The templates in this folder enable GuardDuty in each account. Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following Data sources: VPC Flow Logs, AWS CloudTrail management event logs, Cloudtrail S3 data event logs, and DNS logs.
GuardDuty supports a management-member model, which this stack uses. The Management account is configured to be the SecurityAccount, all other accounts are member accounts. Some notable resources in this folder:
| Resource | Description |
|---|---|
| SNS topic | An extension point to notify, filter or respond to GuardDuty findings |