GuardDuty / Client / create_publishing_destination

create_publishing_destination

GuardDuty.Client.create_publishing_destination(**kwargs)

Creates a publishing destination where you can export your GuardDuty findings. Before you start exporting the findings, the destination resource must exist.

See also: AWS API Documentation

Request Syntax

response = client.create_publishing_destination(
    DetectorId='string',
    DestinationType='S3',
    DestinationProperties={
        'DestinationArn': 'string',
        'KmsKeyArn': 'string'
    },
    ClientToken='string'
)

Parameters:

• DetectorId (string) –

  [REQUIRED]

  The ID of the GuardDuty detector associated with the publishing destination.

  To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

• DestinationType (string) –

  [REQUIRED]

  The type of resource for the publishing destination. Currently only Amazon S3 buckets are supported.

• DestinationProperties (dict) –

  [REQUIRED]

  The properties of the publishing destination, including the ARNs for the destination and the KMS key used for encryption.

  • DestinationArn (string) –

    The ARN of the resource to publish to.

    To specify an S3 bucket folder use the following format: arn:aws:s3:::DOC-EXAMPLE-BUCKET/myFolder/

  • KmsKeyArn (string) –

    The ARN of the KMS key to use for encryption.

• ClientToken (string) –

  The idempotency token for the request.

  This field is autopopulated if not provided.

Return type:

dict

Returns:

Response Syntax

{
    'DestinationId': 'string'
}

Response Structure

• (dict) –

  • DestinationId (string) –

    The ID of the publishing destination that is created.

Exceptions

• GuardDuty.Client.exceptions.BadRequestException

• GuardDuty.Client.exceptions.InternalServerErrorException