Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, Amazon Web Services CloudTrail event logs, and DNS logs. It uses threat intelligence feeds (such as lists of malicious IPs and domains) and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, URLs, or domains. For example, GuardDuty can detect compromised EC2 instances that serve malware or mine bitcoin.
GuardDuty also monitors Amazon Web Services account access behavior for signs of compromise. Some examples of this are unauthorized infrastructure deployments such as EC2 instances deployed in a Region that has never been used, or unusual API calls like a password policy change to reduce password strength.
GuardDuty informs you of the status of your Amazon Web Services environment by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch events. For more information, see the Amazon GuardDuty User Guide .
Some APIs require complex or nested arguments. These exist in
The other modules within this crate are not required for normal usage.
Client and fluent builders for calling the service.
Configuration for the service.
Errors that can occur when calling the service.
Input structures for operations.
Base Middleware Stack
Data structures used by operation inputs/outputs.
All operations that this crate can perform.
Output structures for operations.
Paginators for the service
Re-exported types from supporting crates.
App name that can be configured with an AWS SDK client to become part of the user agent string.
Client for Amazon GuardDuty
AWS SDK Credentials
The region to send requests to.
Retry configuration for requests.
All possible error types for this service.
Crate version number.