AWS GuardDuty Filter

This page shows how to write Terraform and CloudFormation for GuardDuty Filter and write them securely.

aws_guardduty_filter (Terraform)

The Filter in GuardDuty can be configured in Terraform with the resource name aws_guardduty_filter. The following sections describe 2 examples of how to use the resource and its parameters.

Example Usage from GitHub

filters.tf#L5
resource "aws_guardduty_filter" "suppress_low_level_findings" {
  name        = "SuppressAllLowLevelFindings"
  action      = "ARCHIVE" # When you set suppression rules, use 'ARCHIVE'
  detector_id = aws_guardduty_detector.sample.id
  rank        = 2

main.tf#L66
resource "aws_guardduty_filter" "admin" {
  count       = length(local.filters)
  detector_id = aws_guardduty_detector.admin.id
  name        = local.filters[count.index].name
  action      = "ARCHIVE"
  rank        = count.index + 1

Parameters

Explanation in Terraform Registry

Provides a resource to manage a GuardDuty filter.

AWS::GuardDuty::Filter (CloudFormation)

The Filter in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::Filter. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

Explanation in CloudFormation Registry

The AWS::GuardDuty::Filter resource specifies a new filter defined by the provided findingCriteria.

Frequently asked questions

What is AWS GuardDuty Filter?

AWS GuardDuty Filter is a resource for GuardDuty of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS GuardDuty Filter?

For Terraform, the Jimon-s/terraform-example-guardduty and asannou/terraform-aws-guardduty-organization source code examples are useful. See the Terraform Example section for further details.