AWS::GuardDuty::IPSet
The AWS::GuardDuty::IPSet
resource specifies a new
IPSet
. An IPSet
is a list of trusted IP addresses from
which secure communication is allowed with AWS infrastructure and
applications.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" :
Boolean
, "DetectorId" :String
, "Format" :String
, "Location" :String
, "Name" :String
, "Tags" :[
} }Tag
, ... ]
YAML
Type: AWS::GuardDuty::IPSet Properties: Activate:
Boolean
DetectorId:String
Format:String
Location:String
Name:String
Tags:-
Tag
Properties
Activate
-
Indicates whether or not GuardDuty uses the
IPSet
.Required: Yes
Type: Boolean
Update requires: No interruption
DetectorId
-
The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.
Required: Yes
Type: String
Minimum:
1
Maximum:
300
Update requires: Replacement
Format
-
The format of the file that contains the IPSet.
Required: Yes
Type: String
Allowed values:
ALIEN_VAULT | FIRE_EYE | OTX_CSV | PROOF_POINT | STIX | TXT
Update requires: Replacement
Location
-
The URI of the file that contains the IPSet.
Required: Yes
Type: String
Minimum:
1
Maximum:
300
Update requires: No interruption
Name
-
The user-friendly name to identify the IPSet.
Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_).
Required: No
Type: String
Minimum:
1
Maximum:
300
Update requires: No interruption
-
The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.
For more information, see Tag.
Required: No
Type: List of
Tag
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the unique ID of the IPSet
.
For more information about using the Ref
function, see Ref
.
Examples
Declare an IPSet Resource
The following example shows how to declare a GuardDuty
IPSet
resource:
JSON
"myipset": { "Type" : "AWS::GuardDuty::IPSet", "Properties" : { "Activate" : True, "DetectorId" : "12abc34d567e8f4912ab3d45e67891f2", "Format" : "TXT", "Location" : "https://s3-us-west-2.amazonaws.com/mybucket/myipset.txt", "Name" : "MyIPSet" } }
YAML
myipset: Type: AWS::GuardDuty::IPSet Properties: Activate: True DetectorId: "12abc34d567e8f4912ab3d45e67891f2" Format: "TXT" Location: "https://s3-us-west-2.amazonaws.com/mybucket/myipset.txt" Name: "MyIPSet"