MalwareProtectionPlan

The MalwareProtectionPlan resource lets you manage AWS GuardDuty MalwareProtectionPlans for enhanced protection against malware threats in your AWS environment.

Minimal Example

This example demonstrates how to create a basic MalwareProtectionPlan with required properties and one optional tag.

import AWS from "alchemy/aws/control";

const malwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("basicMalwareProtectionPlan", {
  Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
  ProtectedResource: {
    ResourceType: "EC2", // Specify the resource type you want to protect
    ResourceId: "i-0abcd1234efgh5678" // The ID of the EC2 instance
  },
  Tags: [
    {
      Key: "Environment",
      Value: "Production"
    }
  ]
});

Advanced Configuration

This example showcases how to configure a MalwareProtectionPlan with specific actions for malware detection and response.

const advancedMalwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("advancedMalwareProtectionPlan", {
  Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
  ProtectedResource: {
    ResourceType: "S3",
    ResourceId: "my-s3-bucket" // The name of the S3 bucket to protect
  },
  Actions: {
    Block: true, // Enable blocking of detected threats
    Notify: true // Enable notification for detected threats
  },
  Tags: [
    {
      Key: "Project",
      Value: "SecurityEnhancement"
    }
  ]
});

Adoption of Existing Resources

This example demonstrates how to adopt an existing MalwareProtectionPlan instead of failing if it already exists.

const adoptedMalwareProtectionPlan = await AWS.GuardDuty.MalwareProtectionPlan("adoptedMalwareProtectionPlan", {
  Role: "arn:aws:iam::123456789012:role/GuardDutyMalwareProtectionRole",
  ProtectedResource: {
    ResourceType: "Lambda",
    ResourceId: "my-lambda-function" // The name of the Lambda function to protect
  },
  adopt: true // Adopt existing resource
});