» Resource: aws_guardduty_ipset

Provides a resource to manage a GuardDuty IPSet.

» Example Usage

resource "aws_guardduty_detector" "master" {
  enable = true
}

resource "aws_s3_bucket" "bucket" {
  acl = "private"
}

resource "aws_s3_bucket_object" "MyIPSet" {
  acl     = "public-read"
  content = "10.0.0.0/8\n"
  bucket  = "${aws_s3_bucket.bucket.id}"
  key     = "MyIPSet"
}

resource "aws_guardduty_ipset" "MyIPSet" {
  activate    = true
  detector_id = "${aws_guardduty_detector.master.id}"
  format      = "TXT"
  location    = "https://s3.amazonaws.com/${aws_s3_bucket_object.MyIPSet.bucket}/${aws_s3_bucket_object.MyIPSet.key}"
  name        = "MyIPSet"
}

» Argument Reference

The following arguments are supported:

  • activate - (Required) Specifies whether GuardDuty is to start using the uploaded IPSet.
  • detector_id - (Required) The detector ID of the GuardDuty.
  • format - (Required) The format of the file that contains the IPSet. Valid values: TXT | STIX | OTX_CSV | ALIEN_VAULT | PROOF_POINT | FIRE_EYE
  • location - (Required) The URI of the file that contains the IPSet.
  • name - (Required) The friendly name to identify the IPSet.

» Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the GuardDuty IPSet.

» Import

GuardDuty IPSet can be imported using the the master GuardDuty detector ID and IPSet ID, e.g.

$ terraform import aws_guardduty_ipset.MyIPSet 00b00fd5aecc0ab60a708659477e9617:123456789012