Skip to content

Commit 1fbc0a8

Browse files
author
nick
committed
1 parent d0efccc commit 1fbc0a8

File tree

1 file changed

+27
-0
lines changed

1 file changed

+27
-0
lines changed

website/docs/r/guardduty_detector.html.markdown

+27
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,13 @@ resource "aws_guardduty_detector" "MyDetector" {
2727
enable = false
2828
}
2929
}
30+
malware_protection {
31+
scan_ec2_instance_with_findings {
32+
ebs_volumes {
33+
enable = true
34+
}
35+
}
36+
}
3037
}
3138
}
3239
```
@@ -48,6 +55,8 @@ The `datasources` block supports the following:
4855
See [S3 Logs](#s3-logs) below for more details.
4956
* `kubernetes` - (Optional) Configures [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).
5057
See [Kubernetes](#kubernetes) and [Kubernetes Audit Logs](#kubernetes-audit-logs) below for more details.
58+
* `malware_protection` - (Optional) Configures [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html).
59+
See [Malware Protection](#malware-protection), [Scan EC2 instance with findings](#scan-ec2-instance-with-findings) and [EBS volumes](#ebs-volumes) below for more details.
5160

5261
### S3 Logs
5362

@@ -70,6 +79,24 @@ The `audit_logs` block supports the following:
7079
* `enable` - (Required) If true, enables Kubernetes audit logs as a data source for [Kubernetes protection](https://docs.aws.amazon.com/guardduty/latest/ug/kubernetes-protection.html).
7180
Defaults to `true`.
7281

82+
### Malware Protection
83+
`malware_protection` block supports the following:
84+
85+
* `scan_ec2_instance_with_findings` - (Required) Configure whether [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) is enabled as data source for EC2 instances with findings for the detector.
86+
See [Scan EC2 instance with findings](#scan-ec2-instance-with-findings) below for more details.
87+
88+
#### Scan EC2 instance with findings
89+
The `scan_ec2_instance_with_findings` block supports the following:
90+
91+
* `ebs_volumes` - (Required) Configure whether scanning EBS volumes is enabled as data source for the detector for instances with findings.
92+
See [EBS volumes](#ebs-volumes) below for more details.
93+
94+
#### EBS volumes
95+
The `ebs_volumes` block supports the following:
96+
97+
* `enable` - (Required) If true, enables [Malware Protection](https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html) as data source for the detector.
98+
Defaults to `true`.
99+
73100
## Attributes Reference
74101

75102
In addition to all arguments above, the following attributes are exported:

0 commit comments

Comments
 (0)