Amazon GuardDuty website screenshot

Amazon GuardDuty

Amazon GuardDuty is an intelligent threat detection service that continuously monitors your AWS accounts, workloads, and data for malicious activity. It uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats to your AWS environment.

1 APIs 6 Features
Anomaly DetectionComplianceMachine LearningMonitoringSecurityThreat Detection

APIs

Amazon GuardDuty API

The Amazon GuardDuty API provides programmatic access to manage detectors, findings, filters, trusted IP sets, and threat intelligence for continuous threat detection across AWS...

Collections

Pricing Plans

Rate Limits

Amazon Guardduty Rate Limits

5 limits

RATE LIMITS

FinOps

Features

Intelligent Threat Detection

Uses ML and anomaly detection to identify threats without manual configuration or rule management.

Integrated Threat Intelligence

Incorporates curated threat intelligence feeds from AWS, CrowdStrike, and Proofpoint for enhanced detection.

Multi-Account Support

Monitor all accounts in an AWS Organization from a central administrator account.

Continuous Monitoring

Analyzes CloudTrail, VPC Flow Logs, DNS logs, and S3 access logs 24/7 without performance impact.

Finding Prioritization

Automatically prioritizes findings by severity (Low, Medium, High) for efficient response.

Malware Protection

Scans EC2 instance volumes and S3 objects for malware and known threats.

Use Cases

Account Compromise Detection

Detect compromised AWS credentials and unauthorized API calls using ML-based anomaly detection.

Insider Threat Monitoring

Identify suspicious behavior from privileged users or compromised internal accounts.

Cryptocurrency Mining Detection

Detect and alert on unauthorized cryptocurrency mining using EC2 or Lambda resources.

Malware Detection

Scan workloads and data for malware and ransomware threats.

Data Exfiltration Prevention

Identify unusual data access patterns and potential exfiltration from S3 buckets.

Integrations

AWS Security Hub

Automatically send GuardDuty findings to Security Hub for centralized security management.

Amazon EventBridge

Trigger automated responses to findings using EventBridge rules and Lambda functions.

AWS Organizations

Enable GuardDuty organization-wide for centralized multi-account threat monitoring.

Amazon Detective

Investigate GuardDuty findings in depth using Detective for root cause analysis.

Amazon Macie

Combine with Macie for comprehensive data security and threat detection.

Semantic Vocabularies

Amazon Guardduty Context

247 classes · 297 properties

JSON-LD

API Governance Rules

Amazon GuardDuty API Rules

8 rules · 5 errors 2 warnings 1 info

SPECTRAL

JSON Structure

Amazon Guardduty Structure

12 properties

JSON STRUCTURE

Guardduty Accept Invitation Request Structure

2 properties

JSON STRUCTURE

Guardduty Access Control List Structure

2 properties

JSON STRUCTURE

Guardduty Access Key Details Structure

4 properties

JSON STRUCTURE

Guardduty Account Detail Structure

2 properties

JSON STRUCTURE

Guardduty Account Details Structure

0 properties

JSON STRUCTURE

Guardduty Account Free Trial Info Structure

3 properties

JSON STRUCTURE

Guardduty Account Free Trial Infos Structure

0 properties

JSON STRUCTURE

Guardduty Account Id Structure

0 properties

JSON STRUCTURE

Guardduty Account Ids Structure

0 properties

JSON STRUCTURE

Guardduty Account Level Permissions Structure

1 properties

JSON STRUCTURE

Guardduty Action Structure

7 properties

JSON STRUCTURE

Guardduty Addon Details Structure

2 properties

JSON STRUCTURE

Guardduty Admin Account Structure

2 properties

JSON STRUCTURE

Guardduty Admin Accounts Structure

0 properties

JSON STRUCTURE

Guardduty Admin Status Structure

0 properties

JSON STRUCTURE

Guardduty Administrator Structure

4 properties

JSON STRUCTURE

Guardduty Affected Resources Structure

0 properties

JSON STRUCTURE

Guardduty Archive Findings Request Structure

1 properties

JSON STRUCTURE

Guardduty Archive Findings Response Structure

0 properties

JSON STRUCTURE

Guardduty Auto Enable Members Structure

0 properties

JSON STRUCTURE

Guardduty Aws Api Call Action Structure

9 properties

JSON STRUCTURE

Guardduty Bad Request Exception Structure

0 properties

JSON STRUCTURE

Guardduty Block Public Access Structure

4 properties

JSON STRUCTURE

Guardduty Boolean Structure

0 properties

JSON STRUCTURE

Guardduty Bucket Level Permissions Structure

3 properties

JSON STRUCTURE

Guardduty Bucket Policy Structure

2 properties

JSON STRUCTURE

Guardduty City Structure

1 properties

JSON STRUCTURE

Guardduty Client Token Structure

0 properties

JSON STRUCTURE

Guardduty Condition Structure

12 properties

JSON STRUCTURE

Guardduty Container Structure

7 properties

JSON STRUCTURE

Guardduty Containers Structure

0 properties

JSON STRUCTURE

Guardduty Count By Coverage Status Structure

0 properties

JSON STRUCTURE

Guardduty Count By Resource Type Structure

0 properties

JSON STRUCTURE

Guardduty Count By Severity Structure

0 properties

JSON STRUCTURE

Guardduty Country Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Filter Condition Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Filter Criteria Structure

