GuradDutyをAWS CLIで操作する

code:bash

$ aws guardduty create-detector --enable --region ${region}

{

"DetectorId": "1234567890xxxxxxxxxxyyyyyyyyyyzz"

}

$ aws guardduty list-detectors --region ${region}

{

"DetectorIds": [

"1234567890xxxxxxxxxxyyyyyyyyyyzz"

]

}

$ aws guardduty get-detector --detector-id 1234567890xxxxxxxxxxyyyyyyyyyyzz --region ${region}

{

"CreatedAt": "2021-01-01T00:00:00.000Z",

"FindingPublishingFrequency": "SIX_HOURS",

"ServiceRole": "arn:aws:iam::123456789012:role/aws-service-role/guardduty.amazonaws.com/AWSServiceRoleForAmazonGuardDuty",

"Status": "ENABLED",

"UpdatedAt": "2021-01-01T00:00:00.000Z",

"DataSources": {

"CloudTrail": {

"Status": "ENABLED"

},

"DNSLogs": {

"Status": "ENABLED"

},

"FlowLogs": {

"Status": "ENABLED"

},

"S3Logs": {

"Status": "ENABLED"

}

},

"Tags": {}

}