» Resource: aws_guardduty_detector

Provides a resource to manage a GuardDuty detector.

NOTE: Deleting this resource is equivalent to "disabling" GuardDuty for an AWS region, which removes all existing findings. You can set the enable attribute to false to instead "suspend" monitoring and feedback reporting while keeping existing data. See the Suspending or Disabling Amazon GuardDuty documentation for more information.

» Example Usage

resource "aws_guardduty_detector" "MyDetector" {
  enable = true
}

» Argument Reference

The following arguments are supported:

enable - (Optional) Enable monitoring and feedback reporting. Setting to false is equivalent to "suspending" GuardDuty. Defaults to true.
finding_publishing_frequency - (Optional) Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to SIX_HOURS. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS. See AWS Documentation for more information.

» Attributes Reference

In addition to all arguments above, the following attributes are exported:

id - The ID of the GuardDuty detector
account_id - The AWS account ID of the GuardDuty detector

» Import

GuardDuty detectors can be imported using the detector ID, e.g.

$ terraform import aws_guardduty_detector.MyDetector 00b00fd5aecc0ab60a708659477e9617