publishing_destinations
Creates, updates, deletes or gets a publishing_destination resource or lists publishing_destinations in a region
Overview
| Name | publishing_destinations |
| Type | Resource |
| Description | Resource Type definition for AWS::GuardDuty::PublishingDestination. |
| Id | awscc.guardduty.publishing_destinations |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the publishing destination. |
detector_id | string | The ID of the GuardDuty detector associated with the publishing destination. |
destination_type | string | The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported. |
destination_properties | object | |
status | string | The status of the publishing destination. |
publishing_failure_start_timestamp | string | The time, in epoch millisecond format, at which GuardDuty was first unable to publish findings to the destination. |
tags | array | |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the publishing destination. |
detector_id | string | The ID of the GuardDuty detector associated with the publishing destination. |
region | string | AWS region. |
For more information, see AWS::GuardDuty::PublishingDestination.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | publishing_destinations | INSERT | DetectorId, DestinationType, DestinationProperties, region |
delete_resource | publishing_destinations | DELETE | Identifier, region |
update_resource | publishing_destinations | UPDATE | Identifier, PatchDocument, region |
list_resources | publishing_destinations_list_only | SELECT | region |
get_resource | publishing_destinations | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual publishing_destination.
SELECT
region,
id,
detector_id,
destination_type,
destination_properties,
status,
publishing_failure_start_timestamp,
tags
FROM awscc.guardduty.publishing_destinations
WHERE
region = 'us-east-1' AND
Identifier = '{{ detector_id }}|{{ id }}';
Lists all publishing_destinations in a region.
SELECT
region,
detector_id,
id
FROM awscc.guardduty.publishing_destinations_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new publishing_destination resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.guardduty.publishing_destinations (
DetectorId,
DestinationType,
DestinationProperties,
region
)
SELECT
'{{ detector_id }}',
'{{ destination_type }}',
'{{ destination_properties }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.guardduty.publishing_destinations (
DetectorId,
DestinationType,
DestinationProperties,
Tags,
region
)
SELECT
'{{ detector_id }}',
'{{ destination_type }}',
'{{ destination_properties }}',
'{{ tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: publishing_destination
props:
- name: detector_id
value: '{{ detector_id }}'
- name: destination_type
value: '{{ destination_type }}'
- name: destination_properties
value:
destination_arn: '{{ destination_arn }}'
kms_key_arn: '{{ kms_key_arn }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a publishing_destination resource, using stack-deploy.
/*+ update */
UPDATE awscc.guardduty.publishing_destinations
SET PatchDocument = string('{{ {
"DestinationType": destination_type,
"DestinationProperties": destination_properties,
"Tags": tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ detector_id }}|{{ id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.guardduty.publishing_destinations
WHERE
Identifier = '{{ detector_id }}|{{ id }}' AND
region = 'us-east-1';
Permissions
To operate on the publishing_destinations resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
guardduty:CreatePublishingDestination,
guardduty:TagResource,
guardduty:DescribePublishingDestination,
guardduty:ListTagsForResource
guardduty:DescribePublishingDestination,
guardduty:ListTagsForResource
guardduty:UpdatePublishingDestination,
guardduty:TagResource,
guardduty:UntagResource,
guardduty:ListTagsForResource,
guardduty:DescribePublishingDestination
guardduty:DeletePublishingDestination,
guardduty:DescribePublishingDestination
guardduty:ListPublishingDestinations