GuardDuty / Client / describe_organization_configuration
describe_organization_configuration#
- GuardDuty.Client.describe_organization_configuration(**kwargs)#
Returns information about the account selected as the delegated administrator for GuardDuty.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
See also: AWS API Documentation
Request Syntax
response = client.describe_organization_configuration( DetectorId='string', MaxResults=123, NextToken='string' )
- Parameters:
DetectorId (string) –
[REQUIRED]
The ID of the detector to retrieve information about the delegated administrator from.
MaxResults (integer) – You can use this parameter to indicate the maximum number of items that you want in the response.
NextToken (string) – You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill
nextToken
in the request with the value ofNextToken
from the previous response to continue listing data.
- Return type:
dict
- Returns:
Response Syntax
{ 'AutoEnable': True|False, 'MemberAccountLimitReached': True|False, 'DataSources': { 'S3Logs': { 'AutoEnable': True|False }, 'Kubernetes': { 'AuditLogs': { 'AutoEnable': True|False } }, 'MalwareProtection': { 'ScanEc2InstanceWithFindings': { 'EbsVolumes': { 'AutoEnable': True|False } } } }, 'Features': [ { 'Name': 'S3_DATA_EVENTS'|'EKS_AUDIT_LOGS'|'EBS_MALWARE_PROTECTION'|'RDS_LOGIN_EVENTS', 'AutoEnable': 'NEW'|'NONE' }, ], 'NextToken': 'string', 'AutoEnableOrganizationMembers': 'NEW'|'ALL'|'NONE' }
Response Structure
(dict) –
AutoEnable (boolean) –
Indicates whether GuardDuty is automatically enabled for accounts added to the organization.
MemberAccountLimitReached (boolean) –
Indicates whether the maximum number of allowed member accounts are already associated with the delegated administrator account for your organization.
DataSources (dict) –
Describes which data sources are enabled automatically for member accounts.
S3Logs (dict) –
Describes whether S3 data event logs are enabled as a data source.
AutoEnable (boolean) –
A value that describes whether S3 data event logs are automatically enabled for new members of the organization.
Kubernetes (dict) –
Describes the configuration of Kubernetes data sources.
AuditLogs (dict) –
The current configuration of Kubernetes audit logs as a data source for the organization.
AutoEnable (boolean) –
Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.
MalwareProtection (dict) –
Describes the configuration of Malware Protection data source for an organization.
ScanEc2InstanceWithFindings (dict) –
Describes the configuration for scanning EC2 instances with findings for an organization.
EbsVolumes (dict) –
Describes the configuration for scanning EBS volumes for an organization.
AutoEnable (boolean) –
An object that contains the status of whether scanning EBS volumes should be auto-enabled for new members joining the organization.
Features (list) –
A list of features that are configured for this organization.
(dict) –
A list of features which will be configured for the organization.
Name (string) –
The name of the feature that is configured for the member accounts within the organization.
AutoEnable (string) –
Describes how The status of the feature that are configured for the member accounts within the organization.
If you set
AutoEnable
toNEW
, a feature will be configured for only the new accounts when they join the organization.If you set
AutoEnable
toNONE
, no feature will be configured for the accounts when they join the organization.
NextToken (string) –
The pagination parameter to be used on the next list operation to retrieve more items.
AutoEnableOrganizationMembers (string) –
Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization.
NEW
: Indicates that new accounts joining the organization are configured to have GuardDuty enabled automatically.ALL
: Indicates that all accounts (new and existing members) in the organization are configured to have GuardDuty enabled automatically.NONE
: Indicates that no account in the organization will be configured to have GuardDuty enabled automatically.
Exceptions
GuardDuty.Client.exceptions.BadRequestException
GuardDuty.Client.exceptions.InternalServerErrorException