Skip to content

Resource: awsGuarddutyInviteAccepter

Provides a resource to accept a pending GuardDuty invite on creation, ensure the detector has the correct primary account on read, and disassociate with the primary account upon removal.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsPrimary = new aws.provider.AwsProvider(this, "aws", {
  alias: "primary",
});
const awsMember = new aws.provider.AwsProvider(this, "aws_1", {
  alias: "member",
});
const awsGuarddutyDetectorMember = new aws.guarddutyDetector.GuarddutyDetector(
  this,
  "member",
  {
    provider: `\${${awsMember.fqn}}`,
  }
);
const awsGuarddutyDetectorPrimary = new aws.guarddutyDetector.GuarddutyDetector(
  this,
  "primary",
  {
    provider: `\${${awsPrimary.fqn}}`,
  }
);
const awsGuarddutyMemberMember = new aws.guarddutyMember.GuarddutyMember(
  this,
  "member_4",
  {
    accountId: awsGuarddutyDetectorMember.accountId,
    detectorId: awsGuarddutyDetectorPrimary.id,
    email: "required@example.com",
    invite: true,
    provider: `\${${awsPrimary.fqn}}`,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsGuarddutyMemberMember.overrideLogicalId("member");
const awsGuarddutyInviteAccepterMember =
  new aws.guarddutyInviteAccepter.GuarddutyInviteAccepter(this, "member_5", {
    depends_on: [`\${${awsGuarddutyMemberMember.fqn}}`],
    detectorId: awsGuarddutyDetectorMember.id,
    masterAccountId: awsGuarddutyDetectorPrimary.accountId,
    provider: `\${${awsMember.fqn}}`,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsGuarddutyInviteAccepterMember.overrideLogicalId("member");

Argument Reference

The following arguments are supported:

  • detectorId - (Required) The detector ID of the member GuardDuty account.
  • masterAccountId - (Required) AWS account ID for primary account.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - GuardDuty member detector ID

Timeouts

Configuration options:

  • create - (Default 1M)

Import

awsGuarddutyInviteAccepter can be imported using the member GuardDuty detector ID, e.g.,

$ terraform import aws_guardduty_invite_accepter.member 00b00fd5aecc0ab60a708659477e9617