Shows how to use the AWS SDK for Python (Boto3) to work with Amazon GuardDuty.
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.
- Running this code might result in charges to your AWS account. For more details, see AWS Pricing and Free Tier.
- Running the tests might result in charges to your AWS account.
- We recommend that you grant your code least privilege. At most, grant only the minimum permissions required to perform the task. For more information, see Grant least privilege.
- This code is not tested in every AWS Region. For more information, see AWS Regional Services.
For prerequisites, see the README in the python folder.
Install the packages required by these examples by running the following in a virtual environment:
python -m pip install -r requirements.txt
- Hello GuardDuty (
ListDetectors)
Code excerpts that show you how to call individual service functions.
- CreateDetector
- CreateSampleFindings
- DeleteDetector
- GetDetector
- GetFindings
- ListDetectors
- ListFindings
Code examples that show you how to accomplish a specific task by calling multiple functions within the same service.
This example shows you how to get started using GuardDuty.
python guardduty_hello.py
This example shows you how to do the following:
- Create a GuardDuty detector to enable threat detection.
- Generate sample findings for demonstration purposes.
- List and examine findings by severity.
- Delete the detector to clean up resources.
python scenario_guardduty_basics.py
⚠ Running tests might result in charges to your AWS account.
To find instructions for running these tests, see the README
in the python folder.
- Amazon GuardDuty User Guide
- Amazon GuardDuty API Reference
- AWS SDK for Python (Boto3) GuardDuty reference
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0