Enable GuardDuty Rule for Access Control

This rule ensures GuardDuty is enabled to enhance security measures.

Rule Description

The rule specifies that GuardDuty should be enabled for Federal Risk and Authorization Management Program (FedRAMP) Low, as per Revision 4.

Troubleshooting Steps

Necessary Codes

No necessary codes are mentioned for this rule.

Step-by-Step Guide for Remediation

1.
Login to the AWS Management Console using your account with administrative privileges.

Checking if GuardDuty is already enabled

1.
In the GuardDuty console, verify if GuardDuty is already enabled for your AWS account.

2.
If GuardDuty is already enabled, proceed to the next step. If not, follow the steps below to enable it:

1.
Ensure that your AWS account is classified as FedRAMP Low. If not, follow the necessary steps to meet the requirements of FedRAMP Low classification.

1.

Verify if GuardDuty is available in the desired region. If not, choose a region where GuardDuty is available and proceed with the steps in that region.

2.

Once GuardDuty is enabled in the desired region and your account is classified as FedRAMP Low, the rule will be compliant.

Additional Notes

GuardDuty is a continuous security monitoring service offered by AWS to detect suspicious activity and unauthorized behavior in AWS accounts and workloads.
It is important to regularly monitor the compliance status of GuardDuty and ensure that it is enabled for the appropriate security levels, such as FedRAMP Low in this case.
Regularly review the GuardDuty findings and take necessary actions to address any detected issues or security threats.