1 properties

JSON STRUCTURE

Guardduty Coverage Filter Criterion Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Resource Details Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Resource Structure

7 properties

JSON STRUCTURE

Guardduty Coverage Resources Structure

0 properties

JSON STRUCTURE

Guardduty Coverage Sort Criteria Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Sort Key Structure

0 properties

JSON STRUCTURE

Guardduty Coverage Statistics Structure

2 properties

JSON STRUCTURE

Guardduty Coverage Statistics Type Structure

0 properties

JSON STRUCTURE

Guardduty Coverage Status Structure

0 properties

JSON STRUCTURE

Guardduty Create Detector Request Structure

6 properties

JSON STRUCTURE

Guardduty Create Detector Response Structure

2 properties

JSON STRUCTURE

Guardduty Create Filter Request Structure

7 properties

JSON STRUCTURE

Guardduty Create Filter Response Structure

1 properties

JSON STRUCTURE

Guardduty Create Ip Set Request Structure

6 properties

JSON STRUCTURE

Guardduty Create Ip Set Response Structure

1 properties

JSON STRUCTURE

Guardduty Create Members Request Structure

1 properties

JSON STRUCTURE

Guardduty Create Members Response Structure

1 properties

JSON STRUCTURE

Guardduty Criterion Key Structure

0 properties

JSON STRUCTURE

Guardduty Criterion Structure

0 properties

JSON STRUCTURE

Guardduty Data Source Free Trial Structure

1 properties

JSON STRUCTURE

Guardduty Data Source List Structure

0 properties

JSON STRUCTURE

Guardduty Data Source Status Structure

0 properties

JSON STRUCTURE

Guardduty Data Source Structure

0 properties

JSON STRUCTURE

Guardduty Data Sources Free Trial Structure

6 properties

JSON STRUCTURE

Guardduty Delete Detector Request Structure

0 properties

JSON STRUCTURE

Guardduty Delete Detector Response Structure

0 properties

JSON STRUCTURE

Guardduty Delete Filter Request Structure

0 properties

JSON STRUCTURE

Guardduty Delete Filter Response Structure

0 properties

JSON STRUCTURE

Guardduty Delete Ip Set Request Structure

0 properties

JSON STRUCTURE

Guardduty Delete Ip Set Response Structure

0 properties

JSON STRUCTURE

Guardduty Delete Members Request Structure

1 properties

JSON STRUCTURE

Guardduty Delete Members Response Structure

1 properties

JSON STRUCTURE

Guardduty Destination Properties Structure

2 properties

JSON STRUCTURE

Guardduty Destination Structure

3 properties

JSON STRUCTURE

Guardduty Destination Type Structure

0 properties

JSON STRUCTURE

Guardduty Destinations Structure

0 properties

JSON STRUCTURE

Guardduty Detector Feature Result Structure

0 properties

JSON STRUCTURE

Guardduty Detector Feature Structure

0 properties

JSON STRUCTURE

Guardduty Detector Id Structure

0 properties

JSON STRUCTURE

Guardduty Detector Ids Structure

0 properties

JSON STRUCTURE

Guardduty Detector Status Structure

0 properties

JSON STRUCTURE

Guardduty Dns Request Action Structure

3 properties

JSON STRUCTURE

Guardduty Domain Details Structure

1 properties

JSON STRUCTURE

Guardduty Double Structure

0 properties

JSON STRUCTURE

Guardduty Ebs Snapshot Preservation Structure

0 properties

JSON STRUCTURE

Guardduty Ebs Volume Details Structure

2 properties

JSON STRUCTURE

Guardduty Ebs Volume Scan Details Structure

6 properties

JSON STRUCTURE

Guardduty Ebs Volumes Result Structure

2 properties

JSON STRUCTURE

Guardduty Ecs Cluster Details Structure

8 properties

JSON STRUCTURE

Guardduty Ecs Task Details Structure

10 properties

JSON STRUCTURE

Guardduty Eks Cluster Details Structure

6 properties

JSON STRUCTURE

Guardduty Email Structure

0 properties

JSON STRUCTURE

Guardduty Eq Structure

0 properties

JSON STRUCTURE

Guardduty Equals Structure

0 properties

JSON STRUCTURE

Guardduty Evidence Structure

1 properties

JSON STRUCTURE

Guardduty Feature Status Structure

0 properties

JSON STRUCTURE

Guardduty Feedback Structure

0 properties

JSON STRUCTURE

Guardduty File Paths Structure

0 properties

JSON STRUCTURE

Guardduty Filter Action Structure

0 properties

JSON STRUCTURE

Guardduty Filter Condition Structure

3 properties

JSON STRUCTURE

Guardduty Filter Criteria Structure

1 properties

JSON STRUCTURE

Guardduty Filter Criterion List Structure

0 properties

JSON STRUCTURE

Guardduty Filter Criterion Structure

2 properties

JSON STRUCTURE

Guardduty Filter Description Structure

0 properties

JSON STRUCTURE

Guardduty Filter Name Structure

0 properties

JSON STRUCTURE

Guardduty Filter Names Structure

0 properties

JSON STRUCTURE

Guardduty Filter Rank Structure

0 properties

JSON STRUCTURE

Guardduty Finding Criteria Structure

1 properties

JSON STRUCTURE

Guardduty Finding Id Structure

0 properties

JSON STRUCTURE

Guardduty Finding Ids Structure

0 properties

JSON STRUCTURE

Guardduty Finding Statistic Type Structure

0 properties

JSON STRUCTURE

Guardduty Finding Statistic Types Structure

0 properties

JSON STRUCTURE

Guardduty Finding Statistics Structure

1 properties

JSON STRUCTURE

Guardduty Finding Structure

