Control: AWS > PCI v3.2.1 > GuardDuty > 1 GuardDuty should be enabled

This control checks whether Amazon GuardDuty is enabled in your AWS account and Region.

While GuardDuty can be effective against attacks that an intrusion detection system would typically protect, it might not be a complete solution for every environment. This rule also does not check for the generation of alerts to personnel. For more information about GuardDuty, see the Amazon GuardDuty User Guide.

Remediation

To remediate this issue, you enable GuardDuty.

Refer here for more Getting started with GuardDuty.

PCI requirement(s): 11.4

Resource Types

This control targets the following resource types:

AWS > Region

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-pciv3-2-1#/control/types/guardDutyEnabled

Category URI

tmod:@turbot/turbot#/control/categories/compliancePci

GraphQL

query controlType(id: "tmod:@turbot/aws-pciv3-2-1#/control/types/guardDutyEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-pciv3-2-1#/control/types/guardDutyEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-pciv3-2-1#/control/types/guardDutyEnabled"