createThreatEntitySet method

Future<CreateThreatEntitySetResponse> createThreatEntitySet({
  1. required bool activate,
  2. required String detectorId,
  3. required ThreatEntitySetFormat format,
  4. required String location,
  5. required String name,
  6. String? clientToken,
  7. String? expectedBucketOwner,
  8. Map<String, String>? tags,
})

Creates a new threat entity set. In a threat entity set, you can provide known malicious threat entities for your Amazon Web Services environment. GuardDuty generates findings based on the entries in the threat entity sets. Only users of the administrator account can manage entity sets, which automatically apply to member accounts.

May throw BadRequestException. May throw InternalServerErrorException.

Parameter activate : A boolean value that indicates whether GuardDuty should start using the uploaded threat entity set to generate findings.

Parameter detectorId : The unique ID of the detector of the GuardDuty account for which you want to create a threat entity set.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

Parameter format : The format of the file that contains the threat entity set.

Parameter location : The URI of the file that contains the threat entity set. The format of the Location URL must be a valid Amazon S3 URL format. Invalid URL formats will result in an error, regardless of whether you activate the entity set or not. For more information about format of the location URLs, see Format of location URL under Step 2: Adding trusted or threat intelligence data in the Amazon GuardDuty User Guide.

Parameter name : A user-friendly name to identify the threat entity set.

The name of your list can include lowercase letters, uppercase letters, numbers, dash (-), and underscore (_).

Parameter clientToken : The idempotency token for the create request.

Parameter expectedBucketOwner : The Amazon Web Services account ID that owns the Amazon S3 bucket specified in the location parameter.

Parameter tags : The tags to be added to a new threat entity set resource.

Implementation

Future<CreateThreatEntitySetResponse> createThreatEntitySet({
  required bool activate,
  required String detectorId,
  required ThreatEntitySetFormat format,
  required String location,
  required String name,
  String? clientToken,
  String? expectedBucketOwner,
  Map<String, String>? tags,
}) async {
  final $payload = <String, dynamic>{
    'activate': activate,
    'format': format.value,
    'location': location,
    'name': name,
    'clientToken': clientToken ?? _s.generateIdempotencyToken(),
    if (expectedBucketOwner != null)
      'expectedBucketOwner': expectedBucketOwner,
    if (tags != null) 'tags': tags,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri:
        '/detector/${Uri.encodeComponent(detectorId)}/threatentityset',
    exceptionFnMap: _exceptionFns,
  );
  return CreateThreatEntitySetResponse.fromJson(response);
}