You must be logged in to view saved presets
My Saved Presets
Security Controls
AWS Services
VPC Security Controls
EC2 Security Controls
IAM Security Controls
S3 Security Controls
RDS Security Controls
OpenSearch/Elasticsearch Security Controls
EFS Security Controls
Route53 Security Controls
Amazon DynamoDB & DAX
ECR Security Controls
EMR Security
Lambda Security
CloudFormation Security
CodeX Security Controls
CloudFront Security
AWS Certificate Manager (ACM) Security
Amazon GuardDuty
Amazon Inspector
AWS Security Hub
AWS Network FirewallRoute53 Resolver Security
Amazon Macie
AWS WAF & Shield
AWS Secrets Manager
AWS Systems Manager
AWS KMS
AWS SSO
Load Balancers & Auto Scaling
RDS Event Subscriptions
AWS Resource Access Manager (RAM)
Amazon ECS
Amazon EKS
Amazon API Gateway
AWS AppConfig
Amazon AppFlow
AWS App Mesh
AWS App Runner
AWS AppSync
Application Auto Scaling
Amazon Athena
AWS Batch
AWS Billing Conductor
AWS Clean Rooms
AWS SNS
AWS SQS
AWS Service Discovery
AWS Step Functions
AWS CloudTrail
AWS Config
Amazon EventBridge
AWS CloudWatch
AWS Cognito
Amazon Connect
AWS Glue
AWS Data Pipeline & Data Sync
Amazon Detective
AWS DevOps Guru
Amazon DocumentDB
Amazon ElastiCache
AWS Elastic Beanstalk
Amazon FSx
Amazon MQ
Amazon PrometheusAmazon Cassandra
Amazon FinSpace
AWS Fault Injection Simulator
Amazon GameLift
AWS Global Accelerator
Amazon Grafana
AWS IoT GreenGrass
AWS IoT Services
AWS Ground Station
Amazon IVS (Interactive Live Streams)
Amazon Kinesis
AWS LakeFormation
Amazon Lookout
Amazon Managed Blockchain
AWS Media Services
AWS Managed Apache Airflow
AWS OpsWorks
AWS Organizations
Amazon Personalize
Amazon QLDB
Amazon Redshift
Amazon Rekognition
AWS Resource ExplorerAWS Resource Groups
Amazon Lex & Alexa
AWS RoboMaker
Amazon SageMaker
AWS Service Catalog
Amazon SES
AWS SimSpace Weaver
AWS Support App
AWS Transfer
AWS X-Ray
AWS Amplify
AWS Appstream
AWS Audit ManagerAmazon Bedrock
AWS Cloud9
AWS CloudHSM
Amazon Neptune
Amazon QuicksightReference Guides
Configuration Packages
Guided Walkthroughs
GuardDuty Publishing Destination Setup
Sets up a GuardDuty Publishing Destination with necessary S3 bucket and KMS key configurations.
Terraform Template
data "aws_caller_identity" "current" {
}
data "aws_iam_policy_document" "bucket_pol" {
statement {
actions = ["s3:PutObject"]
resources = ["${aws_s3_bucket.gd_bucket.arn}/*"]
sid = "Allow PutObject"
}
statement {
actions = ["s3:GetBucketLocation"]
resources = [aws_s3_bucket.gd_bucket.arn]
sid = "Allow GetBucketLocation"
}
}
data "aws_iam_policy_document" "kms_pol" {
statement {
actions = ["kms:GenerateDataKey"]
resources = ["arn:aws:kms:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:key/*"]
sid = "Allow GuardDuty to encrypt findings"
}
statement {
actions = ["kms:*"]
resources = ["arn:aws:kms:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:key/*"]
sid = "Allow all users to modify/delete key (test only)"
}
}
data "aws_region" "current" {
}
resource "aws_guardduty_detector" "test_gd" {
enable = true
}
resource "aws_guardduty_publishing_destination" "test" {
depends_on = ["aws_s3_bucket_policy.gd_bucket_policy"]
destination_arn = aws_s3_bucket.gd_bucket.arn
detector_id = aws_guardduty_detector.test_gd.id
kms_key_arn = aws_kms_key.gd_key.arn
}
resource "aws_kms_key" "gd_key" {
deletion_window_in_days = 7
description = "Temporary key for AccTest of TF"
policy = data.aws_iam_policy_document.kms_pol.json
}
resource "aws_s3_bucket" "gd_bucket" {
bucket = "example"
force_destroy = true
}
resource "aws_s3_bucket_acl" "gd_bucket_acl" {
acl = "private"
bucket = aws_s3_bucket.gd_bucket.id
}
resource "aws_s3_bucket_policy" "gd_bucket_policy" {
bucket = aws_s3_bucket.gd_bucket.id
policy = data.aws_iam_policy_document.bucket_pol.json
}
© 2024 asecurecloud. All rights reserved.