Member

Provides a resource to manage a GuardDuty member. To accept invitations in member accounts, see the aws.guardduty.InviteAccepter resource.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var master = new Aws.GuardDuty.Detector("master", new Aws.GuardDuty.DetectorArgs
        {
            Enable = true,
        });
        var memberDetector = new Aws.GuardDuty.Detector("memberDetector", new Aws.GuardDuty.DetectorArgs
        {
            Enable = true,
        }, new CustomResourceOptions
        {
            Provider = "aws.dev",
        });
        var memberMember = new Aws.GuardDuty.Member("memberMember", new Aws.GuardDuty.MemberArgs
        {
            AccountId = memberDetector.AccountId,
            DetectorId = master.Id,
            Email = "required@example.com",
            Invite = true,
            InvitationMessage = "please accept guardduty invitation",
        });
    }

}

package main

import (
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/guardduty"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        master, err := guardduty.NewDetector(ctx, "master", &guardduty.DetectorArgs{
            Enable: pulumi.Bool(true),
        })
        if err != nil {
            return err
        }
        memberDetector, err := guardduty.NewDetector(ctx, "memberDetector", &guardduty.DetectorArgs{
            Enable: pulumi.Bool(true),
        }, pulumi.Provider("aws.dev"))
        if err != nil {
            return err
        }
        _, err = guardduty.NewMember(ctx, "memberMember", &guardduty.MemberArgs{
            AccountId:         memberDetector.AccountId,
            DetectorId:        master.ID(),
            Email:             pulumi.String("required@example.com"),
            Invite:            pulumi.Bool(true),
            InvitationMessage: pulumi.String("please accept guardduty invitation"),
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

master = aws.guardduty.Detector("master", enable=True)
member_detector = aws.guardduty.Detector("memberDetector", enable=True,
opts=ResourceOptions(provider="aws.dev"))
member_member = aws.guardduty.Member("memberMember",
    account_id=member_detector.account_id,
    detector_id=master.id,
    email="required@example.com",
    invite=True,
    invitation_message="please accept guardduty invitation")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const master = new aws.guardduty.Detector("master", {enable: true});
const memberDetector = new aws.guardduty.Detector("memberDetector", {enable: true}, {
    provider: "aws.dev",
});
const memberMember = new aws.guardduty.Member("memberMember", {
    accountId: memberDetector.accountId,
    detectorId: master.id,
    email: "required@example.com",
    invite: true,
    invitationMessage: "please accept guardduty invitation",
});

Create a Member Resource

new Member(name: string, args: MemberArgs, opts?: CustomResourceOptions);

def Member(resource_name, opts=None, account_id=None, detector_id=None, disable_email_notification=None, email=None, invitation_message=None, invite=None, __props__=None);

func NewMember(ctx *Context, name string, args MemberArgs, opts ...ResourceOption) (*Member, error)

public Member(string name, MemberArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args MemberArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args MemberArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args MemberArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

Member Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Member resource accepts the following input properties:

AccountId string: AWS account ID for member account.
DetectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
Email string: Email address for member account.
DisableEmailNotification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
InvitationMessage string: Message for invitation.
Invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.

AccountId string: AWS account ID for member account.
DetectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
Email string: Email address for member account.
DisableEmailNotification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
InvitationMessage string: Message for invitation.
Invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.

accountId string: AWS account ID for member account.
detectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
email string: Email address for member account.
disableEmailNotification boolean: Boolean whether an email notification is sent to the accounts. Defaults to false.
invitationMessage string: Message for invitation.
invite boolean: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.

account_id str: AWS account ID for member account.
detector_id str: The detector ID of the GuardDuty account where you want to create member accounts.
email str: Email address for member account.
disable_email_notification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
invitation_message str: Message for invitation.
invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.

Outputs

All input properties are implicitly available as output properties. Additionally, the Member resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
RelationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

Id string: The provider-assigned unique ID for this managed resource.
RelationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

id string: The provider-assigned unique ID for this managed resource.
relationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

id str: The provider-assigned unique ID for this managed resource.
relationship_status str: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

Look up an Existing Member Resource

Get an existing Member resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: MemberState, opts?: CustomResourceOptions): Member

static get(resource_name, id, opts=None, account_id=None, detector_id=None, disable_email_notification=None, email=None, invitation_message=None, invite=None, relationship_status=None, __props__=None);

func GetMember(ctx *Context, name string, id IDInput, state *MemberState, opts ...ResourceOption) (*Member, error)

public static Member Get(string name, Input<string> id, MemberState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string: AWS account ID for member account.
DetectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
DisableEmailNotification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
Email string: Email address for member account.
InvitationMessage string: Message for invitation.
Invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.
RelationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

AccountId string: AWS account ID for member account.
DetectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
DisableEmailNotification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
Email string: Email address for member account.
InvitationMessage string: Message for invitation.
Invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.
RelationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

accountId string: AWS account ID for member account.
detectorId string: The detector ID of the GuardDuty account where you want to create member accounts.
disableEmailNotification boolean: Boolean whether an email notification is sent to the accounts. Defaults to false.
email string: Email address for member account.
invitationMessage string: Message for invitation.
invite boolean: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.
relationshipStatus string: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

account_id str: AWS account ID for member account.
detector_id str: The detector ID of the GuardDuty account where you want to create member accounts.
disable_email_notification bool: Boolean whether an email notification is sent to the accounts. Defaults to false.
email str: Email address for member account.
invitation_message str: Message for invitation.
invite bool: Boolean whether to invite the account to GuardDuty as a member. Defaults to false. To detect if an invitation needs to be (re-)sent, the this provider state value is true based on a relationship_status of Disabled, Enabled, Invited, or EmailVerificationInProgress.
relationship_status str: The status of the relationship between the member account and its master account. More information can be found in Amazon GuardDuty API Reference.

Package Details

Repository: https://github.com/pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud