SecurityConfig / CentralSecurityServicesConfig / GuardDutyConfig

Description

AWS GuardDuty configuration Use this configuration to enable Amazon GuardDuty for an AWS Organization, as well as other modular feature protections.

Example

guardduty:
enable: true
excludeRegions: []
s3Protection:
enable: true
excludeRegions: []
eksProtection:
enable: true
excludedRegions: []
exportConfiguration:
enable: true
overrideExisting: true
destinationType: S3
exportFrequency: FIFTEEN_MINUTES
lifecycleRules: []

Hierarchy

  • GuardDutyConfig

Implements

Constructors

Properties

autoEnableOrgMembers: undefined | boolean = undefined

(OPTIONAL) Enables/disables the auto enabling of GuardDuty for any account including the new accounts joining the organization

It is recommended to set the value to false when using the deploymentTargets property to enable GuardDuty only on targeted accounts mentioned in the deploymentTargets. If you do not define or do not set it to false any new accounts joining the organization will automatically be enabled with GuardDuty.

Default

true

deploymentTargets: undefined | DeploymentTargets = undefined

(OPTIONAL) Deployment targets for GuardDuty

We highly recommend enabling GuardDuty across all accounts and enabled regions within your organization. deploymentTargets should only be used when more granular control is required, not as a default configuration Please only specify one of the deploymentTargets or excludeRegions properties.

Note: The delegated admin account defined in centralSecurityServices will always have GuardDuty enabled

See

DeploymentTargets

eksProtection: undefined | GuardDutyEksProtectionConfig = undefined

(OPTIONAL) AWS GuardDuty EKS Protection configuration.

enable: false = false

Indicates whether AWS GuardDuty enabled.

excludeRegions: ("af-south-1" | "ap-east-1" | "ap-south-1" | "ap-south-2" | "ap-southeast-1" | "ap-southeast-2" | "ap-southeast-3" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ca-central-1" | "eu-central-1" | "eu-central-2" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "eu-north-1" | "eu-south-1" | "eu-south-2" | "me-central-1" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-west-1" | "us-west-2" | "cn-north-1" | "cn-northwest-1" | "us-gov-west-1" | "us-gov-east-1" | "us-iso-east-1" | "us-iso-west-1" | "us-isob-east-1" | "ap-southeast-4" | "il-central-1" | "ca-west-1")[] = []

(OPTIONAL) List of AWS Region names to be excluded from configuring Amazon GuardDuty

Please only specify one of the excludeRegions or deploymentTargets properties.

exportConfiguration: GuardDutyExportFindingsConfig = ...

AWS GuardDuty Export Findings configuration.

lifecycleRules: undefined | LifeCycleRule[] = undefined

(OPTIONAL) Declaration of a S3 Lifecycle rule.

s3Protection: GuardDutyS3ProtectionConfig = ...

AWS GuardDuty S3 Protection configuration.

Generated using TypeDoc