MalwareProtectionPlan ​
The MalwareProtectionPlan resource lets you manage AWS GuardDuty MalwareProtectionPlans for enhanced protection against malware threats in your AWS environment.
Minimal Example ​
This example demonstrates how to create a basic MalwareProtectionPlan with required properties and one optional tag.
ts
import AWS from "alchemy/aws/control";
const malwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("basicMalwareProtectionPlan", {
Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
ProtectedResource: {
ResourceType: "EC2", // Specify the resource type you want to protect
ResourceId: "i-0abcd1234efgh5678" // The ID of the EC2 instance
},
Tags: [
{
Key: "Environment",
Value: "Production"
}
]
});Advanced Configuration ​
This example showcases how to configure a MalwareProtectionPlan with specific actions for malware detection and response.
ts
const advancedMalwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("advancedMalwareProtectionPlan", {
Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
ProtectedResource: {
ResourceType: "S3",
ResourceId: "my-s3-bucket" // The name of the S3 bucket to protect
},
Actions: {
Block: true, // Enable blocking of detected threats
Notify: true // Enable notification for detected threats
},
Tags: [
{
Key: "Project",
Value: "SecurityEnhancement"
}
]
});Adoption of Existing Resources ​
This example demonstrates how to adopt an existing MalwareProtectionPlan instead of failing if it already exists.
ts
const adoptedMalwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("adoptedMalwareProtectionPlan", {
Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
ProtectedResource: {
ResourceType: "Lambda",
ResourceId: "my-lambda-function" // The name of the Lambda function to protect
},
adopt: true // Adopt existing resource
});