createThreatIntelSet method

Future<CreateThreatIntelSetResponse> createThreatIntelSet({
  1. required bool activate,
  2. required String detectorId,
  3. required ThreatIntelSetFormat format,
  4. required String location,
  5. required String name,
  6. String? clientToken,
  7. String? expectedBucketOwner,
  8. Map<String, String>? tags,
})

Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator account can use this operation.

May throw AccessDeniedException. May throw BadRequestException. May throw InternalServerErrorException.

Parameter activate : A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.

Parameter detectorId : The unique ID of the detector of the GuardDuty account for which you want to create a threatIntelSet.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

Parameter format : The format of the file that contains the ThreatIntelSet.

Parameter location : The URI of the file that contains the ThreatIntelSet.

Parameter name : A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.

Parameter clientToken : The idempotency token for the create request.

Parameter expectedBucketOwner : The Amazon Web Services account ID that owns the Amazon S3 bucket specified in the location parameter.

Parameter tags : The tags to be added to a new threat list resource.

Implementation

Future<CreateThreatIntelSetResponse> createThreatIntelSet({
  required bool activate,
  required String detectorId,
  required ThreatIntelSetFormat format,
  required String location,
  required String name,
  String? clientToken,
  String? expectedBucketOwner,
  Map<String, String>? tags,
}) async {
  final $payload = <String, dynamic>{
    'activate': activate,
    'format': format.value,
    'location': location,
    'name': name,
    'clientToken': clientToken ?? _s.generateIdempotencyToken(),
    if (expectedBucketOwner != null)
      'expectedBucketOwner': expectedBucketOwner,
    if (tags != null) 'tags': tags,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/detector/${Uri.encodeComponent(detectorId)}/threatintelset',
    exceptionFnMap: _exceptionFns,
  );
  return CreateThreatIntelSetResponse.fromJson(response);
}