You must be logged in to view saved presets
Amazon GuardDuty
Configuration details for enabling Amazon GuardDuty, inviting member accounts or accepting invitations from master accounts. Also included are configuration items to enable manual whitelists or threat lists. Configuration templates are available in AWS CloudFormation, AWS CLI and Terraform.
GuardDuty
Enable GuardDuty with Notifications and Compliance Checks
A configuration package to enable Amazon GuardDuty in an AWS account as well as email notifications for GuardDuty findings (using a CloudWatch Event Rule), and an AWS Config Rule to verify that GuardDuty is continuously enabled.
Enable GuardDuty
Configuration to enable Amazon GuardDuty.
GuardDuty Master Account: Invite Member Accounts
Configuration to enable Amazon GuardDuty as a Master account and send invitations to member accounts
GuardDuty Member Account: Accept Invitation from Master Account
Configuration to enable Amazon GuardDuty as a member account and accept an invitation from a master GuardDuty account
Amazon GuardDuty Filter
This template creates a GuardDuty Filter resource. The filter is used to specify criteria for filtering findings in GuardDuty.
Amazon GuardDuty IPSet
Creates an IPSet for Amazon GuardDuty, allowing you to specify a list of IP addresses to monitor for potential threats. The IPSet is activated and linked to a specific GuardDuty detector using the provided DetectorId.
Amazon GuardDuty Threat Intel Set
This template creates an Amazon GuardDuty Threat Intel Set, which allows you to import a list of IP addresses or domains that you want GuardDuty to monitor for potential threats. The template activates the Threat Intel Set and specifies the detector ID, format, location, and name.
Enable AWS GuardDuty Detector with Specific Data Sources
This template enables an AWS GuardDuty detector with specific data sources including S3 logs and EC2 instance EBS volume scans, while disabling Kubernetes audit logs.
Enable AWS GuardDuty Detector and EKS Runtime Monitoring
This template enables an AWS GuardDuty detector and configures the EKS runtime monitoring feature.
AWS GuardDuty Filter Configuration
Creates a GuardDuty filter to archive findings based on specific criteria such as region, threat list name, update time, and severity.
AWS GuardDuty Member Invitation Acceptance
This template accepts a pending AWS GuardDuty invitation for a member account and manages the association with the primary account.
GuardDuty Member Setup
This template sets up a GuardDuty member and sends an invitation to join GuardDuty.
Setup GuardDuty Organization Admin Account
Configures an AWS GuardDuty Organization Admin Account, including the necessary organization and detector resources.
GuardDuty Organization Configuration with Enhanced Security Features
This template configures AWS GuardDuty for an organization, enabling it for all members and setting up enhanced security features such as S3 logs, Kubernetes audit logs, and malware protection for EC2 instances.
AWS GuardDuty Organization Configuration for EKS Runtime Monitoring
Configures AWS GuardDuty to monitor EKS runtime and manage EKS add-ons with automatic enablement settings.
GuardDuty Publishing Destination Setup
Sets up a GuardDuty Publishing Destination with necessary S3 bucket and KMS key configurations.
Config Rule
GuardDuty Enabled and Centralized (optional) Check
A Config rule that checks whether Amazon GuardDuty is enabled in your AWS account and region. If you provide an AWS account for centralization, the rule evaluates the Amazon GuardDuty results in the centralized account. The rule is compliant when Amazon GuardDuty is enabled.
GuardDuty Untreated Findings
A config rule that checks whether GuardDuty has untreated findings.
© 2024 asecurecloud. All rights reserved.