My Saved Presets
You must be logged in to view saved presets

Loading Library ...

Enable AWS GuardDuty Detector with Specific Data Sources

This template enables an AWS GuardDuty detector with specific data sources including S3 logs and EC2 instance EBS volume scans, while disabling Kubernetes audit logs.

MyDetector

aws_guardduty_detector

datasources
s3_logs
kubernetes
audit_logs
malware_protection
scan_ec2_instance_with_findings
ebs_volumes

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

resource "aws_guardduty_detector" "MyDetector" {

  datasources {

    kubernetes {

      audit_logs {
        enable = false
      }
    }

    malware_protection {

      scan_ec2_instance_with_findings {

        ebs_volumes {
          enable = true
        }
      }
    }

    s3_logs {
      enable = true
    }
  }
  enable = true
}

© 2024 asecurecloud. All rights reserved.