15 properties

JSON STRUCTURE

Guardduty Finding Type Structure

0 properties

JSON STRUCTURE

Guardduty Finding Types Structure

0 properties

JSON STRUCTURE

Guardduty Findings Structure

0 properties

JSON STRUCTURE

Guardduty Flags List Structure

0 properties

JSON STRUCTURE

Guardduty Free Trial Feature Result Structure

0 properties

JSON STRUCTURE

Guardduty Geo Location Structure

2 properties

JSON STRUCTURE

Guardduty Get Detector Request Structure

0 properties

JSON STRUCTURE

Guardduty Get Detector Response Structure

8 properties

JSON STRUCTURE

Guardduty Get Filter Request Structure

0 properties

JSON STRUCTURE

Guardduty Get Filter Response Structure

6 properties

JSON STRUCTURE

Guardduty Get Findings Request Structure

2 properties

JSON STRUCTURE

Guardduty Get Findings Response Structure

1 properties

JSON STRUCTURE

Guardduty Get Ip Set Request Structure

0 properties

JSON STRUCTURE

Guardduty Get Ip Set Response Structure

5 properties

JSON STRUCTURE

Guardduty Get Members Request Structure

1 properties

JSON STRUCTURE

Guardduty Get Members Response Structure

2 properties

JSON STRUCTURE

Guardduty Groups Structure

0 properties

JSON STRUCTURE

Guardduty Guard Duty Arn Structure

0 properties

JSON STRUCTURE

Guardduty Host Path Structure

1 properties

JSON STRUCTURE

Guardduty Iam Instance Profile Structure

2 properties

JSON STRUCTURE

Guardduty Instance Arn Structure

0 properties

JSON STRUCTURE

Guardduty Instance Details Structure

13 properties

JSON STRUCTURE

Guardduty Integer Structure

0 properties

JSON STRUCTURE

Guardduty Integer Value With Max Structure

0 properties

JSON STRUCTURE

Guardduty Invitation Structure

4 properties

JSON STRUCTURE

Guardduty Invitations Structure

0 properties

JSON STRUCTURE

Guardduty Invite Members Request Structure

3 properties

JSON STRUCTURE

Guardduty Invite Members Response Structure

1 properties

JSON STRUCTURE

Guardduty Ip Set Format Structure

0 properties

JSON STRUCTURE

Guardduty Ip Set Ids Structure

0 properties

JSON STRUCTURE

Guardduty Ip Set Status Structure

0 properties

JSON STRUCTURE

Guardduty Ipv6 Addresses Structure

0 properties

JSON STRUCTURE

Guardduty Kubernetes Configuration Structure

1 properties

JSON STRUCTURE

Guardduty Kubernetes Details Structure

2 properties

JSON STRUCTURE

Guardduty Kubernetes User Details Structure

3 properties

JSON STRUCTURE

Guardduty Lambda Details Structure

9 properties

JSON STRUCTURE

Guardduty Lineage Object Structure

9 properties

JSON STRUCTURE

Guardduty Lineage Structure

0 properties

JSON STRUCTURE

Guardduty List Coverage Request Structure

4 properties

JSON STRUCTURE

Guardduty List Coverage Response Structure

2 properties

JSON STRUCTURE

Guardduty List Detectors Request Structure

0 properties

JSON STRUCTURE

Guardduty List Detectors Response Structure

2 properties

JSON STRUCTURE

Guardduty List Filters Request Structure

0 properties

JSON STRUCTURE

Guardduty List Filters Response Structure

2 properties

JSON STRUCTURE

Guardduty List Findings Request Structure

4 properties

JSON STRUCTURE

Guardduty List Findings Response Structure

2 properties

JSON STRUCTURE

Guardduty List Invitations Request Structure

0 properties

JSON STRUCTURE

Guardduty List Invitations Response Structure

2 properties

JSON STRUCTURE

Guardduty List Ip Sets Request Structure

0 properties

JSON STRUCTURE

Guardduty List Ip Sets Response Structure

2 properties

JSON STRUCTURE

Guardduty List Members Request Structure

0 properties

JSON STRUCTURE

Guardduty List Members Response Structure

2 properties

JSON STRUCTURE

Guardduty Local Ip Details Structure

1 properties

JSON STRUCTURE

Guardduty Local Port Details Structure

2 properties

JSON STRUCTURE

Guardduty Location Structure

0 properties

JSON STRUCTURE

Guardduty Login Attribute Structure

4 properties

JSON STRUCTURE

Guardduty Login Attributes Structure

0 properties

JSON STRUCTURE

Guardduty Long Structure

0 properties

JSON STRUCTURE

Guardduty Long Value Structure

0 properties

JSON STRUCTURE

Guardduty Map Equals Structure

0 properties

JSON STRUCTURE

Guardduty Master Structure

4 properties

JSON STRUCTURE

Guardduty Max Results Structure

0 properties

JSON STRUCTURE

Guardduty Member Structure

8 properties

JSON STRUCTURE

Guardduty Members Structure

0 properties

JSON STRUCTURE

Guardduty Memory Regions List Structure

0 properties

JSON STRUCTURE

Guardduty Name Structure

0 properties

JSON STRUCTURE

Guardduty Neq Structure

0 properties

JSON STRUCTURE

Guardduty Network Connection Action Structure

7 properties

JSON STRUCTURE

Guardduty Network Interface Structure

10 properties

JSON STRUCTURE

Guardduty Network Interfaces Structure

0 properties

JSON STRUCTURE

Guardduty Non Empty String Structure

0 properties

JSON STRUCTURE

Guardduty Not Equals Structure

0 properties

JSON STRUCTURE

Guardduty Order By Structure

0 properties

JSON STRUCTURE

Guardduty Org Feature Status Structure

0 properties

JSON STRUCTURE

Guardduty Org Feature Structure

