Skip to main content

aws.guardduty

Supported platform

  • aws

Description

Amazon GuardDuty for threat detection

Use the aws.guardduty resource to assess the configuration of the AWS GuardDuty service. The resource provides a list of aws.guardduty.detector resources representing GuardDuty Detectors deployed across all enabled regions.

Fields

IDTYPEDESCRIPTION
findings[]aws.guardduty.findingList of GuardDuty active findings
detectors[]aws.guardduty.detectorList of GuardDuty detectors

Examples

Return a list of Amazon GuardDuty Detectors along with the values for specified fields

aws.guardduty.detectors {
id
region
status
findingPublishingFrequency
unarchivedFindings
}

Check that guardduty is enabled in all regions

aws.guardduty.detectors.all( status == "ENABLED" )

References