Open
Description
Description
The ScanResourceCriteria data type contains information about criteria used to filter resources before triggering a GuardDuty malware scan. The function to update this configuration is the UpdateMalwareScanSettings action.
Managing this configuration via Terraform would allow us to codify EC2 tag-based exclusions or inclusions for the EBS_MALWARE_PROTECTION feature.
This request is similar to #33401.
Affected Resource(s) and/or Data Source(s)
- aws_guardduty_detector
- aws_guardduty_detector_feature
- aws_guardduty_organization_configuration_feature
Potential Terraform Configuration
resource "aws_guardduty_detector" "example" {
enable = true
finding_publishing_frequency = "SIX_HOURS"
malware_protection {
scan_ec2_instance_with_findings {
ebs_volumes {
enable = true
}
}
scan_resource_criteria {
tags {
key = "value"
key2 = "value2"
}
}
}
}
resource "aws_guardduty_detector_feature" "example" {
detector_id = aws_guardduty_detector.example.id
name = "EBS_MALWARE_PROTECTION"
status = "ENABLED"
additional_configuration {
name = "SCAN_RESOURCE_CRITERIA"
tags = {
key = "value"
key2 = "value2"
}
}
}References
https://docs.aws.amazon.com/guardduty/latest/APIReference/API_UpdateMalwareScanSettings.html
https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ScanResourceCriteria.html
Would you like to implement a fix?
No
Activity