0 properties

JSON STRUCTURE

Guardduty Organization Ebs Volumes Structure

1 properties

JSON STRUCTURE

Guardduty Organization Structure

4 properties

JSON STRUCTURE

Guardduty Owner Structure

1 properties

JSON STRUCTURE

Guardduty Permission Configuration Structure

2 properties

JSON STRUCTURE

Guardduty Port Probe Action Structure

2 properties

JSON STRUCTURE

Guardduty Port Probe Detail Structure

3 properties

JSON STRUCTURE

Guardduty Port Probe Details Structure

0 properties

JSON STRUCTURE

Guardduty Positive Long Structure

0 properties

JSON STRUCTURE

Guardduty Private Ip Addresses Structure

0 properties

JSON STRUCTURE

Guardduty Process Details Structure

13 properties

JSON STRUCTURE

Guardduty Product Code Structure

2 properties

JSON STRUCTURE

Guardduty Product Codes Structure

0 properties

JSON STRUCTURE

Guardduty Public Access Structure

2 properties

JSON STRUCTURE

Guardduty Publishing Status Structure

0 properties

JSON STRUCTURE

Guardduty Rds Db Instance Details Structure

6 properties

JSON STRUCTURE

Guardduty Rds Db User Details Structure

5 properties

JSON STRUCTURE

Guardduty Rds Login Attempt Action Structure

2 properties

JSON STRUCTURE

Guardduty Remote Account Details Structure

2 properties

JSON STRUCTURE

Guardduty Remote Ip Details Structure

5 properties

JSON STRUCTURE

Guardduty Remote Port Details Structure

2 properties

JSON STRUCTURE

Guardduty Resource Details Structure

1 properties

JSON STRUCTURE

Guardduty Resource List Structure

0 properties

JSON STRUCTURE

Guardduty Resource Structure

12 properties

JSON STRUCTURE

Guardduty Resource Type Structure

0 properties

JSON STRUCTURE

Guardduty Runtime Context Structure

20 properties

JSON STRUCTURE

Guardduty Runtime Details Structure

2 properties

JSON STRUCTURE

Guardduty S3 Bucket Detail Structure

8 properties

JSON STRUCTURE

Guardduty S3 Bucket Details Structure

0 properties

JSON STRUCTURE

Guardduty S3 Logs Configuration Structure

1 properties

JSON STRUCTURE

Guardduty Scan Condition Pair Structure

2 properties

JSON STRUCTURE

Guardduty Scan Condition Structure

1 properties

JSON STRUCTURE

Guardduty Scan Criterion Key Structure

0 properties

JSON STRUCTURE

Guardduty Scan Criterion Structure

0 properties

JSON STRUCTURE

Guardduty Scan Detections Structure

4 properties

JSON STRUCTURE

Guardduty Scan File Path Structure

4 properties

JSON STRUCTURE

Guardduty Scan Resource Criteria Structure

2 properties

JSON STRUCTURE

Guardduty Scan Result Details Structure

1 properties

JSON STRUCTURE

Guardduty Scan Result Structure

0 properties

JSON STRUCTURE

Guardduty Scan Status Structure

0 properties

JSON STRUCTURE

Guardduty Scan Structure

14 properties

JSON STRUCTURE

Guardduty Scan Threat Name Structure

4 properties

JSON STRUCTURE

Guardduty Scan Threat Names Structure

0 properties

JSON STRUCTURE

Guardduty Scanned Item Count Structure

3 properties

JSON STRUCTURE

Guardduty Scans Structure

0 properties

JSON STRUCTURE

Guardduty Security Context Structure

1 properties

JSON STRUCTURE

Guardduty Security Group Structure

2 properties

JSON STRUCTURE

Guardduty Security Groups Structure

0 properties

JSON STRUCTURE

Guardduty Service Additional Info Structure

2 properties

JSON STRUCTURE

Guardduty Service Structure

14 properties

JSON STRUCTURE

Guardduty Sort Criteria Structure

2 properties

JSON STRUCTURE

Guardduty Source Ips Structure

0 properties

JSON STRUCTURE

Guardduty Sources Structure

0 properties

JSON STRUCTURE

Guardduty String Structure

0 properties

JSON STRUCTURE

Guardduty Subnet Ids Structure

0 properties

JSON STRUCTURE

Guardduty Tag Key List Structure

0 properties

JSON STRUCTURE

Guardduty Tag Key Structure

0 properties

JSON STRUCTURE

Guardduty Tag Map Structure

0 properties

JSON STRUCTURE

Guardduty Tag Resource Request Structure

1 properties

JSON STRUCTURE

Guardduty Tag Resource Response Structure

0 properties

JSON STRUCTURE

Guardduty Tag Structure

2 properties

JSON STRUCTURE

Guardduty Tag Value Structure

0 properties

JSON STRUCTURE

Guardduty Tags Structure

0 properties

JSON STRUCTURE

Guardduty Threat Detected By Name Structure

4 properties

JSON STRUCTURE

Guardduty Threat Intel Set Format Structure

0 properties

JSON STRUCTURE

Guardduty Threat Intel Set Ids Structure

0 properties

JSON STRUCTURE

Guardduty Threat Intel Set Status Structure

0 properties

JSON STRUCTURE

Guardduty Threat Names Structure

0 properties

JSON STRUCTURE

Guardduty Timestamp Structure

0 properties

JSON STRUCTURE

Guardduty Total Structure

2 properties

JSON STRUCTURE

Guardduty Trigger Details Structure

2 properties

JSON STRUCTURE

Guardduty Unprocessed Account Structure

2 properties

JSON STRUCTURE

Guardduty Unprocessed Accounts Structure

0 properties

JSON STRUCTURE

Guardduty Untag Resource Request Structure

0 properties

JSON STRUCTURE

Guardduty Untag Resource Response Structure

0 properties

JSON STRUCTURE

Guardduty Update Detector Request Structure

4 properties

JSON STRUCTURE

