AI CloudAdvisor (Beta)

My Presets

You must be logged in to save or view your saved configuration templates

Security Controls

Service Control PoliciesConfig RulesCloudWatch Alarms and Event RulesCloudFormation Guard RulesLogging & Monitoring ConfigurationsBackups & DRAuto Remediation RulesConformance PacksBilling and Cost ManagementS3 Bucket PoliciesSecurity Groups & NACLsIAM PoliciesVPC Endpoint Policies

AWS Services

Guided Walkthroughs

Configuration Packages

Reference Guides

Other

AI CloudAdvisor (Beta)

Configuration Stack
0

My Presets

Security Controls

AWS Services

VPC Security ControlsEC2 Security ControlsIAM Security ControlsS3 Security ControlsRDS Security ControlsOpenSearch/Elasticsearch Security ControlsEFS Security ControlsRoute53 Security ControlsDynamoDB Security ControlsECR Security ControlsEMR SecurityLambda SecurityCloudFormation SecurityCodeX Security ControlsCloudFront SecurityAWS Certificate Manager (ACM) SecurityAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieAWS WAFAWS Secrets ManagerAWS Systems ManagerAWS KMSAWS SSOLoad BalancersRDS Event SubscriptionsAWS Resource Access Manager (RAM)Alexa SkillAmazon API GatewayAWS AppConfigAmazon AppFlowAWS App MeshAWS App RunnerAWS AppSyncApplication Auto ScalingAmazon AthenaAWS BatchAWS Billing ConductorAWS Clean RoomsAWS SNSAWS SQSAWS Service DiscoveryAWS Step FunctionsAWS CloudTrailAWS ConfigAWS CloudWatchAWS CognitoAmazon Connect

Guided Walkthroughs

Configuration Packages

Reference Guides

Other

Amazon GuardDuty

Configuration details for enabling Amazon GuardDuty, inviting member accounts or accepting invitations from master accounts. Also included are configuration items to enable manual whitelists or threat lists. Configuration templates are available in AWS CloudFormation, AWS CLI and Terraform.

GuardDuty
Enable GuardDuty with Notifications and Compliance Checks
Premium

A configuration package to enable Amazon GuardDuty in an AWS account as well as email notifications for GuardDuty findings (using a CloudWatch Event Rule), and an AWS Config Rule to verify that GuardDuty is continuously enabled.

CloudFormationTerraform
Enable GuardDuty
Add to Stack

Configuration to enable Amazon GuardDuty.

CloudFormationTerraformAWS CLI
GuardDuty Master Account: Invite Member Accounts
Add to Stack

Configuration to enable Amazon GuardDuty as a Master account and send invitations to member accounts

CloudFormationTerraformAWS CLI
GuardDuty Member Account: Accept Invitation from Master Account
Add to Stack

Configuration to enable Amazon GuardDuty as a member account and accept an invitation from a master GuardDuty account

CloudFormationTerraformAWS CLI
CloudWatch Events
detect-guardduty-findings
Add to Stack

A CloudWatch Event Rule that triggers on Amazon GuardDuty findings and publishes findings to an SNS topic. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.

CloudFormationTerraformAWS CLI
Config Rule
GuardDuty Enabled and Centralized (optional) Check
Add to Stack

A Config rule that checks whether Amazon GuardDuty is enabled in your AWS account and region. If you provide an AWS account for centralization, the rule evaluates the Amazon GuardDuty results in the centralized account. The rule is compliant when Amazon GuardDuty is enabled.

CloudFormationTerraformAWS CLI
GuardDuty Untreated Findings
Add to Stack

A config rule that checks whether GuardDuty has untreated findings.

CloudFormationTerraformAWS CLI
Filter by source
 
GuardDuty
CloudWatch Events
Config Rule