github.com/pulumi/pulumi-aws/sdk/v6@v6.32.0/go/aws/guardduty/organizationConfiguration.go (about) 1 // Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. 2 // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** 3 4 package guardduty 5 6 import ( 7 "context" 8 "reflect" 9 10 "errors" 11 "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/internal" 12 "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 13 ) 14 15 // Manages the GuardDuty Organization Configuration in the current AWS Region. The AWS account utilizing this resource must have been assigned as a delegated Organization administrator account, e.g., via the `guardduty.OrganizationAdminAccount` resource. More information about Organizations support in GuardDuty can be found in the [GuardDuty User Guide](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html). 16 // 17 // > **NOTE:** This is an advanced resource. The provider will automatically assume management of the GuardDuty Organization Configuration without import and perform no actions on removal from the resource configuration. 18 // 19 // ## Example Usage 20 // 21 // <!--Start PulumiCodeChooser --> 22 // ```go 23 // package main 24 // 25 // import ( 26 // 27 // "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/guardduty" 28 // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" 29 // 30 // ) 31 // 32 // func main() { 33 // pulumi.Run(func(ctx *pulumi.Context) error { 34 // example, err := guardduty.NewDetector(ctx, "example", &guardduty.DetectorArgs{ 35 // Enable: pulumi.Bool(true), 36 // }) 37 // if err != nil { 38 // return err 39 // } 40 // _, err = guardduty.NewOrganizationConfiguration(ctx, "example", &guardduty.OrganizationConfigurationArgs{ 41 // AutoEnableOrganizationMembers: pulumi.String("ALL"), 42 // DetectorId: example.ID(), 43 // Datasources: &guardduty.OrganizationConfigurationDatasourcesArgs{ 44 // S3Logs: &guardduty.OrganizationConfigurationDatasourcesS3LogsArgs{ 45 // AutoEnable: pulumi.Bool(true), 46 // }, 47 // Kubernetes: &guardduty.OrganizationConfigurationDatasourcesKubernetesArgs{ 48 // AuditLogs: &guardduty.OrganizationConfigurationDatasourcesKubernetesAuditLogsArgs{ 49 // Enable: pulumi.Bool(true), 50 // }, 51 // }, 52 // MalwareProtection: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionArgs{ 53 // ScanEc2InstanceWithFindings: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsArgs{ 54 // EbsVolumes: &guardduty.OrganizationConfigurationDatasourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesArgs{ 55 // AutoEnable: pulumi.Bool(true), 56 // }, 57 // }, 58 // }, 59 // }, 60 // }) 61 // if err != nil { 62 // return err 63 // } 64 // return nil 65 // }) 66 // } 67 // 68 // ``` 69 // <!--End PulumiCodeChooser --> 70 // 71 // ## Import 72 // 73 // Using `pulumi import`, import GuardDuty Organization Configurations using the GuardDuty Detector ID. For example: 74 // 75 // ```sh 76 // $ pulumi import aws:guardduty/organizationConfiguration:OrganizationConfiguration example 00b00fd5aecc0ab60a708659477e9617 77 // ``` 78 type OrganizationConfiguration struct { 79 pulumi.CustomResourceState 80 81 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 82 // 83 // Deprecated: Use autoEnableOrganizationMembers instead 84 AutoEnable pulumi.BoolOutput `pulumi:"autoEnable"` 85 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 86 AutoEnableOrganizationMembers pulumi.StringOutput `pulumi:"autoEnableOrganizationMembers"` 87 // Configuration for the collected datasources. 88 Datasources OrganizationConfigurationDatasourcesOutput `pulumi:"datasources"` 89 // The detector ID of the GuardDuty account. 90 DetectorId pulumi.StringOutput `pulumi:"detectorId"` 91 } 92 93 // NewOrganizationConfiguration registers a new resource with the given unique name, arguments, and options. 