Guardduty Update Detector Response Structure

0 properties

JSON STRUCTURE

Guardduty Update Filter Request Structure

4 properties

JSON STRUCTURE

Guardduty Update Filter Response Structure

1 properties

JSON STRUCTURE

Guardduty Update Ip Set Request Structure

3 properties

JSON STRUCTURE

Guardduty Update Ip Set Response Structure

0 properties

JSON STRUCTURE

Guardduty Usage Account Result List Structure

0 properties

JSON STRUCTURE

Guardduty Usage Account Result Structure

2 properties

JSON STRUCTURE

Guardduty Usage Criteria Structure

4 properties

JSON STRUCTURE

Guardduty Usage Data Source Result Structure

2 properties

JSON STRUCTURE

Guardduty Usage Feature List Structure

0 properties

JSON STRUCTURE

Guardduty Usage Feature Result List Structure

0 properties

JSON STRUCTURE

Guardduty Usage Feature Result Structure

2 properties

JSON STRUCTURE

Guardduty Usage Feature Structure

0 properties

JSON STRUCTURE

Guardduty Usage Resource Result Structure

2 properties

JSON STRUCTURE

Guardduty Usage Statistic Type Structure

0 properties

JSON STRUCTURE

Guardduty Usage Statistics Structure

5 properties

JSON STRUCTURE

Guardduty Volume Detail Structure

7 properties

JSON STRUCTURE

Guardduty Volume Details Structure

0 properties

JSON STRUCTURE

Guardduty Volume Mount Structure

2 properties

JSON STRUCTURE

Guardduty Volume Mounts Structure

0 properties

JSON STRUCTURE

Guardduty Volume Structure

2 properties

JSON STRUCTURE

Guardduty Volumes Structure

0 properties

JSON STRUCTURE

Guardduty Vpc Config Structure

3 properties

JSON STRUCTURE

Example Payloads

Amazon Guardduty Example

6 fields

EXAMPLE

Guardduty Action Example

6 fields

EXAMPLE

Guardduty City Example

1 fields

EXAMPLE

Guardduty Condition Example

6 fields

EXAMPLE

Guardduty Container Example

6 fields

EXAMPLE

Guardduty Country Example

2 fields

EXAMPLE

Guardduty Evidence Example

1 fields

EXAMPLE

Guardduty Finding Example

6 fields

EXAMPLE

Guardduty Host Path Example

1 fields

EXAMPLE

Guardduty Invitation Example

4 fields

EXAMPLE

Guardduty Master Example

4 fields

EXAMPLE

Guardduty Member Example

6 fields

EXAMPLE

Guardduty Owner Example

1 fields

EXAMPLE

Guardduty Resource Example

6 fields

EXAMPLE

Guardduty Scan Example

6 fields

EXAMPLE

Guardduty Service Example

6 fields

EXAMPLE

Guardduty Tag Example

2 fields

EXAMPLE

Guardduty Total Example

2 fields

EXAMPLE

Guardduty Volume Example

2 fields

EXAMPLE

Guardduty Vpc Config Example

3 fields

EXAMPLE

Resources

🌐
Portal
Portal
🔗
Documentation
Documentation
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
💬
Support
Support
📰
Blog
Blog
👥
GitHubOrganization
GitHubOrganization
🌐
Console
Console
📝
Signup
Signup
🟢
StatusPage
StatusPage
🔗
Contact
Contact
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Amazon GuardDuty
  version: '2017-11-28'
request:
  auth:
    type: apikey
    key: Authorization
    value: '{{Authorization}}'
    placement: header
items:
- info:
    name: Amazon GuardDuty Get Administrator Account
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/administrator
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty member account.
  docs: Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.
- info:
    name: Amazon GuardDuty Accept Administrator Invitation
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/administrator
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty member account.
    body:
      type: json
      data: '{}'
  docs: Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the
    invitation.
- info:
    name: Amazon GuardDuty Get Master Account
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/master
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty member account.
  docs: Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account.
- info:
    name: Amazon GuardDuty Accept Invitation
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/master
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty member account.
    body:
      type: json
      data: '{}'
  docs: Accepts the invitation to be monitored by a GuardDuty administrator account.
- info:
    name: Amazon GuardDuty Archive Findings
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/findings/archive
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The ID of the detector that specifies the GuardDuty service whose findings you want to archive.
    body:
      type: json
      data: '{}'
  docs: <p>Archives GuardDuty findings that are specified by the list of finding IDs.</p> <note> <p>Only the administrator
    account can archive findings. Member accounts don't have permission to archive findings from their accounts.</p> </note>
- info:
    name: Amazon GuardDuty List Detectors
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: maxResults
      value: ''
      type: query
      description: You can use this parameter to indicate the maximum number of items that you want in the response. The default
        value is 50. The maximum value is 50.
    - name: nextToken
