Skip to content

GuardDuty is not enbaled to specific org/region

Description

GuardDuty is a security service provided by Amazon Web Services (AWS) that uses machine learning and threat intelligence to detect potential threats to your AWS accounts and workloads. Enabling GuardDuty in specific regions or within your organization can help you to identify and respond to potential threats more quickly and effectively. This can help to reduce the risk of security breaches and protect your data and systems from malicious activity.

Fix - Buildtime

Terraform

  • Resource: aws_guardduty_detector, aws_guardduty_organization_configuration
  • Argument: auto_enable of aws_guardduty_organization_configuration
resource "aws_guardduty_detector" "ok" {
  enable = true
}

resource "aws_guardduty_organization_configuration" "example" {
  auto_enable = true
  detector_id = aws_guardduty_detector.ok.id
}