You must be logged in to view saved presets
This template configures AWS GuardDuty for an organization, enabling it for all members and setting up enhanced security features such as S3 logs, Kubernetes audit logs, and malware protection for EC2 instances.
resource "aws_guardduty_detector" "example" {
enable = true
}
resource "aws_guardduty_organization_configuration" "example" {
auto_enable_organization_members = "ALL"
datasources {
kubernetes {
audit_logs {
enable = true
}
}
malware_protection {
scan_ec2_instance_with_findings {
ebs_volumes {
auto_enable = true
}
}
}
s3_logs {
auto_enable = true
}
}
detector_id = aws_guardduty_detector.example.id
auto_enable = ""
}