      value: ''
      type: query
      description: You can use this parameter when paginating results. Set the value of this parameter to null on your first
        call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken
        from the previous response to continue listing data.
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Lists detectorIds of all the existing Amazon GuardDuty detector resources.
- info:
    name: Amazon GuardDuty Create Detector
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    body:
      type: json
      data: '{}'
  docs: <p>Creates a single Amazon GuardDuty detector. A detector is a resource that represents the GuardDuty service. To
    start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector
    per account per Region. All data sources are enabled in a new detector by default.</p> <p>There might be regional differences
    because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported.
    For mo
- info:
    name: Amazon GuardDuty List Filters
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/filter
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the filter is associated with.
    - name: maxResults
      value: ''
      type: query
      description: You can use this parameter to indicate the maximum number of items that you want in the response. The default
        value is 50. The maximum value is 50.
    - name: nextToken
      value: ''
      type: query
      description: You can use this parameter when paginating results. Set the value of this parameter to null on your first
        call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken
        from the previous response to continue listing data.
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Returns a paginated list of the current filters.
- info:
    name: Amazon GuardDuty Create Filter
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/filter
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The ID of the detector belonging to the GuardDuty account that you want to create a filter for.
    body:
      type: json
      data: '{}'
  docs: Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services
    account per Region is 100. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_limits.html">Quotas
    for GuardDuty</a>.
- info:
    name: Amazon GuardDuty List I P Sets
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/ipset
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the IPSet is associated with.
    - name: maxResults
      value: ''
      type: query
      description: You can use this parameter to indicate the maximum number of items you want in the response. The default
        value is 50. The maximum value is 50.
    - name: nextToken
      value: ''
      type: query
      description: You can use this parameter when paginating results. Set the value of this parameter to null on your first
        call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken
        from the previous response to continue listing data.
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Lists the IPSets of the GuardDuty service specified by the detector ID. If you use this operation from a member account,
    the IPSets returned are the IPSets from the associated administrator account.
- info:
    name: Amazon GuardDuty Create I P Set
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/ipset
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.
    body:
      type: json
      data: '{}'
  docs: Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses
    that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't
    generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this
    operation.
- info:
    name: Amazon GuardDuty List Members
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/member
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector the member is associated with.
    - name: maxResults
      value: ''
      type: query
      description: You can use this parameter to indicate the maximum number of items you want in the response. The default
        value is 50. The maximum value is 50.
    - name: nextToken
      value: ''
      type: query
      description: You can use this parameter when paginating results. Set the value of this parameter to null on your first
        call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken
        from the previous response to continue listing data.
    - name: onlyAssociated
      value: ''
      type: query
      description: 'Specifies whether to only return associated members or to return all members (including members who haven''t
        been invited yet or have been disassociated). Member accounts must have been previously associated with the GuardDuty
        administrator account using <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateMembers.html">
        <code>Create Members</code> </a>. '
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Lists details about all member accounts for the current GuardDuty administrator account.
- info:
