Skip to main content

🔌 AWS GuardDuty Detector - object.extracts.yaml

  • Contextual name: 🔌 object.extracts.yaml
  • ID: /types/CA10__CaAwsGuardDutyDetector__c/object.extracts.yaml

Used In

LogicPolicyFlags
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector EKS Audit Log Monitoring is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector Lambda Protection is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector Malware Protection for EC2 is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector RDS Protection is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector Runtime Monitoring is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty Detector S3 Protection is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS GuardDuty is not enabled in all regions🟢🟢 x3

Content

Open File

---
extracts:
# Values: ENABLED | DISABLED. Not Nullable.
  - name: "CA10__status__c"
    value:
      FIELD:
        path: "CA10__status__c"
        undeterminedIf:
          noAccessDelegate:
            path: "CA10__status__c"
            currentStateMessage: "The status cannot be empty. Possible permission issue with guardduty:GetDetector."
  - name: "CA10__dataSourcesJson__c"
    value:
      FIELD:
        path: "CA10__dataSourcesJson__c"
        undeterminedIf:
          noAccessDelegate:
            path: "CA10__dataSourcesJson__c"
            currentStateMessage: "The Data Sources cannot be empty. Possible permission issue with guardduty:GetDetector."
  - name: "caJsonFrom__dataSourcesJson__c"
    value:
      JSON_FROM:
        arg:
          EXTRACT: "CA10__dataSourcesJson__c"
        undeterminedIf:
          isInvalid: "The Data Sources JSON is invalid."
  - name: "CA10__featuresJson__c"
    value:
      FIELD:
        path: "CA10__featuresJson__c"
        undeterminedIf:
          noAccessDelegate:
            path: "CA10__featuresJson__c"
            currentStateMessage: "The Features cannot be empty. Possible permission issue with guardduty:GetDetector."
  - name: "caJsonFrom__featuresJson__c"
    value:
      JSON_FROM:
        arg:
          EXTRACT: "CA10__featuresJson__c"
        undeterminedIf:
          isInvalid: "The Data Sources JSON is invalid."