CREATETHREATENTITYSET()`¶

About CreateThreatEntitySet¶

Creates a new threat entity set. In a threat entity set, you can provide known malicious IP addresses and domains for your Amazon Web Services environment. GuardDuty generates findings based on the entries in the threat entity sets. Only users of the administrator account can manage entity sets, which automatically apply to member accounts.

Method Signature¶

IMPORTING¶

Required arguments:¶

`iv_detectorid` `TYPE /AWS1/GDYDETECTORID` `/AWS1/GDYDETECTORID`¶

The unique ID of the detector of the GuardDuty account for which you want to create a threat entity set.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

`iv_name` `TYPE /AWS1/GDYNAME` `/AWS1/GDYNAME`¶

A user-friendly name to identify the threat entity set.

The name of your list can include lowercase letters, uppercase letters, numbers, dash (-), and underscore (_).

`iv_format` `TYPE /AWS1/GDYTHREATENTITYSETFORMAT` `/AWS1/GDYTHREATENTITYSETFORMAT`¶

The format of the file that contains the threat entity set.

`iv_location` `TYPE /AWS1/GDYLOCATION` `/AWS1/GDYLOCATION`¶

The URI of the file that contains the threat entity set.

`iv_activate` `TYPE /AWS1/GDYBOOLEAN` `/AWS1/GDYBOOLEAN`¶

A boolean value that indicates whether GuardDuty should start using the uploaded threat entity set to generate findings.

Optional arguments:¶

`iv_expectedbucketowner` `TYPE /AWS1/GDYEXPECTEDBUCKETOWNER` `/AWS1/GDYEXPECTEDBUCKETOWNER`¶

The Amazon Web Services account ID that owns the Amazon S3 bucket specified in the location parameter.

`iv_clienttoken` `TYPE /AWS1/GDYCLIENTTOKEN` `/AWS1/GDYCLIENTTOKEN`¶

The idempotency token for the create request.

`it_tags` `TYPE /AWS1/CL_GDYTAGMAP_W=>TT_TAGMAP` `TT_TAGMAP`¶

The tags to be added to a new threat entity set resource.

RETURNING¶

`oo_output` `TYPE REF TO /aws1/cl_gdycrethreatentsetrsp` `/AWS1/CL_GDYCRETHREATENTSETRSP`¶

Domain /AWS1/RT_ACCOUNT_ID

Primitive Type NUMC

Examples¶

Syntax Example¶

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->/aws1/if_gdy~createthreatentityset(
  it_tags = VALUE /aws1/cl_gdytagmap_w=>tt_tagmap(
    (
      VALUE /aws1/cl_gdytagmap_w=>ts_tagmap_maprow(
        value = new /aws1/cl_gdytagmap_w( |string| )
        key = |string|
      )
    )
  )
  iv_activate = ABAP_TRUE
  iv_clienttoken = |string|
  iv_detectorid = |string|
  iv_expectedbucketowner = |string|
  iv_format = |string|
  iv_location = |string|
  iv_name = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lv_string = lo_result->get_threatentitysetid( ).
ENDIF.

/AWS1/IF_GDY=>CREATETHREATENTITYSET()¶

About CreateThreatEntitySet¶

Method Signature¶

IMPORTING¶

Required arguments:¶

iv_detectorid TYPE /AWS1/GDYDETECTORID /AWS1/GDYDETECTORID¶

iv_name TYPE /AWS1/GDYNAME /AWS1/GDYNAME¶

iv_format TYPE /AWS1/GDYTHREATENTITYSETFORMAT /AWS1/GDYTHREATENTITYSETFORMAT¶

iv_location TYPE /AWS1/GDYLOCATION /AWS1/GDYLOCATION¶

iv_activate TYPE /AWS1/GDYBOOLEAN /AWS1/GDYBOOLEAN¶