search

cloudposse / terraform-aws-guardduty

Terraform module to provision AWS Guard Duty
https://cloudposse.com/accelerate
Apache License 2.0
22 stars 27 forks source link

Support EKS protection in Amazon GuardDuty #17

Open github-edouard-devouge opened 2 years ago

github-edouard-devouge commented 2 years ago

Describe the Feature

Terraform AWS Guardduty Module should support the new EKS protection feature enablement.

Use Case

Continuously monitor and profile Amazon Elastic Kubernetes Service (Amazon EKS) cluster activity to identify malicious or suspicious behavior that represents potential threats to container workloads.

Enable EKS protection in Amazon GuardDuty.

Equivalent CLI Call : aws guardduty update-member-detectors --detector-id <replace_detector_id> --account-ids <replace_account_id> --data-sources '{"Kubernetes":{"AuditLogs":{"Enable":true}}}'

purduemike commented 8 months ago

Would someone be able to take this on? It would be nice to have this and other protection plan items:

S3 Protection EKS Protection Runtime MonitoringNew Malware Protection RDS Protection Lambda Protection

taliesins commented 3 months ago

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_detector_feature

We should add at least the ones currently supported by the provider.

And watch this: