AWS Managed Policies Explorer

Home About

AWS Managed Policies. A maze of twisty passages all alike. Explore them here. If it looks like a button, it's clickable. Always up to date.

Service: Amazon GuardDuty

Short Name:

guardduty

ARN Format:arn:aws:guardduty:${Region}:${Account}:.+

ARN Regex:^arn:aws:guardduty:.+

ReadOnlyAccess

…

AWSConfigRole

Action	Reference	Description
guardduty:ListCoverage	Docs	Grants permission to list all the resource details for a given account in a Region
guardduty:ListDetectors	Docs	Grants permission to retrieve a list of GuardDuty detectors
guardduty:ListFilters	Docs	Grants permission to retrieve a list of GuardDuty filters
guardduty:ListFindings	Docs	Grants permission to retrieve a list of GuardDuty findings
guardduty:ListInvitations	Docs	Grants permission to retrieve a list of all of the GuardDuty membership invitations that were sent to an AWS account
guardduty:ListIPSets	Docs	Grants permission to retrieve a list of GuardDuty IPSets
guardduty:ListMembers	Docs	Grants permission to retrieve a list of GuardDuty member accounts associated with an administrator account
guardduty:ListOrganizationAdminAccounts	Docs	Grants permission to list details about the organization delegated administrator for GuardDuty
guardduty:ListPublishingDestinations	Docs	Grants permission to retrieve a list of publishing destinations
guardduty:ListThreatIntelSets	Docs	Grants permission to retrieve a list of GuardDuty ThreatIntelSets
guardduty:DescribeMalwareScans	Docs	Grants permission to retrieve details about malware scans
guardduty:DescribeOrganizationConfiguration	Docs	Grants permission to retrieve details about the delegated administrator associated with a GuardDuty detector
guardduty:DescribePublishingDestination	Docs	Grants permission to retrieve details about a publishing destination
guardduty:GetAdministratorAccount	Docs	Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
guardduty:GetCoverageStatistics	Docs	Grants permission to list Amazon GuardDuty coverage statistics for the specified GuardDuty account in a Region
guardduty:GetDetector	Docs	Grants permission to retrieve GuardDuty detectors
guardduty:GetFilter	Docs	Grants permission to retrieve GuardDuty filters
guardduty:GetFindings	Docs	Grants permission to retrieve GuardDuty findings
guardduty:GetFindingsStatistics	Docs	Grants permission to retrieve a list of GuardDuty finding statistics
guardduty:GetInvitationsCount	Docs	Grants permission to retrieve the count of all GuardDuty invitations sent to a specified account, which does not include the accepted invitation
guardduty:GetIPSet	Docs	Grants permission to retrieve GuardDuty IPSets
guardduty:GetMalwareScanSettings	Docs	Grants permission to retrieve the malware scan settings
guardduty:GetMasterAccount	Docs	Grants permission to retrieve details of the GuardDuty administrator account associated with a member account
guardduty:GetMemberDetectors	Docs	Grants permission to describe which data sources are enabled for member accounts detectors
guardduty:GetMembers	Docs	Grants permission to retrieve the member accounts associated with an administrator account
guardduty:GetOrganizationStatistics	Docs	Grants permission to retrieve GuardDuty protection plan coverage statistics for member accounts in a Region
guardduty:GetRemainingFreeTrialDays	Docs	Grants permission to provide the number of days left for each data source used in the free trial period
guardduty:GetThreatIntelSet	Docs	Grants permission to retrieve GuardDuty ThreatIntelSets
guardduty:GetUsageStatistics	Docs	Grants permission to list Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID
guardduty:ListTagsForResource	Docs	Grants permission to retrieve a list of tags associated with a GuardDuty resource
guardduty:TagResource	Docs	Grants permission to add tags to a GuardDuty resource
guardduty:UntagResource	Docs	Grants permission to remove tags from a GuardDuty resource
guardduty:AcceptAdministratorInvitation	Docs	Grants permission to accept invitations to become a GuardDuty member account
