Organization
data class OrganizationConfigurationFeatureArgs(val additionalConfigurations: Output<List<OrganizationConfigurationFeatureAdditionalConfigurationArgs>>? = null, val autoEnable: Output<String>? = null, val detectorId: Output<String>? = null, val name: Output<String>? = null) : ConvertibleToJava<OrganizationConfigurationFeatureArgs>
Provides a resource to manage a single Amazon GuardDuty organization configuration feature.
NOTE: Deleting this resource does not disable the organization configuration feature, the resource in simply removed from state instead.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.guardduty.Detector("example", {enable: true});
const eksRuntimeMonitoring = new aws.guardduty.OrganizationConfigurationFeature("eks_runtime_monitoring", {
detectorId: example.id,
name: "EKS_RUNTIME_MONITORING",
autoEnable: "ALL",
additionalConfigurations: [{
name: "EKS_ADDON_MANAGEMENT",
autoEnable: "NEW",
}],
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.guardduty.Detector("example", enable=True)
eks_runtime_monitoring = aws.guardduty.OrganizationConfigurationFeature("eks_runtime_monitoring",
detector_id=example.id,
name="EKS_RUNTIME_MONITORING",
auto_enable="ALL",
additional_configurations=[{
"name": "EKS_ADDON_MANAGEMENT",
"auto_enable": "NEW",
}])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.GuardDuty.Detector("example", new()
{
Enable = true,
});
var eksRuntimeMonitoring = new Aws.GuardDuty.OrganizationConfigurationFeature("eks_runtime_monitoring", new()
{
DetectorId = example.Id,
Name = "EKS_RUNTIME_MONITORING",
AutoEnable = "ALL",
AdditionalConfigurations = new[]
{
new Aws.GuardDuty.Inputs.OrganizationConfigurationFeatureAdditionalConfigurationArgs
{
Name = "EKS_ADDON_MANAGEMENT",
AutoEnable = "NEW",
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := guardduty.NewDetector(ctx, "example", &guardduty.DetectorArgs{
Enable: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = guardduty.NewOrganizationConfigurationFeature(ctx, "eks_runtime_monitoring", &guardduty.OrganizationConfigurationFeatureArgs{
DetectorId: example.ID(),
Name: pulumi.String("EKS_RUNTIME_MONITORING"),
AutoEnable: pulumi.String("ALL"),
AdditionalConfigurations: guardduty.OrganizationConfigurationFeatureAdditionalConfigurationArray{
&guardduty.OrganizationConfigurationFeatureAdditionalConfigurationArgs{
Name: pulumi.String("EKS_ADDON_MANAGEMENT"),
AutoEnable: pulumi.String("NEW"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.guardduty.Detector;
import com.pulumi.aws.guardduty.DetectorArgs;
import com.pulumi.aws.guardduty.OrganizationConfigurationFeature;
import com.pulumi.aws.guardduty.OrganizationConfigurationFeatureArgs;
import com.pulumi.aws.guardduty.inputs.OrganizationConfigurationFeatureAdditionalConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Detector("example", DetectorArgs.builder()
.enable(true)
.build());
var eksRuntimeMonitoring = new OrganizationConfigurationFeature("eksRuntimeMonitoring", OrganizationConfigurationFeatureArgs.builder()
.detectorId(example.id())
.name("EKS_RUNTIME_MONITORING")
.autoEnable("ALL")
.additionalConfigurations(OrganizationConfigurationFeatureAdditionalConfigurationArgs.builder()
.name("EKS_ADDON_MANAGEMENT")
.autoEnable("NEW")
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:guardduty:Detector
properties:
enable: true
eksRuntimeMonitoring:
type: aws:guardduty:OrganizationConfigurationFeature
name: eks_runtime_monitoring
properties:
detectorId: ${example.id}
name: EKS_RUNTIME_MONITORING
autoEnable: ALL
additionalConfigurations:
- name: EKS_ADDON_MANAGEMENT
autoEnable: NEWContent copied to clipboard
Constructors
Link copied to clipboard
constructor(additionalConfigurations: Output<List<OrganizationConfigurationFeatureAdditionalConfigurationArgs>>? = null, autoEnable: Output<String>? = null, detectorId: Output<String>? = null, name: Output<String>? = null)
Properties
Link copied to clipboard
val additionalConfigurations: Output<List<OrganizationConfigurationFeatureAdditionalConfigurationArgs>>? = null
Additional feature configuration block for features EKS_RUNTIME_MONITORING or RUNTIME_MONITORING. See below.
Link copied to clipboard
The status of the feature that is configured for the member accounts within the organization. Valid values: NEW, ALL, NONE.
Link copied to clipboard
The ID of the detector that configures the delegated administrator.
Link copied to clipboard
The name of the feature that will be configured for the organization. Valid values: S3_DATA_EVENTS, EKS_AUDIT_LOGS, EBS_MALWARE_PROTECTION, RDS_LOGIN_EVENTS, EKS_RUNTIME_MONITORING, LAMBDA_NETWORK_LOGS, RUNTIME_MONITORING. Only one of two features EKS_RUNTIME_MONITORING or RUNTIME_MONITORING can be added, adding both features will cause an error. Refer to the AWS Documentation for the current list of supported values.