94 func NewOrganizationConfiguration(ctx *pulumi.Context, 95 name string, args *OrganizationConfigurationArgs, opts ...pulumi.ResourceOption) (*OrganizationConfiguration, error) { 96 if args == nil { 97 return nil, errors.New("missing one or more required arguments") 98 } 99 100 if args.DetectorId == nil { 101 return nil, errors.New("invalid value for required argument 'DetectorId'") 102 } 103 opts = internal.PkgResourceDefaultOpts(opts) 104 var resource OrganizationConfiguration 105 err := ctx.RegisterResource("aws:guardduty/organizationConfiguration:OrganizationConfiguration", name, args, &resource, opts...) 106 if err != nil { 107 return nil, err 108 } 109 return &resource, nil 110 } 111 112 // GetOrganizationConfiguration gets an existing OrganizationConfiguration resource's state with the given name, ID, and optional 113 // state properties that are used to uniquely qualify the lookup (nil if not required). 114 func GetOrganizationConfiguration(ctx *pulumi.Context, 115 name string, id pulumi.IDInput, state *OrganizationConfigurationState, opts ...pulumi.ResourceOption) (*OrganizationConfiguration, error) { 116 var resource OrganizationConfiguration 117 err := ctx.ReadResource("aws:guardduty/organizationConfiguration:OrganizationConfiguration", name, id, state, &resource, opts...) 118 if err != nil { 119 return nil, err 120 } 121 return &resource, nil 122 } 123 124 // Input properties used for looking up and filtering OrganizationConfiguration resources. 125 type organizationConfigurationState struct { 126 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 127 // 128 // Deprecated: Use autoEnableOrganizationMembers instead 129 AutoEnable *bool `pulumi:"autoEnable"` 130 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 131 AutoEnableOrganizationMembers *string `pulumi:"autoEnableOrganizationMembers"` 132 // Configuration for the collected datasources. 133 Datasources *OrganizationConfigurationDatasources `pulumi:"datasources"` 134 // The detector ID of the GuardDuty account. 135 DetectorId *string `pulumi:"detectorId"` 136 } 137 138 type OrganizationConfigurationState struct { 139 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 140 // 141 // Deprecated: Use autoEnableOrganizationMembers instead 142 AutoEnable pulumi.BoolPtrInput 143 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 144 AutoEnableOrganizationMembers pulumi.StringPtrInput 145 // Configuration for the collected datasources. 146 Datasources OrganizationConfigurationDatasourcesPtrInput 147 // The detector ID of the GuardDuty account. 148 DetectorId pulumi.StringPtrInput 149 } 150 151 func (OrganizationConfigurationState) ElementType() reflect.Type { 152 return reflect.TypeOf((*organizationConfigurationState)(nil)).Elem() 153 } 154 155 type organizationConfigurationArgs struct { 156 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 157 // 158 // Deprecated: Use autoEnableOrganizationMembers instead 159 AutoEnable *bool `pulumi:"autoEnable"` 160 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 161 AutoEnableOrganizationMembers *string `pulumi:"autoEnableOrganizationMembers"` 162 // Configuration for the collected datasources. 163 Datasources *OrganizationConfigurationDatasources `pulumi:"datasources"` 164 // The detector ID of the GuardDuty account. 165 DetectorId string `pulumi:"detectorId"` 166 } 167 168 // The set of arguments for constructing a OrganizationConfiguration resource. 169 type OrganizationConfigurationArgs struct { 170 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 171 // 172 // Deprecated: Use autoEnableOrganizationMembers instead 173 AutoEnable pulumi.BoolPtrInput 174 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 175 AutoEnableOrganizationMembers pulumi.StringPtrInput 176 // Configuration for the collected datasources. 177 Datasources OrganizationConfigurationDatasourcesPtrInput 178 // The detector ID of the GuardDuty account. 