    name: Amazon GuardDuty Create Members
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/member
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty account that you want to associate member accounts with.
    body:
      type: json
      data: '{}'
  docs: <p>Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services
    account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an
    organization.</p> <p>When using <code>Create Members</code> as an organizations delegated administrator this action will
    enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account,
    which must enable GuardDut
- info:
    name: Amazon GuardDuty List Publishing Destinations
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/publishingDestination
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The ID of the detector to retrieve publishing destinations for.
    - name: maxResults
      value: ''
      type: query
      description: The maximum number of results to return in the response.
    - name: nextToken
      value: ''
      type: query
      description: A token to use for paginating results that are returned in the response. Set the value of this parameter
        to null for the first request to a list action. For subsequent calls, use the <code>NextToken</code> value returned
        from the previous request to continue listing results after the first page.
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Returns a list of publishing destinations associated with the specified <code>detectorId</code>.
- info:
    name: Amazon GuardDuty Create Publishing Destination
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/publishingDestination
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The ID of the GuardDuty detector associated with the publishing destination.
    body:
      type: json
      data: '{}'
  docs: Creates a publishing destination to export findings to. The resource to export findings to must exist before you use
    this operation.
- info:
    name: Amazon GuardDuty Create Sample Findings
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/findings/create
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The ID of the detector to create sample findings for.
    body:
      type: json
      data: '{}'
  docs: Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for <code>findingTypes</code>,
    the API generates sample findings of all supported finding types.
- info:
    name: Amazon GuardDuty List Threat Intel Sets
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/threatintelset
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the threatIntelSet is associated with.
    - name: maxResults
      value: ''
      type: query
      description: You can use this parameter to indicate the maximum number of items that you want in the response. The default
        value is 50. The maximum value is 50.
    - name: nextToken
      value: ''
      type: query
      description: You can use this parameter to paginate results in the response. Set the value of this parameter to null
        on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the
        value of NextToken from the previous response to continue listing data.
    - name: MaxResults
      value: ''
      type: query
      description: Pagination limit
    - name: NextToken
      value: ''
      type: query
      description: Pagination token
  docs: Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID. If you use this operation from a
    member account, the ThreatIntelSets associated with the administrator account are returned.
- info:
    name: Amazon GuardDuty Create Threat Intel Set
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/threatintelset
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for.
    body:
      type: json
      data: '{}'
  docs: Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings
    based on ThreatIntelSets. Only users of the administrator account can use this operation.
- info:
    name: Amazon GuardDuty Decline Invitations
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/invitation/decline
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    body:
      type: json
      data: '{}'
  docs: Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account
    IDs.
- info:
    name: Amazon GuardDuty Get Detector
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that you want to get.
  docs: <p>Retrieves an Amazon GuardDuty detector specified by the detectorId.</p> <p>There might be regional differences
    because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported.
    For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and
    endpoints</a>.</p>
- info:
    name: Amazon GuardDuty Update Detector
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector to update.
    body:
      type: json
      data: '{}'
  docs: <p>Updates the Amazon GuardDuty detector specified by the detectorId.</p> <p>There might be regional differences because
    some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported.
