- Lab
-
Libraries: If you want this lab, consider one of these libraries.
- Cloud
- Security

Detecting Security Issues Using GuardDuty
Your team has just received word that you will be implementing Amazon GuardDuty into your environment, and you need a test run to make sure you understand how to integrate it with S3 for logging. In this lab, you will create a role, AWS IAM, to successfully allow GuardDuty to talk to other services in the environment as well as configure GuardDuty to export findings to S3. You will configure an AWS Key Management Service key to ensure that all data is secured and confirm that everything is working as intended. Take advantage of the solution videos if you get stuck! Good luck, Gurus!

Lab Info
Table of Contents
-
Challenge
Create a GuardDuty Role
- Navigate to AWS IAM and then choose roles.
- Create a role using AWS service.
- Choose GuardDuty.
- Create role.
-
Challenge
Configure an S3 Bucket for GuardDuty Findings
- Navigate to GuardDuty and enable it.
- Click on Settings.
- Scroll down to Export Options.
- Configure S3 bucket for export.
- Name the bucket guardduty<random_numbers>.
- Use prefix findings.
- Open KMS in a new tab to create key and adjust policy.
- Create a single symmetric key in a single Region.
- Copy and paste the policy provided.
- Save the key.
- Navigate back to GuardDuty.
- Refresh that section and select the KMS key we created.
- Save this configuration.
- Adjust the time for the export from 6 hours to 15 minutes.
-
Challenge
Generate Sample Findings and Confirm Logs in S3
- In GuardDuty, navigate to the Generate Sample Findings button in Settings and click it.
- Verify findings were created by navigating to Findings.
- Open one of each type of finding to view.
- Navigate to S3.
- Click on the bucket we created and click through folders until you see the logs listed.
- Congratulations on completing this lab!
About the author
Real skill practice before real-world application
Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.
Learn by doing
Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.
Follow your guide
All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.
Turn time into mastery
On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.