AWS::GuardDuty::IPSet - AWS CloudFormation

AWS::GuardDuty::IPSet

The AWS::GuardDuty::IPSet resource specifies a new IPSet. An IPSet is a list of trusted IP addresses from which secure communication is allowed with AWS infrastructure and applications.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" : Boolean, "DetectorId" : String, "Format" : String, "Location" : String, "Name" : String, "Tags" : [ TagItem, ... ] } }

YAML

Type: AWS::GuardDuty::IPSet Properties: Activate: Boolean DetectorId: String Format: String Location: String Name: String Tags: - TagItem

Properties

Activate

Indicates whether or not GuardDuty uses the IPSet.

Required: No

Type: Boolean

Update requires: No interruption

DetectorId

The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

Required: No

Type: String

Minimum: 1

Maximum: 300

Update requires: Replacement

Format

The format of the file that contains the IPSet.

Required: Yes

Type: String

Allowed values: TXT | STIX | OTX_CSV | ALIEN_VAULT | PROOF_POINT | FIRE_EYE

Update requires: Replacement

Location

The URI of the file that contains the IPSet.

Required: Yes

Type: String

Minimum: 1

Maximum: 300

Update requires: No interruption

Name

The user-friendly name to identify the IPSet.

Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_).

Required: No

Type: String

Minimum: 1

Maximum: 300

Update requires: No interruption

Tags

The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.

For more information, see Tag.

Required: No

Type: Array of TagItem

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the unique ID of the IPSet.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Examples

Declare an IPSet Resource

The following example shows how to declare a GuardDuty IPSet resource:

JSON

"myipset": { "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" : True, "DetectorId" : "12abc34d567e8f4912ab3d45e67891f2", "Format" : "TXT", "Location" : "https://s3-us-west-2.amazonaws.com/amzn-s3-demo-bucket/myipset.txt", "Name" : "MyIPSet" } }

YAML

myipset: Type: AWS::GuardDuty::IPSet Properties: Activate: True DetectorId: "12abc34d567e8f4912ab3d45e67891f2" Format: "TXT" Location: "https://s3-us-west-2.amazonaws.com/amzn-s3-demo-bucket/myipset.txt" Name: "MyIPSet"