Ensure AWS GuardDuty detector is enabled
Error: AWS GuardDuty detector is disabled
Bridgecrew Policy ID: BC_AWS_GENERAL_146
Checkov Check ID: CKV_AWS_238
Severity: LOW
AWS GuardDuty detector is enabled
Description
Enabling the AWS GuardDuty detector can help protect your Amazon Web Services (AWS) resources from various types of threats, such as malware, data breaches, and unauthorized access. GuardDuty is a threat detection service that uses machine learning and other techniques to analyze data from various sources (such as VPC Flow Logs, AWS CloudTrail logs, and DNS logs) and identify potential security threats.
By ensuring that the GuardDuty detector is enabled, you can take advantage of this service and receive alerts when potential threats are detected. This can help you take timely action to address any security issues and prevent security incidents from occurring.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_guardduty_detector" "pass" {
enable = true
tags = { test = "Fail" }
}
Updated 5 months ago