Update Organization Configuration
guardduty_update_organization_configuration | R Documentation |
Configures the delegated administrator account with the provided values¶
Description¶
Configures the delegated administrator account with the provided values.
You must provide a value for either autoEnableOrganizationMembers
or
autoEnable
, but not both.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING
) and
Runtime Monitoring (RUNTIME_MONITORING
) will cause an error. You can
add only one of these two features because Runtime Monitoring already
includes the threat detection for Amazon EKS resources. For more
information, see Runtime
Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
Usage¶
guardduty_update_organization_configuration(DetectorId, AutoEnable,
DataSources, Features, AutoEnableOrganizationMembers)
Arguments¶
DetectorId
[required] The ID of the detector that configures the delegated administrator.
AutoEnable
Represents whether or not to automatically enable member accounts in the organization.
Even though this is still supported, we recommend using
AutoEnableOrganizationMembers
to achieve the similar results. You must provide a value for eitherautoEnableOrganizationMembers
orautoEnable
.DataSources
Describes which data sources will be updated.
Features
A list of features that will be configured for the organization.
AutoEnableOrganizationMembers
Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. You must provide a value for either
autoEnableOrganizationMembers
orautoEnable
.Use one of the following configuration values for
autoEnableOrganizationMembers
:NEW
: Indicates that when a new account joins the organization, they will have GuardDuty enabled automatically.ALL
: Indicates that all accounts in the organization have GuardDuty enabled automatically. This includesNEW
accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty.It may take up to 24 hours to update the configuration for all the member accounts.
NONE
: Indicates that GuardDuty will not be automatically enabled for any account in the organization. The administrator must manage GuardDuty for each account in the organization individually.When you update the auto-enable setting from
ALL
orNEW
toNONE
, this action doesn't disable the corresponding option for your existing accounts. This configuration will apply to the new accounts that join the organization. After you update the auto-enable settings, no new account will have the corresponding option as enabled.
Value¶
An empty list.
Request syntax¶
svc$update_organization_configuration(
DetectorId = "string",
AutoEnable = TRUE|FALSE,
DataSources = list(
S3Logs = list(
AutoEnable = TRUE|FALSE
),
Kubernetes = list(
AuditLogs = list(
AutoEnable = TRUE|FALSE
)
),
MalwareProtection = list(
ScanEc2InstanceWithFindings = list(
EbsVolumes = list(
AutoEnable = TRUE|FALSE
)
)
)
),
Features = list(
list(
Name = "S3_DATA_EVENTS"|"EKS_AUDIT_LOGS"|"EBS_MALWARE_PROTECTION"|"RDS_LOGIN_EVENTS"|"EKS_RUNTIME_MONITORING"|"LAMBDA_NETWORK_LOGS"|"RUNTIME_MONITORING",
AutoEnable = "NEW"|"NONE"|"ALL",
AdditionalConfiguration = list(
list(
Name = "EKS_ADDON_MANAGEMENT"|"ECS_FARGATE_AGENT_MANAGEMENT"|"EC2_AGENT_MANAGEMENT",
AutoEnable = "NEW"|"NONE"|"ALL"
)
)
)
),
AutoEnableOrganizationMembers = "NEW"|"ALL"|"NONE"
)