Ensure AWS GuardDuty detector is enabled

Error: AWS GuardDuty detector is disabled

Bridgecrew Policy ID: BC_AWS_GENERAL_146
Checkov Check ID: CKV_AWS_238
Severity: LOW

AWS GuardDuty detector is enabled

Description

Enabling the AWS GuardDuty detector can help protect your Amazon Web Services (AWS) resources from various types of threats, such as malware, data breaches, and unauthorized access. GuardDuty is a threat detection service that uses machine learning and other techniques to analyze data from various sources (such as VPC Flow Logs, AWS CloudTrail logs, and DNS logs) and identify potential security threats.

By ensuring that the GuardDuty detector is enabled, you can take advantage of this service and receive alerts when potential threats are detected. This can help you take timely action to address any security issues and prevent security incidents from occurring.

Fix - Runtime

Fix - Buildtime

Terraform

resource "aws_guardduty_detector" "pass" {
  enable = true
  tags   = { test = "Fail" }
}