179 DetectorId pulumi.StringInput 180 } 181 182 func (OrganizationConfigurationArgs) ElementType() reflect.Type { 183 return reflect.TypeOf((*organizationConfigurationArgs)(nil)).Elem() 184 } 185 186 type OrganizationConfigurationInput interface { 187 pulumi.Input 188 189 ToOrganizationConfigurationOutput() OrganizationConfigurationOutput 190 ToOrganizationConfigurationOutputWithContext(ctx context.Context) OrganizationConfigurationOutput 191 } 192 193 func (*OrganizationConfiguration) ElementType() reflect.Type { 194 return reflect.TypeOf((**OrganizationConfiguration)(nil)).Elem() 195 } 196 197 func (i *OrganizationConfiguration) ToOrganizationConfigurationOutput() OrganizationConfigurationOutput { 198 return i.ToOrganizationConfigurationOutputWithContext(context.Background()) 199 } 200 201 func (i *OrganizationConfiguration) ToOrganizationConfigurationOutputWithContext(ctx context.Context) OrganizationConfigurationOutput { 202 return pulumi.ToOutputWithContext(ctx, i).(OrganizationConfigurationOutput) 203 } 204 205 // OrganizationConfigurationArrayInput is an input type that accepts OrganizationConfigurationArray and OrganizationConfigurationArrayOutput values. 206 // You can construct a concrete instance of `OrganizationConfigurationArrayInput` via: 207 // 208 // OrganizationConfigurationArray{ OrganizationConfigurationArgs{...} } 209 type OrganizationConfigurationArrayInput interface { 210 pulumi.Input 211 212 ToOrganizationConfigurationArrayOutput() OrganizationConfigurationArrayOutput 213 ToOrganizationConfigurationArrayOutputWithContext(context.Context) OrganizationConfigurationArrayOutput 214 } 215 216 type OrganizationConfigurationArray []OrganizationConfigurationInput 217 218 func (OrganizationConfigurationArray) ElementType() reflect.Type { 219 return reflect.TypeOf((*[]*OrganizationConfiguration)(nil)).Elem() 220 } 221 222 func (i OrganizationConfigurationArray) ToOrganizationConfigurationArrayOutput() OrganizationConfigurationArrayOutput { 223 return i.ToOrganizationConfigurationArrayOutputWithContext(context.Background()) 224 } 225 226 func (i OrganizationConfigurationArray) ToOrganizationConfigurationArrayOutputWithContext(ctx context.Context) OrganizationConfigurationArrayOutput { 227 return pulumi.ToOutputWithContext(ctx, i).(OrganizationConfigurationArrayOutput) 228 } 229 230 // OrganizationConfigurationMapInput is an input type that accepts OrganizationConfigurationMap and OrganizationConfigurationMapOutput values. 231 // You can construct a concrete instance of `OrganizationConfigurationMapInput` via: 232 // 233 // OrganizationConfigurationMap{ "key": OrganizationConfigurationArgs{...} } 234 type OrganizationConfigurationMapInput interface { 235 pulumi.Input 236 237 ToOrganizationConfigurationMapOutput() OrganizationConfigurationMapOutput 238 ToOrganizationConfigurationMapOutputWithContext(context.Context) OrganizationConfigurationMapOutput 239 } 240 241 type OrganizationConfigurationMap map[string]OrganizationConfigurationInput 242 243 func (OrganizationConfigurationMap) ElementType() reflect.Type { 244 return reflect.TypeOf((*map[string]*OrganizationConfiguration)(nil)).Elem() 245 } 246 247 func (i OrganizationConfigurationMap) ToOrganizationConfigurationMapOutput() OrganizationConfigurationMapOutput { 248 return i.ToOrganizationConfigurationMapOutputWithContext(context.Background()) 249 } 250 251 func (i OrganizationConfigurationMap) ToOrganizationConfigurationMapOutputWithContext(ctx context.Context) OrganizationConfigurationMapOutput { 252 return pulumi.ToOutputWithContext(ctx, i).(OrganizationConfigurationMapOutput) 253 } 254 255 type OrganizationConfigurationOutput struct{ *pulumi.OutputState } 256 257 func (OrganizationConfigurationOutput) ElementType() reflect.Type { 258 return reflect.TypeOf((**OrganizationConfiguration)(nil)).Elem() 259 } 260 261 func (o OrganizationConfigurationOutput) ToOrganizationConfigurationOutput() OrganizationConfigurationOutput { 262 return o 263 } 264 265 func (o OrganizationConfigurationOutput) ToOrganizationConfigurationOutputWithContext(ctx context.Context) OrganizationConfigurationOutput { 266 return o 267 } 268 269 // *Deprecated:* Use `autoEnableOrganizationMembers` instead. When this setting is enabled, all new accounts that are created in, or added to, the organization are added as a member accounts of the organization’s GuardDuty delegated administrator and GuardDuty is enabled in that AWS Region. 