Permissions for @turbot/aws-guardduty
Taking a look at permissions and associated grant levels for each permission for GuardDuty:
Permission | Grant Level | Help |
---|---|---|
guardduty:AcceptInvitation | Admin | |
guardduty:ArchiveFindings | Admin | |
guardduty:CreateDetector | Admin | |
guardduty:CreateFilter | Admin | |
guardduty:CreateIPSet | Admin | |
guardduty:CreateMembers | Admin | |
guardduty:CreatePublishingDestination | Admin | |
guardduty:CreateSampleFindings | Admin | |
guardduty:CreateThreatIntelSet | Admin | |
guardduty:DeclineInvitations | Admin | |
guardduty:DeleteDetector | Admin | |
guardduty:DeleteFilter | Admin | |
guardduty:DeleteIPSet | Admin | |
guardduty:DeleteInvitations | Admin | Deletes invitations sent to the current member account by AWS accounts specified by their account IDs |
guardduty:DeleteMembers | Admin | |
guardduty:DeletePublishingDestination | Admin | |
guardduty:DeleteThreatIntelSet | Admin | |
guardduty:DescribePublishingDestination | ReadOnly | |
guardduty:DisassociateFromMasterAccount | Admin | |
guardduty:DisassociateMembers | Admin | |
guardduty:GetDetector | Metadata | |
guardduty:GetFilter | Metadata | |
guardduty:GetFindings | ReadOnly | |
guardduty:GetFindingsStatistics | Metadata | |
guardduty:GetIPSet | Metadata | |
guardduty:GetInvitationsCount | Metadata | |
guardduty:GetMasterAccount | ReadOnly | |
guardduty:GetMembers | Metadata | Returns the details on the GuardDuty member accounts specified by the account IDs. |
guardduty:GetThreatIntelSet | Metadata | |
guardduty:InviteMembers | Admin | |
guardduty:ListDetectors | Metadata | |
guardduty:ListFilters | Metadata | |
guardduty:ListFindings | Metadata | |
guardduty:ListIPSets | Metadata | |
guardduty:ListInvitations | Metadata | |
guardduty:ListMembers | ReadOnly | Lists details about all member accounts for the current GuardDuty master account. |
guardduty:ListPublishingDestinations | ReadOnly | |
guardduty:ListTagsForResource | Metadata | |
guardduty:ListThreatIntelSets | Metadata | Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. |
guardduty:StartMonitoringMembers | Admin | |
guardduty:StopMonitoringMembers | Admin | |
guardduty:TagResource | Admin | |
guardduty:UnarchiveFindings | Admin | |
guardduty:UntagResource | Admin | |
guardduty:UpdateDetector | Admin | |
guardduty:UpdateFilter | Admin | |
guardduty:UpdateFindingsFeedback | Admin | |
guardduty:UpdateIPSet | Admin | |
guardduty:UpdatePublishingDestination | Admin | |
guardduty:UpdateThreatIntelSet | Admin |