Field = "service.additionalInfo.threatListName",
NotEquals = new[]
{
"some-threat",
"another-threat",
},
},
new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs
{
Field = "updatedAt",
GreaterThan = "2020-01-01T00:00:00Z",
LessThan = "2020-02-01T00:00:00Z",
},
new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs
{
Field = "severity",
GreaterThanOrEqual = "4",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.guardduty.Filter;
import com.pulumi.aws.guardduty.FilterArgs;
import com.pulumi.aws.guardduty.inputs.FilterFindingCriteriaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myFilter = new Filter("myFilter", FilterArgs.builder()
.name("MyFilter")
.action("ARCHIVE")
.detectorId(example.id())
.rank(1)
.findingCriteria(FilterFindingCriteriaArgs.builder()
.criterions(
FilterFindingCriteriaCriterionArgs.builder()
.field("region")
.equals("eu-west-1")
.build(),
FilterFindingCriteriaCriterionArgs.builder()
.field("service.additionalInfo.threatListName")
.notEquals(
"some-threat",
"another-threat")
.build(),
FilterFindingCriteriaCriterionArgs.builder()
.field("updatedAt")
.greaterThan("2020-01-01T00:00:00Z")
.lessThan("2020-02-01T00:00:00Z")
.build(),
FilterFindingCriteriaCriterionArgs.builder()
.field("severity")
.greaterThanOrEqual("4")
.build())
.build())
.build());
}
}
resources:
myFilter:
type: aws:guardduty:Filter
name: MyFilter
properties:
name: MyFilter
action: ARCHIVE
detectorId: ${example.id}
rank: 1
findingCriteria:
criterions:
- field: region
equals:
- eu-west-1
- field: service.additionalInfo.threatListName
notEquals:
- some-threat
- another-threat
- field: updatedAt
greaterThan: 2020-01-01T00:00:00Z
lessThan: 2020-02-01T00:00:00Z
- field: severity
greaterThanOrEqual: '4'
Create Filter Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Filter(name: string, args: FilterArgs, opts?: CustomResourceOptions);@overload
def Filter(resource_name: str,
args: FilterArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Filter(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
detector_id: Optional[str] = None,
finding_criteria: Optional[FilterFindingCriteriaArgs] = None,
rank: Optional[int] = None,
description: Optional[str] = None,
name: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)func NewFilter(ctx *Context, name string, args FilterArgs, opts ...ResourceOption) (*Filter, error)public Filter(string name, FilterArgs args, CustomResourceOptions? opts = null)
public Filter(String name, FilterArgs args)
public Filter(String name, FilterArgs args, CustomResourceOptions options)
type: aws:guardduty:Filter
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FilterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FilterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FilterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FilterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FilterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var filterResource = new Aws.GuardDuty.Filter("filterResource", new()
{
Action = "string",
DetectorId = "string",
FindingCriteria = new Aws.GuardDuty.Inputs.FilterFindingCriteriaArgs
{
Criterions = new[]
{
new Aws.GuardDuty.Inputs.FilterFindingCriteriaCriterionArgs
{
Field = "string",
Equals = new[]
{
"string",
},
GreaterThan = "string",
GreaterThanOrEqual = "string",
LessThan = "string",
LessThanOrEqual = "string",
NotEquals = new[]
{
"string",
},
},
},
},
Rank = 0,
Description = "string",
Name = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := guardduty.NewFilter(ctx, "filterResource", &guardduty.FilterArgs{
Action: pulumi.String("string"),
DetectorId: pulumi.String("string"),
FindingCriteria: &guardduty.FilterFindingCriteriaArgs{
Criterions: guardduty.FilterFindingCriteriaCriterionArray{
&guardduty.FilterFindingCriteriaCriterionArgs{
Field: pulumi.String("string"),
Equals: pulumi.StringArray{
pulumi.String("string"),
},
GreaterThan: pulumi.String("string"),
GreaterThanOrEqual: pulumi.String("string"),
LessThan: pulumi.String("string"),
LessThanOrEqual: pulumi.String("string"),
NotEquals: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Rank: pulumi.Int(0),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var filterResource = new Filter("filterResource", FilterArgs.builder()
.action("string")
.detectorId("string")
.findingCriteria(FilterFindingCriteriaArgs.builder()
.criterions(FilterFindingCriteriaCriterionArgs.builder()
.field("string")
.equals("string")
.greaterThan("string")
.greaterThanOrEqual("string")
.lessThan("string")
.lessThanOrEqual("string")
.notEquals("string")
.build())
.build())
.rank(0)
.description("string")
.name("string")
.tags(Map.of("string", "string"))
.build());
filter_resource = aws.guardduty.Filter("filterResource",
action="string",
detector_id="string",
finding_criteria={
"criterions": [{
"field": "string",
"equals": ["string"],
"greater_than": "string",
"greater_than_or_equal": "string",
"less_than": "string",
"less_than_or_equal": "string",
"not_equals": ["string"],
}],
},
rank=0,
description="string",
name="string",
tags={
"string": "string",
})
const filterResource = new aws.guardduty.Filter("filterResource", {
action: "string",
detectorId: "string",
findingCriteria: {
criterions: [{
field: "string",
equals: ["string"],
greaterThan: "string",
greaterThanOrEqual: "string",
lessThan: "string",
lessThanOrEqual: "string",
notEquals: ["string"],
}],
},
rank: 0,
description: "string",
name: "string",
tags: {
string: "string",
},
});
type: aws:guardduty:Filter
properties:
action: string
description: string
detectorId: string
findingCriteria:
criterions:
- equals:
- string
field: string
greaterThan: string
greaterThanOrEqual: string
lessThan: string
lessThanOrEqual: string
notEquals:
- string
name: string
rank: 0
tags:
string: string
Filter Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Filter resource accepts the following input properties:
- Action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - Detector
Id string - ID of a GuardDuty detector, attached to your account.
- Finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - Rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Description string
- Description of the filter.
- Name string
- The name of your filter.
- Dictionary<string, string>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - Detector
Id string - ID of a GuardDuty detector, attached to your account.
- Finding
Criteria FilterFinding Criteria Args - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - Rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Description string
- Description of the filter.
- Name string
- The name of your filter.
- map[string]string
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action String
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - detector
Id String - ID of a GuardDuty detector, attached to your account.
- finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - rank Integer
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- description String
- Description of the filter.
- name String
- The name of your filter.
- Map<String,String>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - detector
Id string - ID of a GuardDuty detector, attached to your account.
- finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - rank number
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- description string
- Description of the filter.
- name string
- The name of your filter.
- {[key: string]: string}
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action str
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - detector_
id str - ID of a GuardDuty detector, attached to your account.
- finding_
criteria FilterFinding Criteria Args - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- description str
- Description of the filter.
- name str
- The name of your filter.
- Mapping[str, str]
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action String
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - detector
Id String - ID of a GuardDuty detector, attached to your account.
- finding
Criteria Property Map - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - rank Number
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- description String
- Description of the filter.
- name String
- The name of your filter.
- Map<String>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the Filter resource produces the following output properties:
Look up Existing Filter Resource
Get an existing Filter resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FilterState, opts?: CustomResourceOptions): Filter@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
arn: Optional[str] = None,
description: Optional[str] = None,
detector_id: Optional[str] = None,
finding_criteria: Optional[FilterFindingCriteriaArgs] = None,
name: Optional[str] = None,
rank: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> Filterfunc GetFilter(ctx *Context, name string, id IDInput, state *FilterState, opts ...ResourceOption) (*Filter, error)public static Filter Get(string name, Input<string> id, FilterState? state, CustomResourceOptions? opts = null)public static Filter get(String name, Output<String> id, FilterState state, CustomResourceOptions options)resources: _: type: aws:guardduty:Filter get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - Arn string
- The ARN of the GuardDuty filter.
- Description string
- Description of the filter.
- Detector
Id string - ID of a GuardDuty detector, attached to your account.
- Finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - Name string
- The name of your filter.
- Rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Dictionary<string, string>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- Action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - Arn string
- The ARN of the GuardDuty filter.
- Description string
- Description of the filter.
- Detector
Id string - ID of a GuardDuty detector, attached to your account.
- Finding
Criteria FilterFinding Criteria Args - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - Name string
- The name of your filter.
- Rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- map[string]string
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- action String
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - arn String
- The ARN of the GuardDuty filter.
- description String
- Description of the filter.
- detector
Id String - ID of a GuardDuty detector, attached to your account.
- finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - name String
- The name of your filter.
- rank Integer
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Map<String,String>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- action string
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - arn string
- The ARN of the GuardDuty filter.
- description string
- Description of the filter.
- detector
Id string - ID of a GuardDuty detector, attached to your account.
- finding
Criteria FilterFinding Criteria - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - name string
- The name of your filter.
- rank number
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- {[key: string]: string}
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- action str
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - arn str
- The ARN of the GuardDuty filter.
- description str
- Description of the filter.
- detector_
id str - ID of a GuardDuty detector, attached to your account.
- finding_
criteria FilterFinding Criteria Args - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - name str
- The name of your filter.
- rank int
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Mapping[str, str]
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- action String
- Specifies the action that is to be applied to the findings that match the filter. Can be one of
ARCHIVEorNOOP. - arn String
- The ARN of the GuardDuty filter.
- description String
- Description of the filter.
- detector
Id String - ID of a GuardDuty detector, attached to your account.
- finding
Criteria Property Map - Represents the criteria to be used in the filter for querying findings. Contains one or more
criterionblocks, documented below. - name String
- The name of your filter.
- rank Number
- Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
- Map<String>
- The tags that you want to add to the Filter resource. A tag consists of a key and a value. .If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
Supporting Types
FilterFindingCriteria, FilterFindingCriteriaArgs
FilterFindingCriteriaCriterion, FilterFindingCriteriaCriterionArgs
- Field string
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- Equals List<string>
- List of string values to be evaluated.
- Greater
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Greater
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Less
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Less
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Not
Equals List<string> - List of string values to be evaluated.
- Field string
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- Equals []string
- List of string values to be evaluated.
- Greater
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Greater
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Less
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Less
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- Not
Equals []string - List of string values to be evaluated.
- field String
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- equals_ List<String>
- List of string values to be evaluated.
- greater
Than String - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- greater
Than StringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than String - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than StringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- not
Equals List<String> - List of string values to be evaluated.
- field string
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- equals string[]
- List of string values to be evaluated.
- greater
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- greater
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than string - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than stringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- not
Equals string[] - List of string values to be evaluated.
- field str
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- equals Sequence[str]
- List of string values to be evaluated.
- greater_
than str - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- greater_
than_ stror_ equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less_
than str - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less_
than_ stror_ equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- not_
equals Sequence[str] - List of string values to be evaluated.
- field String
- The name of the field to be evaluated. The full list of field names can be found in AWS documentation.
- equals List<String>
- List of string values to be evaluated.
- greater
Than String - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- greater
Than StringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than String - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- less
Than StringOr Equal - A value to be evaluated. Accepts either an integer or a date in RFC 3339 format.
- not
Equals List<String> - List of string values to be evaluated.
Import
Using pulumi import, import GuardDuty filters using the detector ID and filter’s name separated by a colon. For example:
$ pulumi import aws:guardduty/filter:Filter MyFilter 00b00fd5aecc0ab60a708659477e9617:MyFilter
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.