AWS::GuardDuty::Master
You can use the AWS::GuardDuty::Master resource in a member account to accept an invitation
from a administrator account. The
invitation to the member account must be sent prior to using the
AWS::GuardDuty::Master resource to accept the administrator
account's invitation. You can invite a member account by using the
InviteMembers operation of the API, or by creating an
AWS::GuardDuty::Member resource.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::GuardDuty::Master", "Properties" : { "DetectorId" :String, "InvitationId" :String, "MasterId" :String} }
YAML
Type: AWS::GuardDuty::Master Properties: DetectorId:StringInvitationId:StringMasterId:String
Properties
DetectorId-
The unique ID of the detector of the GuardDuty member account.
Required: Yes
Type: String
Minimum:
1Maximum:
300Update requires: Replacement
InvitationId-
The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by using the ListInvitation action of the API.
Required: No
Type: String
Update requires: Replacement
MasterId-
The Amazon account ID of the account designated as the administrator account.
Required: Yes
Type: String
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the unique ID of the administrator account, such as
012345678901.
For more information about using the Reffunction, see Ref.
Examples
Declare a Master Resource
To declare a
Master resource:
JSON
"GDMaster": { "Type" : "AWS::GuardDuty::Master", "Properties" : { "DetectorId" : "a12abc34d567e8fa901bc2d34e56789f0", "MasterId" : "012345678901", "InvitationId" : "84b097800250d17d1872b34c4daadcf5" } }
YAML
GDMaster: Type: AWS::GuardDuty::Master Properties: DetectorId: "a12abc34d567e8fa901bc2d34e56789f0" MasterId: "012345678901" InvitationId: "84b097800250d17d1872b34c4daadcf5"