Skip to content

GuardDuty Detector

Threat detection across CloudTrail, VPC flow logs, DNS, S3, EKS, RDS, Lambda.

security
category9
settings0
inputs1
outputs

Configuration

Setting	Type	Required	Default
Enable detector	Toggle	—	`true`
Publishing frequency Options: 15 minutes, 1 hour, 6 hours	Choice	—	`SIX_HOURS`
S3 protection	Toggle	—	`false`
EKS audit logs	Toggle	—	`false`
Malware protection (EC2/Lambda)	Toggle	—	`false`
RDS login events	Toggle	—	`false`
EKS runtime monitoring	Toggle	—	`false`
Lambda network logs	Toggle	—	`false`
Tags	Key–value	—	`—`

Connections

Socket	Direction	Accepts	Terraform arg
Findings (EventBridge / SecHub)	Output	any	—