Resource: aws_guardduty_ipset

Provides a resource to manage a GuardDuty IPSet.

Example Usage

resource "aws_guardduty_ipset" "example" {
  activate    = true
  detector_id = aws_guardduty_detector.primary.id
  format      = "TXT"
  location    = "https://s3.amazonaws.com/${aws_s3_object.MyIPSet.bucket}/${aws_s3_object.MyIPSet.key}"
  name        = "MyIPSet"
}

resource "aws_guardduty_detector" "primary" {
  enable = true
}

resource "aws_s3_bucket" "bucket" {
  # ... other configuration
}

resource "aws_s3_bucket_acl" "bucket_acl" {
  bucket = aws_s3_bucket.bucket.id
  acl    = "private"
}

resource "aws_s3_object" "MyIPSet" {
  content = "10.0.0.0/8\n"
  bucket  = aws_s3_bucket.bucket.id
  key     = "MyIPSet"
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import GuardDuty IPSet using the primary GuardDuty detector ID and IPSet ID. For example:

import {
  to = aws_guardduty_ipset.MyIPSet
  id = "00b00fd5aecc0ab60a708659477e9617:123456789012"
}

Using terraform import, import GuardDuty IPSet using the primary GuardDuty detector ID and IPSet ID. For example:

% terraform import aws_guardduty_ipset.MyIPSet 00b00fd5aecc0ab60a708659477e9617:123456789012