AWS::GuardDuty::IPSet - Amazon CloudFormation
SyntaxPropertiesReturn valuesExamples
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::GuardDuty::IPSet

The AWS::GuardDuty::IPSet resource specifies a new IPSet. An IPSet is a list of trusted IP addresses from which secure communication is allowed with Amazon infrastructure and applications.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::GuardDuty::IPSet",
  "Properties" : {
      "Activate" : Boolean,
      "DetectorId" : String,
      "Format" : String,
      "Location" : String,
      "Name" : String,
      "Tags" : [ Tag, ... ]
    }
}

YAML

Type: AWS::GuardDuty::IPSet
Properties: 
  Activate: Boolean
  DetectorId: String
  Format: String
  Location: String
  Name: String
  Tags: 
    - Tag

Properties

Activate

Indicates whether or not uses the IPSet.

Required: Yes

Type: Boolean

Update requires: No interruption

DetectorId

The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.

Required: Yes

Type: String

Minimum: 1

Maximum: 300

Update requires: Replacement

Format

The format of the file that contains the IPSet.

Required: Yes

Type: String

Allowed values: ALIEN_VAULT | FIRE_EYE | OTX_CSV | PROOF_POINT | STIX | TXT

Update requires: Replacement

Location

The URI of the file that contains the IPSet.

Required: Yes

Type: String

Minimum: 1

Maximum: 300

Update requires: No interruption

Name

The user-friendly name to identify the IPSet.

Allowed characters are alphanumeric, whitespace, dash (-), and underscores (_).

Required: No

Type: String

Minimum: 1

Maximum: 300

Update requires: No interruption

Tags

The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.

For more information, see Tag.

Required: No

Type: List of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the unique ID of the IPSet.

For more information about using the Reffunction, see Ref.

Examples

Declare an IPSet Resource

The following example shows how to declare a IPSet resource:

JSON

"myipset": {
    "Type" : "AWS::GuardDuty::IPSet",
    "Properties" : {
        "Activate" : True,
        "DetectorId" : "12abc34d567e8f4912ab3d45e67891f2",
        "Format" : "TXT",
        "Location" : "https://s3-us-west-2.amazonaws.com/mybucket/myipset.txt",
        "Name" : "MyIPSet"
    }
}

YAML

myipset:
    Type: AWS::GuardDuty::IPSet
    Properties:
        Activate: True
        DetectorId: "12abc34d567e8f4912ab3d45e67891f2"
        Format: "TXT"
        Location: "https://s3-us-west-2.amazonaws.com/mybucket/myipset.txt"
        Name: "MyIPSet"