ContextQMD
Back to Aws Doc Sdk Examples

Amazon GuardDuty Specification

scenarios/basics/guardduty/SPECIFICATION.md

latest4.6 KB
Original Source

Amazon GuardDuty Specification

This document contains a draft proposal for a Code Example for Amazon GuardDuty Basics Scenario, generated by the Code Examples SpecGen AI tool. The specifications describe a potential code example scenario based on research, usage data, service information, and AI-assistance. The following should be reviewed for accuracy and correctness before proceeding on to a final specification.

Relevant documentation

API Actions Used

Proposed example structure

The details below describe how this example would run for the customer. It includes a Hello service example (included for all services), and the scenario details. The scenario code would also be presented as Action snippets, with a code snippet for each SDK action.

Hello

The Hello example is a separate runnable example. - Set up the GuardDuty service client - Check if GuardDuty is available in the current region - List any existing detectors

Scenario

Setup

  • Create a GuardDuty detector to enable threat detection
  • Verify the detector is successfully created and active
  • Display detector configuration and status

Sample Findings Generation

  • Generate sample findings to demonstrate GuardDuty capabilities
  • List the generated sample findings
  • Display finding details including severity and type

Findings Management

  • Retrieve detailed information about specific findings
  • Filter findings by severity level
  • Display finding metadata and threat information

Cleanup

  • Archive or acknowledge sample findings
  • Optionally disable the detector (with user confirmation)
  • Clean up resources created during the example

Errors

SDK Code examples include basic exception handling for each action used. The table below describes an appropriate exception which will be handled in the code for each service action.

ActionErrorHandling
CreateDetectorBadRequestExceptionValidate input parameters and notify user of invalid configuration.
CreateDetectorInternalServerErrorExceptionRetry operation with exponential backoff.
GetDetectorBadRequestExceptionValidate detector ID format and existence.
GetDetectorInternalServerErrorExceptionRetry operation and handle service unavailability.
ListDetectorsBadRequestExceptionValidate pagination parameters and retry.
ListDetectorsInternalServerErrorExceptionHandle service errors gracefully.
CreateSampleFindingsBadRequestExceptionValidate detector ID and finding types.
CreateSampleFindingsInternalServerErrorExceptionRetry sample finding generation.
ListFindingsBadRequestExceptionValidate finding criteria and pagination.
GetFindingsBadRequestExceptionValidate finding IDs format.
DeleteDetectorBadRequestExceptionConfirm detector exists before deletion.
DeleteDetectorInternalServerErrorExceptionHandle deletion failures gracefully.

Metadata

action / scenariometadata filemetadata key
CreateDetectorguardduty_metadata.yamlguardduty_CreateDetector
GetDetectorguardduty_metadata.yamlguardduty_GetDetector
ListDetectorsguardduty_metadata.yamlguardduty_ListDetectors
CreateSampleFindingsguardduty_metadata.yamlguardduty_CreateSampleFindings
ListFindingsguardduty_metadata.yamlguardduty_ListFindings
GetFindingsguardduty_metadata.yamlguardduty_GetFindings
DeleteDetectorguardduty_metadata.yamlguardduty_DeleteDetector
Amazon GuardDuty Basics Scenarioguardduty_metadata.yamlguardduty_Scenario