AWS::GuardDuty::IPSet
The AWS::GuardDuty::IPSet
resource specifies a new
IPSet
. An IPSet
is a list of trusted IP addresses from
which secure communication is allowed with AWS infrastructure and
applications.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" :
Boolean
, "DetectorId" :String
, "Format" :String
, "Location" :String
, "Name" :String
, "Tags" :[ TagItem, ... ]
} }
YAML
Type: AWS::GuardDuty::IPSet Properties: Activate:
Boolean
DetectorId:String
Format:String
Location:String
Name:String
Tags:- TagItem
Properties
Activate
-
Indicates whether or not GuardDuty uses the
IPSet
.Required: No
Type: Boolean
Update requires: No interruption
DetectorId
-
The unique ID of the detector of the GuardDuty account for which you want to create an IPSet.
To find the
detectorId
in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.Required: No
Type: String
Minimum:
1
Maximum:
300
Update requires: Replacement
Format
-
The format of the file that contains the IPSet.
Required: Yes
Type: String
Allowed values:
TXT | STIX | OTX_CSV | ALIEN_VAULT | PROOF_POINT | FIRE_EYE
Update requires: Replacement
Location
-
The URI of the file that contains the IPSet.
Required: Yes
Type: String
Minimum:
1
Maximum:
300
Update requires: No interruption
Name
-
The user-friendly name to identify the IPSet.
Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_).
Required: No
Type: String
Minimum:
1
Maximum:
300
Update requires: No interruption
-
The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.
For more information, see Tag.
Required: No
Type: Array of TagItem
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the unique ID of the IPSet
.
For more information about using the Ref
function, see Ref
.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt
.
Examples
Declare an IPSet Resource
The following example shows how to declare a GuardDuty
IPSet
resource:
JSON
"myipset": { "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" : True, "DetectorId" : "12abc34d567e8f4912ab3d45e67891f2", "Format" : "TXT", "Location" : "https://s3-us-west-2.amazonaws.com/amzn-s3-demo-bucket/myipset.txt", "Name" : "MyIPSet" } }
YAML
myipset: Type: AWS::GuardDuty::IPSet Properties: Activate: True DetectorId: "12abc34d567e8f4912ab3d45e67891f2" Format: "TXT" Location: "https://s3-us-west-2.amazonaws.com/amzn-s3-demo-bucket/myipset.txt" Name: "MyIPSet"