270 // 271 // Deprecated: Use autoEnableOrganizationMembers instead 272 func (o OrganizationConfigurationOutput) AutoEnable() pulumi.BoolOutput { 273 return o.ApplyT(func(v *OrganizationConfiguration) pulumi.BoolOutput { return v.AutoEnable }).(pulumi.BoolOutput) 274 } 275 276 // Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are `ALL`, `NEW`, `NONE`. 277 func (o OrganizationConfigurationOutput) AutoEnableOrganizationMembers() pulumi.StringOutput { 278 return o.ApplyT(func(v *OrganizationConfiguration) pulumi.StringOutput { return v.AutoEnableOrganizationMembers }).(pulumi.StringOutput) 279 } 280 281 // Configuration for the collected datasources. 282 func (o OrganizationConfigurationOutput) Datasources() OrganizationConfigurationDatasourcesOutput { 283 return o.ApplyT(func(v *OrganizationConfiguration) OrganizationConfigurationDatasourcesOutput { return v.Datasources }).(OrganizationConfigurationDatasourcesOutput) 284 } 285 286 // The detector ID of the GuardDuty account. 287 func (o OrganizationConfigurationOutput) DetectorId() pulumi.StringOutput { 288 return o.ApplyT(func(v *OrganizationConfiguration) pulumi.StringOutput { return v.DetectorId }).(pulumi.StringOutput) 289 } 290 291 type OrganizationConfigurationArrayOutput struct{ *pulumi.OutputState } 292 293 func (OrganizationConfigurationArrayOutput) ElementType() reflect.Type { 294 return reflect.TypeOf((*[]*OrganizationConfiguration)(nil)).Elem() 295 } 296 297 func (o OrganizationConfigurationArrayOutput) ToOrganizationConfigurationArrayOutput() OrganizationConfigurationArrayOutput { 298 return o 299 } 300 301 func (o OrganizationConfigurationArrayOutput) ToOrganizationConfigurationArrayOutputWithContext(ctx context.Context) OrganizationConfigurationArrayOutput { 302 return o 303 } 304 305 func (o OrganizationConfigurationArrayOutput) Index(i pulumi.IntInput) OrganizationConfigurationOutput { 306 return pulumi.All(o, i).ApplyT(func(vs []interface{}) *OrganizationConfiguration { 307 return vs[0].([]*OrganizationConfiguration)[vs[1].(int)] 308 }).(OrganizationConfigurationOutput) 309 } 310 311 type OrganizationConfigurationMapOutput struct{ *pulumi.OutputState } 312 313 func (OrganizationConfigurationMapOutput) ElementType() reflect.Type { 314 return reflect.TypeOf((*map[string]*OrganizationConfiguration)(nil)).Elem() 315 } 316 317 func (o OrganizationConfigurationMapOutput) ToOrganizationConfigurationMapOutput() OrganizationConfigurationMapOutput { 318 return o 319 } 320 321 func (o OrganizationConfigurationMapOutput) ToOrganizationConfigurationMapOutputWithContext(ctx context.Context) OrganizationConfigurationMapOutput { 322 return o 323 } 324 325 func (o OrganizationConfigurationMapOutput) MapIndex(k pulumi.StringInput) OrganizationConfigurationOutput { 326 return pulumi.All(o, k).ApplyT(func(vs []interface{}) *OrganizationConfiguration { 327 return vs[0].(map[string]*OrganizationConfiguration)[vs[1].(string)] 328 }).(OrganizationConfigurationOutput) 329 } 330 331 func init() { 332 pulumi.RegisterInputType(reflect.TypeOf((*OrganizationConfigurationInput)(nil)).Elem(), &OrganizationConfiguration{}) 333 pulumi.RegisterInputType(reflect.TypeOf((*OrganizationConfigurationArrayInput)(nil)).Elem(), OrganizationConfigurationArray{}) 334 pulumi.RegisterInputType(reflect.TypeOf((*OrganizationConfigurationMapInput)(nil)).Elem(), OrganizationConfigurationMap{}) 335 pulumi.RegisterOutputType(OrganizationConfigurationOutput{}) 336 pulumi.RegisterOutputType(OrganizationConfigurationArrayOutput{}) 337 pulumi.RegisterOutputType(OrganizationConfigurationMapOutput{}) 338 }