Creates a new behavior graph for the calling account, and sets that account as the master account. This operation is called by the account that is enabling Detective.
Before you try to enable Detective, make sure that your account has been enrolled in Amazon GuardDuty for at least 48 hours. If you do not meet this requirement, you cannot enable Detective. If you do meet the GuardDuty prerequisite, then when you make the request to enable Detective, it checks whether your data volume is within the Detective quota. If it exceeds the quota, then you cannot enable Detective.
The operation also enables Detective for the calling account in the currently selected Region. It returns the ARN of the new behavior graph.
CreateGraph
triggers a process to create the corresponding data tables for the new behavior graph.
An account can only be the master account for one behavior graph within a Region. If the same account calls CreateGraph
with the same master account, it always returns the same behavior graph ARN. It does not create a new behavior graph.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-graph
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To enable Amazon Detective and create a new behavior graph
The following create-graph
example enables Detective for the AWS account that runs the command in the Region where the command is run. The command creates a new behavior graph with that account as its master account.
aws detective create-graph
Output:
{
"GraphArn": "arn:aws:detective:us-east-1:111122223333:graph:027c7c4610ea4aacaf0b883093cab899"
}
For more information, see Enabling Amazon Detective in the Amazon Detective Administration Guide.