Resource: awsGuarddutyInviteAccepter
Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct primary account on read, and disassociate with the primary account upon removal.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsPrimary = new aws.provider.AwsProvider(this, "aws", {
alias: "primary",
});
const awsMember = new aws.provider.AwsProvider(this, "aws_1", {
alias: "member",
});
const awsGuarddutyDetectorMember = new aws.guarddutyDetector.GuarddutyDetector(
this,
"member",
{
provider: `\${${awsMember.fqn}}`,
}
);
const awsGuarddutyDetectorPrimary = new aws.guarddutyDetector.GuarddutyDetector(
this,
"primary",
{
provider: `\${${awsPrimary.fqn}}`,
}
);
const awsGuarddutyMemberMember = new aws.guarddutyMember.GuarddutyMember(
this,
"member_4",
{
accountId: awsGuarddutyDetectorMember.accountId,
detectorId: awsGuarddutyDetectorPrimary.id,
email: "required@example.com",
invite: true,
provider: `\${${awsPrimary.fqn}}`,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsGuarddutyMemberMember.overrideLogicalId("member");
const awsGuarddutyInviteAccepterMember =
new aws.guarddutyInviteAccepter.GuarddutyInviteAccepter(this, "member_5", {
depends_on: [`\${${awsGuarddutyMemberMember.fqn}}`],
detectorId: awsGuarddutyDetectorMember.id,
masterAccountId: awsGuarddutyDetectorPrimary.accountId,
provider: `\${${awsMember.fqn}}`,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsGuarddutyInviteAccepterMember.overrideLogicalId("member");
Argument Reference
The following arguments are supported:
detectorId
- (Required) The detector ID of the member GuardDuty account.masterAccountId
- (Required) AWS account ID for primary account.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- GuardDuty member detector ID
Timeouts
create
- (Default1M
)
Import
awsGuarddutyInviteAccepter
can be imported using the member GuardDuty detector ID, e.g.,