ThreatIntelSet
The ThreatIntelSet resource allows you to manage AWS GuardDuty ThreatIntelSets which are used to provide additional intelligence data to enhance threat detection.
Minimal Example
Section titled “Minimal Example”Create a basic ThreatIntelSet with required properties and some common optional settings.
import AWS from "alchemy/aws/control";
const threatIntelSet = await AWS.GuardDuty.ThreatIntelSet("basicIntelSet", { format: "TXT", location: "https://example.com/threat-intel.txt", activate: true, detectorId: "detector-1234567890abcdef"});Advanced Configuration
Section titled “Advanced Configuration”Configure a ThreatIntelSet with additional tags for better resource management.
const advancedThreatIntelSet = await AWS.GuardDuty.ThreatIntelSet("advancedIntelSet", { format: "JSON", location: "https://example.com/advanced-intel.json", activate: false, detectorId: "detector-abcdef1234567890", tags: [ { Key: "Environment", Value: "Production" }, { Key: "Project", Value: "Security" } ]});Updating an Existing ThreatIntelSet
Section titled “Updating an Existing ThreatIntelSet”Adopt an existing ThreatIntelSet instead of failing if it already exists.
const existingThreatIntelSet = await AWS.GuardDuty.ThreatIntelSet("existingIntelSet", { format: "CSV", location: "https://example.com/existing-intel.csv", activate: true, detectorId: "detector-fedcba0987654321", adopt: true});Using Tags for Resource Management
Section titled “Using Tags for Resource Management”Create a ThreatIntelSet with specific tags to help with organization and billing.
const taggedThreatIntelSet = await AWS.GuardDuty.ThreatIntelSet("taggedIntelSet", { format: "TXT", location: "https://example.com/tagged-intel.txt", activate: true, detectorId: "detector-12345abcdef", tags: [ { Key: "Department", Value: "IT" }, { Key: "Compliance", Value: "GDPR" } ]});