guardduty:AcceptInvitation	Docs	Grants permission to accept invitations to become a GuardDuty member account
guardduty:ArchiveFindings	Docs	Grants permission to archive GuardDuty findings
guardduty:CreateDetector	Docs	Grants permission to create a detector
guardduty:CreateFilter	Docs	Grants permission to create GuardDuty filters. A filters defines finding attributes and conditions used to filter findings
guardduty:CreateIPSet	Docs	Grants permission to create an IPSet
guardduty:CreateMembers	Docs	Grants permission to create GuardDuty member accounts, where the account used to create a member becomes the GuardDuty administrator account
guardduty:CreatePublishingDestination	Docs	Grants permission to create a publishing destination
guardduty:CreateSampleFindings	Docs	Grants permission to create sample findings
guardduty:CreateThreatIntelSet	Docs	Grants permission to create GuardDuty ThreatIntelSets, where a ThreatIntelSet consists of known malicious IP addresses used by GuardDuty to generate findings
guardduty:DeclineInvitations	Docs	Grants permission to decline invitations to become a GuardDuty member account
guardduty:DeleteDetector	Docs	Grants permission to delete GuardDuty detectors
guardduty:DeleteFilter	Docs	Grants permission to delete GuardDuty filters
guardduty:DeleteInvitations	Docs	Grants permission to delete invitations to become a GuardDuty member account
guardduty:DeleteIPSet	Docs	Grants permission to delete GuardDuty IPSets
guardduty:DeleteMembers	Docs	Grants permission to delete GuardDuty member accounts
guardduty:DeletePublishingDestination	Docs	Grants permission to delete a publishing destination
guardduty:DeleteThreatIntelSet	Docs	Grants permission to delete GuardDuty ThreatIntelSets
guardduty:DisableOrganizationAdminAccount	Docs	Grants permission to disable the organization delegated administrator for GuardDuty
guardduty:DisassociateFromAdministratorAccount	Docs	Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
guardduty:DisassociateFromMasterAccount	Docs	Grants permission to disassociate a GuardDuty member account from its GuardDuty administrator account
guardduty:DisassociateMembers	Docs	Grants permission to disassociate GuardDuty member accounts from their administrator GuardDuty account
guardduty:EnableOrganizationAdminAccount	Docs	Grants permission to enable an organization delegated administrator for GuardDuty
guardduty:InviteMembers	Docs	Grants permission to invite other AWS accounts to enable GuardDuty and become GuardDuty member accounts
guardduty:SendSecurityTelemetry	Docs	Grants permission to send security telemetry for a specific GuardDuty account in a Region
guardduty:StartMalwareScan	Docs	Grants permission to initiate a new malware scan
guardduty:StartMonitoringMembers	Docs	Grants permission to a GuardDuty administrator account to monitor findings from GuardDuty member accounts
guardduty:StopMonitoringMembers	Docs	Grants permission to disable monitoring findings from member accounts
guardduty:UnarchiveFindings	Docs	Grants permission to unarchive GuardDuty findings
guardduty:UpdateDetector	Docs	Grants permission to update GuardDuty detectors
guardduty:UpdateFilter	Docs	Grants permission to updates GuardDuty filters
guardduty:UpdateFindingsFeedback	Docs	Grants permission to update findings feedback to mark GuardDuty findings as useful or not useful
guardduty:UpdateIPSet	Docs	Grants permission to update GuardDuty IPSets
guardduty:UpdateMalwareScanSettings	Docs	Grants permission to update the malware scan settings
guardduty:UpdateMemberDetectors	Docs	Grants permission to update which data sources are enabled for member accounts detectors
guardduty:UpdateOrganizationConfiguration	Docs	Grants permission to update the delegated administrator configuration associated with a GuardDuty detector
guardduty:UpdatePublishingDestination	Docs	Grants permission to update a publishing destination
guardduty:UpdateThreatIntelSet	Docs	Grants permission to updates the GuardDuty ThreatIntelSets

aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeys