Support Center > Search Results > SecureKnowledge Details
Enable CloudGuard Dome9 GuardDuty in AWS
Solution

Enable GuardDuty in AWS

To use GuardDuty, you must first enable it. Use the following procedure to enable GuardDuty.

  1. The IAM identity (user, role, group) that you use to enable GuardDuty must have the required permissions. To grant the permissions required to enable GuardDuty, attach the following policy to an IAM user, group, or role:

    Note

    Replace the sample account ID in the example below with your actual AWS account ID.

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "guardduty:*"
                ],
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": [
                    "iam:CreateServiceLinkedRole"
                ],
                "Resource": "arn:aws:iam::123456789123:role/aws-service-role/guardduty.amazonaws.com/AWSServiceRoleForAmazonGuardDuty",
                "Condition": {
                    "StringLike": {
                        "iam:AWSServiceName": "guardduty.amazonaws.com"
                    }
                }
            },
            {
                "Effect": "Allow",
                "Action": [
                    "iam:PutRolePolicy",
                    "iam:DeleteRolePolicy"
                ],
                "Resource": "arn:aws:iam::123456789123:role/aws-service-role/guardduty.amazonaws.com/AWSServiceRoleForAmazonGuardDuty"
            }
        ]
    }     
            
  2. Use the credentials of the IAM identity from step 1 to sign in to the GuardDuty console at https://console.aws.amazon.com/guardduty. When you open the GuardDuty console for the first time, choose Get Started, and then choose Enable GuardDuty.

For more information, please see full AWS documentation here.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment