Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-publishing-destination
--detector-id <value>
--destination-type <value>
--destination-properties <value>
[--client-token <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--detector-id
(string)
The ID of the GuardDuty detector associated with the publishing destination.
--destination-type
(string)
The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported.
Possible values:
S3
--destination-properties
(structure)
The properties of the publishing destination, including the ARNs for the destination and the KMS key used for encryption.
DestinationArn -> (string)
The ARN of the resource to publish to.
To specify an S3 bucket folder use the following format:
arn:aws:s3:::DOC-EXAMPLE-BUCKET/myFolder/
KmsKeyArn -> (string)
The ARN of the KMS key to use for encryption.
Shorthand Syntax:
DestinationArn=string,KmsKeyArn=string
JSON Syntax:
{
"DestinationArn": "string",
"KmsKeyArn": "string"
}
--client-token
(string)
The idempotency token for the request.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To create a publishing destination to export GuardDuty findings in the current region to.
This example shows how to create a publishing destination for GuardDuty findings.
aws guardduty create-publishing-destination \
--detector-id b6b992d6d2f48e64bc59180bfexample \
--destination-type S3 \
--destination-properties DestinationArn=arn:aws:s3:::yourbucket,KmsKeyArn=arn:aws:kms:us-west-1:111122223333:key/84cee9c5-dea1-401a-ab6d-e1de7example
Output:
{
"DestinationId": "46b99823849e1bbc242dfbe3cexample"
}
For more information, see Exporting findings in the GuardDuty User Guide.