    For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html">Regions and
    endpoints</a>.</p>
- info:
    name: Amazon GuardDuty Delete Detector
    type: http
  http:
    method: DELETE
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that you want to delete.
  docs: Deletes an Amazon GuardDuty detector that is specified by the detector ID.
- info:
    name: Amazon GuardDuty Get Filter
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/filter/:filterName
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the filter is associated with.
    - name: filterName
      value: ''
      type: path
      description: The name of the filter you want to get.
  docs: Returns the details of the filter specified by the filter name.
- info:
    name: Amazon GuardDuty Update Filter
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/filter/:filterName
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that specifies the GuardDuty service where you want to update a filter.
    - name: filterName
      value: ''
      type: path
      description: The name of the filter.
    body:
      type: json
      data: '{}'
  docs: Updates the filter specified by the filter name.
- info:
    name: Amazon GuardDuty Delete Filter
    type: http
  http:
    method: DELETE
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/filter/:filterName
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the filter is associated with.
    - name: filterName
      value: ''
      type: path
      description: The name of the filter that you want to delete.
  docs: Deletes the filter specified by the filter name.
- info:
    name: Amazon GuardDuty Get I P Set
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/ipset/:ipSetId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector that the IPSet is associated with.
    - name: ipSetId
      value: ''
      type: path
      description: The unique ID of the IPSet to retrieve.
  docs: Retrieves the IPSet specified by the <code>ipSetId</code>.
- info:
    name: Amazon GuardDuty Update I P Set
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/ipset/:ipSetId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The detectorID that specifies the GuardDuty service whose IPSet you want to update.
    - name: ipSetId
      value: ''
      type: path
      description: The unique ID that specifies the IPSet that you want to update.
    body:
      type: json
      data: '{}'
  docs: Updates the IPSet specified by the IPSet ID.
- info:
    name: Amazon GuardDuty Delete I P Set
    type: http
  http:
    method: DELETE
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/ipset/:ipSetId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector associated with the IPSet.
    - name: ipSetId
      value: ''
      type: path
      description: The unique ID of the IPSet to delete.
  docs: Deletes the IPSet specified by the <code>ipSetId</code>. IPSets are called trusted IP lists in the console user interface.
- info:
    name: Amazon GuardDuty Delete Invitations
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/invitation/delete
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    body:
      type: json
      data: '{}'
  docs: Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account
    IDs.
- info:
    name: Amazon GuardDuty Delete Members
    type: http
  http:
    method: POST
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/member/delete
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector of the GuardDuty account whose members you want to delete.
    body:
      type: json
      data: '{}'
  docs: <p>Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs.</p>
    <p>With <code>autoEnableOrganizationMembers</code> configuration for your organization set to <code>ALL</code>, you'll
    receive an error if you attempt to disable GuardDuty for a member account in your organization.</p>
- info:
    name: Amazon GuardDuty Describe Publishing Destination
    type: http
  http:
    method: GET
    url: http://guardduty.{region}.amazonaws.com/detector/:detectorId/publishingDestination/:destinationId
    headers:
    - name: X-Amz-Content-Sha256
      value: ''
    - name: X-Amz-Date
      value: ''
    - name: X-Amz-Algorithm
      value: ''
    - name: X-Amz-Credential
      value: ''
    - name: X-Amz-Security-Token
      value: ''
    - name: X-Amz-Signature
      value: ''
    - name: X-Amz-SignedHeaders
      value: ''
    params:
    - name: detectorId
      value: ''
      type: path
      description: The unique ID of the detector associated with the publishing destination to retrieve.
    - name: destinationId
      value: ''
      type: path
      description: The ID of the publishing destination to retrieve.
  docs: Returns information about the publishing destination specified by the provided <code>destinationId</code>.
- info:
    name: Amazon GuardDuty Update Publishing Destination
    type: http
  http:
    method: POST
    url: http://gu

# --- truncated at 32 KB (67 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/amazon-guardduty/refs/heads/main/apis.yml