AWS GuardDuty detector is not enabled
Description
Enabling the AWS GuardDuty detector can help protect your Amazon Web Services (AWS) resources from various types of threats, such as malware, data breaches, and unauthorized access. GuardDuty is a threat detection service that uses machine learning and other techniques to analyze data from various sources (such as VPC Flow Logs, AWS CloudTrail logs, and DNS logs) and identify potential security threats. By ensuring that the GuardDuty detector is enabled, you can take advantage of this service and receive alerts when potential threats are detected. This can help you take timely action to address any security issues and prevent security incidents from occurring.
Code Example
go
resource "aws_guardduty_detector" "pass" {
enable = true
tags = { test = "Fail" }
}Remediation
Terraform
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0286 |
| Severity | INFO |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_AWS_238 |