publishing_destinations
Creates, updates, deletes or gets a publishing_destination resource or lists publishing_destinations in a region
Overview
| Name | publishing_destinations |
| Type | Resource |
| Description | Resource Type definition for AWS::GuardDuty::PublishingDestination. |
| Id | awscc.guardduty.publishing_destinations |
Fields
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the publishing destination. |
detector_id | string | The ID of the GuardDuty detector associated with the publishing destination. |
destination_type | string | The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported. |
destination_properties | object | |
status | string | The status of the publishing destination. |
publishing_failure_start_timestamp | string | The time, in epoch millisecond format, at which GuardDuty was first unable to publish findings to the destination. |
tags | array | |
region | string | AWS region. |
For more information, see AWS::GuardDuty::PublishingDestination.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | DetectorId, DestinationType, DestinationProperties, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual publishing_destination.
SELECT
region,
id,
detector_id,
destination_type,
destination_properties,
status,
publishing_failure_start_timestamp,
tags
FROM awscc.guardduty.publishing_destinations
WHERE region = 'us-east-1' AND data__Identifier = '<DetectorId>|<Id>';
INSERT example
Use the following StackQL query and manifest file to create a new publishing_destination resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.guardduty.publishing_destinations (
DetectorId,
DestinationType,
DestinationProperties,
region
)
SELECT
'{{ DetectorId }}',
'{{ DestinationType }}',
'{{ DestinationProperties }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.guardduty.publishing_destinations (
DetectorId,
DestinationType,
DestinationProperties,
Tags,
region
)
SELECT
'{{ DetectorId }}',
'{{ DestinationType }}',
'{{ DestinationProperties }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: publishing_destination
props:
- name: DetectorId
value: '{{ DetectorId }}'
- name: DestinationType
value: '{{ DestinationType }}'
- name: DestinationProperties
value:
DestinationArn: '{{ DestinationArn }}'
KmsKeyArn: '{{ KmsKeyArn }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
DELETE example
/*+ delete */
DELETE FROM awscc.guardduty.publishing_destinations
WHERE data__Identifier = '<DetectorId|Id>'
AND region = 'us-east-1';
Permissions
To operate on the publishing_destinations resource, the following permissions are required:
Create
guardduty:CreatePublishingDestination,
guardduty:TagResource,
guardduty:DescribePublishingDestination,
guardduty:ListTagsForResource
Read
guardduty:DescribePublishingDestination,
guardduty:ListTagsForResource
Update
guardduty:UpdatePublishingDestination,
guardduty:TagResource,
guardduty:UntagResource,
guardduty:ListTagsForResource,
guardduty:DescribePublishingDestination
Delete
guardduty:DeletePublishingDestination,
guardduty:DescribePublishingDestination
List
guardduty:ListPublishingDestinations